Metasploi Sploit

Sheet1
root@kali:/home/wladimir# msfconsole
[*] Starting the Metasploit Framework console...[*] The initial module cache will be built in the background, this can take 2-5 minutes
|
########
#
#################
#
######################
#
#########################
#
############################
##############################
###############################
###############################
##############################
# ######## #
##
###
#### ##
### ###
#### ###
####
########## ####
####################### ####
#################### ####
################## ####
############
##
########
###
#########
#####
############
######
########
#########
#####
########
###
#########
###### ############
#######################
# # ### # # ##
########################
## ## ## ##
http://metasploit.pro
Tired of typing 'set RHOSTS'? Click & pwn with Metasploit Pro
Learn more on http://rapid7.com/metasploit
=[ metasploit v4.10.0-2014102901 [core:4.10.0.pre.2014102901 api:1.0.0]]
+ -- --=[ 1361 exploits - 749 auxiliary - 219 post
]
+ -- --=[ 340 payloads - 37 encoders - 8 nops
]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
msf > show
Encoders
#N/A
Name
Disclosure Date Rank
Description
------------------ -------------cmd/echo
good
Echo Command Encoder
cmd/generic_sh
manual Generic Shell Variable Substitution Command Encoder
cmd/ifs
low
Generic ${IFS} Substitution Command Encoder
cmd/perl
normal Perl Command Encoder
cmd/powershell_base64
excellent Powershell Base64 Command Encoder
Page 1
Sheet1
cmd/printf_php_mq
manual printf(1) via PHP magic_quotes Utility Command Encoder
generic/eicar
manual The EICAR Encoder
generic/none
normal The "none" Encoder
mipsbe/byte_xori
normal Byte XORi Encoder
mipsbe/longxor
normal XOR Encoder
mipsle/byte_xori
normal Byte XORi Encoder
mipsle/longxor
normal XOR Encoder
php/base64
great
PHP Base64 Encoder
ppc/longxor
normal PPC LongXOR Encoder
ppc/longxor_tag
normal PPC LongXOR Encoder
sparc/longxor_tag
normal SPARC DWORD XOR Encoder
x64/xor
normal XOR Encoder
x86/add_sub
manual Add/Sub Encoder
x86/alpha_mixed
low
Alpha2 Alphanumeric Mixedcase Encoder
x86/alpha_upper
low
Alpha2 Alphanumeric Uppercase Encoder
x86/avoid_underscore_tolower
manual Avoid underscore/tolower
x86/avoid_utf8_tolower
manual Avoid UTF8/tolower
x86/bloxor
manual BloXor - A Metamorphic Block Based XOR Encoder
x86/call4_dword_xor
normal Call+4 Dword XOR Encoder
x86/context_cpuid
manual CPUID-based Context Keyed Payload Encoder
x86/context_stat
manual stat(2)-based Context Keyed Payload Encoder
x86/context_time
manual time(2)-based Context Keyed Payload Encoder
x86/countdown
normal Single-byte XOR Countdown Encoder
x86/fnstenv_mov
normal Variable-length Fnstenv/mov Dword XOR Encoder
x86/jmp_call_additive
normal Jump/Call XOR Additive Feedback Encoder
x86/nonalpha
low
Non-Alpha Encoder
x86/nonupper
low
Non-Upper Encoder
x86/opt_sub
manual Sub Encoder (optimised)
x86/shikata_ga_nai
excellent Polymorphic XOR Additive Feedback Encoder
x86/single_static_bit
manual Single Static Bit
x86/unicode_mixed
manual Alpha2 Alphanumeric Unicode Mixedcase Encoder
x86/unicode_upper
manual Alpha2 Alphanumeric Unicode Uppercase Encoder
NOP Generators
#N/A
Name
Disclosure Date Rank Description
------------------ ---- ----------armle/simple
normal Simple
php/generic
normal PHP Nop Generator
ppc/simple
normal Simple
sparc/random
normal SPARC NOP Generator
tty/generic
normal TTY Nop Generator
x64/simple
normal Simple
x86/opty2
normal Opty2
x86/single_byte
normal Single Byte
Exploits
#N/A
Name
---aix/local/ibstat_path

Description
--------------- -------------2013-09-24
excellent ibstat $PATH Privilege Escalation
Page 2
Sheet1
aix/rpc_cmsd_opcode21
2009-10-07
great
AIX Calendar Manager Service Daemon (rpc.cmsd) O
aix/rpc_ttdbserverd_realpath
2009-06-17
great
ToolTalk rpc.ttdbserverd _tt_internal_realpath Buffer
android/browser/webview_addjavascriptinterface
2012-12-21
normal Android Browser and WebView addJavascr
android/fileformat/adobe_reader_pdf_js_interface
2014-04-13
good
Adobe Reader for Android addJavascriptInte
apple_ios/browser/safari_libtiff
2006-08-01
good
Apple iOS MobileSafari LibTIFF Buffer Overflow
apple_ios/email/mobilemail_libtiff
2006-08-01
good
Apple iOS MobileMail LibTIFF Buffer Overflow
apple_ios/ssh/cydia_default_ssh
2007-07-02
excellent Apple iOS Default SSH Password Vulnerability
bsdi/softcart/mercantec_softcart
2004-08-19
great
Mercantec SoftCart CGI Overflow
dialup/multi/login/manyargs
2001-12-12
good
System V Derived /bin/login Extraneous Arguments B
firefox/local/exec_shellcode
2014-03-10
normal Firefox Exec Shellcode from Privileged Javascript Sh
freebsd/ftp/proftp_telnet_iac
2010-11-01
great
ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow
freebsd/local/mmap
2013-06-18
great
FreeBSD 9 Address Space Manipulation Privilege Esca
freebsd/samba/trans2open
2003-04-07
great
Samba trans2open Overflow (*BSD x86)
freebsd/tacacs/xtacacsd_report
2008-01-08
average XTACACSD report() Buffer Overflow
freebsd/telnet/telnet_encrypt_keyid
2011-12-23
great
FreeBSD Telnet Service Encryption Key ID Buffer O
hpux/lpd/cleanup_exec
2002-08-28
excellent HP-UX LPD Command Execution
irix/lpd/tagprinter_exec
2001-09-01
excellent Irix LPD tagprinter Command Execution
linux/antivirus/escan_password_exec
2014-04-04
excellent eScan Web Management Console Command In
linux/browser/adobe_flashplayer_aslaunch
2008-12-17
good
Adobe Flash Player ActionScript Launch Comm
linux/ftp/proftp_sreplace
2006-11-26
great
ProFTPD 1.2 - 1.3.0 sreplace Buffer Overflow (Linux)
linux/ftp/proftp_telnet_iac
2010-11-01
great
ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (L
linux/games/ut2004_secure
2004-06-18
good
Unreal Tournament 2004 "secure" Overflow (Linux)
linux/http/alcatel_omnipcx_mastercgi_exec
2007-09-09
manual Alcatel-Lucent OmniPCX Enterprise masterCG
linux/http/alienvault_sqli_exec
2014-04-24
excellent AlienVault OSSIM SQL Injection and Remote Code E
linux/http/astium_sqli_upload
2013-09-17
manual Astium Remote Code Execution
linux/http/centreon_sqli_exec
2014-10-15
excellent Centreon SQL and Command Injection
linux/http/cfme_manageiq_evm_upload_exec
2013-09-04
normal Red Hat CloudForms Management Engine
linux/http/ddwrt_cgibin_exec
2009-07-20
excellent DD-WRT HTTP Daemon Arbitrary Command Execu
linux/http/dlink_authentication_cgi_bof
2013-02-08
normal D-Link authentication.cgi Buffer Overflow
linux/http/dlink_command_php_exec_noauth
2013-02-04
excellent D-Link Devices Unauthenticated Remote C
linux/http/dlink_diagnostic_exec_noauth
2013-03-05
excellent D-Link DIR-645 / DIR-815 diagnostic.php Comm
linux/http/dlink_dir300_exec_telnet
2013-04-22
excellent D-Link Devices Unauthenticated Remote Comman
linux/http/dlink_dir605l_captcha_bof
2012-10-08
manual D-Link DIR-605L Captcha Handling Buffer Overflo
linux/http/dlink_dir615_up_exec
2013-02-07
excellent D-Link DIR615h OS Command Injection
linux/http/dlink_dspw215_info_cgi_bof
2014-05-22
normal D-Link info.cgi POST Request Buffer Overflow
linux/http/dlink_hedwig_cgi_bof
2013-02-08
normal D-Link hedwig.cgi Buffer Overflow in Cookie Heade
linux/http/dlink_hnap_bof
2014-05-15
normal D-Link HNAP Request Remote Buffer Overflow
linux/http/dlink_upnp_exec_noauth
2013-07-05
normal D-Link Devices UPnP SOAP Command Executio
linux/http/dolibarr_cmd_exec
2012-04-06
excellent Dolibarr ERP/CRM Post-Auth OS Command Injectio
linux/http/dreambox_openpli_shell
2013-02-08
great
OpenPLI Webif Arbitrary Command Execution
linux/http/esva_exec
2012-08-16
excellent E-Mail Security Virtual Appliance learn-msg.cgi Comma
linux/http/f5_icontrol_exec
2013-09-17
excellent F5 iControl Remote Root Command Execution
linux/http/foreman_openstack_satellite_code_exec
2013-06-06
normal Foreman (Red Hat OpenStack/Satellite) bo
linux/http/fritzbox_echo_exec
2014-02-11
excellent Fritz!Box Webcm Unauthenticated Command Injecti
linux/http/gitlist_exec
2014-06-30
excellent Gitlist Unauthenticated Remote Command Execution
linux/http/gpsd_format_string
2005-05-25
average Berlios GPSD Format String Vulnerability
linux/http/groundwork_monarch_cmd_exec
2013-03-08
excellent GroundWork monarch_scan.cgi OS Comma
linux/http/hp_system_management
2012-09-01
normal HP System Management Anonymous Access C
linux/http/kloxo_sqli
2014-01-28
manual Kloxo SQL Injection and Remote Code Execution
linux/http/lifesize_uvc_ping_rce
2014-03-21
excellent LifeSize UVC Authenticated RCE via Ping
linux/http/linksys_apply_cgi
2005-09-13
great
Linksys WRT54 Access Point apply.cgi Buffer Overflow
linux/http/linksys_e1500_apply_exec
2013-02-05
excellent Linksys E1500/E2500 apply.cgi Remote Comma
linux/http/linksys_themoon_exec
2014-02-13
excellent Linksys E-Series TheMoon Remote Command Inj
linux/http/linksys_wrt110_cmd_exec
2013-07-12
excellent Linksys Devices pingstr Remote Command Injec
linux/http/linksys_wrt160nv2_apply_exec
2013-02-11
excellent Linksys WRT160nv2 apply.cgi Remote Comma
Page 3
Sheet1
linux/http/linksys_wrt54gl_apply_exec
2013-01-18
manual Linksys WRT54GL apply.cgi Command Executio
linux/http/mutiny_frontend_upload
2013-05-15
excellent Mutiny 5 Arbitrary File Upload
linux/http/netgear_dgn1000b_setup_exec
2013-02-06
excellent Netgear DGN1000B setup.cgi Remote Comm
linux/http/netgear_dgn2200b_pppoe_exec
2013-02-15
manual Netgear DGN2200B pppoe.cgi Remote Com
linux/http/netgear_readynas_exec
2013-07-12
manual NETGEAR ReadyNAS Perl Code Evaluation
linux/http/nginx_chunked_size
2013-05-07
normal Nginx HTTP Server 1.3.9-1.4.0 Chunked Encoding
linux/http/openfiler_networkcard_exec
2012-09-04
excellent Openfiler v2.x NetworkCard Command Executio
linux/http/pandora_fms_exec
2014-01-29
excellent Pandora FMS Remote Code Execution
linux/http/peercast_url
2006-03-08
average PeerCast URL Handling Buffer Overflow
linux/http/pineapp_ldapsyncnow_exec
2013-07-26
excellent PineApp Mail-SeCure ldapsyncnow.php Arbitra
linux/http/pineapp_livelog_exec
2013-07-26
excellent PineApp Mail-SeCure livelog.html Arbitrary Comma
linux/http/pineapp_test_li_conn_exec
2013-07-26
excellent PineApp Mail-SeCure test_li_connection.php Arb
linux/http/piranha_passwd_exec
2000-04-04
excellent RedHat Piranha Virtual Server Package passwd.p
linux/http/raidsonic_nas_ib5220_exec_noauth
2013-02-04
manual Raidsonic NAS Devices Unauthenticated Re
linux/http/railo_cfml_rfi
2014-08-26
excellent Railo Remote File Include
linux/http/smt_ipmi_close_window_bof
2013-11-06
good
Supermicro Onboard IPMI close_window.cgi Bu
linux/http/sophos_wpa_iface_exec
2014-04-08
excellent Sophos Web Protection Appliance Interface Auth
linux/http/sophos_wpa_sblistpack_exec
2013-09-06
excellent Sophos Web Protection Appliance sblistpack A
linux/http/symantec_web_gateway_exec
2012-05-17
excellent Symantec Web Gateway 5.0.2.8 ipchange.ph
linux/http/symantec_web_gateway_file_upload
2012-05-17
excellent Symantec Web Gateway 5.0.2.8 Arbitrary P
linux/http/symantec_web_gateway_lfi
2012-05-17
excellent Symantec Web Gateway 5.0.2.8 relfile File Inclu
linux/http/symantec_web_gateway_pbcontrol
2012-07-23
excellent Symantec Web Gateway 5.0.2.18 pbcontrol.
linux/http/synology_dsm_sliceupload_exec_noauth
2013-10-31
excellent Synology DiskStation Manager SLICEUPL
linux/http/vcms_upload
2011-11-27
excellent V-CMS PHP File Upload and Execute
linux/http/wanem_exec
2012-08-12
excellent WAN Emulator v2.3 Command Execution
linux/http/webcalendar_settings_exec
2012-04-23
excellent WebCalendar 1.2.4 Pre-Auth Remote Code Inje
linux/http/webid_converter
2011-07-05
excellent WeBid converter.php Remote PHP Code Injection
linux/http/zabbix_sqli
2013-09-23
excellent Zabbix 2.0.8 SQL Injection and Remote Code Execution
linux/http/zen_load_balancer_exec
2012-09-14
excellent ZEN Load Balancer Filelog Command Execution
linux/http/zenoss_showdaemonxmlconfig_exec
2012-07-30
good
Zenoss 3 showDaemonXMLConfig Comma
linux/ids/alienvault_centerd_soap_exec
2014-05-05
excellent AlienVault OSSIM av-centerd Command Injectio
linux/ids/snortbopre
2005-10-18
good
Snort Back Orifice Pre-Preprocessor Buffer Overflow
linux/imap/imap_uw_lsub
2000-04-16
good
UoW IMAP Server LSUB Buffer Overflow
linux/local/hp_smhstart
2013-03-30
normal HP System Management Homepage Local Privilege E
linux/local/kloxo_lxsuexec
2012-09-18
normal Kloxo Local Privilege Escalation
linux/local/pkexec
2011-04-01
great
Linux PolicyKit Race Condition Privilege Escalation
linux/local/sock_sendpage
2009-08-13
great
Linux Kernel Sendpage Local Privilege Escalation
linux/local/sophos_wpa_clear_keys
2013-09-06
excellent Sophos Web Protection Appliance clear_keys.pl
linux/local/udev_netlink
2009-04-16
great
Linux udev Netlink Local Privilege Escalation
linux/local/vmware_mount
2013-08-22
normal VMWare Setuid vmware-mount Unsafe popen(3)
linux/local/zpanel_zsudo
2013-06-07
excellent ZPanel zsudo Local Privilege Escalation Exploit
linux/misc/accellion_fta_mpipe2
2011-02-07
excellent Accellion File Transfer Appliance MPIPE2 Comma
linux/misc/drb_remote_codeexec
2011-03-23
excellent Distributed Ruby Send instance_eval/syscall Cod
linux/misc/gld_postfix
2005-04-12
good
GLD (Greylisting Daemon) Postfix Buffer Overflow
linux/misc/hp_data_protector_cmd_exec
2011-02-07
excellent HP Data Protector 6 EXEC_CMD Remote Cod
linux/misc/hp_nnmi_pmd_bof
2014-09-09
normal HP Network Node Manager I PMD Buffer Overflow
linux/misc/hp_vsa_login_bof
2013-06-28
normal HP StorageWorks P4000 Virtual SAN Appliance Lo
linux/misc/hplip_hpssd_exec
2007-10-04
excellent HPLIP hpssd.py From Address Arbitrary Command
linux/misc/ib_inet_connect
2007-10-03
good
Borland InterBase INET_connect() Buffer Overflow
linux/misc/ib_jrd8_create_database
2007-10-03
good
Borland InterBase jrd8_create_database() Buffer
linux/misc/ib_open_marker_file
2007-10-03
good
Borland InterBase open_marker_file() Buffer Overflo
linux/misc/ib_pwd_db_aliased
2007-10-03
good
Borland InterBase PWD_db_aliased() Buffer Overfl
linux/misc/lprng_format_string
2000-09-25
normal LPRng use_syslog Remote Format String Vulnerabi
linux/misc/mongod_native_helper
2013-03-24
normal MongoDB nativeHelper.apply Remote Code Exec
linux/misc/nagios_nrpe_arguments
2013-02-21
excellent Nagios Remote Plugin Executor Arbitrary Comm
Page 4
Sheet1
linux/misc/netsupport_manager_agent
2011-01-08
average NetSupport Manager Agent Remote Buffer Ov
linux/misc/novell_edirectory_ncp_bof
2012-12-12
normal Novell eDirectory 8 Buffer Overflow
linux/misc/sercomm_exec
2013-12-31
great
SerComm Device Remote Code Execution
linux/misc/zabbix_server_exec
2009-09-10
excellent Zabbix Server Arbitrary Command Execution
linux/mysql/mysql_yassl_getname
2010-01-25
good
MySQL yaSSL CertDecoder::GetName Buffer Ov
linux/mysql/mysql_yassl_hello
2008-01-04
good
MySQL yaSSL SSL Hello Message Buffer Overflow
linux/pop3/cyrus_pop3d_popsubfolders
2006-05-21
normal Cyrus IMAPD pop3d popsubfolders USER Buf
linux/postgres/postgres_payload
2007-06-05
excellent PostgreSQL for Linux Payload Execution
linux/pptp/poptop_negative_read
2003-04-09
great
Poptop Negative Read Overflow
linux/proxy/squid_ntlm_authenticate
2004-06-08
great
Squid NTLM Authenticate Overflow
linux/samba/chain_reply
2010-06-16
good
Samba chain_reply Memory Corruption (Linux x86)
linux/samba/lsa_transnames_heap
2007-05-14
good
Samba lsa_io_trans_names Heap Overflow
linux/samba/setinfopolicy_heap
2012-04-10
normal Samba SetInformationPolicy AuditEventsInfo Heap
linux/samba/trans2open
2003-04-07
great
Samba trans2open Overflow (Linux x86)
linux/smtp/exim4_dovecot_exec
2013-05-03
excellent Exim and Dovecot Insecure Configuration Comm
linux/ssh/f5_bigip_known_privkey
2012-06-11
excellent F5 BIG-IP SSH Private Key Exposure
linux/ssh/loadbalancerorg_enterprise_known_privkey
2014-03-17
excellent Loadbalancer.org Enterprise VA SSH Priv
linux/ssh/quantum_dxi_known_privkey
2014-03-17
excellent Quantum DXi V1000 SSH Private Key Exposu
linux/ssh/quantum_vmpro_backdoor
2014-03-17
excellent Quantum vmPRO Backdoor Command
linux/ssh/symantec_smg_ssh
2012-08-27
excellent Symantec Messaging Gateway 9.5 Default SSH P
linux/telnet/telnet_encrypt_keyid
2011-12-23
great
Linux BSD-derived Telnet Service Encryption Key ID
linux/upnp/dlink_upnp_msearch_exec
2013-02-01
excellent D-Link Unauthenticated UPnP M-SEARCH Mu
linux/upnp/miniupnpd_soap_bof
2013-03-27
normal MiniUPnPd 1.0 Stack Buffer Overflow Remote Co
multi/browser/firefox_escape_retval
2009-07-13
normal Firefox 3.5 escape() Return Value Memory Corrup
multi/browser/firefox_proto_crmfrequest
2013-08-06
excellent Firefox 5.0 - 15.0.1 __exposedProps__ XCS Co
multi/browser/firefox_queryinterface
2006-02-02
normal Firefox location.QueryInterface() Code Execution
multi/browser/firefox_svg_plugin
2013-01-08
excellent Firefox 17.0.1 Flash Privileged Code Injection
multi/browser/firefox_tostring_console_injection
2013-05-14
excellent Firefox toString console.time Privileged Javas
multi/browser/firefox_webidl_injection
2014-03-17
excellent Firefox WebIDL Privileged Javascript Injection
multi/browser/firefox_xpi_bootstrapped_addon
2007-06-27
excellent Mozilla Firefox Bootstrapped Addon Social E
multi/browser/itms_overflow
2009-06-01
great
Apple OS X iTunes 8.1.1 ITMS Overflow
multi/browser/java_atomicreferencearray
2012-02-14
excellent Java AtomicReferenceArray Type Violation Vu
multi/browser/java_calendar_deserialize
2008-12-03
excellent Sun Java Calendar Deserialization Privilege Es
multi/browser/java_getsoundbank_bof
2009-11-04
great
Sun Java JRE getSoundbank file:// URI Buffer O
multi/browser/java_jre17_driver_manager
2013-01-10
excellent Java Applet Driver Manager Privileged toStrin
multi/browser/java_jre17_exec
2012-08-26
excellent Java 7 Applet Remote Code Execution
multi/browser/java_jre17_glassfish_averagerangestatisticimpl 2012-10-16
excellent Java Applet AverageRangeStatisticImp
multi/browser/java_jre17_jaxws
2012-10-16
excellent Java Applet JAX-WS Remote Code Execution
multi/browser/java_jre17_jmxbean
2013-01-10
excellent Java Applet JMX Remote Code Execution
multi/browser/java_jre17_jmxbean_2
2013-01-19
excellent Java Applet JMX Remote Code Execution
multi/browser/java_jre17_method_handle
2012-10-16
excellent Java Applet Method Handle Remote Code Ex
multi/browser/java_jre17_provider_skeleton
2013-06-18
great
Java Applet ProviderSkeleton Insecure Invoke
multi/browser/java_jre17_reflection_types
2013-01-10
excellent Java Applet Reflection Type Confusion Remote
multi/browser/java_rhino
2011-10-18
excellent Java Applet Rhino Script Engine Remote Code Execu
multi/browser/java_rmi_connection_impl
2010-03-31
excellent Java RMIConnectionImpl Deserialization Privile
multi/browser/java_setdifficm_bof
2009-11-04
great
Sun Java JRE AWT setDiffICM Buffer Overflow
multi/browser/java_signed_applet
1997-02-19
excellent Java Signed Applet Social Engineering Code Exe
multi/browser/java_storeimagearray
2013-08-12
great
Java storeImageArray() Invalid Array Indexing Vul
multi/browser/java_trusted_chain
2010-03-31
excellent Java Statement.invoke() Trusted Method Chain Pr
multi/browser/java_verifier_field_access
2012-06-06
excellent Java Applet Field Bytecode Verifier Cache Rem
multi/browser/mozilla_compareto
2005-07-13
normal Mozilla Suite/Firefox compareTo() Code Execution
multi/browser/mozilla_navigatorjava
2006-07-25
normal Mozilla Suite/Firefox Navigator Object Code Exec
multi/browser/opera_configoverwrite
2007-03-05
excellent Opera 9 Configuration Overwrite
multi/browser/opera_historysearch
2008-10-23
excellent Opera historysearch XSS
multi/browser/qtjava_pointer
2007-04-23
excellent Apple QTJava toQTPointer() Arbitrary Memory Acce
Page 5
Sheet1
multi/elasticsearch/script_mvel_rce
2013-12-09
excellent ElasticSearch Dynamic Script Arbitrary Java Exec
multi/fileformat/adobe_u3d_meshcont
2009-10-13
good
Adobe U3D CLODProgressiveMeshDeclaration
multi/fileformat/maple_maplet
2010-04-26
excellent Maple Maplet File Creation and Command Executio
multi/fileformat/nodejs_js_yaml_load_code_exec
2013-06-28
excellent Nodejs js-yaml load() Code Execution
multi/fileformat/peazip_command_injection
2009-06-05
excellent PeaZip Zip Processing Command Injection
multi/ftp/pureftpd_bash_env_exec
2014-09-24
excellent Pure-FTPd External Authentication Bash Environ
multi/ftp/wuftpd_site_exec_format
2000-06-22
great
WU-FTPD SITE EXEC/INDEX Format String Vulne
multi/gdb/gdb_server_exec
2014-08-24
great
GDB Server Remote Payload Execution
multi/handler
manual Generic Payload Handler
multi/http/activecollab_chat
2012-05-30
excellent Active Collab "chat module" Remote PHP Code Injec
multi/http/ajaxplorer_checkinstall_exec
2010-04-04
excellent AjaXplorer checkInstall.php Remote Command E
multi/http/apache_mod_cgi_bash_env_exec
2014-09-24
good
Apache mod_cgi Bash Environment Variable
multi/http/apache_roller_ognl_injection
2013-10-31
excellent Apache Roller OGNL Injection
multi/http/apprain_upload_exec
2012-01-19
excellent appRain CMF Arbitrary PHP File Upload Vulnerabi
multi/http/auxilium_upload_exec
2012-09-14
excellent Auxilium RateMyPet Arbitrary File Upload Vulnerab
multi/http/axis2_deployer
2010-12-30
excellent Axis2 / SAP BusinessObjects Authenticated Code Exe
multi/http/cisco_dcnm_upload
2013-09-18
excellent Cisco Prime Data Center Network Manager Arbitra
multi/http/coldfusion_rds
2013-08-08
great
Adobe ColdFusion 9 Administrative Login Bypass
multi/http/cuteflow_upload_exec
2012-07-27
excellent CuteFlow v2.11.2 Arbitrary File Upload Vulnerabilit
multi/http/dexter_casinoloader_exec
2014-02-08
excellent Dexter (CasinoLoader) SQL Injection
multi/http/drupal_drupageddon
2014-10-15
excellent Drupal HTTP Parameter Key/Value SQL Injection
multi/http/eaton_nsm_code_exec
2012-06-26
excellent Network Shutdown Module (sort_values) Remote
multi/http/eventlog_file_upload
2014-08-31
excellent ManageEngine Eventlog Analyzer Arbitrary File Uplo
multi/http/extplorer_upload_exec
2012-12-31
excellent eXtplorer v2.1 Arbitrary File Upload Vulnerability
multi/http/familycms_less_exec
2011-11-29
excellent Family Connections less.php Remote Command E
multi/http/freenas_exec_raw
2010-11-06
great
FreeNAS exec_raw.php Arbitrary Command Executio
multi/http/gestioip_exec
2013-10-04
excellent GestioIP Remote Command Execution
multi/http/gitlab_shell_exec
2013-11-04
excellent Gitlab-shell Code Execution
multi/http/gitorious_graph
2012-01-19
excellent Gitorious Arbitrary Command Execution
multi/http/glassfish_deployer
2011-08-04
excellent Sun/Oracle GlassFish Server Authenticated Code Ex
multi/http/glossword_upload_exec
2013-02-05
excellent Glossword v1.8.8 - 1.8.12 Arbitrary File Upload V
multi/http/glpi_install_rce
2013-09-12
manual GLPI install.php Remote Command Execution
multi/http/horde_href_backdoor
2012-02-13
excellent Horde 3.3.12 Backdoor Arbitrary PHP Code Execu
multi/http/hp_sitescope_issuesiebelcmd
2013-10-30
great
HP SiteScope issueSiebelCmd Remote Code Ex
multi/http/hp_sitescope_uploadfileshandler
2012-08-29
good
HP SiteScope Remote Code Execution
multi/http/hp_sys_mgmt_exec
2013-06-11
excellent HP System Management Homepage JustGetSNM
multi/http/hyperic_hq_script_console
2013-10-10
excellent VMware Hyperic HQ Groovy Script-Console Java
multi/http/ispconfig_php_exec
2013-10-30
excellent ISPConfig Authenticated Arbitrary PHP Code Execu
multi/http/jboss_bshdeployer
2010-04-26
excellent JBoss JMX Console Beanshell Deployer WAR Uplo
multi/http/jboss_deploymentfilerepository
2010-04-26
excellent JBoss Java Class DeploymentFileRepository W
multi/http/jboss_invoke_deploy
2007-02-20
excellent JBoss DeploymentFileRepository WAR Deploymen
multi/http/jboss_maindeployer
2007-02-20
excellent JBoss JMX Console Deployer Upload and Execute
multi/http/jenkins_script_console
2013-01-18
good
Jenkins Script-Console Java Execution
multi/http/kordil_edms_upload_exec
2013-02-22
excellent Kordil EDMS v2.2.60rc3 Unauthenticated Arbitra
multi/http/lcms_php_exec
2011-03-03
excellent LotusCMS 3.0 eval() Remote Command Execution
multi/http/log1cms_ajax_create_folder
2011-04-11
excellent Log1 CMS writeInfo() PHP Code Injection
multi/http/manage_engine_dc_pmp_sqli
2014-06-08
excellent ManageEngine Desktop Central / Password M
multi/http/manageengine_search_sqli
2012-10-18
excellent ManageEngine Security Manager Plus 5.5 Build
multi/http/mediawiki_thumb
2014-01-28
excellent MediaWiki Thumb.php Remote Command Execution
multi/http/mobilecartly_upload_exec
2012-08-10
excellent MobileCartly 1.0 Arbitrary File Creation Vulnerabi
multi/http/moodle_cmd_exec
2013-10-30
good
Moodle Remote Command Execution
multi/http/movabletype_upgrade_exec
2013-01-07
normal Movable Type 4.2x, 4.3x Web Upgrade Remote
multi/http/mutiny_subnetmask_exec
2012-10-22
excellent Mutiny Remote Command Execution
multi/http/nas4free_php_exec
2013-10-30
great
NAS4Free Arbitrary Remote Code Execution
multi/http/netwin_surgeftp_exec
2012-12-06
good
Netwin SurgeFTP Remote Command Execution
Page 6
Sheet1
multi/http/op5_license
2012-01-05
excellent OP5 license.php Remote Command Execution
multi/http/op5_welcome
2012-01-05
excellent OP5 welcome Remote Command Execution
multi/http/openfire_auth_bypass
2008-11-10
excellent Openfire Admin Console Authentication Bypass
multi/http/openmediavault_cmd_exec
2013-10-30
excellent OpenMediaVault Cron Remote Command Exec
multi/http/openx_backdoor_php
2013-08-07
excellent OpenX Backdoor PHP Code Execution
multi/http/opmanager_socialit_file_upload
2014-09-27
excellent ManageEngine OpManager and Social IT Arbit
multi/http/oracle_reports_rce
2014-01-15
great
Oracle Forms and Reports Remote Code Execution
multi/http/php_cgi_arg_injection
2012-05-03
excellent PHP CGI Argument Injection
multi/http/php_volunteer_upload_exec
2012-05-28
excellent PHP Volunteer Management System v1.0.2 Arb
multi/http/phpldapadmin_query_engine
2011-10-24
excellent phpLDAPadmin query_engine Remote PHP Co
multi/http/phpmyadmin_3522_backdoor
2012-09-25
normal phpMyAdmin 3.5.2.2 server_sync.php Backdo
multi/http/phpmyadmin_preg_replace
2013-04-25
excellent phpMyAdmin Authenticated Remote Code Exec
multi/http/phpscheduleit_start_date
2008-10-01
excellent phpScheduleIt PHP reserve.php start_date Param
multi/http/phptax_exec
2012-10-08
excellent PhpTax pfilez Parameter Exec Remote Code Injection
multi/http/phpwiki_ploticus_exec
2014-09-11
excellent Phpwiki Ploticus Remote Code Execution
multi/http/plone_popen2
2011-10-04
excellent Plone and Zope XMLTools Remote Command Execu
multi/http/pmwiki_pagelist
2011-11-09
excellent PmWiki pagelist.php Remote PHP Code Injection Exp
multi/http/polarcms_upload_exec
2012-01-21
excellent PolarBear CMS PHP File Upload Vulnerability
multi/http/processmaker_exec
2013-10-24
excellent ProcessMaker Open Source Authenticated PHP C
multi/http/qdpm_upload_exec
2012-06-14
excellent qdPM v7 Arbitrary PHP File Upload Vulnerability
multi/http/rails_json_yaml_code_exec
2013-01-28
excellent Ruby on Rails JSON Processor YAML Deserializ
multi/http/rails_secret_deserialization
2013-04-11
excellent Ruby on Rails Known Secret Session Cookie Rem
multi/http/rails_xml_yaml_code_exec
2013-01-07
excellent Ruby on Rails XML Processor YAML Deserializa
multi/http/rocket_servergraph_file_requestor_rce
2013-10-30
great
Rocket Servergraph Admin Center fileReques
multi/http/sflog_upload_exec
2012-07-06
excellent Sflog! CMS 1.0 Arbitrary File Upload Vulnerability
multi/http/sit_file_upload
2011-11-10
excellent Support Incident Tracker Remote Command Execution
multi/http/snortreport_exec
2011-09-19
excellent Snortreport nmap.php/nbtscan.php Remote Comman
multi/http/solarwinds_store_manager_auth_filter
2014-08-19
excellent SolarWinds Storage Manager Authentication
multi/http/sonicwall_gms_upload
2012-01-17
excellent SonicWALL GMS 6 Arbitrary File Upload
multi/http/splunk_mappy_exec
2011-12-12
excellent Splunk Search Remote Code Execution
multi/http/splunk_upload_app_exec
2012-09-27
good
Splunk 5.0 Custom App Remote Code Execution
multi/http/spree_search_exec
2011-10-05
excellent Spreecommerce 0.60.1 Arbitrary Command Execut
multi/http/spree_searchlogic_exec
2011-04-19
excellent Spreecommerce Arbitrary Command Execution
multi/http/struts_code_exec
2010-07-13
good
Apache Struts Remote Command Execution
multi/http/struts_code_exec_classloader
2014-03-06
manual Apache Struts ClassLoader Manipulation Remo
multi/http/struts_code_exec_exception_delegator
2012-01-06
excellent Apache Struts Remote Command Execution
multi/http/struts_code_exec_parameters
2011-10-01
excellent Apache Struts ParametersInterceptor Remote
multi/http/struts_default_action_mapper
2013-07-02
excellent Apache Struts 2 DefaultActionMapper Prefixes O
multi/http/struts_dev_mode
2012-01-06
excellent Apache Struts 2 Developer Mode OGNL Execution
multi/http/struts_include_params
2013-05-24
great
Apache Struts includeParams Remote Code Execut
multi/http/stunshell_eval
2013-03-23
great
STUNSHELL Web Shell Remote PHP Code Execution
multi/http/stunshell_exec
2013-03-23
great
STUNSHELL Web Shell Remote Code Execution
multi/http/sun_jsws_dav_options
2010-01-20
great
Sun Java System Web Server WebDAV OPTIONS
multi/http/testlink_upload_exec
2012-08-13
excellent TestLink v1.9.3 Arbitrary File Upload Vulnerability
multi/http/tomcat_mgr_deploy
2009-11-09
excellent Apache Tomcat Manager Application Deployer Aut
multi/http/tomcat_mgr_upload
2009-11-09
excellent Apache Tomcat Manager Authenticated Upload Co
multi/http/traq_plugin_exec
2011-12-12
excellent Traq admincp/common.php Remote Code Execution
multi/http/uptime_file_upload
2013-11-19
excellent Up.Time Monitoring Station post2file.php Arbitrary Fi
multi/http/v0pcr3w_exec
2013-03-23
great
v0pCr3w Web Shell Remote Code Execution
multi/http/vbseo_proc_deutf
2012-01-23
excellent vBSEO proc_deutf() Remote PHP Code Injection
multi/http/vtiger_install_rce
2014-03-05
manual Vtiger Install Unauthenticated Remote Command Exec
multi/http/vtiger_php_exec
2013-10-30
excellent vTigerCRM v5.4.0/v5.3.0 Authenticated Remote Cod
multi/http/vtiger_soap_upload
2013-03-26
excellent vTiger CRM SOAP AddEmailAttachment Arbitrary F
multi/http/webpagetest_upload_exec
2012-07-13
excellent WebPageTest Arbitrary PHP File Upload
multi/http/wikka_spam_exec
2011-11-30
excellent WikkaWiki 1.3.2 Spam Logging PHP Injection
Page 7
Sheet1
multi/http/zabbix_script_exec
2013-10-30
excellent Zabbix Authenticated Remote Command Execution
multi/http/zenworks_control_center_upload
2013-03-22
great
Novell ZENworks Configuration Management R
multi/ids/snort_dce_rpc
2007-02-19
good
Snort 2 DCE/RPC Preprocessor Buffer Overflow
multi/misc/batik_svg_java
2012-05-11
excellent Squiggle 1.7 SVG Browser Java Code Execution
multi/misc/hp_data_protector_exec_integutil
2014-10-02
great
HP Data Protector EXEC_INTEGUTIL Remote
multi/misc/hp_vsa_exec
2011-11-11
excellent HP StorageWorks P4000 Virtual SAN Appliance Com
multi/misc/indesign_server_soap
2012-11-11
excellent Adobe IndesignServer 5.5 SOAP Server Arbitrary
multi/misc/java_jdwp_debugger
2010-03-12
good
Java Debug Wire Protocol Remote Code Executio
multi/misc/java_rmi_server
2011-10-15
excellent Java RMI Server Insecure Default Configuration Jav
multi/misc/openview_omniback_exec
2001-02-28
excellent HP OpenView OmniBack II Command Executi
multi/misc/pbot_exec
2009-11-02
excellent PHP IRC Bot pbot eval() Remote Code Execution
multi/misc/ra1nx_pubcall_exec
2013-03-24
great
Ra1NX PHP Bot PubCall Authentication Bypass Re
multi/misc/veritas_netbackup_cmdexec
2004-10-21
excellent VERITAS NetBackup Remote Command Exec
multi/misc/wireshark_lwres_getaddrbyname
2010-01-27
great
Wireshark LWRES Dissector getaddrsbyname
multi/misc/wireshark_lwres_getaddrbyname_loop
2010-01-27
great
Wireshark LWRES Dissector getaddrsbyna
multi/misc/zend_java_bridge
2011-03-28
great
Zend Server Java Bridge Arbitrary Java Code Execu
multi/ntp/ntp_overflow
2001-04-04
good
NTP Daemon readvar Buffer Overflow
multi/php/php_unserialize_zval_cookie
2007-03-04
average PHP 4 unserialize() ZVAL Reference Counter O
multi/realserver/describe
2002-12-20
great
RealServer Describe Buffer Overflow
multi/samba/nttrans
2003-04-07
average Samba 2.2.2 - 2.2.6 nttrans Buffer Overflow
multi/samba/usermap_script
2007-05-14
excellent Samba "username map script" Command Executio
multi/sap/sap_mgmt_con_osexec_payload
2011-03-08
excellent SAP Management Console OSExecute Pay
multi/sap/sap_soap_rfc_sxpg_call_system_exec
2013-03-26
great
SAP SOAP RFC SXPG_CALL_SYSTEM R
multi/sap/sap_soap_rfc_sxpg_command_exec
2012-05-08
great
SAP SOAP RFC SXPG_COMMAND_EXE
multi/script/web_delivery
2013-07-19
manual Script Web Delivery
multi/ssh/sshexec
1999-01-01
manual SSH User Code Execution
multi/svn/svnserve_date
2004-05-19
average Subversion Date Svnserve
multi/upnp/libupnp_ssdp_overflow
2013-01-29
normal Portable UPnP SDK unique_service_name() Rem
multi/wyse/hagent_untrusted_hsdata
2009-07-10
excellent Wyse Rapport Hagent Fake Hserver Command
netware/smb/lsass_cifs
2007-01-21
average Novell NetWare LSASS CIFS.NLM Driver Stack Buff
netware/sunrpc/pkernel_callit
2009-09-30
good
NetWare 6.5 SunRPC Portmapper CALLIT Stack Bu
osx/afp/loginext
2004-05-03
average AppleFileServer LoginExt PathName Overflow
osx/arkeia/type77
2005-02-18
average Arkeia Backup Client Type 77 Overflow (Mac OS X)
osx/browser/mozilla_mchannel
2011-05-10
normal Mozilla Firefox 3.6.16 mChannel Use-After-Free
osx/browser/safari_file_policy
2011-10-12
normal Apple Safari file:// Arbitrary Code Execution
osx/browser/safari_metadata_archive
2006-02-21
excellent Safari Archive Metadata Command Execution
osx/browser/safari_user_assisted_download_launch
2014-03-10
manual Safari User-Assisted Download and Run
osx/browser/software_update
2007-12-17
excellent Apple OS X Software Update Command Execution
osx/email/mailapp_image_exec
2006-03-01
manual Mail.app Image Attachment Command Execution
osx/ftp/webstar_ftp_user
2004-07-13
average WebSTAR FTP Server USER Overflow
osx/http/evocam_webserver
2010-06-01
average MacOS X EvoCam HTTP GET Buffer Overflow
osx/local/nfs_mount_root
2014-04-11
normal Mac OS X NFS Mount Privilege Escalation Exploit
osx/local/persistence
2012-04-01
excellent Mac OS X Persistent Payload Installer
osx/local/setuid_tunnelblick
2012-08-11
excellent Setuid Tunnelblick Privilege Escalation
osx/local/setuid_viscosity
2012-08-12
excellent Viscosity setuid-set ViscosityHelper Privilege Escalatio
osx/local/sudo_password_bypass
2013-02-28
normal Mac OS X Sudo Password Bypass
osx/local/vmware_bash_function_root
2014-09-24
normal OS X VMWare Fusion Privilege Escalation via B
osx/mdns/upnp_location
2007-05-25
average Mac OS X mDNSResponder UPnP Location Overflo
osx/misc/ufo_ai
2009-10-28
average UFO: Alien Invasion IRC Client Buffer Overflow
osx/rtsp/quicktime_rtsp_content_type
2007-11-23
average MacOS X QuickTime RTSP Content-Type Over
osx/samba/lsa_transnames_heap
2007-05-14
average Samba lsa_io_trans_names Heap Overflow
osx/samba/trans2open
2003-04-07
great
Samba trans2open Overflow (Mac OS X PPC)
solaris/dtspcd/heap_noir
2002-07-10
great
Solaris dtspcd Heap Overflow
solaris/lpd/sendmail_exec
2001-08-31
excellent Solaris LPD Command Execution
solaris/samba/lsa_transnames_heap
2007-05-14
average Samba lsa_io_trans_names Heap Overflow
Page 8
Sheet1
solaris/samba/trans2open
2003-04-07
great
Samba trans2open Overflow (Solaris SPARC)
solaris/sunrpc/sadmind_adm_build_path
2008-10-14
great
Sun Solaris sadmind adm_build_path() Buffer O
solaris/sunrpc/sadmind_exec
2003-09-13
excellent Solaris sadmind Command Execution
solaris/sunrpc/ypupdated_exec
1994-12-12
excellent Solaris ypupdated Command Execution
solaris/telnet/fuser
2007-02-12
excellent Sun Solaris Telnet Remote Authentication Bypass Vulner
solaris/telnet/ttyprompt
2002-01-18
excellent Solaris in.telnetd TTYPROMPT Buffer Overflow
unix/dhcp/bash_environment
2014-09-24
excellent Dhclient Bash Environment Variable Injection
unix/ftp/proftpd_133c_backdoor
2010-12-02
excellent ProFTPD-1.3.3c Backdoor Command Execution
unix/ftp/vsftpd_234_backdoor
2011-07-03
excellent VSFTPD v2.3.4 Backdoor Command Execution
unix/http/contentkeeperweb_mimencode
2009-02-25
excellent ContentKeeper Web Remote Command Exec
unix/http/ctek_skyrouter
2011-09-08
average CTEK SkyRouter 4200 and 4300 Command Execution
unix/http/freepbx_callmenum
2012-03-20
manual FreePBX 2.10.0 / 2.9.0 callmenum Remote Code E
unix/http/lifesize_room
2011-07-13
excellent LifeSize Room Command Injection
unix/http/vmturbo_vmtadmin_exec_noauth
2014-06-25
excellent VMTurbo Operations Manager vmtadmin.cg
unix/irc/unreal_ircd_3281_backdoor
2010-06-12
excellent UnrealIRCD 3.2.8.1 Backdoor Command Execut
unix/local/setuid_nmap
2012-07-19
excellent Setuid Nmap Exploit
unix/misc/distcc_exec
2002-02-01
excellent DistCC Daemon Command Execution
unix/misc/qnx_qconn_exec
2012-09-04
excellent QNX QCONN Remote Command Execution Vulner
unix/misc/spamassassin_exec
2006-06-06
excellent SpamAssassin spamd Remote Command Execut
unix/misc/zabbix_agent_exec
2009-09-10
excellent Zabbix Agent net.tcp.listen Command Injection
unix/smtp/clamav_milter_blackhole
2007-08-24
excellent ClamAV Milter Blackhole-Mode Remote Code Ex
unix/smtp/exim4_string_format
2010-12-07
excellent Exim4 string_format Function Heap Buffer Overflow
unix/ssh/array_vxag_vapv_privkey_privesc
2014-02-03
excellent Array Networks vAPV and vxAG Private Key
unix/ssh/tectia_passwd_changereq
2012-12-01
excellent Tectia SSH USERAUTH Change Request Pass
unix/webapp/arkeia_upload_exec
2013-09-16
excellent Western Digital Arkeia Remote Code Execution
unix/webapp/awstats_configdir_exec
2005-01-15
excellent AWStats configdir Remote Command Execution
unix/webapp/awstats_migrate_exec
2006-05-04
excellent AWStats migrate Remote Command Execution
unix/webapp/awstatstotals_multisort
2008-08-26
excellent AWStats Totals multisort Remote Command Exe
unix/webapp/barracuda_img_exec
2005-09-01
excellent Barracuda IMG.PL Remote Command Executio
unix/webapp/base_qry_common
2008-06-14
excellent BASE base_qry_common Remote File Include
unix/webapp/basilic_diff_exec
2012-06-28
excellent Basilic 1.5.14 diff.php Arbitrary Command Execution
unix/webapp/cacti_graphimage_exec
2005-01-15
excellent Cacti graph_view.php Remote Command Exec
unix/webapp/cakephp_cache_corruption
2010-11-15
excellent CakePHP Cache Corruption Code Execution
unix/webapp/carberp_backdoor_exec
2013-06-28
great
Carberp Web Panel C2 Backdoor Remote PHP
unix/webapp/citrix_access_gateway_exec
2010-12-21
excellent Citrix Access Gateway Command Execution
unix/webapp/clipbucket_upload_exec
2013-10-04
excellent ClipBucket Remote Code Execution
unix/webapp/coppermine_piceditor
2008-01-30
excellent Coppermine Photo Gallery picEditor.php Comma
unix/webapp/datalife_preview_exec
2013-01-28
excellent DataLife Engine preview.php PHP Code Injectio
unix/webapp/dogfood_spell_exec
2009-03-03
excellent Dogfood CRM spell.php Remote Command Exec
unix/webapp/egallery_upload_exec
2012-07-08
excellent EGallery PHP File Upload Vulnerability
unix/webapp/flashchat_upload_exec
2013-10-04
excellent FlashChat Arbitrary File Upload
unix/webapp/foswiki_maketext
2012-12-03
excellent Foswiki MAKETEXT Remote Command Execution
unix/webapp/freepbx_config_exec
2014-03-21
excellent FreePBX config.php Remote Code Execution
unix/webapp/generic_exec
1993-11-14
excellent Generic Web Application Unix Command Execution
unix/webapp/get_simple_cms_upload_exec
2014-01-04
excellent GetSimpleCMS PHP File Upload Vulnerabi
unix/webapp/google_proxystylesheet_exec
2005-08-16
excellent Google Appliance ProxyStyleSheet Comman
unix/webapp/graphite_pickle_exec
2013-08-20
excellent Graphite Web Unsafe Pickle Handling
unix/webapp/guestbook_ssi_exec
1999-11-05
excellent Matt Wright guestbook.pl Arbitrary Command Ex
unix/webapp/hastymail_exec
2011-11-22
excellent Hastymail 2.1.1 RC1 Command Injection
unix/webapp/havalite_upload_exec
2013-06-17
excellent Havalite CMS Arbitary File Upload Vulnerability
unix/webapp/horde_unserialize_exec
2013-06-27
excellent Horde Framework Unserialize PHP Code Execu
unix/webapp/hybridauth_install_php_exec
2014-08-04
manual HybridAuth install.php PHP Code Execution
unix/webapp/instantcms_exec
2013-06-26
excellent InstantCMS 1.6 Remote PHP Code Execution
unix/webapp/invision_pboard_unserialize_exec
2012-10-25
excellent Invision IP.Board unserialize() PHP Code E
unix/webapp/joomla_akeeba_unserialize
2014-09-29
excellent Joomla Akeeba Kickstart Unserialize Remote
Page 9
Sheet1
unix/webapp/joomla_comjce_imgmanager
unix/webapp/joomla_media_upload_exec
unix/webapp/joomla_tinybrowser
unix/webapp/kimai_sqli
unix/webapp/libretto_upload_exec
unix/webapp/mambo_cache_lite
unix/webapp/mitel_awc_exec
unix/webapp/moinmoin_twikidraw
unix/webapp/mybb_backdoor
unix/webapp/nagios3_history_cgi
unix/webapp/nagios3_statuswml_ping
unix/webapp/nagios_graph_explorer
unix/webapp/narcissus_backend_exec
unix/webapp/open_flash_chart_upload_exec
unix/webapp/openemr_sqli_privesc_upload
unix/webapp/openemr_upload_exec
unix/webapp/opensis_modname_exec
unix/webapp/openview_connectednodes_exec
unix/webapp/openx_banner_edit
unix/webapp/oracle_vm_agent_utl
unix/webapp/oscommerce_filemanager
unix/webapp/pajax_remote_exec
unix/webapp/php_charts_exec
unix/webapp/php_eval
unix/webapp/php_include
unix/webapp/php_vbulletin_template
unix/webapp/php_wordpress_foxypress
unix/webapp/php_wordpress_infusionsoft
unix/webapp/php_wordpress_lastpost
unix/webapp/php_wordpress_optimizepress
unix/webapp/php_wordpress_total_cache
unix/webapp/php_xmlrpc_eval
unix/webapp/phpbb_highlight
unix/webapp/phpmyadmin_config
unix/webapp/projectpier_upload_exec
unix/webapp/qtss_parse_xml_exec
unix/webapp/redmine_scm_exec
unix/webapp/seportal_sqli_exec
unix/webapp/simple_e_document_upload_exec
unix/webapp/skybluecanvas_exec
unix/webapp/sphpblog_file_upload
unix/webapp/spip_connect_exec
unix/webapp/squash_yaml_exec
unix/webapp/squirrelmail_pgp_plugin
unix/webapp/sugarcrm_unserialize_exec
unix/webapp/tikiwiki_graph_formula_exec
unix/webapp/tikiwiki_jhot_exec
unix/webapp/tikiwiki_unserialize_exec
unix/webapp/trixbox_langchoice
unix/webapp/twiki_history
unix/webapp/twiki_maketext
unix/webapp/twiki_search
unix/webapp/vbulletin_vote_sqli_exec
unix/webapp/vicidial_manager_send_cmd_exec
unix/webapp/webmin_show_cgi_exec
2012-08-02
excellent Joomla Component JCE File Upload Remo
2013-08-01
excellent Joomla Media Manager File Upload Vulnera
2009-07-22
excellent Joomla 1.5.12 TinyBrowser File Upload Code Exe
2013-05-21
average Kimai v0.9.2 'db_restore.php' SQL Injection
2013-06-14
excellent LibrettoCMS File Manager Arbitary File Upload V
2008-06-14
excellent Mambo Cache_Lite Class mosConfig_absolute_
2010-12-12
excellent Mitel Audio and Web Conferencing Command Inje
2012-12-30
manual MoinMoin twikidraw Action Traversal File Upload
2011-10-06
excellent myBB 1.6.4 Backdoor Arbitrary Command Execut
2012-12-09
great
Nagios3 history.cgi Host Command Execution
2009-06-22
excellent Nagios3 statuswml.cgi Ping Command Execut
2012-11-30
excellent Nagios XI Network Monitor Graph Explorer Com
2012-11-14
excellent Narcissus Image Configuration Passthru Vuln
2009-12-14
great
Open Flash Chart v2 Arbitrary File Upload
2013-09-16
excellent OpenEMR 4.1.1 Patch 14 SQLi Privilege Es
2013-02-13
excellent OpenEMR PHP File Upload Vulnerability
2012-12-04
excellent OpenSIS 'modname' PHP Code Execution
2005-08-25
excellent HP Openview connectedNodes.ovpl Rem
2009-11-24
excellent OpenX banner-edit.php File Upload PHP Code E
2010-10-12
excellent Oracle VM Server Virtual Server Agent Comman
2009-08-31
excellent osCommerce 2.2 Arbitrary PHP Code Execut
2006-03-30
excellent PAJAX Remote Command Execution
2013-01-16
excellent PHP-Charts v1.0 PHP Code Execution Vulnerabil
2008-10-13
manual Generic PHP Code Evaluation
2006-12-17
normal PHP Remote File Include Generic Code Execution
2005-02-25
excellent vBulletin misc.php Template Name Arbitrary Co
2012-06-05
excellent WordPress Plugin Foxypress uploadify.php A
2014-09-25
excellent Wordpress InfusionSoft Upload Vulnerability
2005-08-09
excellent WordPress cache_lastpostdate Arbitrary Code
2013-11-29
normal WordPress OptimizePress Theme File Uplo
2013-04-17
excellent Wordpress W3 Total Cache PHP Code Exec
2005-06-29
excellent PHP XML-RPC Arbitrary Code Execution
2004-11-12
excellent phpBB viewtopic.php Arbitrary Code Execution
2009-03-24
excellent PhpMyAdmin Config File Code Injection
2012-10-08
excellent Project Pier Arbitrary File Upload Vulnerability
2003-02-24
excellent QuickTime Streaming Server parse_xml.cgi Re
2010-12-19
excellent Redmine SCM Repository Arbitrary Command E
2014-03-20
excellent SePortal SQLi Remote Code Execution
2014-01-23
excellent Simple E-Document Arbitrary File Upload
2014-01-28
excellent SkyBlueCanvas CMS Remote Code Execution
2005-08-25
excellent Simple PHP Blog Remote Command Execution
2012-07-04
normal SPIP connect Parameter PHP Injection
2013-08-06
excellent Squash YAML Code Execution
2007-07-09
manual SquirrelMail PGP Plugin Command Execution (
2012-06-23
excellent SugarCRM unserialize() PHP Code Execution
2007-10-10
excellent TikiWiki tiki-graph_formula Remote PHP Code
2006-09-02
excellent TikiWiki jhot Remote Command Execution
2012-07-04
excellent Tiki Wiki unserialize() PHP Code Execution
2008-07-09
manual Trixbox langChoice PHP Local File Inclusion
2005-09-14
excellent TWiki History TWikiUsers rev Parameter Command E
2012-12-15
excellent TWiki MAKETEXT Remote Command Execution
2004-10-01
excellent TWiki Search Function Arbitrary Command Executio
2013-03-25
excellent vBulletin index.php/ajax/api/reputation/vote node
2013-10-23
excellent VICIdial Manager Send OS Command Inj
2012-09-06
excellent Webmin /file/show.cgi Remote Command Exe
Page 10
Sheet1
unix/webapp/webtester_exec
2013-10-17
excellent WebTester 5.x Command Execution
unix/webapp/wp_advanced_custom_fields_exec
2012-11-14
excellent WordPress Plugin Advanced Custom Fie
unix/webapp/wp_asset_manager_upload_exec
2012-05-26
excellent WordPress Asset-Manager PHP File Uplo
unix/webapp/wp_google_document_embedder_exec
2013-01-03
normal WordPress Plugin Google Document E
unix/webapp/wp_property_upload_exec
2012-03-26
excellent WordPress WP-Property PHP File Upload Vu
unix/webapp/wp_wptouch_file_upload
2014-07-14
excellent Wordpress WPTouch Authenticated File Uploa
unix/webapp/wp_wysija_newsletters_upload
2014-07-01
excellent Wordpress MailPoet Newsletters (wysija-new
unix/webapp/xoda_file_upload
2012-08-21
excellent XODA 0.4.5 Arbitrary PHP File Upload Vulnerabilit
unix/webapp/zeroshell_exec
2013-09-22
excellent ZeroShell Remote Code Execution
unix/webapp/zimbra_lfi
2013-12-06
excellent Zimbra Collaboration Server LFI
unix/webapp/zoneminder_packagecontrol_exec
2013-01-22
excellent ZoneMinder Video Server packageContro
unix/webapp/zpanel_username_exec
2013-06-07
excellent ZPanel 10.0.0.2 htpasswd Module Username
windows/antivirus/ams_hndlrsvc
2010-07-26
excellent Symantec System Center Alert Management Syst
windows/antivirus/ams_xfr
2009-04-28
excellent Symantec System Center Alert Management System
windows/antivirus/symantec_endpoint_manager_rce
2014-02-24
excellent Symantec Endpoint Protection Manager
windows/antivirus/symantec_iao
2009-04-28
good
Symantec Alert Management System Intel Alert Or
windows/antivirus/symantec_rtvscan
2006-05-24
good
Symantec Remote Management Buffer Overflow
windows/antivirus/symantec_workspace_streaming_exec
2014-05-12
excellent Symantec Workspace Streaming Arbi
windows/antivirus/trendmicro_serverprotect
2007-02-20
good
Trend Micro ServerProtect 5.58 Buffer Overflow
windows/antivirus/trendmicro_serverprotect_createbinding
2007-05-07
good
Trend Micro ServerProtect 5.58 CreateB
windows/antivirus/trendmicro_serverprotect_earthagent
2007-05-07
good
Trend Micro ServerProtect 5.58 EarthAge
windows/arkeia/type77
2005-02-18
good
Arkeia Backup Client Type 77 Overflow (Win32)
windows/backdoor/energizer_duo_payload
2010-03-05
excellent Energizer DUO Trojan Code Execution
windows/backupexec/name_service
2004-12-16
average Veritas Backup Exec Name Service Overflow
windows/backupexec/remote_agent
2005-06-22
great
Veritas Backup Exec Windows Remote Agent O
windows/brightstor/ca_arcserve_342
2008-10-09
average Computer Associates ARCserve REPORTREM
windows/brightstor/discovery_tcp
2005-02-14
average CA BrightStor Discovery Service TCP Overflow
windows/brightstor/discovery_udp
2004-12-20
average CA BrightStor Discovery Service Stack Buffer Ov
windows/brightstor/etrust_itm_alert
2008-04-04
average Computer Associates Alert Notification Buffer Ove
windows/brightstor/hsmserver
2007-09-27
great
CA BrightStor HSM Buffer Overflow
windows/brightstor/lgserver
2007-01-31
average CA BrightStor ARCserve for Laptops and Desktops
windows/brightstor/lgserver_multi
2007-06-06
average CA BrightStor ARCserve for Laptops and Desktop
windows/brightstor/lgserver_rxrlogin
2007-06-06
average CA BrightStor ARCserve for Laptops and Deskto
windows/brightstor/lgserver_rxssetdatagrowthscheduleandfilter 2007-06-06
average CA BrightStor ARCserve for Laptops a
windows/brightstor/lgserver_rxsuselicenseini
2007-06-06
average CA BrightStor ARCserve for Laptops and Des
windows/brightstor/license_gcr
2005-03-02
average CA BrightStor ARCserve License Service GCR NE
windows/brightstor/mediasrv_sunrpc
2007-04-25
average CA BrightStor ArcServe Media Service Stack B
windows/brightstor/message_engine
2007-01-11
average CA BrightStor ARCserve Message Engine Buff
windows/brightstor/message_engine_72
2010-10-04
average CA BrightStor ARCserve Message Engine 0x
windows/brightstor/message_engine_heap
2006-10-05
average CA BrightStor ARCserve Message Engine H
windows/brightstor/sql_agent
2005-08-02
average CA BrightStor Agent for Microsoft SQL Overflow
windows/brightstor/tape_engine
2006-11-21
average CA BrightStor ARCserve Tape Engine Buffer Ove
windows/brightstor/tape_engine_0x8a
2010-10-04
average CA BrightStor ARCserve Tape Engine 0x8A Bu
windows/brightstor/universal_agent
2005-04-11
average CA BrightStor Universal Agent Overflow
windows/browser/adobe_cooltype_sing
2010-09-07
great
Adobe CoolType SING Table "uniqueName" St
windows/browser/adobe_flash_avm2
2014-02-05
normal Adobe Flash Player Integer Underflow Remote
windows/browser/adobe_flash_filters_type_confusion
2013-12-10
normal Adobe Flash Player Type Confusion Rem
windows/browser/adobe_flash_mp4_cprt
2012-02-15
normal Adobe Flash Player MP4 'cprt' Overflow
windows/browser/adobe_flash_otf_font
2012-08-09
normal Adobe Flash Player 11.3 Kern Table Parsing In
windows/browser/adobe_flash_pixel_bender_bof
2014-04-28
normal Adobe Flash Player Shader Buffer Overflo
windows/browser/adobe_flash_regex_value
2013-02-08
normal Adobe Flash Player Regular Expression Hea
windows/browser/adobe_flash_rtmp
2012-05-04
normal Adobe Flash Player Object Type Confusion
windows/browser/adobe_flash_sps
2011-08-09
normal Adobe Flash Player MP4 SequenceParameterS
windows/browser/adobe_flashplayer_arrayindexing
2012-06-21
great
Adobe Flash Player AVM Verification Logic
windows/browser/adobe_flashplayer_avm
2011-03-15
good
Adobe Flash Player AVM Bytecode Verificatio
Page 11
Sheet1
windows/browser/adobe_flashplayer_flash10o
2011-04-11
normal Adobe Flash Player 10.2.153.1 SWF Memo
windows/browser/adobe_flashplayer_newfunction
2010-06-04
normal Adobe Flash Player "newfunction" Invalid
windows/browser/adobe_flatedecode_predictor02
2009-10-08
good
Adobe FlateDecode Stream Predictor 02 In
windows/browser/adobe_geticon
2009-03-24
good
Adobe Collab.getIcon() Buffer Overflow
windows/browser/adobe_jbig2decode
2009-02-19
good
Adobe JBIG2Decode Heap Corruption
windows/browser/adobe_media_newplayer
2009-12-14
good
Adobe Doc.media.newPlayer Use After Free
windows/browser/adobe_shockwave_rcsl_corruption
2010-10-21
normal Adobe Shockwave rcsL Memory Corrup
windows/browser/adobe_toolbutton
2013-08-08
normal Adobe Reader ToolButton Use After Free
windows/browser/adobe_utilprintf
2008-02-08
good
Adobe util.printf() Buffer Overflow
windows/browser/advantech_webaccess_dvs_getcolor
2014-07-17
normal Advantech WebAccess dvs.ocx GetCo
windows/browser/aim_goaway
2004-08-09
great
AOL Instant Messenger goaway Overflow
windows/browser/aladdin_choosefilepath_bof
2012-04-01
normal Aladdin Knowledge System Ltd ChooseFileP
windows/browser/amaya_bdo
2009-01-28
normal Amaya Browser v11.0 'bdo' Tag Overflow
windows/browser/aol_ampx_convertfile
2009-05-19
normal AOL Radio AmpX ActiveX Control ConvertFile
windows/browser/aol_icq_downloadagent
2006-11-06
excellent America Online ICQ ActiveX Control Arbitrary
windows/browser/apple_itunes_playlist
2005-01-11
normal Apple ITunes 4.7 Playlist Buffer Overflow
windows/browser/apple_quicktime_marshaled_punk
2010-08-30
great
Apple QuickTime 7.6.7 _Marshaled_pUn
windows/browser/apple_quicktime_mime_type
2012-11-07
normal Apple QuickTime 7.7.2 MIME Type Buffer
windows/browser/apple_quicktime_rdrf
2013-05-22
normal Apple Quicktime 7 Invalid Atom Length Buffer O
windows/browser/apple_quicktime_rtsp
2007-01-01
normal Apple QuickTime 7.1.3 RTSP URI Buffer Over
windows/browser/apple_quicktime_smil_debug
2010-08-12
good
Apple QuickTime 7.6.6 Invalid SMIL URI Bu
windows/browser/apple_quicktime_texml_font_table
2012-11-07
normal Apple QuickTime 7.7.2 TeXML Style Elem
windows/browser/ask_shortformat
2007-09-24
normal Ask.com Toolbar askBar.dll ActiveX Control Buff
windows/browser/asus_net4switch_ipswcom
2012-02-17
normal ASUS Net4Switch ipswcom.dll ActiveX Sta
windows/browser/athocgov_completeinstallation
2008-02-15
normal AtHocGov IWSAlerts ActiveX Control Buffe
windows/browser/autodesk_idrop
2009-04-02
normal Autodesk IDrop ActiveX Control Heap Memory C
windows/browser/aventail_epi_activex
2010-08-19
normal SonicWALL Aventail epi.dll AuthCredential Form
windows/browser/awingsoft_web3d_bof
2009-07-10
average AwingSoft Winds3D Player SceneURL Buffe
windows/browser/awingsoft_winds3d_sceneurl
2009-11-14
excellent AwingSoft Winds3D Player 3.5 SceneURL
windows/browser/baofeng_storm_onbeforevideodownload
2009-04-30
normal BaoFeng Storm mps.dll ActiveX OnB
windows/browser/barcode_ax49
2007-06-22
normal RKD Software BarCodeAx.dll v4.9 ActiveX Remo
windows/browser/blackice_downloadimagefileurl
2008-06-05
excellent Black Ice Cover Page ActiveX Control Arbi
windows/browser/c6_messenger_downloaderactivex
2008-06-03
excellent Icona SpA C6 Messenger DownloaderA
windows/browser/ca_brightstor_addcolumn
2008-03-16
normal CA BrightStor ARCserve Backup AddColum
windows/browser/chilkat_crypt_writefile
2008-11-03
excellent Chilkat Crypt ActiveX WriteFile Unsafe Method
windows/browser/cisco_anyconnect_exec
2011-06-01
excellent Cisco AnyConnect VPN Client ActiveX URL
windows/browser/cisco_playerpt_setsource
2012-03-22
normal Cisco Linksys PlayerPT ActiveX Control Buff
windows/browser/cisco_playerpt_setsource_surl
2012-07-17
normal Cisco Linksys PlayerPT ActiveX Control Se
windows/browser/citrix_gateway_actx
2011-07-14
normal Citrix Gateway ActiveX Control Stack Based Bu
windows/browser/clear_quest_cqole
2012-05-19
normal IBM Rational ClearQuest CQOle Remote Code
windows/browser/communicrypt_mail_activex
2010-05-19
great
CommuniCrypt Mail 1.16 SMTP ActiveX Stac
windows/browser/creative_software_cachefolder
2008-05-28
normal Creative Software AutoUpdate Engine Acti
windows/browser/crystal_reports_printcontrol
2010-12-14
normal Crystal Reports CrystalPrintControl ActiveX S
windows/browser/dell_webcam_crazytalk
2012-03-19
normal Dell Webcam CrazyTalk ActiveX BackImage
windows/browser/dxstudio_player_exec
2009-06-09
excellent Worldweaver DX Studio Player shell.execute()
windows/browser/ea_checkrequirements
2007-10-08
normal Electronic Arts SnoopyCtrl ActiveX Control B
windows/browser/ebook_flipviewer_fviewerloading
2007-06-06
normal FlipViewer FViewerLoading ActiveX Contro
windows/browser/enjoysapgui_comp_download
2009-04-15
excellent EnjoySAP SAP GUI ActiveX Control Arbit
windows/browser/enjoysapgui_preparetoposthtml
2007-07-05
normal EnjoySAP SAP GUI ActiveX Control Buffe
windows/browser/facebook_extractiptc
2008-01-31
normal Facebook Photo Uploader 4 ActiveX Control Bu
windows/browser/foxit_reader_plugin_url_bof
2013-01-07
normal Foxit Reader Plugin URL Processing Buffer O
windows/browser/gom_openurl
2007-10-27
normal GOM Player ActiveX Control Buffer Overflow
windows/browser/greendam_url
2009-06-11
normal Green Dam URL Processing Buffer Overflow
windows/browser/honeywell_hscremotedeploy_exec
2013-02-22
excellent Honeywell HSC Remote Deployer Activ
windows/browser/honeywell_tema_exec
2011-10-20
excellent Honeywell Tema Remote Installer ActiveX Re
Page 12
Sheet1
windows/browser/hp_alm_xgo_setshapenodetype_exec
2012-08-29
normal HP Application Lifecycle Managemen
windows/browser/hp_easy_printer_care_xmlcachemgr
2012-01-11
great
HP Easy Printer Care XMLCacheMgr Cl
windows/browser/hp_easy_printer_care_xmlsimpleaccessor
2011-08-16
great
HP Easy Printer Care XMLSimpleAcce
windows/browser/hp_loadrunner_addfile
2008-01-25
normal Persits XUpload ActiveX AddFile Buffer Overfl
windows/browser/hp_loadrunner_addfolder
2007-12-25
good
HP LoadRunner 9.0 ActiveX AddFolder Buffe
windows/browser/hp_loadrunner_writefilebinary
2013-07-24
normal HP LoadRunner lrFileIOService ActiveX Rem
windows/browser/hp_loadrunner_writefilestring
2013-07-24
normal HP LoadRunner lrFileIOService ActiveX Writ
windows/browser/hpmqc_progcolor
2007-04-04
normal HP Mercury Quality Center ActiveX Control Pro
windows/browser/hyleos_chemviewx_activex
2010-02-10
good
Hyleos ChemView ActiveX Control Stack Bu
windows/browser/ibm_spss_c1sizer
2013-04-26
normal IBM SPSS SamplePower C1Tab ActiveX Heap
windows/browser/ibm_tivoli_pme_activex_bof
2012-03-01
normal IBM Tivoli Provisioning Manager Express fo
windows/browser/ibmegath_getxmlvalue
2009-03-24
normal IBM Access Support ActiveX Control Buffer O
windows/browser/ibmlotusdomino_dwa_uploadmodule
2007-12-20
normal IBM Lotus Domino Web Access Uploa
windows/browser/ie_cbutton_uaf
2012-12-27
normal MS13-008 Microsoft Internet Explorer CButton Ob
windows/browser/ie_cgenericelement_uaf
2013-05-03
good
MS13-038 Microsoft Internet Explorer CGener
windows/browser/ie_createobject
2006-04-11
excellent MS06-014 Microsoft Internet Explorer COM Creat
windows/browser/ie_execcommand_uaf
2012-09-14
good
MS12-063 Microsoft Internet Explorer execCo
windows/browser/ie_iscomponentinstalled
2006-02-24
normal Microsoft Internet Explorer isComponentInstal
windows/browser/ie_setmousecapture_uaf
2013-09-17
normal MS13-080 Microsoft Internet Explorer SetMo
windows/browser/ie_unsafe_scripting
2010-09-20
excellent Microsoft Internet Explorer Unsafe Scripting Mis
windows/browser/imgeviewer_tifmergemultifiles
2010-03-03
normal Viscom Image Viewer CP Pro 8.0/Gold 6.0 A
windows/browser/indusoft_issymbol_internationalseparator
2012-04-28
normal InduSoft Web Studio ISSymbol.ocx Inte
windows/browser/inotes_dwa85w_bof
2012-06-01
normal IBM Lotus iNotes dwa85W ActiveX Buffer Ove
windows/browser/intrust_annotatex_add
2012-03-28
average Quest InTrust Annotation Objects Uninitialized
windows/browser/java_basicservice_impl
2010-10-12
excellent Sun Java Web Start BasicServiceImpl Code E
windows/browser/java_cmm
2013-03-01
normal Java CMM Remote Code Execution
windows/browser/java_codebase_trust
2011-02-15
excellent Sun Java Applet2ClassLoader Remote Code E
windows/browser/java_docbase_bof
2010-10-12
great
Sun Java Runtime New Plugin docbase Buffer O
windows/browser/java_mixer_sequencer
2010-03-30
great
Java MixerSequencer Object GM_Song Struct
windows/browser/java_ws_arginject_altjvm
2010-04-09
excellent Sun Java Web Start Plugin Command Line A
windows/browser/java_ws_double_quote
2012-10-16
excellent Sun Java Web Start Double Quote Injection
windows/browser/java_ws_vmargs
2012-02-14
excellent Sun Java Web Start Plugin Command Line Arg
windows/browser/juniper_sslvpn_ive_setupdll
2006-04-26
normal Juniper SSL-VPN IVE JuniperSetupDLL.dll A
windows/browser/kazaa_altnet_heap
2007-10-03
normal Kazaa Altnet Download Manager ActiveX Cont
windows/browser/keyhelp_launchtripane_exec
2012-06-26
excellent KeyHelp ActiveX LaunchTriPane Remote C
windows/browser/logitechvideocall_start
2007-05-31
normal Logitech VideoCall ActiveX Control Buffer Over
windows/browser/lpviewer_url
2008-10-06
normal iseemedia / Roxio / MGI Software LPViewer Active
windows/browser/macrovision_downloadandexecute
2007-10-31
normal Macrovision InstallShield Update Servic
windows/browser/macrovision_unsafe
2007-10-20
excellent Macrovision InstallShield Update Service Activ
windows/browser/maxthon_history_xcs
2012-11-26
excellent Maxthon3 about:history XCS Trusted Zone Co
windows/browser/mcafee_mcsubmgr_vsprintf
2006-08-01
normal McAfee Subscription Manager Stack Buffe
windows/browser/mcafee_mvt_exec
2012-04-30
excellent McAfee Virtual Technician MVTControl 6.3.0.1
windows/browser/mcafeevisualtrace_tracetarget
2007-07-07
normal McAfee Visual Trace ActiveX Control Buffe
windows/browser/mirc_irc_url
2003-10-13
normal mIRC IRC URL Buffer Overflow
windows/browser/mozilla_attribchildremoved
2011-12-06
average Firefox 8/9 AttributeChildRemoved() Use-Aft
windows/browser/mozilla_firefox_onreadystatechange
2013-06-25
normal Firefox onreadystatechange Event Docu
windows/browser/mozilla_firefox_xmlserializer
2013-01-08
normal Firefox XMLSerializer Use After Free
windows/browser/mozilla_interleaved_write
2010-10-25
normal Mozilla Firefox Interleaved document.write/app
windows/browser/mozilla_mchannel
2011-05-10
normal Mozilla Firefox 3.6.16 mChannel Use-After-Free
windows/browser/mozilla_nssvgvalue
2011-12-06
average Firefox nsSVGValue Out-of-Bounds Access Vu
windows/browser/mozilla_nstreerange
2011-02-02
normal Mozilla Firefox "nsTreeRange" Dangling Pointe
windows/browser/mozilla_reduceright
2011-06-21
normal Mozilla Firefox Array.reduceRight() Integer Over
windows/browser/ms03_020_ie_objecttype
2003-06-04
normal MS03-020 Microsoft Internet Explorer Objec
windows/browser/ms05_054_onload
2005-11-21
normal MS05-054 Microsoft Internet Explorer JavaScr
windows/browser/ms06_001_wmf_setabortproc
2005-12-27
great
Windows XP/2003/Vista Metafile Escape()
Page 13
Sheet1
windows/browser/ms06_013_createtextrange
2006-03-19
normal MS06-013 Microsoft Internet Explorer creat
windows/browser/ms06_055_vml_method
2006-09-19
normal MS06-055 Microsoft Internet Explorer VML
windows/browser/ms06_057_webview_setslice
2006-07-17
normal MS06-057 Microsoft Internet Explorer We
windows/browser/ms06_067_keyframe
2006-11-14
normal MS06-067 Microsoft Internet Explorer Daxctle
windows/browser/ms06_071_xml_core
2006-10-10
normal MS06-071 Microsoft Internet Explorer XML C
windows/browser/ms07_017_ani_loadimage_chunksize
2007-03-28
great
Windows ANI LoadAniIcon() Chunk Siz
windows/browser/ms08_041_snapshotviewer
2008-07-07
excellent Snapshot Viewer for Microsoft Access Act
windows/browser/ms08_053_mediaencoder
2008-09-09
normal Windows Media Encoder 9 wmex.dll Active
windows/browser/ms08_070_visual_studio_msmask
2008-08-13
normal Microsoft Visual Studio Mdmask32.ocx
windows/browser/ms08_078_xml_corruption
2008-12-07
normal MS08-078 Microsoft Internet Explorer Data
windows/browser/ms09_002_memory_corruption
2009-02-10
normal MS09-002 Microsoft Internet Explorer 7 C
windows/browser/ms09_043_owc_htmlurl
2009-08-11
normal Microsoft OWC Spreadsheet HTMLURL Buf
windows/browser/ms09_043_owc_msdso
2009-07-13
normal Microsoft OWC Spreadsheet msDataSourc
windows/browser/ms09_072_style_object
2009-11-20
normal MS09-072 Microsoft Internet Explorer Style g
windows/browser/ms10_002_aurora
2010-01-14
normal MS10-002 Microsoft Internet Explorer "Aurora"
windows/browser/ms10_002_ie_object
2010-01-21
normal MS10-002 Microsoft Internet Explorer Object M
windows/browser/ms10_018_ie_behaviors
2010-03-09
good
MS10-018 Microsoft Internet Explorer DHTM
windows/browser/ms10_018_ie_tabular_activex
2010-03-09
good
MS10-018 Microsoft Internet Explorer Tabu
windows/browser/ms10_022_ie_vbscript_winhlp32
2010-02-26
great
MS10-022 Microsoft Internet Explorer Win
windows/browser/ms10_026_avi_nsamplespersec
2010-04-13
normal MS10-026 Microsoft MPEG Layer-3 Aud
windows/browser/ms10_042_helpctr_xss_cmd_exec
2010-06-09
excellent Microsoft Help Center XSS and Comm
windows/browser/ms10_046_shortcut_icon_dllloader
2010-07-16
excellent Microsoft Windows Shell LNK Code Exe
windows/browser/ms10_090_ie_css_clip
2010-11-03
good
MS10-090 Microsoft Internet Explorer CSS Se
windows/browser/ms11_003_ie_css_import
2010-11-29
good
MS11-003 Microsoft Internet Explorer CSS R
windows/browser/ms11_050_mshtml_cobjectelement
2011-06-16
normal MS11-050 IE mshtml!CObjectElement
windows/browser/ms11_081_option
2012-10-11
normal MS11-081 Microsoft Internet Explorer Option E
windows/browser/ms11_093_ole32
2011-12-13
normal MS11-093 Microsoft Windows OLE Object File
windows/browser/ms12_004_midi
2012-01-10
normal MS12-004 midiOutPlayNextPolyEvent Heap Ov
windows/browser/ms12_037_ie_colspan
2012-06-12
normal MS12-037 Microsoft Internet Explorer Fixed T
windows/browser/ms12_037_same_id
2012-06-12
normal MS12-037 Microsoft Internet Explorer Same I
windows/browser/ms13_009_ie_slayoutrun_uaf
2013-02-13
average MS13-009 Microsoft Internet Explorer SLa
windows/browser/ms13_022_silverlight_script_object
2013-03-12
normal MS12-022 Microsoft Silverlight ScriptObje
windows/browser/ms13_037_svg_dashstyle
2013-03-06
normal MS13-037 Microsoft Internet Explorer COA
windows/browser/ms13_055_canchor
2013-07-09
normal MS13-055 Microsoft Internet Explorer CAncho
windows/browser/ms13_059_cflatmarkuppointer
2013-06-27
normal MS13-059 Microsoft Internet Explorer CFl
windows/browser/ms13_069_caret
2013-09-10
normal MS13-069 Microsoft Internet Explorer CCaret U
windows/browser/ms13_080_cdisplaypointer
2013-10-08
normal MS13-080 Microsoft Internet Explorer CDisp
windows/browser/ms13_090_cardspacesigninhelper
2013-11-08
normal MS13-090 CardSpaceClaimCollection A
windows/browser/ms14_012_cmarkup_uaf
2014-02-13
normal MS14-012 Microsoft Internet Explorer CMa
windows/browser/ms14_012_textrange
2014-03-11
normal MS14-012 Microsoft Internet Explorer TextRa
windows/browser/msvidctl_mpeg2
2009-07-05
normal Microsoft DirectShow (msvidctl.dll) MPEG-2 Me
windows/browser/mswhale_checkforupdates
2009-04-15
normal Microsoft Whale Intelligent Application Gate
windows/browser/msxml_get_definition_code_exec
2012-06-12
good
MS12-043 Microsoft XML Core Services M
windows/browser/nctaudiofile2_setformatlikesample
2007-01-24
normal NCTAudioFile2 v2.x ActiveX Control SetF
windows/browser/nis2004_antispam
2004-03-19
normal Norton AntiSpam 2004 SymSpamHelper Active
windows/browser/nis2004_get
2007-05-16
normal Symantec Norton Internet Security 2004 ActiveX C
windows/browser/notes_handler_cmdinject
2012-06-18
excellent IBM Lotus Notes Client URL Handler Comma
windows/browser/novell_groupwise_gwcls1_actvx
2013-01-30
normal Novell GroupWise Client gwcls1.dll Active
windows/browser/novelliprint_callbackurl
2010-08-20
normal Novell iPrint Client ActiveX Control call-back-url
windows/browser/novelliprint_datetime
2009-12-08
great
Novell iPrint Client ActiveX Control Date/Time Bu
windows/browser/novelliprint_executerequest
2008-02-22
normal Novell iPrint Client ActiveX Control ExecuteR
windows/browser/novelliprint_executerequest_dbg
2010-08-04
normal Novell iPrint Client ActiveX Control Execut
windows/browser/novelliprint_getdriversettings
2008-06-16
normal Novell iPrint Client ActiveX Control Buffer Ove
windows/browser/novelliprint_getdriversettings_2
2010-11-15
normal Novell iPrint Client ActiveX Control Buffer Ov
windows/browser/novelliprint_target_frame
2009-12-08
great
Novell iPrint Client ActiveX Control target-frame
Page 14
Sheet1
windows/browser/ntr_activex_check_bof
2012-01-11
normal NTR ActiveX Control Check() Method Buffer O
windows/browser/ntr_activex_stopmodule
2012-01-11
normal NTR ActiveX Control StopModule() Remote C
windows/browser/oracle_autovue_setmarkupmode
2012-04-18
normal Oracle AutoVue ActiveX Control SetMar
windows/browser/oracle_dc_submittoexpress
2009-08-28
normal Oracle Document Capture 10g ActiveX Con
windows/browser/oracle_webcenter_checkoutandopen
2013-04-16
excellent Oracle WebCenter Content CheckOutA
windows/browser/orbit_connecting
2009-02-03
normal Orbit Downloader Connecting Log Creation Buffe
windows/browser/ovftool_format_string
2012-11-08
normal VMWare OVF Tools Format String Vulnerability
windows/browser/pcvue_func
2011-10-05
average PcVue 10.0 SV.UIGrdCtrl.1 'LoadObject()/SaveO
windows/browser/persits_xupload_traversal
2009-09-29
excellent Persits XUpload ActiveX MakeHttpRequest D
windows/browser/quickr_qp2_bof
2012-05-23
normal IBM Lotus QuickR qp2 ActiveX Buffer Overflow
windows/browser/real_arcade_installerdlg
2011-04-03
normal Real Networks Arcade Games StubbyUtil.Proc
windows/browser/realplayer_cdda_uri
2010-11-15
normal RealNetworks RealPlayer CDDA URI Initializati
windows/browser/realplayer_console
2008-03-08
normal RealPlayer rmoc3260.dll ActiveX Control Heap
windows/browser/realplayer_import
2007-10-18
normal RealPlayer ierpplug.dll ActiveX Control Playlist N
windows/browser/realplayer_qcp
2011-08-16
average RealNetworks Realplayer QCP Parsing Heap Ov
windows/browser/realplayer_smil
2005-03-01
normal RealNetworks RealPlayer SMIL Buffer Overflow
windows/browser/roxio_cineplayer
2007-04-11
normal Roxio CinePlayer ActiveX Control Buffer Overflow
windows/browser/safari_xslt_output
2011-07-20
excellent Apple Safari Webkit libxslt Arbitrary File Creation
windows/browser/samsung_neti_wiewer_backuptoavi_bof
2012-04-21
normal Samsung NET-i Viewer Multiple Activ
windows/browser/sapgui_saveviewtosessionfile
2009-03-31
normal SAP AG SAPgui EAI WebViewer3D Buffer
windows/browser/siemens_solid_edge_selistctrlx
2013-05-26
normal Siemens Solid Edge ST4 SEListCtrlX Activ
windows/browser/softartisans_getdrivename
2008-08-25
normal SoftArtisans XFile FileManager ActiveX Con
windows/browser/sonicwall_addrouteentry
2007-11-01
normal SonicWall SSL-VPN NetExtender ActiveX Co
windows/browser/symantec_altirisdeployment_downloadandinstall 2009-09-09
excellent Symantec Altiris Deployment Soluti
windows/browser/symantec_altirisdeployment_runcmd
2009-11-04
normal Symantec Altiris Deployment Solution A
windows/browser/symantec_appstream_unsafe
2009-01-15
excellent Symantec AppStream LaunchObj ActiveX
windows/browser/symantec_backupexec_pvcalendar
2008-02-28
normal Symantec BackupExec Calendar Contr
windows/browser/symantec_consoleutilities_browseandsavefile 2009-11-02
normal Symantec ConsoleUtilities ActiveX C
windows/browser/synactis_connecttosynactis_bof
2013-05-30
normal Synactis PDF In-The-Box ConnectToSyna
windows/browser/systemrequirementslab_unsafe
2008-10-16
excellent Husdawg, LLC. System Requirements La
windows/browser/teechart_pro
2011-08-11
normal TeeChart Professional ActiveX Control Trusted Int
windows/browser/tom_sawyer_tsgetx71ex552
2011-05-03
normal Tom Sawyer Software GET Extension Fac
windows/browser/trendmicro_extsetowner
2010-08-25
normal Trend Micro Internet Security Pro 2010 Active
windows/browser/trendmicro_officescan
2007-02-12
normal Trend Micro OfficeScan Client ActiveX Control
windows/browser/tumbleweed_filetransfer
2008-04-07
great
Tumbleweed FileTransfer vcst_eu.dll ActiveX C
windows/browser/ubisoft_uplay_cmd_exec
2012-07-29
normal Ubisoft uplay 2.0.3 ActiveX Control Arbitrary
windows/browser/ultramjcam_openfiledig_bof
2012-03-28
normal TRENDnet SecurView Internet Camera Ultra
windows/browser/ultraoffice_httpupload
2008-08-27
good
Ultra Shareware Office Control ActiveX HttpUplo
windows/browser/verypdf_pdfview
2008-06-16
normal VeryPDF PDFView OCX ActiveX OpenPDF Hea
windows/browser/viscom_movieplayer_drawtext
2010-01-12
normal Viscom Software Movie Player Pro SDK A
windows/browser/vlc_amv
2011-03-23
good
VLC AMV Dangling Pointer Vulnerability
windows/browser/vlc_mms_bof
2012-03-15
normal VLC MMS Stream Handling Buffer Overflow
windows/browser/webdav_dll_hijacker
2010-08-18
manual WebDAV Application DLL Hijacker
windows/browser/webex_ucf_newobject
2008-08-06
good
WebEx UCF atucfobj.dll ActiveX NewObject M
windows/browser/wellintech_kingscada_kxclientdownload
2014-01-14
good
KingScada kxClientDownload.ocx Activ
windows/browser/winamp_playlist_unc
2006-01-29
great
Winamp Playlist UNC Path Computer Name Ov
windows/browser/winamp_ultravox
2008-01-18
normal Winamp Ultravox Streaming Metadata (in_mp3.
windows/browser/windvd7_applicationtype
2007-03-20
normal WinDVD7 IASystemInfo.DLL ActiveX Control
windows/browser/winzip_fileview
2007-11-02
normal WinZip FileView (WZFILEVIEW.FileViewCtrl.61) A
windows/browser/wmi_admintools
2010-12-21
great
Microsoft WMI Administration Tools ActiveX Buffe
windows/browser/xmplay_asx
2006-11-21
good
XMPlay 3.3.0.4 (ASX Filename) Buffer Overflow
windows/browser/yahoomessenger_fvcom
2007-08-30
normal Yahoo! Messenger YVerInfo.dll ActiveX Co
windows/browser/yahoomessenger_server
2007-06-05
good
Yahoo! Messenger 8.1.0.249 ActiveX Contro
windows/browser/zenturiprogramchecker_unsafe
2007-05-29
excellent Zenturi ProgramChecker ActiveX Control
windows/browser/zenworks_helplauncher_exec
2011-10-19
normal AdminStudio LaunchHelp.dll ActiveX Arbit
Page 15
Sheet1
windows/dcerpc/ms03_026_dcom
2003-07-16
great
MS03-026 Microsoft RPC DCOM Interface Over
windows/dcerpc/ms05_017_msmq
2005-04-12
good
MS05-017 Microsoft Message Queueing Servic
windows/dcerpc/ms07_029_msdns_zonename
2007-04-12
great
MS07-029 Microsoft DNS RPC Service e
2007-12-11
good
MS07-065 Microsoft Message Queueing Servic
windows/email/ms07_017_ani_loadimage_chunksize
2007-03-28
great
Windows ANI LoadAniIcon() Chunk Size
windows/email/ms10_045_outlook_ref_only
2010-06-01
excellent Outlook ATTACH_BY_REF_ONLY File Exe
windows/email/ms10_045_outlook_ref_resolve
2010-06-01
excellent Outlook ATTACH_BY_REF_RESOLVE Fil
windows/emc/alphastor_agent
2008-05-27
great
EMC AlphaStor Agent Buffer Overflow
windows/emc/alphastor_device_manager_exec
2013-01-18
excellent EMC AlphaStor Device Manager Opcode
windows/emc/networker_format_string
2012-08-29
normal EMC Networker Format String
windows/emc/replication_manager_exec
2011-02-07
great
EMC Replication Manager Command Executio
windows/fileformat/a_pdf_wav_to_mp3
2010-08-17
normal A-PDF WAV to MP3 v1.0.0 Buffer Overflow
windows/fileformat/abbs_amp_lst
2013-06-30
normal ABBS Audio Media Player .LST Buffer Overflow
windows/fileformat/acdsee_fotoslate_string
2011-09-12
good
ACDSee FotoSlate PLP File id Parameter Over
windows/fileformat/acdsee_xpm
2007-11-23
good
ACDSee XPM File Section Buffer Overflow
windows/fileformat/actfax_import_users_bof
2012-08-28
normal ActiveFax (ActFax) 4.3 Client Importer Buffer
windows/fileformat/activepdf_webgrabber
2008-08-26
low
activePDF WebGrabber ActiveX Control Buffer
windows/fileformat/adobe_collectemailinfo
2008-02-08
good
Adobe Collab.collectEmailInfo() Buffer Overflow
windows/fileformat/adobe_cooltype_sing
2010-09-07
great
Adobe CoolType SING Table "uniqueName" Sta
windows/fileformat/adobe_flashplayer_button
2010-10-28
normal Adobe Flash Player "Button" Remote Code E
windows/fileformat/adobe_flashplayer_newfunction
2010-06-04
normal Adobe Flash Player "newfunction" Invalid P
windows/fileformat/adobe_flatedecode_predictor02
2009-10-08
good
Adobe FlateDecode Stream Predictor 02 In
windows/fileformat/adobe_geticon
2009-03-24
good
windows/fileformat/adobe_illustrator_v14_eps
2009-12-03
great
Adobe Illustrator CS4 v14.0.0
windows/fileformat/adobe_jbig2decode
2009-02-19
good
Adobe JBIG2Decode Memory Corruption
windows/fileformat/adobe_libtiff
2010-02-16
good
Adobe Acrobat Bundled LibTIFF Integer Overflow
windows/fileformat/adobe_media_newplayer
2009-12-14
good
Adobe Doc.media.newPlayer Use After Free
windows/fileformat/adobe_pdf_embedded_exe
2010-03-29
excellent Adobe PDF Embedded EXE Social Engine
windows/fileformat/adobe_pdf_embedded_exe_nojs
2010-03-29
excellent Adobe PDF Escape EXE Social Enginee
windows/fileformat/adobe_reader_u3d
2011-12-06
average Adobe Reader U3D Memory Corruption Vulne
windows/fileformat/adobe_toolbutton
2013-08-08
normal Adobe Reader ToolButton Use After Free
windows/fileformat/adobe_u3d_meshdecl
2009-10-13
good
Adobe U3D CLODProgressiveMeshDeclaratio
windows/fileformat/adobe_utilprintf
2008-02-08
good
windows/fileformat/allplayer_m3u_bof
2013-10-09
normal ALLPlayer M3U Buffer Overflow
windows/fileformat/altap_salamander_pdb
2007-06-19
good
Altap Salamander 2.5 PE Viewer Buffer Overf
windows/fileformat/aol_desktop_linktag
2011-01-31
normal AOL Desktop 9.6 RTX Buffer Overflow
windows/fileformat/aol_phobos_bof
2010-01-20
average AOL 9.5 Phobos.Playlist Import() Stack-based B
windows/fileformat/apple_quicktime_pnsize
2011-08-08
good
Apple QuickTime PICT PnSize Buffer Overflow
windows/fileformat/apple_quicktime_rdrf
2013-05-22
normal Apple Quicktime 7 Invalid Atom Length Buffer O
windows/fileformat/apple_quicktime_texml
2012-05-15
normal Apple QuickTime TeXML Style Element Stack
windows/fileformat/audio_coder_m3u
2013-05-01
normal AudioCoder .M3U Buffer Overflow
windows/fileformat/audio_wkstn_pls
2009-12-08
good
Audio Workstation 6.4.2.4.3 pls Buffer Overflow
windows/fileformat/audiotran_pls
2010-01-09
good
Audiotran 1.4.1 (PLS File) Stack Buffer Overflow
windows/fileformat/audiotran_pls_1424
2010-09-09
good
Audiotran PLS File Stack Buffer Overflow
windows/fileformat/aviosoft_plf_buf
2011-11-09
good
Aviosoft Digital TV Player Professional 1.0 Stack B
windows/fileformat/bacnet_csv
2010-09-16
good
BACnet OPC Client Buffer Overflow
windows/fileformat/beetel_netconfig_ini_bof
2013-10-12
normal Beetel Connection Manager NetConfig.ini Buff
windows/fileformat/blazedvd_hdtv_bof
2012-04-03
normal BlazeVideo HDTV Player Pro v6.6 Filename Ha
windows/fileformat/blazedvd_plf
2009-08-03
good
BlazeDVD 6.1 PLF Buffer Overflow
windows/fileformat/bsplayer_m3u
2010-01-07
normal BS.Player 2.57 Buffer Overflow (Unicode SEH)
windows/fileformat/ca_cab
2007-06-05
good
CA Antivirus Engine CAB Buffer Overflow
windows/fileformat/cain_abel_4918_rdp
2008-11-30
good
Cain and Abel RDP Buffer Overflow
windows/fileformat/ccmplayer_m3u_bof
2011-11-30
good
CCMPlayer 1.5 m3u Playlist Stack Based Buffe
windows/fileformat/chasys_draw_ies_bmp_bof
2013-07-26
normal Chasys Draw IES Buffer Overflow
windows/fileformat/coolpdf_image_stream_bof
2013-01-18
normal Cool PDF Image Stream Buffer Overflow
Page 16
Sheet1
windows/fileformat/corelpdf_fusion_bof
2013-07-08
normal Corel PDF Fusion Stack Buffer Overflow
windows/fileformat/csound_getnum_bof
2012-02-23
normal Csound hetro File Handling Stack Buffer Over
windows/fileformat/cutezip_bof
2011-02-12
normal GlobalSCAPE CuteZIP Stack Buffer Overflow
windows/fileformat/cyberlink_p2g_bof
2011-09-12
great
CyberLink Power2Go name Attribute (p2g) Stack
windows/fileformat/cytel_studio_cy3
2011-10-02
good
Cytel Studio 9.0 (CY3 File) Stack Buffer Overflow
windows/fileformat/deepburner_path
2006-12-19
great
AstonSoft DeepBurner (DBR File) Path Buffer Ov
windows/fileformat/destinymediaplayer16
2009-01-03
good
Destiny Media Player 1.61 PLS M3U Buffer Ov
windows/fileformat/digital_music_pad_pls
2010-09-17
normal Digital Music Pad Version 8.2.3.3.4 Stack Buffe
windows/fileformat/djstudio_pls_bof
2009-12-30
normal DJ Studio Pro 5.1 .pls Stack Buffer Overflow
windows/fileformat/djvu_imageurl
2008-10-30
low
DjVu DjVu_ActiveX_MSOffice.dll ActiveX Compone
windows/fileformat/dvdx_plf_bof
2007-06-02
normal DVD X Player 5.5 .plf PlayList Buffer Overflow
windows/fileformat/easycdda_pls_bof
2010-06-07
normal Easy CD-DA Recorder PLS Buffer Overflow
windows/fileformat/emc_appextender_keyworks
2009-09-29
average EMC ApplicationXtender (KeyWorks) Acti
windows/fileformat/erdas_er_viewer_bof
2013-04-23
normal ERS Viewer 2011 ERS File Handling Buffer Ov
windows/fileformat/erdas_er_viewer_rf_report_error
2013-05-23
normal ERS Viewer 2013 ERS File Handling Buffe
windows/fileformat/esignal_styletemplate_bof
2011-09-06
normal eSignal and eSignal Pro File Parsing Buffer O
windows/fileformat/etrust_pestscan
2009-11-02
average CA eTrust PestPatrol ActiveX Control Buffer Ove
windows/fileformat/ezip_wizard_bof
2009-03-09
good
eZip Wizard 3.0 Stack Buffer Overflow
windows/fileformat/fatplayer_wav
2010-10-18
normal Fat Player Media Player 0.6b0 Buffer Overflow
windows/fileformat/fdm_torrent
2009-02-02
good
Free Download Manager Torrent Parsing Buffer Ove
windows/fileformat/feeddemon_opml
2009-02-09
great
FeedDemon Stack Buffer Overflow
windows/fileformat/foxit_reader_filewrite
2011-03-05
normal Foxit PDF Reader 4.2 Javascript File Write
windows/fileformat/foxit_reader_launch
2009-03-09
good
Foxit Reader 3.0 Open Execute Action Stack Bas
windows/fileformat/foxit_title_bof
2010-11-13
great
Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow
windows/fileformat/free_mp3_ripper_wav
2011-08-27
great
Free MP3 CD Ripper 1.1 WAV File Stack Buffe
windows/fileformat/galan_fileformat_bof
2009-12-07
normal gAlan 0.2.1 Buffer Overflow
windows/fileformat/gsm_sim
2010-07-07
normal GSM SIM Editor 5.15 Buffer Overflow
windows/fileformat/gta_samp
2011-09-18
normal GTA SA-MP server.cfg Buffer Overflow
windows/fileformat/hhw_hhp_compiledfile_bof
2006-02-06
good
HTML Help Workshop 4.74 (hhp Project File)
windows/fileformat/hhw_hhp_contentfile_bof
2006-02-06
good
HTML Help Workshop 4.74 (hhp Project File)
windows/fileformat/hhw_hhp_indexfile_bof
2009-01-17
good
HTML Help Workshop 4.74 (hhp Project File) B
windows/fileformat/ht_mp3player_ht3_bof
2009-06-29
good
HT-MP3Player 1.0 HT3 File Parsing Buffer Ov
windows/fileformat/ibm_forms_viewer_fontname
2013-12-05
normal IBM Forms Viewer Unicode Buffer Overflow
windows/fileformat/ibm_pcm_ws
2012-02-28
great
IBM Personal Communications iSeries Access Wo
windows/fileformat/icofx_bof
2013-12-10
normal IcoFX Stack Buffer Overflow
windows/fileformat/ideal_migration_ipj
2009-12-05
great
PointDev IDEAL Migration Buffer Overflow
windows/fileformat/irfanview_jpeg2000_bof
2012-01-16
normal Irfanview JPEG2000 jp2 Stack Buffer Overflow
windows/fileformat/ispvm_xcf_ispxcf
2012-05-16
normal Lattice Semiconductor ispVM System XCF File H
windows/fileformat/kingview_kingmess_kvl
2012-11-20
normal KingView Log File Parsing Buffer Overflow
windows/fileformat/lattice_pac_bof
2012-05-16
normal Lattice Semiconductor PAC-Designer 6.21 Symbo
windows/fileformat/lotusnotes_lzh
2011-05-24
good
Lotus Notes 8.0.x - 8.5.2 FP2 - Autonomy Keyview
windows/fileformat/magix_musikmaker_16_mmm
2011-04-26
good
Magix Musik Maker 16 .mmm Stack Buff
windows/fileformat/mcafee_hercules_deletesnapshot
2008-08-04
low
McAfee Remediation Client ActiveX Contro
windows/fileformat/mcafee_showreport_exec
2012-01-12
normal McAfee SaaS MyCioScan ShowReport Rem
windows/fileformat/mediacoder_m3u
2013-06-24
normal MediaCoder .M3U Buffer Overflow
windows/fileformat/mediajukebox
2009-07-01
normal Media Jukebox 8.0.400 Buffer Overflow (SEH)
windows/fileformat/microp_mppl
2010-08-23
great
MicroP 0.1.1.1600 (MPPL File) Stack Buffer Overflo
windows/fileformat/millenium_mp3_pls
2009-07-30
great
Millenium MP3 Studio 2.0 (PLS File) Stack Buffe
windows/fileformat/mini_stream_pls_bof
2010-07-16
great
Mini-Stream RM-MP3 Converter v3.1.2.1 PLS F
windows/fileformat/mjm_coreplayer2011_s3m
2011-04-30
good
MJM Core Player 2011 .s3m Stack Buffer O
windows/fileformat/mjm_quickplayer_s3m
2011-04-30
good
MJM QuickPlayer 1.00 Beta 60a / QuickPlaye
windows/fileformat/moxa_mediadbplayback
2010-10-19
average MOXA MediaDBPlayback ActiveX Control B
windows/fileformat/mplayer_m3u_bof
2011-03-19
average MPlayer Lite M3U Buffer Overflow
windows/fileformat/mplayer_sami_bof
2011-05-19
normal MPlayer SAMI Subtitle File Buffer Overflow
windows/fileformat/ms09_067_excel_featheader
2009-11-10
good
MS09-067 Microsoft Excel Malformed FEAT
Page 17
Sheet1
windows/fileformat/ms10_004_textbytesatom
2010-02-09
good
MS10-004 Microsoft PowerPoint Viewer Tex
windows/fileformat/ms10_038_excel_obj_bof
2010-06-08
normal MS11-038 Microsoft Office Excel Malformed
windows/fileformat/ms10_087_rtf_pfragments_bof
2010-11-09
great
MS10-087 Microsoft Word RTF pFragment
windows/fileformat/ms11_006_createsizeddibsection
2010-12-15
great
MS11-006 Microsoft Windows CreateSized
windows/fileformat/ms11_021_xlb_bof
2011-08-09
normal MS11-021 Microsoft Office 2007 Excel .xlb Buf
windows/fileformat/ms12_005
2012-01-10
excellent MS12-005 Microsoft Office ClickOnce Unsafe Obje
windows/fileformat/ms12_027_mscomctl_bof
2012-04-10
average MS12-027 MSCOMCTL ActiveX Buffer Ov
windows/fileformat/ms13_071_theme
2013-09-10
excellent MS13-071 Microsoft Windows Theme File Han
windows/fileformat/ms14_017_rtf
2014-04-01
normal MS14-017 Microsoft Word RTF Object Confusion
windows/fileformat/ms14_060_sandworm
2014-10-14
excellent MS14-060 Microsoft Windows OLE Package
windows/fileformat/ms_visual_basic_vbp
2007-09-04
good
Microsoft Visual Basic VBP Buffer Overflow
windows/fileformat/mswin_tiff_overflow
2013-11-05
average MS13-096 Microsoft Tagged Image File Format
windows/fileformat/msworks_wkspictureinterface
2008-11-28
low
Microsoft Works 7 WkImgSrv.dll WKsPicture
windows/fileformat/mymp3player_m3u
2010-03-18
good
Steinberg MyMP3Player 3.0 Buffer Overflow
windows/fileformat/netop
2011-04-28
normal NetOp Remote Control Client 9.5 Buffer Overflow
windows/fileformat/nuance_pdf_launch_overflow
2010-10-08
great
Nuance PDF Reader v6.0 Launch Stack Bu
windows/fileformat/openoffice_ole
2008-04-17
normal OpenOffice OLE Importer DocumentSummaryInfo
windows/fileformat/orbit_download_failed_bof
2008-04-03
normal Orbit Downloader URL Unicode Conversion O
windows/fileformat/orbital_viewer_orb
2010-02-27
great
Orbital Viewer ORB File Parsing Buffer Overflow
windows/fileformat/ovf_format_string
2012-11-08
normal VMWare OVF Tools Format String Vulnerability
windows/fileformat/proshow_cellimage_bof
2009-08-20
great
ProShow Gold v4.0.2549 (PSH File) Stack Buf
windows/fileformat/proshow_load_bof
2012-06-06
normal Photodex ProShow Producer 5.0.3256 load File
windows/fileformat/real_networks_netzip_bof
2011-01-30
good
Real Networks Netzip Classic 7.5.1 86 File Pa
windows/fileformat/real_player_url_property_bof
2012-12-14
normal RealPlayer RealMedia File Handling Buffer O
windows/fileformat/realplayer_ver_attribute_bof
2013-12-20
normal RealNetworks RealPlayer Version Attribute B
windows/fileformat/safenet_softremote_groupname
2009-10-30
good
SafeNet SoftRemote GROUPNAME Buffe
windows/fileformat/sascam_get
2008-12-29
low
SasCam Webcam Server v.2.6.5 Get() Method Buff
windows/fileformat/scadaphone_zip
2011-09-12
good
ScadaTEC ScadaPhone Stack Buffer Overflow
windows/fileformat/shadow_stream_recorder_bof
2010-03-29
normal Shadow Stream Recorder 3.0.1.7 Buffer O
windows/fileformat/somplplayer_m3u
2010-01-22
great
S.O.M.P.L 1.0 Player Buffer Overflow
windows/fileformat/subtitle_processor_m3u_bof
2011-04-26
normal Subtitle Processor 7.7.1 .M3U SEH Unicode
windows/fileformat/tfm_mmplayer_m3u_ppl_bof
2012-03-23
good
TFM MMPlayer (m3u/ppl File) Buffer Overf
windows/fileformat/total_video_player_ini_bof
2013-11-24
normal Total Video Player 1.3.1 (Settings.ini) - SEH B
windows/fileformat/tugzip
2008-10-28
good
TugZip 3.5 Zip File Parsing Buffer Overflow Vulnerabil
windows/fileformat/ultraiso_ccd
2009-04-03
great
UltraISO CCD File Parsing Buffer Overflow
windows/fileformat/ultraiso_cue
2007-05-24
great
UltraISO CUE File Parsing Buffer Overflow
windows/fileformat/ursoft_w32dasm
2005-01-24
good
URSoft W32Dasm Disassembler Function Buffer
windows/fileformat/varicad_dwb
2010-03-17
great
VariCAD 2010-2.05 EN (DWB File) Stack Buffer Ov
windows/fileformat/videolan_tivo
2008-10-22
good
VideoLAN VLC TiVo Buffer Overflow
windows/fileformat/videospirit_visprj
2011-04-11
good
VeryTools Video Spirit Pro
windows/fileformat/visio_dxf_bof
2010-05-04
good
Microsoft Office Visio VISIODWG.DLL DXF File Ha
windows/fileformat/visiwave_vwr_type
2011-05-20
great
VisiWave VWR File Parsing Vulnerability
windows/fileformat/vlc_modplug_s3m
2011-04-07
average VideoLAN VLC ModPlug ReadS3M Stack Buff
windows/fileformat/vlc_realtext
2008-11-05
good
VLC Media Player RealText Subtitle Overflow
windows/fileformat/vlc_smb_uri
2009-06-24
great
VideoLAN Client (VLC) Win32 smb:// URI Buffer Ov
windows/fileformat/vlc_webm
2011-01-31
good
VideoLAN VLC MKV Memory Corruption
windows/fileformat/vuplayer_cue
2009-08-18
good
VUPlayer CUE Buffer Overflow
windows/fileformat/vuplayer_m3u
2009-08-18
good
VUPlayer M3U Buffer Overflow
windows/fileformat/winamp_maki_bof
2009-05-20
normal Winamp MAKI Buffer Overflow
windows/fileformat/winrar_name_spoofing
2009-09-28
excellent WinRAR Filename Spoofing
windows/fileformat/wireshark_mpeg_overflow
2014-03-20
good
Wireshark wiretap/mpeg.c Stack Buffer Over
windows/fileformat/wireshark_packet_dect
2011-04-18
good
Wireshark packet-dect.c Stack Buffer Overflow
windows/fileformat/wm_downloader_m3u
2010-07-28
normal WM Downloader 3.1.2.2 Buffer Overflow
windows/fileformat/xenorate_xpl_bof
2009-08-19
great
Xenorate 2.50 (.xpl) Universal Local Buffer Overflo
windows/fileformat/xion_m3u_sehbof
2010-11-23
great
Xion Audio Player 1.0.126 Unicode Stack Buffer
Page 18
Sheet1
windows/fileformat/xradio_xrl_sehbof
windows/fileformat/zinfaudioplayer221_pls
windows/firewall/blackice_pam_icq
windows/firewall/kerio_auth
windows/ftp/32bitftp_list_reply
windows/ftp/3cdaemon_ftp_user
windows/ftp/aasync_list_reply
windows/ftp/ability_server_stor
windows/ftp/absolute_ftp_list_bof
windows/ftp/cesarftp_mkd
windows/ftp/comsnd_ftpd_fmtstr
windows/ftp/dreamftp_format
windows/ftp/easyfilesharing_pass
windows/ftp/easyftp_cwd_fixret
windows/ftp/easyftp_list_fixret
windows/ftp/easyftp_mkd_fixret
windows/ftp/filecopa_list_overflow
windows/ftp/filewrangler_list_reply
windows/ftp/freefloatftp_user
windows/ftp/freefloatftp_wbem
windows/ftp/freeftpd_pass
windows/ftp/freeftpd_user
windows/ftp/ftpgetter_pwd_reply
windows/ftp/ftppad_list_reply
windows/ftp/ftpshell51_pwd_reply
windows/ftp/ftpsynch_list_reply
windows/ftp/gekkomgr_list_reply
windows/ftp/globalscapeftp_input
windows/ftp/goldenftp_pass_bof
windows/ftp/httpdx_tolog_format
windows/ftp/leapftp_list_reply
windows/ftp/leapftp_pasv_reply
windows/ftp/ms09_053_ftpd_nlst
windows/ftp/netterm_netftpd_user
windows/ftp/odin_list_reply
windows/ftp/open_ftpd_wbem
windows/ftp/oracle9i_xdb_ftp_pass
windows/ftp/oracle9i_xdb_ftp_unlock
windows/ftp/pcman_stor
windows/ftp/proftp_banner
windows/ftp/quickshare_traversal_write
windows/ftp/ricoh_dl_bof
windows/ftp/sami_ftpd_list
windows/ftp/sami_ftpd_user
windows/ftp/sasser_ftpd_port
windows/ftp/scriptftp_list
windows/ftp/seagull_list_reply
windows/ftp/servu_chmod
windows/ftp/servu_mdtm
windows/ftp/slimftpd_list_concat
windows/ftp/trellian_client_pasv
windows/ftp/turboftp_port
windows/ftp/vermillion_ftpd_port
windows/ftp/warftpd_165_pass
windows/ftp/warftpd_165_user
2011-02-08
normal xRadio 0.95b Buffer Overflow
2004-09-24
good
Zinf Audio Player 2.2.1 (PLS File) Stack Buffer
2004-03-18
great
ISS PAM.dll ICQ Parser Buffer Overflow
2003-04-28
average Kerio Firewall 2.1.4 Authentication Packet Overflow
2010-10-12
good
32bit FTP Client Stack Buffer Overflow
2005-01-04
average 3Com 3CDaemon 2.0 FTP Username Overflow
2010-10-12
good
AASync v2.2.1.0 (Win32) Stack Buffer Overflow (LIS
2004-10-22
normal Ability Server 2.34 STOR Command Stack Buffer O
2011-11-09
normal AbsoluteFTP 1.9.6 - 2.2.10 LIST Command Remot
2006-06-12
average Cesar FTP 0.99g MKD Command Buffer Overflow
2012-06-08
good
ComSndFTP v1.3.7 Beta USER Format String (W
2004-03-03
good
BolinTech Dream FTP Server 1.02 Format String
2006-07-31
average Easy File Sharing FTP Server 2.0 PASS Overflow
2010-02-16
great
EasyFTP Server CWD Command Stack Buffer Over
2010-07-05
great
EasyFTP Server LIST Command Stack Buffer Overflo
2010-04-04
great
EasyFTP Server MKD Command Stack Buffer Over
2006-07-19
average FileCopa FTP Server Pre 18 Jul Version
2010-10-12
good
FileWrangler 5.30 Stack Buffer Overflow
2012-06-12
normal Free Float FTP Server USER Command Buffer Over
2012-12-07
excellent FreeFloat FTP Server Arbitrary File Upload
2013-08-20
normal freeFTPd PASS Command Buffer Overflow
2005-11-16
average freeFTPd 1.0 Username Overflow
2010-10-12
good
FTPGetter Standard v3.55.0.05 Stack Buffer Overf
2010-10-12
good
FTPPad 1.2.0 Stack Buffer Overflow
2010-10-12
good
FTPShell 5.1 Stack Buffer Overflow
2010-10-12
good
FTP Synchronizer Professional 4.0.73.274 Stack Bu
2010-10-12
good
Gekko Manager FTP Client Stack Buffer Overflow
2005-05-01
great
GlobalSCAPE Secure FTP Server Input Overflow
2011-01-23
average GoldenFTP PASS Stack Buffer Overflow
2009-11-17
great
HTTPDX tolog() Function Format String Vulnerabilit
2010-10-12
good
LeapFTP 3.0.1 Stack Buffer Overflow
2003-06-09
normal LeapWare LeapFTP v2.7.3.600 PASV Reply Clien
2009-08-31
great
MS09-053 Microsoft IIS FTP Server NLST Respon
2005-04-26
great
NetTerm NetFTPD USER Buffer Overflow
2010-10-12
good
Odin Secure FTP 4.1 Stack Buffer Overflow (LIST)
2012-06-18
excellent Open-FTPD 1.2 Arbitrary File Upload
2003-08-18
great
Oracle 9i XDB FTP PASS Overflow (win32)
2003-08-18
great
Oracle 9i XDB FTP UNLOCK Overflow (win32)
2013-06-27
normal PCMAN FTP Server Post-Authentication STOR Com
2009-08-25
normal ProFTP 2.9 Banner Remote Buffer Overflow
2011-02-03
excellent QuickShare File Server 1.2.1 Directory Traversa
2012-03-01
normal Ricoh DC DL-10 SR10 FTP USER Command Buffer O
2013-02-27
low
Sami FTP Server LIST Command Buffer Overflow
2006-01-24
normal KarjaSoft Sami FTP Server v2.02 USER Overflow
2004-05-10
average Sasser Worm avserve FTP PORT Buffer Overflow
2011-10-12
good
ScriptFTP LIST Remote Buffer Overflow
2010-10-12
good
Seagull FTP v3.3 Build 409 Stack Buffer Overflow
2004-12-31
normal Serv-U FTP Server Buffer Overflow
2004-02-26
good
Serv-U FTPD MDTM Overflow
2005-07-21
great
SlimFTPd LIST Concatenation Overflow
2010-04-11
normal Trellian FTP Client 3.01 PASV Remote Buffer Over
2012-10-03
great
Turbo FTP Server 1.30.823 PORT Overflow
2009-09-23
great
Vermillion FTP Daemon PORT Command Memory C
1998-03-19
average War-FTPD 1.65 Password Overflow
1998-03-19
average War-FTPD 1.65 Username Overflow
Page 19
Sheet1
windows/ftp/wftpd_size
2006-08-23
average Texas Imperial Software WFTPD 3.23 SIZE Overflow
windows/ftp/wing_ftp_admin_exec
2014-06-19
normal Wing FTP Server Authenticated Command Exec
windows/ftp/wsftp_server_503_mkd
2004-11-29
great
WS-FTP Server 5.03 MKD Overflow
windows/ftp/wsftp_server_505_xmd5
2006-09-14
average Ipswitch WS_FTP Server 5.05 XMD5 Overflow
windows/ftp/xftp_client_pwd
2010-04-22
normal Xftp FTP Client 3.0 PWD Remote Buffer Overflow
windows/ftp/xlink_client
2009-10-03
normal Xlink FTP Client Buffer Overflow
windows/ftp/xlink_server
2009-10-03
good
Xlink FTP Server Buffer Overflow
windows/games/mohaa_getinfo
2004-07-17
great
Medal of Honor Allied Assault getinfo Stack Buffe
windows/games/racer_503beta5
2008-08-10
great
Racer v0.5.3 Beta 5 Buffer Overflow
windows/games/ut2004_secure
2004-06-18
good
Unreal Tournament 2004 "secure" Overflow (Win
windows/http/adobe_robohelper_authbypass
2009-09-23
excellent Adobe RoboHelp Server 8 Arbitrary File Up
windows/http/altn_securitygateway
2008-06-02
average Alt-N SecurityGateway username Buffer Overflow
windows/http/altn_webadmin
2003-06-24
average Alt-N WebAdmin USER Buffer Overflow
windows/http/amlibweb_webquerydll_app
2010-08-03
normal Amlibweb NetOpacs webquery.dll Stack Buff
windows/http/apache_chunked
2002-06-19
good
Apache Win32 Chunked Encoding
windows/http/apache_mod_rewrite_ldap
2006-07-28
great
Apache Module mod_rewrite LDAP Protocol Bu
windows/http/apache_modjk_overflow
2007-03-02
great
Apache mod_jk 1.2.20 Buffer Overflow
windows/http/avaya_ccr_imageupload_exec
2012-06-28
excellent Avaya IP Office Customer Call Reporter Im
windows/http/badblue_ext_overflow
2003-04-20
great
BadBlue 2.5 EXT.dll Buffer Overflow
windows/http/badblue_passthru
2007-12-10
great
BadBlue 2.72b PassThru Buffer Overflow
windows/http/bea_weblogic_jsessionid
2009-01-13
good
BEA WebLogic JSESSIONID Cookie Value Ove
windows/http/bea_weblogic_post_bof
2008-07-17
great
Oracle Weblogic Apache Connector POST Requ
windows/http/bea_weblogic_transfer_encoding
2008-09-09
great
BEA Weblogic Transfer-Encoding Buffer Ove
windows/http/belkin_bulldog
2009-03-08
average Belkin Bulldog Plus Web Service Buffer Overflow
windows/http/ca_arcserve_rpc_authbypass
2011-07-25
excellent CA Arcserve D2D GWT RPC Credential Info
windows/http/ca_igateway_debug
2005-10-06
average CA iTechnology iGateway Debug Mode Buffer O
windows/http/ca_totaldefense_regeneratereports
2011-04-13
excellent CA Total Defense Suite reGenerateReports
windows/http/cogent_datahub_command
2014-04-29
manual Cogent DataHub Command Injection
windows/http/cogent_datahub_request_headers_bof
2013-07-26
normal Cogent DataHub HTTP Server Buffer Ov
windows/http/coldfusion_fckeditor
2009-07-03
excellent ColdFusion 8.0.1 Arbitrary File Upload and Execut
windows/http/cyclope_ess_sqli
2012-08-08
excellent Cyclope Employee Surveillance Solution v6 SQL In
windows/http/desktopcentral_file_upload
2013-11-11
excellent ManageEngine Desktop Central AgentLogUplo
windows/http/desktopcentral_statusupdate_upload
2014-08-31
excellent ManageEngine Desktop Central StatusUp
windows/http/easyftp_list
2010-02-18
great
EasyFTP Server list.html path Stack Buffer Overflow
windows/http/edirectory_host
2006-10-21
great
Novell eDirectory NDS Server Host Header Overflow
windows/http/edirectory_imonitor
2005-08-11
great
eDirectory 8.7.3 iMonitor Remote Stack Buffer Over
windows/http/efs_easychatserver_username
2007-08-14
great
EFS Easy Chat Server Authentication Reque
windows/http/efs_fmws_userid_bof
2014-05-20
normal Easy File Management Web Server Stack Buffe
windows/http/ektron_xslt_exec
2012-10-16
excellent Ektron 8.02 XSLT Transform Remote Code Execut
windows/http/ericom_access_now_bof
2014-06-02
normal Ericom AccessNow Server Buffer Overflow
windows/http/ezserver_http
2012-06-18
excellent EZHomeTech EzServer Stack Buffer Overflow Vulne
windows/http/fdm_auth_header
2009-02-02
great
Free Download Manager Remote Control Server B
windows/http/hp_autopass_license_traversal
2014-01-10
great
HP AutoPass License Server File Upload
windows/http/hp_imc_bims_upload
2013-10-08
excellent HP Intelligent Management Center BIMS Uploa
windows/http/hp_imc_mibfileupload
2013-03-07
great
HP Intelligent Management Center Arbitrary File U
windows/http/hp_loadrunner_copyfiletoserver
2013-10-30
excellent HP LoadRunner EmulationAdmin Web Servi
windows/http/hp_mpa_job_acct
2011-12-21
excellent HP Managed Printing Administration jobAcct Rem
windows/http/hp_nnm_getnnmdata_hostname
2010-05-11
great
HP OpenView Network Node Manager get
windows/http/hp_nnm_getnnmdata_icount
2010-05-11
great
HP OpenView Network Node Manager getnnm
windows/http/hp_nnm_getnnmdata_maxage
2010-05-11
great
HP OpenView Network Node Manager getn
windows/http/hp_nnm_nnmrptconfig_nameparams
2011-01-10
normal HP OpenView NNM nnmRptConfig nam
windows/http/hp_nnm_nnmrptconfig_schdparams
2011-01-10
normal HP OpenView NNM nnmRptConfig.exe s
windows/http/hp_nnm_openview5
2007-12-06
great
HP OpenView Network Node Manager OpenView
windows/http/hp_nnm_ovalarm_lang
2009-12-09
great
HP OpenView Network Node Manager ovalarm.
windows/http/hp_nnm_ovas
2008-04-02
good
HP OpenView NNM 7.53, 7.51 OVAS.EXE Pre-Aut
Page 20
Sheet1
windows/http/hp_nnm_ovbuildpath_textfile
2011-11-01
normal HP OpenView Network Node Manager ov.dll _
windows/http/hp_nnm_ovwebhelp
2009-12-09
great
HP OpenView Network Node Manager OvWebH
windows/http/hp_nnm_ovwebsnmpsrv_main
2010-06-16
great
HP OpenView Network Node Manager ovw
windows/http/hp_nnm_ovwebsnmpsrv_ovutil
2010-06-16
great
HP OpenView Network Node Manager ovwe
windows/http/hp_nnm_ovwebsnmpsrv_uro
2010-06-08
great
HP OpenView Network Node Manager ovwe
windows/http/hp_nnm_snmp
2009-12-09
great
HP OpenView Network Node Manager Snmp.exe C
windows/http/hp_nnm_snmpviewer_actapp
2010-05-11
great
HP OpenView Network Node Manager snmp
windows/http/hp_nnm_toolbar_01
2009-01-07
great
HP OpenView Network Node Manager Toolbar.ex
2009-01-21
normal HP OpenView Network Node Manager Toolbar.e
windows/http/hp_nnm_webappmon_execvp
2010-07-20
great
HP OpenView Network Node Manager exe
windows/http/hp_nnm_webappmon_ovjavalocale
2010-08-03
great
HP NNM CGI webappmon.exe OvJavaLo
windows/http/hp_openview_insight_backdoor
2011-01-31
excellent HP OpenView Performance Insight Server B
windows/http/hp_pcm_snac_update_certificates
2013-09-09
excellent HP ProCurve Manager SNAC UpdateCerti
windows/http/hp_pcm_snac_update_domain
2013-09-09
excellent HP ProCurve Manager SNAC UpdateDom
windows/http/hp_power_manager_filename
2011-10-19
normal HP Power Manager 'formExportDataLogs' B
windows/http/hp_power_manager_login
2009-11-04
average Hewlett-Packard Power Manager Administrat
windows/http/hp_sitescope_runomagentcommand
2013-07-29
manual HP SiteScope Remote Code Execution
windows/http/httpdx_handlepeer
2009-10-08
great
HTTPDX h_handlepeer() Function Buffer Overflow
windows/http/httpdx_tolog_format
2009-11-17
great
HTTPDX tolog() Function Format String Vulnerabili
windows/http/ia_webmail
2003-11-03
average IA WebMail 3.x Buffer Overflow
windows/http/ibm_tivoli_endpoint_bof
2011-05-31
good
IBM Tivoli Endpoint Manager POST Query Buffer
windows/http/ibm_tpmfosd_overflow
2007-05-02
good
IBM TPM for OS Deployment 5.1.0.x rembo.exe
windows/http/ibm_tsm_cad_header
2007-09-24
good
IBM Tivoli Storage Manager Express CAD Serv
windows/http/icecast_header
2004-09-28
great
Icecast Header Overwrite
windows/http/integard_password_bof
2010-09-07
great
Race River Integard Home/Pro LoginAdmin Pass
windows/http/intersystems_cache
2009-09-29
great
InterSystems Cache UtilConfigHome.csp Argumen
windows/http/intrasrv_bof
2013-05-30
manual Intrasrv 1.0 Buffer Overflow
windows/http/ipswitch_wug_maincfgret
2004-08-25
great
Ipswitch WhatsUp Gold 8.03 Buffer Overflow
windows/http/jira_collector_traversal
2014-02-26
normal JIRA Issues Collector Directory Traversal
windows/http/kaseya_uploadimage_file_upload
2013-11-11
excellent Kaseya uploadImage Arbitrary File Upload
windows/http/kolibri_http
2010-12-26
good
Kolibri HTTP Server HEAD Buffer Overflow
windows/http/landesk_thinkmanagement_upload_asp
2012-02-15
excellent LANDesk Lenovo ThinkManagement C
windows/http/mailenable_auth_header
2005-04-24
great
MailEnable Authorization Header Buffer Overflo
windows/http/manageengine_apps_mngr
2011-04-08
average ManageEngine Applications Manager Authe
windows/http/maxdb_webdbm_database
2006-08-29
good
MaxDB WebDBM Database Parameter Over
windows/http/maxdb_webdbm_get_overflow
2005-04-26
good
MaxDB WebDBM GET Buffer Overflow
windows/http/mcafee_epolicy_source
2006-07-17
average McAfee ePolicy Orchestrator / ProtectionPilot O
windows/http/mdaemon_worldclient_form2raw
2003-12-29
great
MDaemon WorldClient form2raw.cgi Stack B
windows/http/minishare_get_overflow
2004-11-07
average Minishare 1.4.1 Buffer Overflow
windows/http/miniweb_upload_wbem
2013-04-09
excellent MiniWeb (Build 300) Arbitrary File Upload
windows/http/navicopa_get_overflow
2006-09-28
great
NaviCOPA 2.0.1 URL Handling Buffer Overflow
windows/http/netdecision_http_bof
2012-02-24
normal NetDecision 4.5.1 HTTP Server Buffer Overflow
windows/http/novell_imanager_upload
2010-10-01
excellent Novell iManager getMultiPartParameters Arbitr
windows/http/novell_mdm_lfi
2013-03-13
normal Novell Zenworks Mobile Managment MDM.php Loc
windows/http/novell_messenger_acceptlang
2006-04-13
average Novell Messenger Server 2.0 Accept-Langu
windows/http/nowsms
2008-02-19
good
Now SMS/MMS Gateway Buffer Overflow
windows/http/oracle9i_xdb_pass
2003-08-18
great
Oracle 9i XDB HTTP PASS Overflow (win32)
windows/http/oracle_btm_writetofile
2012-08-07
excellent Oracle Business Transaction Management FlashT
windows/http/oracle_endeca_exec
2013-07-16
excellent Oracle Endeca Server Remote Command Execu
windows/http/oracle_event_processing_upload
2014-04-21
excellent Oracle Event Processing FileUploadServlet
windows/http/osb_uname_jlist
2010-07-13
excellent Oracle Secure Backup Authentication Bypass/Com
windows/http/peercast_url
2006-03-08
average PeerCast URL Handling Buffer Overflow
windows/http/php_apache_request_headers_bof
2012-05-08
normal PHP apache_request_headers Function B
windows/http/privatewire_gateway
2006-06-26
average Private Wire Gateway Buffer Overflow
windows/http/psoproxy91_overflow
2004-02-20
average PSO Proxy v0.91 Stack Buffer Overflow
Page 21
Sheet1
windows/http/rabidhamster_r4_log
2012-02-09
normal RabidHamster R4 Log Entry sprintf() Buffer Over
windows/http/rejetto_hfs_exec
2014-09-11
excellent Rejetto HttpFileServer Remote Command Executio
windows/http/sambar6_search_results
2003-06-21
normal Sambar 6 Search Results Buffer Overflow
windows/http/sap_configservlet_exec_noauth
2012-11-01
great
SAP ConfigServlet Remote Code Execution
windows/http/sap_host_control_cmd_exec
2012-08-14
average SAP NetWeaver HostControl Command Inje
windows/http/sapdb_webtools
2007-07-05
great
SAP DB 7.4 WebTools Buffer Overflow
windows/http/savant_31_overflow
2002-09-10
great
Savant 3.1 Web Server Overflow
windows/http/servu_session_cookie
2009-11-01
good
Rhinosoft Serv-U Session Cookie Buffer Overflo
windows/http/shoutcast_format
2004-12-23
average SHOUTcast DNAS/win32 1.9.4 File Request Form
windows/http/shttpd_post
2006-10-06
average SHTTPD URI-Encoded POST Request Overflow
windows/http/solarwinds_storage_manager_sql
2011-12-07
excellent Solarwinds Storage Manager 5.1.0 SQL In
windows/http/sonicwall_scrutinizer_sqli
2012-07-22
excellent Dell SonicWALL (Plixer) Scrutinizer 9 SQL Inject
windows/http/steamcast_useragent
2008-01-24
average Streamcast HTTP User-Agent Buffer Overflow
windows/http/sws_connection_bof
2012-07-20
normal Simple Web Server Connection Header Buffer O
windows/http/sybase_easerver
2005-07-25
average Sybase EAServer 5.2 Remote Stack Buffer Overf
windows/http/sysax_create_folder
2012-07-29
normal Sysax Multi Server 5.64 Create Folder Buffer Ove
windows/http/trackercam_phparg_overflow
2005-02-18
average TrackerCam PHP Argument Buffer Overflow
windows/http/trackit_file_upload
2014-10-07
excellent Numara / BMC Track-It! FileStorageService Arbitra
windows/http/trendmicro_officescan
2007-06-28
good
Trend Micro OfficeScan Remote Stack Buffer Ove
windows/http/ultraminihttp_bof
2013-07-10
normal Ultra Mini HTTPD Stack Buffer Overflow
windows/http/umbraco_upload_aspx
2012-06-28
excellent Umbraco CMS Remote Command Execution
windows/http/vmware_vcenter_chargeback_upload
2013-05-15
excellent VMware vCenter Chargeback Manager
windows/http/webster_http
2002-12-02
average Webster HTTP Server GET Buffer Overflow
windows/http/xampp_webdav_upload_php
2012-01-14
excellent XAMPP WebDAV PHP Upload
windows/http/xitami_if_mod_since
2007-09-24
average Xitami 2.5c2 Web Server If-Modified-Since Over
windows/http/zenworks_assetmgmt_uploadservlet
2011-11-02
excellent Novell ZENworks Asset Management Re
windows/http/zenworks_uploadservlet
2010-03-30
excellent Novell ZENworks Configuration Management R
windows/iis/iis_webdav_upload_asp
1994-01-01
excellent Microsoft IIS WebDAV Write Access Code Exec
windows/iis/ms01_023_printer
2001-05-01
good
MS01-023 Microsoft IIS 5.0 Printer Host Header Ov
windows/iis/ms01_026_dbldecode
2001-05-15
excellent MS01-026 Microsoft IIS/PWS CGI Filename Do
windows/iis/ms01_033_idq
2001-06-18
good
MS01-033 Microsoft IIS 5.0 IDQ Path Overflow
windows/iis/ms02_018_htr
2002-04-10
good
MS02-018 Microsoft IIS 4.0 .HTR Path Overflow
windows/iis/ms02_065_msadc
2002-11-20
normal MS02-065 Microsoft IIS MDAC msadcs.dll RDS D
windows/iis/ms03_007_ntdll_webdav
2003-05-30
great
MS03-007 Microsoft IIS 5.0 WebDAV ntdll.dll Pa
windows/iis/msadc
1998-07-17
excellent MS99-025 Microsoft IIS MDAC msadcs.dll RDS Arbitra
windows/imap/eudora_list
2005-12-20
great
Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflo
windows/imap/imail_delete
2004-11-12
average IMail IMAP4D Delete Overflow
windows/imap/ipswitch_search
2007-07-18
average Ipswitch IMail IMAP SEARCH Buffer Overflow
windows/imap/mailenable_login
2006-12-11
great
MailEnable IMAPD (2.34/2.35) Login Request Buffe
windows/imap/mailenable_status
2005-07-13
great
MailEnable IMAPD (1.54) STATUS Request Buffe
windows/imap/mailenable_w3c_select
2005-10-03
great
MailEnable IMAPD W3C Logging Buffer Overflo
windows/imap/mdaemon_cram_md5
2004-11-12
great
Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentic
windows/imap/mdaemon_fetch
2008-03-13
great
MDaemon 9.6.4 IMAPD FETCH Buffer Overflow
windows/imap/mercur_imap_select_overflow
2006-03-17
average Mercur v5.0 IMAP SP3 SELECT Buffer Ov
windows/imap/mercur_login
2006-03-17
average Mercur Messaging 2005 IMAP Login Buffer Overflo
windows/imap/mercury_login
2007-03-06
average Mercury/32 LOGIN Buffer Overflow
windows/imap/mercury_rename
2004-11-29
average Mercury/32 v4.01a IMAP RENAME Buffer Over
windows/imap/novell_netmail_append
2006-12-23
average Novell NetMail IMAP APPEND Buffer Overflow
windows/imap/novell_netmail_auth
2007-01-07
average Novell NetMail IMAP AUTHENTICATE Buffer O
windows/imap/novell_netmail_status
2005-11-18
average Novell NetMail IMAP STATUS Buffer Overflow
windows/imap/novell_netmail_subscribe
2006-12-23
average Novell NetMail IMAP SUBSCRIBE Buffer Ove
windows/isapi/ms00_094_pbserver
2000-12-04
good
MS00-094 Microsoft IIS Phone Book Service Ov
windows/isapi/ms03_022_nsiislog_post
2003-06-25
good
MS03-022 Microsoft IIS ISAPI nsiislog.dll ISAP
windows/isapi/ms03_051_fp30reg_chunked
2003-11-11
good
MS03-051 Microsoft IIS ISAPI FrontPage fp
windows/isapi/rsa_webagent_redirect
2005-10-21
good
Microsoft IIS ISAPI RSA WebAgent Redirect Ov
Page 22
Sheet1
windows/isapi/w3who_query
2004-12-06
good
Microsoft IIS ISAPI w3who.dll Query String Overflow
windows/ldap/imail_thc
2004-02-17
average IMail LDAP Service Buffer Overflow
windows/ldap/pgp_keyserver7
2001-07-16
good
Network Associates PGP KeyServer 7 LDAP Buffe
windows/license/calicclnt_getconfig
2005-03-02
average Computer Associates License Client GETCONFIG
windows/license/calicserv_getconfig
2005-03-02
normal Computer Associates License Server GETCONF
windows/license/flexnet_lmgrd_bof
2012-03-23
normal FlexNet License Server Manager lmgrd Buffer Ov
windows/license/sentinel_lm7_udp
2005-03-07
average SentinelLM UDP Buffer Overflow
windows/local/adobe_sandbox_adobecollabsync
2013-05-14
great
AdobeCollabSync Buffer Overflow Adobe R
windows/local/agnitum_outpost_acs
2013-08-02
excellent Agnitum Outpost Internet Security Local Privileg
windows/local/always_install_elevated
2010-03-18
excellent Windows AlwaysInstallElevated MSI
windows/local/ask
2012-01-03
excellent Windows Escalate UAC Execute RunAs
windows/local/bthpan
2014-07-18
average Microsoft Bluetooth Personal Area Networking (BthPa
windows/local/bypassuac
2010-12-31
excellent Windows Escalate UAC Protection Bypass
windows/local/bypassuac_injection
2010-12-31
excellent Windows Escalate UAC Protection Bypass (In M
windows/local/current_user_psexec
1999-01-01
excellent PsExec via Current User Token
windows/local/ikeext_service
2012-10-09
good
IKE and AuthIP IPsec Keyring Modules Service (IKE
windows/local/mqac_write
2014-07-22
average MQAC.sys Arbitrary Write Privilege Escalation
windows/local/ms10_015_kitrap0d
2010-01-19
great
Windows SYSTEM Escalation via KiTrap0D
windows/local/ms10_092_schelevator
2010-09-13
excellent Windows Escalate Task Scheduler XML Privile
windows/local/ms11_080_afdjoinleaf
2011-11-30
average MS11-080 AfdJoinLeaf Privilege Escalation
windows/local/ms13_005_hwnd_broadcast
2012-11-27
excellent MS13-005 HWND_BROADCAST Low to M
windows/local/ms13_053_schlamperei
2013-12-01
average Windows NTUserMessageCall Win32k Kerne
windows/local/ms13_081_track_popup_menu
2013-10-08
average Windows TrackPopupMenuEx Win32k NU
windows/local/ms13_097_ie_registry_symlink
2013-12-10
great
MS13-097 Registry Symlink IE Sandbox Esca
windows/local/ms14_009_ie_dfsvc
2014-02-11
great
MS14-009 .NET Deployment Service IE Sandbox
2014-10-14
normal Windows TrackPopupMenu Win32k NULL
windows/local/ms_ndproxy
2013-11-27
average MS14-002 Microsoft Windows ndproxy.sys Local P
windows/local/novell_client_nicm
2013-05-22
average Novell Client 2 SP3 nicm.sys Local Privilege Esca
windows/local/novell_client_nwfs
2008-06-26
average Novell Client 4.91 SP4 nwfs.sys Local Privilege E
windows/local/nvidia_nvsvc
2012-12-25
average Nvidia (nvsvc) Display Driver Service Local Privileg
windows/local/payload_inject
2011-10-12
excellent Windows Manage Memory Payload Injection
windows/local/persistence
2011-10-19
excellent Windows Manage Persistent Payload Installer
windows/local/powershell_cmd_upgrade
1999-01-01
excellent Windows Command Shell Upgrade (Powersh
windows/local/ppr_flatten_rec
2013-05-15
average Windows EPATHOBJ::pprFlattenRec Local Privileg
windows/local/pxeexploit
2011-08-05
excellent PXE Exploit Server
windows/local/s4u_persistence
2013-01-02
excellent Windows Manage User Level Persistent Payload I
windows/local/service_permissions
2012-10-15
great
Windows Escalate Service Permissions Local Priv
windows/local/trusted_service_path
2001-10-25
excellent Windows Service Trusted Path Privilege Escalati
windows/local/virtual_box_guest_additions
2014-07-15
average VirtualBox Guest Additions VBoxGuest.sys Pr
windows/local/virtual_box_opengl_escape
2014-03-11
average VirtualBox 3D Acceleration Virtual Machine E
windows/local/vss_persistence
2011-10-21
excellent Persistent Payload in Windows Volume Shadow C
windows/local/wmi
1999-01-01
excellent Windows Management Instrumentation (WMI) Remote
windows/lotus/domino_http_accept_language
2008-05-20
average IBM Lotus Domino Web Server Accept-Lan
windows/lotus/domino_icalendar_organizer
2010-09-14
normal IBM Lotus Domino iCalendar MAILTO Buffer
windows/lotus/domino_sametime_stmux
2008-05-21
average IBM Lotus Domino Sametime STMux.exe St
windows/lotus/lotusnotes_lzh
2011-05-24
normal Lotus Notes 8.0.x - 8.5.2 FP2 - Autonomy Keyview (
windows/lpd/hummingbird_exceed
2005-05-27
average Hummingbird Connectivity 10 SP5 LPD Buffer
windows/lpd/niprint
2003-11-05
good
NIPrint LPD Request Overflow
windows/lpd/saplpd
2008-02-04
good
SAP SAPLPD 6.28 Buffer Overflow
windows/lpd/wincomlpd_admin
2008-02-04
good
WinComLPD Buffer Overflow
windows/misc/actfax_raw_server_bof
2013-02-05
normal ActFax 5.01 RAW Server Buffer Overflow
windows/misc/agentxpp_receive_agentx
2010-04-16
good
AgentX++ Master AgentX::receive_agentx Sta
windows/misc/allmediaserver_bof
2012-07-04
normal ALLMediaServer 0.8 Buffer Overflow
windows/misc/altiris_ds_sqli
2008-05-15
normal Symantec Altiris DS SQL Injection
windows/misc/apple_quicktime_rtsp_response
2007-11-23
normal Apple QuickTime 7.3 RTSP Response Hea
Page 23
Sheet1
windows/misc/asus_dpcproxy_overflow
2008-03-21
average Asus Dpcproxy Buffer Overflow
windows/misc/avaya_winpmd_unihostrouter
2011-05-23
normal Avaya WinPMD UniteHostRouter Buffer Ov
windows/misc/avidphoneticindexer
2011-11-29
normal Avid Media Composer 5.5 - Avid Phonetic Indexe
windows/misc/bakbone_netvault_heap
2005-04-01
average BakBone NetVault Remote Heap Overflow
windows/misc/bcaaa_bof
2011-04-04
good
Blue Coat Authentication and Authorization Agent (B
windows/misc/bigant_server
2008-04-15
average BigAnt Server 2.2 Buffer Overflow
windows/misc/bigant_server_250
2008-04-15
great
BigAnt Server 2.50 SP1 Buffer Overflow
windows/misc/bigant_server_dupf_upload
2013-01-09
excellent BigAnt Server DUPF Command Arbitrary File
windows/misc/bigant_server_sch_dupf_bof
2013-01-09
normal BigAnt Server 2 SCH And DUPF Buffer Ove
windows/misc/bigant_server_usv
2009-12-29
great
BigAnt Server 2.52 USV Buffer Overflow
windows/misc/bomberclone_overflow
2006-02-16
average Bomberclone 0.11.6 Buffer Overflow
windows/misc/bopup_comm
2009-06-18
good
Bopup Communications Server Buffer Overflow
windows/misc/borland_interbase
2007-07-24
average Borland Interbase Create-Request Buffer Overflo
windows/misc/borland_starteam
2008-04-02
average Borland CaliberRM StarTeam Multicast Service B
windows/misc/citrix_streamprocess
2011-01-20
good
Citrix Provisioning Services 5.6 streamprocess.ex
windows/misc/citrix_streamprocess_data_msg
2011-11-04
normal Citrix Provisioning Services 5.6 SP1 Stream
windows/misc/citrix_streamprocess_get_boot_record_request
2011-11-04
normal Citrix Provisioning Services 5.6 SP1 S
windows/misc/citrix_streamprocess_get_footer
2011-11-04
windows/misc/citrix_streamprocess_get_objects
2011-11-04
windows/misc/doubletake
2008-06-04
average DoubleTake/HP StorageWorks Storage Mirroring S
windows/misc/eiqnetworks_esa
2006-07-24
average eIQNetworks ESA License Manager LICMGR_A
windows/misc/eiqnetworks_esa_topology
2006-07-25
average eIQNetworks ESA Topology DELETEDEVIC
windows/misc/enterasys_netsight_syslog_bof
2011-12-19
normal Enterasys NetSight nssyslogd.exe Buffer Ov
windows/misc/eureka_mail_err
2009-10-22
normal Eureka Email 2.2q ERR Remote Buffer Overflow
windows/misc/fb_cnct_group
2013-01-31
normal Firebird Relational Database CNCT Group Numbe
windows/misc/fb_isc_attach_database
2007-10-03
average Firebird Relational Database isc_attach_datab
windows/misc/fb_isc_create_database
2007-10-03
average Firebird Relational Database isc_create_datab
windows/misc/fb_svc_attach
2007-10-03
average Firebird Relational Database SVC_attach() Buffer
windows/misc/gimp_script_fu
2012-05-18
normal GIMP script-fu Server Buffer Overflow
windows/misc/hp_dataprotector_crs
2013-06-03
normal HP Data Protector Cell Request Service Buffer O
windows/misc/hp_dataprotector_dtbclslogin
2010-09-09
normal HP Data Protector DtbClsLogin Buffer Overflo
windows/misc/hp_dataprotector_exec_bar
2014-01-02
excellent HP Data Protector Backup Client Service Re
windows/misc/hp_dataprotector_new_folder
2012-03-12
normal HP Data Protector Create New Folder Buffer
windows/misc/hp_dataprotector_traversal
2014-01-02
great
HP Data Protector Backup Client Service Direc
windows/misc/hp_imc_uam
2012-08-29
normal HP Intelligent Management Center UAM Buffer Ov
windows/misc/hp_loadrunner_magentproc
2013-07-27
normal HP LoadRunner magentproc.exe Overflow
windows/misc/hp_magentservice
2012-01-12
average HP Diagnostics Server magentservice.exe Over
windows/misc/hp_omniinet_1
2009-12-17
great
HP OmniInet.exe MSG_PROTOCOL Buffer Overflo
2009-12-17
great
HP OmniInet.exe MSG_PROTOCOL Buffer Overflo
2011-06-29
great
HP OmniInet.exe Opcode 27 Buffer Overflow
2011-06-29
good
windows/misc/hp_operations_agent_coda_34
2012-07-09
normal HP Operations Agent Opcode coda.exe 0x
windows/misc/hp_operations_agent_coda_8c
2012-07-09
normal HP Operations Agent Opcode coda.exe 0x
windows/misc/hp_ovtrace
2007-08-09
average HP OpenView Operations OVTrace Buffer Overflow
windows/misc/ib_isc_attach_database
2007-10-03
good
Borland InterBase isc_attach_database() Buffer
windows/misc/ib_isc_create_database
2007-10-03
good
Borland InterBase isc_create_database() Buffer
windows/misc/ib_svc_attach
2007-10-03
good
Borland InterBase SVC_attach() Buffer Overflow
windows/misc/ibm_cognos_tm1admsd_bof
2012-04-02
normal IBM Cognos tm1admsd.exe Overflow
windows/misc/ibm_director_cim_dllinject
2009-03-10
excellent IBM System Director Agent DLL Injection
windows/misc/ibm_tsm_cad_ping
2009-11-04
good
IBM Tivoli Storage Manager Express CAD Servic
windows/misc/ibm_tsm_rca_dicugetidentify
2009-11-04
great
IBM Tivoli Storage Manager Express RCA Ser
windows/misc/itunes_extm3u_bof
2012-06-21
normal Apple iTunes 10 Extended M3U Stack Buffer Ov
windows/misc/landesk_aolnsrvr
2007-04-13
average LANDesk Management Suite 8.7 Alert Service Bu
windows/misc/lianja_db_net
2013-05-22
normal Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer O
windows/misc/mercury_phonebook
2005-12-19
average Mercury/32 PH Server Module Buffer Overflow
Page 24
Sheet1
windows/misc/mini_stream
2009-12-25
normal Mini-Stream 3.0.1.1 Buffer Overflow
windows/misc/mirc_privmsg_server
2008-10-02
normal mIRC PRIVMSG Handling Stack Buffer Overflo
windows/misc/ms07_064_sami
2007-12-11
normal MS07-064 Microsoft DirectX DirectShow SAMI B
windows/misc/ms10_104_sharepoint
2010-12-14
excellent MS10-104 Microsoft Office SharePoint Server
windows/misc/netcat110_nt
2004-12-27
great
Netcat v1.10 NT Stack Buffer Overflow
windows/misc/nettransport
2010-01-02
normal NetTransport Download Manager 2.90.510 Buffer Ov
windows/misc/poisonivy_bof
2012-06-24
normal Poison Ivy Server Buffer Overflow
windows/misc/poppeeper_date
2009-02-27
normal POP Peeper v3.4 DATE Buffer Overflow
windows/misc/poppeeper_uidl
2009-02-27
normal POP Peeper v3.4 UIDL Buffer Overflow
windows/misc/psh_web_delivery
2013-07-19
normal PowerShell Payload Web Delivery
windows/misc/pxexploit
2011-08-05
excellent PXE Exploit Server
windows/misc/realtek_playlist
2008-12-16
great
Realtek Media Player Playlist Buffer Overflow
windows/misc/sap_2005_license
2009-08-01
great
SAP Business One License Manager 2005 Buffer
windows/misc/sap_netweaver_dispatcher
2012-05-08
normal SAP NetWeaver Dispatcher DiagTraceR3Info
windows/misc/shixxnote_font
2004-10-04
great
ShixxNOTE 6.net Font Field Overflow
windows/misc/solidworks_workgroup_pdmwservice_file_write
2014-02-22
good
SolidWorks Workgroup PDM 2014 pd
windows/misc/splayer_content_type
2011-05-04
normal SPlayer 3.7 Content-Type Buffer Overflow
windows/misc/stream_down_bof
2011-12-27
good
CoCSoft StreamDown 6.8.0 Buffer Overflow
windows/misc/talkative_response
2009-03-17
normal Talkative IRC v0.4.4.16 Response Buffer Overflo
windows/misc/tiny_identd_overflow
2007-05-14
average TinyIdentD 2.2 Stack Buffer Overflow
windows/misc/trendmicro_cmdprocessor_addtask
2011-12-07
good
TrendMicro Control Manger CmdProcesso
windows/misc/ufo_ai
2009-10-28
average UFO: Alien Invasion IRC Client Buffer Overflow
windows/misc/windows_rsh
2007-07-24
average Windows RSH Daemon Buffer Overflow
windows/misc/wireshark_lua
2011-07-18
excellent Wireshark console.lua Pre-Loading Script Executio
windows/misc/wireshark_packet_dect
2011-04-18
good
windows/mmsp/ms10_025_wmss_connect_funnel
2010-04-13
great
Windows Media Services ConnectFunne
windows/motorola/timbuktu_fileupload
2008-05-10
excellent Timbuktu Pro Directory Traversal/File Upload
windows/mssql/lyris_listmanager_weak_pass
2005-12-08
excellent Lyris ListManager MSDE Weak sa Passwor
windows/mssql/ms02_039_slammer
2002-07-24
good
MS02-039 Microsoft SQL Server Resolution O
windows/mssql/ms02_056_hello
2002-08-05
good
MS02-056 Microsoft SQL Server Hello Overflow
windows/mssql/ms09_004_sp_replwritetovarbin
2008-12-09
good
MS09-004 Microsoft SQL Server sp_replwr
windows/mssql/ms09_004_sp_replwritetovarbin_sqli
2008-12-09
excellent MS09-004 Microsoft SQL Server sp_repl
windows/mssql/mssql_linkcrawler
2000-01-01
great
Microsoft SQL Server Database Link Crawling Com
windows/mssql/mssql_payload
2000-05-30
excellent Microsoft SQL Server Payload Execution
windows/mssql/mssql_payload_sqli
2000-05-30
excellent Microsoft SQL Server Payload Execution via SQ
windows/mysql/mysql_mof
2012-12-01
excellent Oracle MySQL for Microsoft Windows MOF Execut
windows/mysql/mysql_payload
2009-01-16
excellent Oracle MySQL for Microsoft Windows Payload Ex
windows/mysql/mysql_yassl_hello
2008-01-04
average MySQL yaSSL SSL Hello Message Buffer Overf
windows/mysql/scrutinizer_upload_exec
2012-07-27
excellent Plixer Scrutinizer NetFlow and sFlow Analyzer
windows/nfs/xlink_nfsd
2006-11-06
average Omni-NFS Server Buffer Overflow
windows/nntp/ms05_030_nntp
2005-06-14
normal MS05-030 Microsoft Outlook Express NNTP Res
windows/novell/file_reporter_fsfui_upload
2012-11-16
great
NFR Agent FSFUI Record File Upload RCE
windows/novell/groupwisemessenger_client
2008-07-02
normal Novell GroupWise Messenger Client Buffer O
windows/novell/netiq_pum_eval
2012-11-15
excellent NetIQ Privileged User Manager 2.3.1 ldapagnt_ev
windows/novell/nmap_stor
2006-12-23
average Novell NetMail NMAP STOR Buffer Overflow
windows/novell/zenworks_desktop_agent
2005-05-19
good
Novell ZENworks 6.5 Desktop/Server Manage
windows/novell/zenworks_preboot_op21_bof
2010-03-30
normal Novell ZENworks Configuration Manageme
windows/novell/zenworks_preboot_op4c_bof
2012-02-22
2010-03-30
normal Novell ZENworks Configuration Managemen
2012-02-22
windows/oracle/client_system_analyzer_upload
2011-01-18
excellent Oracle Database Client System Analyzer A
windows/oracle/extjob
2007-01-01
excellent Oracle Job Scheduler Named Pipe Command Executi
windows/oracle/osb_ndmp_auth
2009-01-14
good
Oracle Secure Backup NDMP_CONNECT_CLIEN
windows/oracle/tns_arguments
2001-06-28
good
Oracle 8i TNS Listener (ARGUMENTS) Buffer Ove
windows/oracle/tns_auth_sesskey
2009-10-20
great
Oracle 10gR2 TNS Listener AUTH_SESSKEY Bu
Page 25
Sheet1
windows/oracle/tns_service_name
2002-05-27
good
Oracle 8i TNS Listener SERVICE_NAME Buffer
windows/pop3/seattlelab_pass
2003-05-07
great
Seattle Lab Mail 5.5 POP3 Buffer Overflow
windows/postgres/postgres_payload
2009-04-10
excellent PostgreSQL for Microsoft Windows Payload Ex
windows/proxy/bluecoat_winproxy_host
2005-01-05
great
Blue Coat WinProxy Host Header Overflow
windows/proxy/ccproxy_telnet_ping
2004-11-11
average CCProxy Telnet Proxy Ping Overflow
windows/proxy/proxypro_http_get
2004-02-23
great
Proxy-Pro Professional GateKeeper 4.7 GET Requ
windows/proxy/qbik_wingate_wwwproxy
2006-06-07
good
Qbik WinGate WWW Proxy Server URL Proc
windows/scada/abb_wserver_exec
2013-04-05
excellent ABB MicroSCADA wserver.exe Remote Code E
windows/scada/citect_scada_odbc
2008-06-11
normal CitectSCADA/CitectFacilities ODBC Buffer Over
windows/scada/codesys_gateway_server_traversal
2013-02-02
excellent SCADA 3S CoDeSys Gateway Server D
windows/scada/codesys_web_server
2011-12-02
normal SCADA 3S CoDeSys CmpWebServer Stack B
windows/scada/daq_factory_bof
2011-09-13
good
DaqFactory HMI NETB Request Overflow
windows/scada/factorylink_csservice
2011-03-25
normal Siemens FactoryLink 8 CSService Logging Path
windows/scada/factorylink_vrn_09
2011-03-21
average Siemens FactoryLink vrn.exe Opcode 9 Buffer O
windows/scada/ge_proficy_cimplicity_gefebt
2014-01-23
excellent GE Proficy CIMPLICITY gefebt.exe Remote C
windows/scada/iconics_genbroker
2011-03-21
good
Iconics GENESIS32 Integer Overflow Version 9.2
windows/scada/iconics_webhmi_setactivexguid
2011-05-05
good
ICONICS WebHMI ActiveX Buffer Overflow
windows/scada/igss9_igssdataserver_listall
2011-03-24
good
7-Technologies IGSS IGSSdataServer.exe Sta
windows/scada/igss9_igssdataserver_rename
2011-03-24
normal 7-Technologies IGSS 9 IGSSdataServer .R
windows/scada/igss9_misc
2011-03-24
excellent 7-Technologies IGSS 9 Data Server/Collector Pack
windows/scada/igss_exec_17
2011-03-21
excellent Interactive Graphical SCADA System Remote Co
windows/scada/indusoft_webstudio_exec
2011-11-04
excellent InduSoft Web Studio Arbitrary Upload Remot
windows/scada/moxa_mdmtool
2010-10-20
great
MOXA Device Manager Tool 2.1 Buffer Overflow
windows/scada/procyon_core_server
2011-09-08
normal Procyon Core Server HMI Coreservice.exe Sta
windows/scada/realwin
2008-09-26
great
DATAC RealWin SCADA Server Buffer Overflow
windows/scada/realwin_on_fc_binfile_a
2011-03-21
great
DATAC RealWin SCADA Server 2 On_FC_CON
windows/scada/realwin_on_fcs_login
2011-03-21
great
RealWin SCADA Server DATAC Login Buffer Ov
windows/scada/realwin_scpc_initialize
2010-10-15
great
DATAC RealWin SCADA Server SCPC_INITIALI
windows/scada/realwin_scpc_initialize_rf
2010-10-15
great
DATAC RealWin SCADA Server SCPC_INITIAL
windows/scada/realwin_scpc_txtevent
2010-11-18
great
DATAC RealWin SCADA Server SCPC_TXTEV
windows/scada/scadapro_cmdexe
2011-09-16
excellent Measuresoft ScadaPro Remote Command Exe
windows/scada/sunway_force_control_netdbsrv
2011-09-22
great
Sunway Forcecontrol SNMP NetDBServer.e
windows/scada/winlog_runtime
2011-01-13
great
Sielco Sistemi Winlog Buffer Overflow
windows/scada/winlog_runtime_2
2012-06-04
normal Sielco Sistemi Winlog Buffer Overflow 2.07.14 windows/scada/yokogawa_bkbcopyd_bof
2014-03-10
normal Yokogawa CENTUM CS 3000 BKBCopyD.e
windows/scada/yokogawa_bkesimmgr_bof
2014-03-10
normal Yokogawa CS3000 BKESimmgr.exe Buffer
windows/scada/yokogawa_bkfsim_vhfd
2014-05-23
normal Yokogawa CS3000 BKFSim_vhfd.exe Buffer
windows/scada/yokogawa_bkhodeq_bof
2014-03-10
average Yokogawa CENTUM CS 3000 BKHOdeq.ex
windows/sip/aim_triton_cseq
2006-07-10
great
AIM Triton 1.0.4 CSeq Buffer Overflow
windows/sip/sipxezphone_cseq
2006-07-10
great
SIPfoundry sipXezPhone 0.35a CSeq Field Overflo
windows/sip/sipxphone_cseq
2006-07-10
great
SIPfoundry sipXphone 2.6.0.27 CSeq Buffer Overflo
windows/smb/ms03_049_netapi
2003-11-11
good
MS03-049 Microsoft Workstation Service NetAdd
windows/smb/ms04_007_killbill
2004-02-10
low
MS04-007 Microsoft ASN.1 Library Bitstring Heap O
windows/smb/ms04_011_lsass
2004-04-13
good
MS04-011 Microsoft LSASS Service DsRolerUpg
windows/smb/ms04_031_netdde
2004-10-12
good
MS04-031 Microsoft NetDDE Service Overflow
windows/smb/ms05_039_pnp
2005-08-09
good
MS05-039 Microsoft Plug and Play Service Overf
windows/smb/ms06_025_rasmans_reg
2006-06-13
good
MS06-025 Microsoft RRAS Service RASMAN
windows/smb/ms06_025_rras
2006-06-13
average MS06-025 Microsoft RRAS Service Overflow
2006-08-08
good
MS06-040 Microsoft Server Service NetpwPathC
windows/smb/ms06_066_nwapi
2006-11-14
good
MS06-066 Microsoft Services nwapi32.dll Modul
windows/smb/ms06_066_nwwks
2006-11-14
good
MS06-066 Microsoft Services nwwks.dll Module
windows/smb/ms06_070_wkssvc
2006-11-14
manual MS06-070 Microsoft Workstation Service Netp
windows/smb/ms07_029_msdns_zonename
2007-04-12
manual MS07-029 Microsoft DNS RPC Service e
2008-10-28
great
MS08-067 Microsoft Server Service Relative Path
windows/smb/ms09_050_smb2_negotiate_func_index
2009-09-07
good
MS09-050 Microsoft SRV2.SYS SMB N
Page 26
Sheet1
windows/smb/ms10_061_spoolss
2010-09-14
excellent MS10-061 Microsoft Print Spooler Service Impe
windows/smb/netidentity_xtierrpcpipe
2009-04-06
great
Novell NetIdentity Agent XTIERRPCPIPE Named
windows/smb/psexec
1999-01-01
manual Microsoft Windows Authenticated User Code Execut
windows/smb/psexec_psh
1999-01-01
manual Microsoft Windows Authenticated Powershell Com
windows/smb/smb_relay
2001-03-31
excellent MS08-068 Microsoft Windows SMB Relay Code Exe
windows/smb/timbuktu_plughntcommand_bof
2009-06-25
great
Timbuktu PlughNTCommand Named Pipe
windows/smtp/mailcarrier_smtp_ehlo
2004-10-26
good
TABS MailCarrier v2.51 SMTP EHLO Overflow
windows/smtp/mercury_cram_md5
2007-08-18
great
Mercury Mail SMTP AUTH CRAM-MD5 Buffer O
windows/smtp/ms03_046_exchange2000_xexch50
2003-10-15
good
MS03-046 Exchange 2000 XEXCH50 H
windows/smtp/njstar_smtp_bof
2011-10-31
normal NJStar Communicator 3.00 MiniSMTP Buffer Ove
windows/smtp/wmailserver
2005-07-11
average SoftiaCom WMailserver 1.0 Buffer Overflow
windows/smtp/ypops_overflow1
2004-09-27
average YPOPS 0.6 Buffer Overflow
windows/ssh/freeftpd_key_exchange
2006-05-12
average FreeFTPd 1.0.10 Key Exchange Algorithm Stri
windows/ssh/freesshd_authbypass
2010-08-11
excellent Freesshd Authentication Bypass
windows/ssh/freesshd_key_exchange
2006-05-12
average FreeSSHd 1.0.9 Key Exchange Algorithm Str
windows/ssh/putty_msg_debug
2002-12-16
normal PuTTY Buffer Overflow
windows/ssh/securecrt_ssh1
2002-07-23
average SecureCRT SSH1 Buffer Overflow
windows/ssh/sysax_ssh_username
2012-02-27
normal Sysax 5.53 SSH Username Buffer Overflow
windows/ssl/ms04_011_pct
2004-04-13
average MS04-011 Microsoft Private Communications Tran
windows/telnet/gamsoft_telsrv_username
2000-07-17
average GAMSoft TelSrv 1.5 Username Buffer Overfl
windows/telnet/goodtech_telnet
2005-03-15
average GoodTech Telnet Server Buffer Overflow
windows/tftp/attftp_long_filename
2006-11-27
average Allied Telesyn TFTP Server 1.9 Long Filename Ov
windows/tftp/distinct_tftp_traversal
2012-04-08
excellent Distinct TFTP 3.10 Writable Directory Traversal Exe
windows/tftp/dlink_long_filename
2007-03-12
good
D-Link TFTP 1.0 Long Filename Buffer Overflow
windows/tftp/futuresoft_transfermode
2005-05-31
average FutureSoft TFTP Server 2000 Transfer-Mode Ov
windows/tftp/netdecision_tftp_traversal
2009-05-16
excellent NetDecision 4.2 TFTP Writable Directory Travers
windows/tftp/opentftp_error_code
2008-07-05
average OpenTFTP SP 1.4 Error Packet Overflow
windows/tftp/quick_tftp_pro_mode
2008-03-27
good
Quick FTP Pro 2.1 Transfer-Mode Overflow
windows/tftp/tftpd32_long_filename
2002-11-19
average TFTPD32 Long Filename Buffer Overflow
windows/tftp/tftpdwin_long_filename
2006-09-21
great
TFTPDWIN v0.4.2 Long Filename Buffer Overflow
windows/tftp/tftpserver_wrq_bof
2008-03-26
normal TFTP Server for Windows 1.4 ST WRQ Buffer Ove
windows/tftp/threectftpsvc_long_mode
2006-11-27
great
3CTftpSvc TFTP Long Mode Buffer Overflow
windows/unicenter/cam_log_security
2005-08-22
great
CA CAM log_security() Stack Buffer Overflow (W
windows/vnc/realvnc_client
2001-01-29
normal RealVNC 3.3.7 Client Buffer Overflow
windows/vnc/ultravnc_client
2006-04-04
normal UltraVNC 1.0.1 Client Buffer Overflow
windows/vnc/ultravnc_viewer_bof
2008-02-06
normal UltraVNC 1.0.2 Client (vncviewer.exe) Buffer Ove
windows/vnc/winvnc_http_get
2001-01-29
average WinVNC Web Server GET Overflow
windows/vpn/safenet_ike_11
2009-06-01
average SafeNet SoftRemote IKE Service Buffer Overflow
windows/winrm/winrm_script_exec
2012-11-01
manual WinRM Script Exec Remote Code Execution
windows/wins/ms04_045_wins
2004-12-14
great
MS04-045 Microsoft WINS Service Memory Overw
Payloads
#N/A
Name
------------------ ---- ----------aix/ppc/shell_bind_tcp
normal AIX Command Shell, Bind TCP Inline
aix/ppc/shell_find_port
normal AIX Command Shell, Find Port Inline
aix/ppc/shell_interact
normal AIX execve Shell for inetd
aix/ppc/shell_reverse_tcp
normal AIX Command Shell, Reverse TCP Inline
android/meterpreter/reverse_http
normal Android Meterpreter, Dalvik Reverse HTTP Stager
android/meterpreter/reverse_https
normal Android Meterpreter, Dalvik Reverse HTTPS Stager
android/meterpreter/reverse_tcp
normal Android Meterpreter, Dalvik Reverse TCP Stager
android/shell/reverse_http
normal Command Shell, Dalvik Reverse HTTP Stager
Page 27
Sheet1
android/shell/reverse_https
android/shell/reverse_tcp
bsd/sparc/shell_bind_tcp
bsd/sparc/shell_reverse_tcp
bsd/x86/exec
bsd/x86/metsvc_bind_tcp
bsd/x86/metsvc_reverse_tcp
bsd/x86/shell/bind_ipv6_tcp
bsd/x86/shell/bind_tcp
bsd/x86/shell/find_tag
bsd/x86/shell/reverse_ipv6_tcp
bsd/x86/shell/reverse_tcp
bsd/x86/shell_bind_tcp
bsd/x86/shell_bind_tcp_ipv6
bsd/x86/shell_find_port
bsd/x86/shell_find_tag
bsd/x86/shell_reverse_tcp
bsd/x86/shell_reverse_tcp_ipv6
bsdi/x86/shell/bind_tcp
bsdi/x86/shell/reverse_tcp
bsdi/x86/shell_bind_tcp
bsdi/x86/shell_find_port
bsdi/x86/shell_reverse_tcp
cmd/unix/bind_awk
cmd/unix/bind_inetd
cmd/unix/bind_lua
cmd/unix/bind_netcat
cmd/unix/bind_netcat_gaping
cmd/unix/bind_netcat_gaping_ipv6
cmd/unix/bind_nodejs
cmd/unix/bind_perl
cmd/unix/bind_perl_ipv6
cmd/unix/bind_ruby
cmd/unix/bind_ruby_ipv6
cmd/unix/bind_zsh
cmd/unix/generic
cmd/unix/interact
cmd/unix/reverse
cmd/unix/reverse_awk
cmd/unix/reverse_bash
cmd/unix/reverse_bash_telnet_ssl
cmd/unix/reverse_lua
cmd/unix/reverse_netcat
cmd/unix/reverse_netcat_gaping
cmd/unix/reverse_nodejs
cmd/unix/reverse_openssl
cmd/unix/reverse_perl
cmd/unix/reverse_perl_ssl
cmd/unix/reverse_php_ssl
cmd/unix/reverse_python
cmd/unix/reverse_python_ssl
cmd/unix/reverse_ruby
cmd/unix/reverse_ruby_ssl
cmd/unix/reverse_ssl_double_telnet
cmd/unix/reverse_zsh
normal Command Shell, Dalvik Reverse HTTPS Stager

normal Command Shell, Dalvik Reverse TCP Stager
normal BSD Command Shell, Bind TCP Inline
normal BSD Command Shell, Reverse TCP Inline
normal BSD Execute Command
normal FreeBSD Meterpreter Service, Bind TCP
normal FreeBSD Meterpreter Service, Reverse TCP Inline
normal BSD Command Shell, Bind TCP Stager (IPv6)
normal BSD Command Shell, Bind TCP Stager
normal BSD Command Shell, Find Tag Stager
normal BSD Command Shell, Reverse TCP Stager (IPv6)
normal BSD Command Shell, Reverse TCP Stager
normal BSD Command Shell, Bind TCP Inline
normal BSD Command Shell, Bind TCP Inline (IPv6)
normal BSD Command Shell, Find Port Inline
normal BSD Command Shell, Find Tag Inline
normal BSD Command Shell, Reverse TCP Inline
normal BSD Command Shell, Reverse TCP Inline (IPv6)
normal BSDi Command Shell, Bind TCP Stager
normal BSDi Command Shell, Reverse TCP Stager
normal BSDi Command Shell, Bind TCP Inline
normal BSDi Command Shell, Find Port Inline
normal BSDi Command Shell, Reverse TCP Inline
normal Unix Command Shell, Bind TCP (via AWK)
normal Unix Command Shell, Bind TCP (inetd)
normal Unix Command Shell, Bind TCP (via Lua)
normal Unix Command Shell, Bind TCP (via netcat)
normal Unix Command Shell, Bind TCP (via netcat -e)
normal Unix Command Shell, Bind TCP (via netcat -e) IPv6
normal Unix Command Shell, Bind TCP (via nodejs)
normal Unix Command Shell, Bind TCP (via Perl)
normal Unix Command Shell, Bind TCP (via perl) IPv6
normal Unix Command Shell, Bind TCP (via Ruby)
normal Unix Command Shell, Bind TCP (via Ruby) IPv6
normal Unix Command Shell, Bind TCP (via Zsh)
normal Unix Command, Generic Command Execution
normal Unix Command, Interact with Established Connection
normal Unix Command Shell, Double Reverse TCP (telnet)
normal Unix Command Shell, Reverse TCP (via AWK)
normal Unix Command Shell, Reverse TCP (/dev/tcp)
normal Unix Command Shell, Reverse TCP SSL (telnet)
normal Unix Command Shell, Reverse TCP (via Lua)
normal Unix Command Shell, Reverse TCP (via netcat)
normal Unix Command Shell, Reverse TCP (via netcat -e)
normal Unix Command Shell, Reverse TCP (via nodejs)
normal Unix Command Shell, Double Reverse TCP SSL (openssl)
normal Unix Command Shell, Reverse TCP (via Perl)
normal Unix Command Shell, Reverse TCP SSL (via perl)
normal Unix Command Shell, Reverse TCP SSL (via php)
normal Unix Command Shell, Reverse TCP (via Python)
normal Unix Command Shell, Reverse TCP SSL (via python)
normal Unix Command Shell, Reverse TCP (via Ruby)
normal Unix Command Shell, Reverse TCP SSL (via Ruby)
normal Unix Command Shell, Double Reverse TCP SSL (telnet)
normal Unix Command Shell, Reverse TCP (via Zsh)
Page 28
Sheet1
cmd/windows/adduser
cmd/windows/bind_lua
cmd/windows/bind_perl
cmd/windows/bind_perl_ipv6
cmd/windows/bind_ruby
cmd/windows/download_eval_vbs
cmd/windows/download_exec_vbs
cmd/windows/generic
cmd/windows/reverse_lua
cmd/windows/reverse_perl
cmd/windows/reverse_powershell
cmd/windows/reverse_ruby
firefox/exec
firefox/shell_bind_tcp
firefox/shell_reverse_tcp
generic/custom
generic/debug_trap
generic/shell_bind_tcp
generic/shell_reverse_tcp
generic/tight_loop
java/jsp_shell_bind_tcp
java/jsp_shell_reverse_tcp
java/meterpreter/bind_tcp
java/meterpreter/reverse_http
java/meterpreter/reverse_https
java/meterpreter/reverse_tcp
java/shell/bind_tcp
java/shell/reverse_tcp
java/shell_reverse_tcp
linux/armle/adduser
linux/armle/exec
linux/armle/shell/bind_tcp
linux/armle/shell/reverse_tcp
linux/armle/shell_bind_tcp
linux/armle/shell_reverse_tcp
linux/mipsbe/exec
linux/mipsbe/reboot
linux/mipsbe/shell/reverse_tcp
linux/mipsbe/shell_bind_tcp
linux/mipsbe/shell_reverse_tcp
linux/mipsle/exec
linux/mipsle/reboot
linux/mipsle/shell/reverse_tcp
linux/mipsle/shell_bind_tcp
linux/mipsle/shell_reverse_tcp
linux/ppc/shell_bind_tcp
linux/ppc/shell_find_port
linux/ppc/shell_reverse_tcp
linux/ppc64/shell_bind_tcp
linux/ppc64/shell_find_port
linux/ppc64/shell_reverse_tcp
linux/x64/exec
linux/x64/shell/bind_tcp
linux/x64/shell/reverse_tcp
linux/x64/shell_bind_tcp
normal Windows Execute net user /ADD CMD

normal Windows Command Shell, Bind TCP (via Lua)
normal Windows Command Shell, Bind TCP (via Perl)
normal Windows Command Shell, Bind TCP (via perl) IPv6
normal Windows Command Shell, Bind TCP (via Ruby)
normal Windows Executable Download and Evaluate VBS
normal Windows Executable Download and Execute (via .vbs)
normal Windows Command, Generic Command Execution
normal Windows Command Shell, Reverse TCP (via Lua)
normal Windows Command, Double Reverse TCP Connection (via Perl)
normal Windows Command Shell, Reverse TCP (via Powershell)
normal Windows Command Shell, Reverse TCP (via Ruby)
normal Firefox XPCOM Execute Command
normal Command Shell, Bind TCP (via Firefox XPCOM script)
normal Command Shell, Reverse TCP (via Firefox XPCOM script)
normal Custom Payload
normal Generic x86 Debug Trap
normal Generic Command Shell, Bind TCP Inline
normal Generic Command Shell, Reverse TCP Inline
normal Generic x86 Tight Loop
normal Java JSP Command Shell, Bind TCP Inline
normal Java JSP Command Shell, Reverse TCP Inline
normal Java Meterpreter, Java Bind TCP Stager
normal Java Meterpreter, Java Reverse HTTP Stager
normal Java Meterpreter, Java Reverse HTTPS Stager
normal Java Meterpreter, Java Reverse TCP Stager
normal Command Shell, Java Bind TCP Stager
normal Command Shell, Java Reverse TCP Stager
normal Java Command Shell, Reverse TCP Inline
normal Linux Add User
normal Linux Execute Command
normal Linux dup2 Command Shell, Bind TCP Stager
normal Linux dup2 Command Shell, Reverse TCP Stager
normal Linux Command Shell, Reverse TCP Inline
normal Linux Reboot
normal Linux Command Shell, Reverse TCP Stager
normal Linux Command Shell, Bind TCP Inline
normal Linux Reboot
normal Linux Command Shell, Find Port Inline
normal Linux Command Shell, Bind TCP Stager
Page 29
Sheet1
linux/x64/shell_bind_tcp_random_port
linux/x64/shell_find_port
linux/x64/shell_reverse_tcp
linux/x86/adduser
linux/x86/chmod
linux/x86/exec
linux/x86/meterpreter/bind_ipv6_tcp
linux/x86/meterpreter/bind_nonx_tcp
linux/x86/meterpreter/bind_tcp
linux/x86/meterpreter/find_tag
linux/x86/meterpreter/reverse_ipv6_tcp
linux/x86/meterpreter/reverse_nonx_tcp
linux/x86/meterpreter/reverse_tcp
linux/x86/metsvc_bind_tcp
linux/x86/metsvc_reverse_tcp
linux/x86/read_file
linux/x86/shell/bind_ipv6_tcp
linux/x86/shell/bind_nonx_tcp
linux/x86/shell/find_tag
linux/x86/shell/reverse_ipv6_tcp
linux/x86/shell/reverse_nonx_tcp
linux/x86/shell_bind_ipv6_tcp
linux/x86/shell_find_tag
linux/x86/shell_reverse_tcp2
netware/shell/reverse_tcp
nodejs/shell_bind_tcp
nodejs/shell_reverse_tcp
nodejs/shell_reverse_tcp_ssl
osx/armle/execute/bind_tcp
osx/armle/execute/reverse_tcp
osx/armle/shell/bind_tcp
osx/armle/shell/reverse_tcp
osx/armle/shell_bind_tcp
osx/armle/shell_reverse_tcp
osx/armle/vibrate
osx/ppc/shell/bind_tcp
osx/ppc/shell/find_tag
osx/ppc/shell/reverse_tcp
osx/ppc/shell_bind_tcp
osx/ppc/shell_reverse_tcp
osx/x64/dupandexecve/bind_tcp
osx/x64/dupandexecve/reverse_tcp
osx/x64/exec
osx/x64/say
osx/x64/shell_bind_tcp
osx/x64/shell_find_tag
osx/x64/shell_reverse_tcp
osx/x86/bundleinject/bind_tcp
osx/x86/bundleinject/reverse_tcp
normal Linux Command Shell, Bind TCP Random Port Inline

normal Linux Add User
normal Linux Chmod
normal Linux Meterpreter, Bind TCP Stager (IPv6)
normal Linux Meterpreter, Bind TCP Stager
normal Linux Meterpreter, Bind TCP Stager
normal Linux Meterpreter, Find Tag Stager
normal Linux Meterpreter, Reverse TCP Stager (IPv6)
normal Linux Meterpreter, Reverse TCP Stager
normal Linux Meterpreter, Reverse TCP Stager
normal Linux Meterpreter Service, Bind TCP
normal Linux Meterpreter Service, Reverse TCP Inline
normal Linux Read File
normal Linux Command Shell, Bind TCP Stager (IPv6)
normal Linux Command Shell, Find Tag Stager
normal Linux Command Shell, Reverse TCP Stager (IPv6)
normal Linux Command Shell, Bind TCP Inline (IPv6)
normal Linux Command Shell, Bind TCP Random Port Inline
normal Linux Command Shell, Find Tag Inline
normal Linux Command Shell, Reverse TCP Inline - Metasm Demo
normal NetWare Command Shell, Reverse TCP Stager
normal Command Shell, Bind TCP (via nodejs)
normal Command Shell, Reverse TCP (via nodejs)
normal Command Shell, Reverse TCP SSL (via nodejs)
normal OS X Write and Execute Binary, Bind TCP Stager
normal OS X Write and Execute Binary, Reverse TCP Stager
normal OS X Command Shell, Bind TCP Stager
normal OS X Command Shell, Reverse TCP Stager
normal Apple iOS Command Shell, Bind TCP Inline
normal Apple iOS Command Shell, Reverse TCP Inline
normal Apple iOS iPhone Vibrate
normal OS X Command Shell, Bind TCP Stager
normal OS X Command Shell, Find Tag Stager
normal OS X Command Shell, Reverse TCP Stager
normal OS X Command Shell, Bind TCP Inline
normal OS X Command Shell, Reverse TCP Inline
normal OS X dup2 Command Shell, Bind TCP Stager
normal OS X dup2 Command Shell, Reverse TCP Stager
normal OS X x64 Execute Command
normal OS X x64 say Shellcode
normal OS X x64 Shell Bind TCP
normal OSX Command Shell, Find Tag Inline
normal OS X x64 Shell Reverse TCP
normal Mac OS X Inject Mach-O Bundle, Bind TCP Stager
normal Mac OS X Inject Mach-O Bundle, Reverse TCP Stager
Page 30
Sheet1
osx/x86/exec
osx/x86/isight/bind_tcp
osx/x86/isight/reverse_tcp
osx/x86/shell_find_port
osx/x86/vforkshell/bind_tcp
osx/x86/vforkshell/reverse_tcp
osx/x86/vforkshell_bind_tcp
osx/x86/vforkshell_reverse_tcp
php/bind_perl
php/bind_perl_ipv6
php/bind_php
php/bind_php_ipv6
php/download_exec
php/exec
php/meterpreter/bind_tcp
php/meterpreter/bind_tcp_ipv6
php/meterpreter/reverse_tcp
php/meterpreter_reverse_tcp
php/reverse_perl
php/reverse_php
php/shell_findsock
python/meterpreter/bind_tcp
python/meterpreter/reverse_tcp
python/shell_reverse_tcp
python/shell_reverse_tcp_ssl
ruby/shell_bind_tcp
ruby/shell_bind_tcp_ipv6
ruby/shell_reverse_tcp
ruby/shell_reverse_tcp_ssl
solaris/sparc/shell_bind_tcp
solaris/sparc/shell_find_port
solaris/sparc/shell_reverse_tcp
solaris/x86/shell_bind_tcp
solaris/x86/shell_find_port
solaris/x86/shell_reverse_tcp
tty/unix/interact
windows/adduser
windows/dllinject/bind_ipv6_tcp
windows/dllinject/bind_nonx_tcp
windows/dllinject/bind_tcp
windows/dllinject/bind_tcp_rc4
windows/dllinject/find_tag
windows/dllinject/reverse_hop_http
windows/dllinject/reverse_http
windows/dllinject/reverse_ipv6_tcp
windows/dllinject/reverse_nonx_tcp
windows/dllinject/reverse_ord_tcp
windows/dllinject/reverse_tcp
windows/dllinject/reverse_tcp_allports
windows/dllinject/reverse_tcp_dns
windows/dllinject/reverse_tcp_rc4
windows/dllinject/reverse_tcp_rc4_dns
windows/dns_txt_query_exec
normal OS X Execute Command

normal Mac OS X x86 iSight Photo Capture, Bind TCP Stager
normal Mac OS X x86 iSight Photo Capture, Reverse TCP Stager
normal OS X Command Shell, Bind TCP Inline
normal OS X Command Shell, Find Port Inline
normal OS X Command Shell, Reverse TCP Inline
normal OS X (vfork) Command Shell, Bind TCP Stager
normal OS X (vfork) Command Shell, Reverse TCP Stager
normal OS X (vfork) Command Shell, Bind TCP Inline
normal OS X (vfork) Command Shell, Reverse TCP Inline
normal PHP Command Shell, Bind TCP (via Perl)
normal PHP Command Shell, Bind TCP (via perl) IPv6
normal PHP Command Shell, Bind TCP (via PHP)
normal PHP Command Shell, Bind TCP (via php) IPv6
normal PHP Executable Download and Execute
normal PHP Execute Command
normal PHP Meterpreter, Bind TCP Stager
normal PHP Meterpreter, Bind TCP Stager IPv6
normal PHP Meterpreter, PHP Reverse TCP Stager
normal PHP Meterpreter, Reverse TCP Inline
normal PHP Command, Double Reverse TCP Connection (via Perl)
normal PHP Command Shell, Reverse TCP (via PHP)
normal PHP Command Shell, Find Sock
normal Python Meterpreter, Python Bind TCP Stager
normal Python Meterpreter, Python Reverse TCP Stager
normal Command Shell, Reverse TCP (via python)
normal Command Shell, Reverse TCP SSL (via python)
normal Ruby Command Shell, Bind TCP
normal Ruby Command Shell, Bind TCP IPv6
normal Ruby Command Shell, Reverse TCP
normal Ruby Command Shell, Reverse TCP SSL
normal Solaris Command Shell, Bind TCP Inline
normal Solaris Command Shell, Find Port Inline
normal Solaris Command Shell, Reverse TCP Inline
normal Solaris Command Shell, Bind TCP Inline
normal Solaris Command Shell, Find Port Inline
normal Solaris Command Shell, Reverse TCP Inline
normal Unix TTY, Interact with Established Connection
normal Windows Execute net user /ADD
normal Reflective DLL Injection, Bind TCP Stager (IPv6)
normal Reflective DLL Injection, Bind TCP Stager (No NX or Win7)
normal Reflective DLL Injection, Bind TCP Stager
normal Reflective DLL Injection, Bind TCP Stager (RC4 Stage Encryption)
normal Reflective DLL Injection, Find Tag Ordinal Stager
normal Reflective DLL Injection, Reverse Hop HTTP Stager
normal Reflective DLL Injection, Reverse HTTP Stager
normal Reflective DLL Injection, Reverse TCP Stager (IPv6)
normal Reflective DLL Injection, Reverse TCP Stager (No NX or Win7)
normal Reflective DLL Injection, Reverse Ordinal TCP Stager (No NX or W
normal Reflective DLL Injection, Reverse TCP Stager
normal Reflective DLL Injection, Reverse All-Port TCP Stager
normal Reflective DLL Injection, Reverse TCP Stager (DNS)
normal Reflective DLL Injection, Reverse TCP Stager (RC4 Stage Encryp
normal Reflective DLL Injection, Reverse TCP Stager (RC4 Stage Encr
normal DNS TXT Record Payload Download and Execution
Page 31
Sheet1
windows/download_exec
normal Windows Executable Download (http,https,ftp) and Execute
windows/exec
normal Windows Execute Command
windows/loadlibrary
normal Windows LoadLibrary Path
windows/messagebox
normal Windows MessageBox
windows/meterpreter/bind_ipv6_tcp
normal Windows Meterpreter (Reflective Injection), Bind TCP Stager (IP
windows/meterpreter/bind_nonx_tcp
normal Windows Meterpreter (Reflective Injection), Bind TCP Stager (N
windows/meterpreter/bind_tcp
normal Windows Meterpreter (Reflective Injection), Bind TCP Stager
windows/meterpreter/bind_tcp_rc4
normal Windows Meterpreter (Reflective Injection), Bind TCP Stager (RC
windows/meterpreter/find_tag
normal Windows Meterpreter (Reflective Injection), Find Tag Ordinal Stage
windows/meterpreter/reverse_hop_http
normal Windows Meterpreter (Reflective Injection), Reverse Hop HTTP
windows/meterpreter/reverse_http
normal Windows Meterpreter (Reflective Injection), Reverse HTTP Stage
windows/meterpreter/reverse_https
normal Windows Meterpreter (Reflective Injection), Reverse HTTPS Sta
windows/meterpreter/reverse_https_proxy
normal Windows Meterpreter (Reflective Injection), Reverse HTTPS S
windows/meterpreter/reverse_ipv6_tcp
normal Windows Meterpreter (Reflective Injection), Reverse TCP Stag
windows/meterpreter/reverse_nonx_tcp
windows/meterpreter/reverse_ord_tcp
normal Windows Meterpreter (Reflective Injection), Reverse Ordinal TC
windows/meterpreter/reverse_tcp
normal Windows Meterpreter (Reflective Injection), Reverse TCP Stager
windows/meterpreter/reverse_tcp_allports
normal Windows Meterpreter (Reflective Injection), Reverse All-Port T
windows/meterpreter/reverse_tcp_dns
windows/meterpreter/reverse_tcp_rc4
normal Windows Meterpreter (Reflective Injection), Reverse TCP Stage
windows/meterpreter/reverse_tcp_rc4_dns
normal Windows Meterpreter (Reflective Injection), Reverse TCP Sta
windows/metsvc_bind_tcp
normal Windows Meterpreter Service, Bind TCP
windows/metsvc_reverse_tcp
normal Windows Meterpreter Service, Reverse TCP Inline
windows/patchupdllinject/bind_ipv6_tcp
normal Windows Inject DLL, Bind TCP Stager (IPv6)
windows/patchupdllinject/bind_nonx_tcp
normal Windows Inject DLL, Bind TCP Stager (No NX or Win7)
windows/patchupdllinject/bind_tcp
normal Windows Inject DLL, Bind TCP Stager
windows/patchupdllinject/bind_tcp_rc4
normal Windows Inject DLL, Bind TCP Stager (RC4 Stage Encryption)
windows/patchupdllinject/find_tag
normal Windows Inject DLL, Find Tag Ordinal Stager
windows/patchupdllinject/reverse_ipv6_tcp
normal Windows Inject DLL, Reverse TCP Stager (IPv6)
windows/patchupdllinject/reverse_nonx_tcp
normal Windows Inject DLL, Reverse TCP Stager (No NX or Win7)
windows/patchupdllinject/reverse_ord_tcp
normal Windows Inject DLL, Reverse Ordinal TCP Stager (No NX or W
windows/patchupdllinject/reverse_tcp
normal Windows Inject DLL, Reverse TCP Stager
windows/patchupdllinject/reverse_tcp_allports
normal Windows Inject DLL, Reverse All-Port TCP Stager
windows/patchupdllinject/reverse_tcp_dns
normal Windows Inject DLL, Reverse TCP Stager (DNS)
windows/patchupdllinject/reverse_tcp_rc4
normal Windows Inject DLL, Reverse TCP Stager (RC4 Stage Encryp
windows/patchupdllinject/reverse_tcp_rc4_dns
normal Windows Inject DLL, Reverse TCP Stager (RC4 Stage Encr
windows/patchupmeterpreter/bind_ipv6_tcp
normal Windows Meterpreter (skape/jt Injection), Bind TCP Stager (I
windows/patchupmeterpreter/bind_nonx_tcp
normal Windows Meterpreter (skape/jt Injection), Bind TCP Stager (
windows/patchupmeterpreter/bind_tcp
normal Windows Meterpreter (skape/jt Injection), Bind TCP Stager
windows/patchupmeterpreter/bind_tcp_rc4
normal Windows Meterpreter (skape/jt Injection), Bind TCP Stager (R
windows/patchupmeterpreter/find_tag
normal Windows Meterpreter (skape/jt Injection), Find Tag Ordinal Stag
windows/patchupmeterpreter/reverse_ipv6_tcp
normal Windows Meterpreter (skape/jt Injection), Reverse TCP Sta
windows/patchupmeterpreter/reverse_nonx_tcp
windows/patchupmeterpreter/reverse_ord_tcp
normal Windows Meterpreter (skape/jt Injection), Reverse Ordinal T
windows/patchupmeterpreter/reverse_tcp
normal Windows Meterpreter (skape/jt Injection), Reverse TCP Stage
windows/patchupmeterpreter/reverse_tcp_allports
normal Windows Meterpreter (skape/jt Injection), Reverse All-Port
windows/patchupmeterpreter/reverse_tcp_dns
windows/patchupmeterpreter/reverse_tcp_rc4
windows/patchupmeterpreter/reverse_tcp_rc4_dns
normal Windows Meterpreter (skape/jt Injection), Reverse TCP S
windows/shell/bind_ipv6_tcp
normal Windows Command Shell, Bind TCP Stager (IPv6)
windows/shell/bind_nonx_tcp
normal Windows Command Shell, Bind TCP Stager (No NX or Win7)
windows/shell/bind_tcp
normal Windows Command Shell, Bind TCP Stager
windows/shell/bind_tcp_rc4
normal Windows Command Shell, Bind TCP Stager (RC4 Stage Encryption
windows/shell/find_tag
normal Windows Command Shell, Find Tag Ordinal Stager
windows/shell/reverse_hop_http
normal Windows Command Shell, Reverse Hop HTTP Stager
Page 32
Sheet1
windows/shell/reverse_http
windows/shell/reverse_ipv6_tcp
windows/shell/reverse_nonx_tcp
windows/shell/reverse_ord_tcp
windows/shell/reverse_tcp
windows/shell/reverse_tcp_allports
windows/shell/reverse_tcp_dns
windows/shell/reverse_tcp_rc4
windows/shell/reverse_tcp_rc4_dns
windows/shell_bind_tcp
windows/shell_bind_tcp_xpfw
windows/shell_hidden_bind_tcp
windows/shell_reverse_tcp
windows/speak_pwned
windows/upexec/bind_ipv6_tcp
windows/upexec/bind_nonx_tcp
windows/upexec/bind_tcp
windows/upexec/bind_tcp_rc4
windows/upexec/find_tag
windows/upexec/reverse_hop_http
windows/upexec/reverse_http
windows/upexec/reverse_ipv6_tcp
windows/upexec/reverse_nonx_tcp
windows/upexec/reverse_ord_tcp
windows/upexec/reverse_tcp
windows/upexec/reverse_tcp_allports
windows/upexec/reverse_tcp_dns
windows/upexec/reverse_tcp_rc4
windows/upexec/reverse_tcp_rc4_dns
windows/vncinject/bind_ipv6_tcp
windows/vncinject/bind_nonx_tcp
windows/vncinject/bind_tcp
windows/vncinject/bind_tcp_rc4
windows/vncinject/find_tag
windows/vncinject/reverse_hop_http
windows/vncinject/reverse_http
windows/vncinject/reverse_ipv6_tcp
windows/vncinject/reverse_nonx_tcp
windows/vncinject/reverse_ord_tcp
windows/vncinject/reverse_tcp
windows/vncinject/reverse_tcp_allports
windows/vncinject/reverse_tcp_dns
windows/vncinject/reverse_tcp_rc4
windows/vncinject/reverse_tcp_rc4_dns
windows/x64/exec
windows/x64/loadlibrary
windows/x64/meterpreter/bind_tcp
windows/x64/meterpreter/reverse_https
windows/x64/meterpreter/reverse_tcp
windows/x64/shell/bind_tcp
windows/x64/shell/reverse_https
windows/x64/shell/reverse_tcp
windows/x64/shell_bind_tcp
windows/x64/shell_reverse_tcp
windows/x64/vncinject/bind_tcp
normal Windows Command Shell, Reverse HTTP Stager

normal Windows Command Shell, Reverse TCP Stager (IPv6)
normal Windows Command Shell, Reverse TCP Stager (No NX or Win7)
normal Windows Command Shell, Reverse Ordinal TCP Stager (No NX or
normal Windows Command Shell, Reverse TCP Stager
normal Windows Command Shell, Reverse All-Port TCP Stager
normal Windows Command Shell, Reverse TCP Stager (DNS)
normal Windows Command Shell, Reverse TCP Stager (RC4 Stage Encry
normal Windows Command Shell, Reverse TCP Stager (RC4 Stage En
normal Windows Command Shell, Bind TCP Inline
normal Windows Disable Windows ICF, Command Shell, Bind TCP Inline
normal Windows Command Shell, Hidden Bind TCP Inline
normal Windows Command Shell, Reverse TCP Inline
normal Windows Speech API - Say "You Got Pwned!"
normal Windows Upload/Execute, Bind TCP Stager (IPv6)
normal Windows Upload/Execute, Bind TCP Stager (No NX or Win7)
normal Windows Upload/Execute, Bind TCP Stager
normal Windows Upload/Execute, Bind TCP Stager (RC4 Stage Encryptio
normal Windows Upload/Execute, Find Tag Ordinal Stager
normal Windows Upload/Execute, Reverse Hop HTTP Stager
normal Windows Upload/Execute, Reverse HTTP Stager
normal Windows Upload/Execute, Reverse TCP Stager (IPv6)
normal Windows Upload/Execute, Reverse TCP Stager (No NX or Win
normal Windows Upload/Execute, Reverse Ordinal TCP Stager (No NX
normal Windows Upload/Execute, Reverse TCP Stager
normal Windows Upload/Execute, Reverse All-Port TCP Stager
normal Windows Upload/Execute, Reverse TCP Stager (DNS)
normal Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Enc
normal Windows Upload/Execute, Reverse TCP Stager (RC4 Stage E
normal VNC Server (Reflective Injection), Bind TCP Stager (IPv6)
normal VNC Server (Reflective Injection), Bind TCP Stager (No NX or W
normal VNC Server (Reflective Injection), Bind TCP Stager
normal VNC Server (Reflective Injection), Bind TCP Stager (RC4 Stage E
normal VNC Server (Reflective Injection), Find Tag Ordinal Stager
normal VNC Server (Reflective Injection), Reverse Hop HTTP Stager
normal VNC Server (Reflective Injection), Reverse HTTP Stager
normal VNC Server (Reflective Injection), Reverse TCP Stager (IPv6)
normal VNC Server (Reflective Injection), Reverse TCP Stager (No NX
normal VNC Server (Reflective Injection), Reverse Ordinal TCP Stager (
normal VNC Server (Reflective Injection), Reverse TCP Stager
normal VNC Server (Reflective Injection), Reverse All-Port TCP Stager
normal VNC Server (Reflective Injection), Reverse TCP Stager (DNS)
normal VNC Server (Reflective Injection), Reverse TCP Stager (RC4 Sta
normal VNC Server (Reflective Injection), Reverse TCP Stager (RC4 S
normal Windows x64 Execute Command
normal Windows x64 LoadLibrary Path
normal Windows x64 Meterpreter, Windows x64 Bind TCP Stager
normal Windows x64 Meterpreter, Windows x64 Reverse HTTPS Stag
normal Windows x64 Meterpreter, Windows x64 Reverse TCP Stager
normal Windows x64 Command Shell, Windows x64 Bind TCP Stager
normal Windows x64 Command Shell, Windows x64 Reverse HTTPS Sta
normal Windows x64 Command Shell, Windows x64 Reverse TCP Stager
normal Windows x64 Command Shell, Bind TCP Inline
normal Windows x64 Command Shell, Reverse TCP Inline
normal Windows x64 VNC Server (Reflective Injection), Windows x64 Bind
Page 33
Sheet1
windows/x64/vncinject/reverse_https
windows/x64/vncinject/reverse_tcp
normal Windows x64 VNC Server (Reflective Injection), Windows x64 R

normal Windows x64 VNC Server (Reflective Injection), Windows x64 Re
Auxiliary
#N/A
Name
------------------ ---- ----------admin/2wire/xslt_password_reset
2007-08-15
normal 2Wire Cross-Site Request Forgery Password Rese
admin/appletv/appletv_display_image
normal Apple TV Image Remote Control
admin/appletv/appletv_display_video
normal Apple TV Video Remote Control
admin/backupexec/dump
normal Veritas Backup Exec Windows Remote File Access
admin/backupexec/registry
normal Veritas Backup Exec Server Registry Access
admin/chromecast/chromecast_reset
normal Chromecast Factory Reset DoS
admin/chromecast/chromecast_youtube
normal Chromecast YouTube Remote Control
admin/cisco/cisco_secure_acs_bypass
normal Cisco Secure ACS Unauthorized Password Change
admin/cisco/vpn_3000_ftp_bypass
2006-08-23
normal Cisco VPN Concentrator 3000 FTP Unauthorized
admin/db2/db2rcmd
2004-03-04
normal IBM DB2 db2rcmd.exe Command Execution Vulnerabili
admin/edirectory/edirectory_dhost_cookie
normal Novell eDirectory DHOST Predictable Session Cookie
admin/edirectory/edirectory_edirutil
normal Novell eDirectory eMBox Unauthenticated File Access
admin/emc/alphastor_devicemanager_exec
2008-05-27
normal EMC AlphaStor Device Manager Arbitrary Co
admin/emc/alphastor_librarymanager_exec
2008-05-27
normal EMC AlphaStor Library Manager Arbitrary Com
admin/hp/hp_data_protector_cmd
2011-02-07
normal HP Data Protector 6.1 EXEC_CMD Command Exe
admin/hp/hp_imc_som_create_account
2013-10-08
normal HP Intelligent Management SOM Account Crea
admin/http/axigen_file_access
2012-10-31
normal Axigen Arbitrary File Read and Delete
admin/http/cfme_manageiq_evm_pass_reset
2013-11-12
normal Red Hat CloudForms Management Engine 5
admin/http/contentkeeper_fileaccess
normal ContentKeeper Web Appliance mimencode File Access
admin/http/dlink_dir_300_600_exec_noauth
2013-02-04
normal D-Link DIR-600 / DIR-300 Unauthenticated Re
admin/http/dlink_dir_645_password_extractor
normal D-Link DIR 645 Password Extractor
admin/http/dlink_dsl320b_password_extractor
normal D-Link DSL 320B Password Extractor
admin/http/foreman_openstack_satellite_priv_esc
2013-06-06
normal Foreman (Red Hat OpenStack/Satellite) user
admin/http/hp_web_jetadmin_exec
2004-04-27
normal HP Web JetAdmin 6.5 Server Arbitrary Command
admin/http/iis_auth_bypass
2010-07-02
normal MS10-065 Microsoft IIS 5 NTFS Stream Authenticatio
admin/http/intersil_pass_reset
2007-09-10
normal Intersil (Boa) HTTPd Basic Authentication Password R
admin/http/iomega_storcenterpro_sessionid
normal Iomega StorCenter Pro NAS Web Authentication By
admin/http/jboss_bshdeployer
normal JBoss JMX Console Beanshell Deployer WAR Upload and
admin/http/jboss_seam_exec
2010-07-19
normal JBoss Seam 2 Remote Command Execution
admin/http/katello_satellite_priv_esc
2014-03-24
normal Katello (Red Hat Satellite) users/update_roles Missi
admin/http/linksys_e1500_e2500_exec
2013-02-05
normal Linksys E1500/E2500 Remote Command Execu
admin/http/linksys_tmunblock_admin_reset_bof
2014-02-19
normal Linksys WRT120N tmUnblock Stack Buffer O
admin/http/linksys_wrt54gl_exec
2013-01-18
normal Linksys WRT54GL Remote Command Execution
admin/http/mutiny_frontend_read_delete
2013-05-15
normal Mutiny 5 Arbitrary File Read and Delete
admin/http/nexpose_xxe_file_read
normal Nexpose XXE Arbitrary File Read
admin/http/novell_file_reporter_filedelete
normal Novell File Reporter Agent Arbitrary File Delete
admin/http/openbravo_xxe
2013-10-30
normal Openbravo ERP XXE Arbitrary File Read
admin/http/rails_devise_pass_reset
2013-01-28
normal Ruby on Rails Devise Authentication Password Re
admin/http/scrutinizer_add_user
2012-07-27
normal Plixer Scrutinizer NetFlow and sFlow Analyzer HTTP
admin/http/sophos_wpa_traversal
2013-04-03
normal Sophos Web Protection Appliance patience.cgi Dir
admin/http/tomcat_administration
normal Tomcat Administration Tool Default Access
admin/http/tomcat_utf8_traversal
normal Tomcat UTF-8 Directory Traversal Vulnerability
admin/http/trendmicro_dlp_traversal
normal TrendMicro Data Loss Prevention 5.5 Directory Traversa
admin/http/typo3_sa_2009_001
2009-01-20
normal TYPO3 sa-2009-001 Weak Encryption Key File Dis
2009-02-10
normal Typo3 sa-2009-002 File Disclosure
normal TYPO3 sa-2010-020 Remote File Disclosure
Page 34
Sheet1
admin/http/typo3_winstaller_default_enc_keys
normal TYPO3 Winstaller Default Encryption Keys
admin/http/vbulletin_upgrade_admin
2013-10-09
normal vBulletin Administrator Account Creation
admin/http/wp_custom_contact_forms
2014-08-07
normal WordPress custom-contact-forms Plugin SQL Up
admin/http/zyxel_admin_password_extractor
normal ZyXEL GS1510-16 Password Extractor
admin/maxdb/maxdb_cons_exec
2008-01-09
normal SAP MaxDB cons.exe Remote Command Injectio
admin/misc/sercomm_dump_config
2013-12-31
normal SerComm Device Configuration Dump
admin/misc/wol
normal UDP Wake-On-Lan (WOL)
admin/motorola/wr850g_cred
2004-09-24
normal Motorola WR850G v4.03 Credentials
admin/ms/ms08_059_his2006
2008-10-14
normal Microsoft Host Integration Server 2006 Command
admin/mssql/mssql_enum
normal Microsoft SQL Server Configuration Enumerator
admin/mssql/mssql_escalate_dbowner
normal Microsoft SQL Server - Escalate Db_Owner
admin/mssql/mssql_escalate_dbowner_sqli
normal Microsoft SQL Server - SQLi Escalate Db_Owner
admin/mssql/mssql_exec
normal Microsoft SQL Server xp_cmdshell Command Execution
admin/mssql/mssql_findandsampledata
normal Microsoft SQL Server - Find and Sample Data
admin/mssql/mssql_idf
normal Microsoft SQL Server - Interesting Data Finder
admin/mssql/mssql_ntlm_stealer
normal Microsoft SQL Server NTLM Stealer
admin/mssql/mssql_ntlm_stealer_sqli
normal Microsoft SQL Server NTLM Stealer - SQLi
admin/mssql/mssql_sql
normal Microsoft SQL Server Generic Query
admin/mssql/mssql_sql_file
normal Microsoft SQL Server Generic Query from File
admin/mysql/mysql_enum
normal MySQL Enumeration Module
admin/mysql/mysql_sql
normal MySQL SQL Generic Query
admin/natpmp/natpmp_map
normal NAT-PMP Port Mapper
admin/officescan/tmlisten_traversal
normal TrendMicro OfficeScanNT Listener Traversal Arbitrary Fi
admin/oracle/ora_ntlm_stealer
2009-04-07
normal Oracle SMB Relay Code Execution
admin/oracle/oracle_login
2008-11-20
normal Oracle Account Discovery
admin/oracle/oracle_sql
2007-12-07
normal Oracle SQL Generic Query
admin/oracle/oraenum
normal Oracle Database Enumeration
admin/oracle/osb_execqr
2009-01-14
normal Oracle Secure Backup exec_qr() Command Injection V
admin/oracle/osb_execqr2
2009-08-18
normal Oracle Secure Backup Authentication Bypass/Comma
2010-07-13
normal Oracle Secure Backup Authentication Bypass/Comma
admin/oracle/post_exploitation/win32exec
2007-12-07
normal Oracle Java execCommand (Win32)
admin/oracle/post_exploitation/win32upload
2005-02-10
normal Oracle URL Download
admin/oracle/sid_brute
2009-01-07
normal Oracle TNS Listener SID Brute Forcer
admin/oracle/tnscmd
2009-02-01
normal Oracle TNS Listener Command Issuer
admin/pop2/uw_fileretrieval
2000-07-14
normal UoW pop2d Remote File Retrieval Vulnerability
admin/postgres/postgres_readfile
normal PostgreSQL Server Generic Query
admin/postgres/postgres_sql
normal PostgreSQL Server Generic Query
admin/sap/sap_configservlet_exec_noauth
2012-11-01
normal SAP ConfigServlet OS Command Execution
admin/sap/sap_mgmt_con_osexec
normal SAP Management Console OSExecute
admin/scada/advantech_webaccess_dbvisitor_sqli
2014-04-08
normal Advantech WebAccess SQL Injection
admin/scada/ge_proficy_substitute_traversal
2013-01-22
normal GE Proficy Cimplicity WebView substitute.bcl D
admin/scada/modicon_command
2012-04-05
normal Schneider Modicon Remote START/STOP Comm
admin/scada/modicon_password_recovery
2012-01-19
normal Schneider Modicon Quantum Password Reco
admin/scada/modicon_stux_transfer
2012-04-05
normal Schneider Modicon Ladder Logic Upload/Downloa
admin/scada/multi_cip_command
2012-01-19
normal Allen-Bradley/Rockwell Automation EtherNet/IP C
admin/scada/yokogawa_bkbcopyd_client
2014-08-09
normal Yokogawa BKBCopyD.exe Client
admin/serverprotect/file
normal TrendMicro ServerProtect File Access
admin/smb/check_dir_file
normal SMB Scanner Check File/Directory Utility
admin/smb/delete_file
normal SMB File Delete Utility
admin/smb/download_file
normal SMB File Download Utility
admin/smb/list_directory
normal SMB Directory Listing Utility
admin/smb/psexec_command
normal Microsoft Windows Authenticated Administration Utility
admin/smb/psexec_ntdsgrab
normal PsExec NTDS.dit And SYSTEM Hive Download Utility
admin/smb/samba_symlink_traversal
normal Samba Symlink Directory Traversal
admin/smb/upload_file
normal SMB File Upload Utility
Page 35
Sheet1
admin/sunrpc/solaris_kcms_readfile
2003-01-22
normal Solaris KCMS + TTDB Arbitrary File Read
admin/tftp/tftp_transfer_util
normal TFTP File Transfer Utility
admin/tikiwiki/tikidblib
2006-11-01
normal TikiWiki Information Disclosure
admin/vmware/poweroff_vm
normal VMWare Power Off Virtual Machine
admin/vmware/poweron_vm
normal VMWare Power On Virtual Machine
admin/vmware/tag_vm
normal VMWare Tag Virtual Machine
admin/vmware/terminate_esx_sessions
normal VMWare Terminate ESX Login Sessions
admin/vnc/realvnc_41_bypass
2006-05-15
normal RealVNC NULL Authentication Mode Bypass
admin/vxworks/apple_airport_extreme_password
normal Apple Airport Extreme Password Extraction (WDB
admin/vxworks/dlink_i2eye_autoanswer
normal D-Link i2eye Video Conference AutoAnswer (WDBRP
admin/vxworks/wdbrpc_memory_dump
normal VxWorks WDB Agent Remote Memory Dump
admin/vxworks/wdbrpc_reboot
normal VxWorks WDB Agent Remote Reboot
admin/webmin/edit_html_fileaccess
2012-09-06
normal Webmin edit_html.cgi file Parameter Traversal Arb
admin/webmin/file_disclosure
2006-06-30
normal Webmin File Disclosure
admin/zend/java_bridge
2011-03-28
normal Zend Server Java Bridge Design Flaw Remote Code E
analyze/jtr_aix
normal John the Ripper AIX Password Cracker
analyze/jtr_crack_fast
normal John the Ripper Password Cracker (Fast Mode)
analyze/jtr_linux
normal John the Ripper Linux Password Cracker
analyze/jtr_mssql_fast
normal John the Ripper MS SQL Password Cracker (Fast Mode)
analyze/jtr_mysql_fast
normal John the Ripper MySQL Password Cracker (Fast Mode)
analyze/jtr_oracle_fast
normal John the Ripper Oracle Password Cracker (Fast Mode)
analyze/jtr_postgres_fast
normal John the Ripper Postgres SQL Password Cracker
bnat/bnat_router
normal BNAT Router
bnat/bnat_scan
normal BNAT Scanner
client/smtp/emailer
normal Generic Emailer (SMTP)
crawler/msfcrawler
normal Metasploit Web Crawler
docx/word_unc_injector
normal Microsoft Word UNC Path Injector
dos/cisco/ios_http_percentpercent
2000-04-26
normal Cisco IOS HTTP GET /%% Request Denial of Serv
dos/dhcp/isc_dhcpd_clientid
normal ISC DHCP Zero Length ClientID Denial of Service Module
dos/freebsd/nfsd/nfsd_mount
normal FreeBSD Remote NFS RPC Request Denial of Service
dos/hp/data_protector_rds
2011-01-08
normal HP Data Protector Manager RDS DOS
dos/http/3com_superstack_switch
2004-06-24
normal 3Com SuperStack Switch Denial of Service
dos/http/apache_commons_fileupload_dos
2014-02-06
normal Apache Commons FileUpload and Apache To
dos/http/apache_mod_isapi
2010-03-05
normal Apache mod_isapi Dangling Pointer
dos/http/apache_range_dos
2011-08-19
normal Apache Range Header DoS (Apache Killer)
dos/http/apache_tomcat_transfer_encoding
2010-07-09
normal Apache Tomcat Transfer-Encoding Information
dos/http/canon_wireless_printer
2013-06-18
normal Canon Wireless Printer Denial Of Service
dos/http/dell_openmanage_post
2004-02-26
normal Dell OpenManage POST Request Heap Overflow (
dos/http/gzip_bomb_dos
2004-01-01
normal Gzip Memory Bomb Denial Of Service
dos/http/hashcollision_dos
2011-12-28
normal Hashtable Collisions
dos/http/monkey_headers
2013-05-30
normal Monkey HTTPD Header Parsing Denial of Service (D
dos/http/nodejs_pipelining
2013-10-18
normal Node.js HTTP Pipelining Denial of Service
dos/http/novell_file_reporter_heap_bof
2012-11-16
normal NFR Agent Heap Overflow Vulnerability
dos/http/rails_action_view
2013-12-04
normal Ruby on Rails Action View MIME Memory Exhaustion
dos/http/rails_json_float_dos
2013-11-22
normal Ruby on Rails JSON Processor Floating Point Heap O
dos/http/sonicwall_ssl_format
2009-05-29
normal SonicWALL SSL-VPN Format String Vulnerability
dos/http/webrick_regex
2008-08-08
normal Ruby WEBrick::HTTP::DefaultFileHandler DoS
dos/http/wordpress_xmlrpc_dos
2014-08-06
normal Wordpress XMLRPC DoS
dos/mdns/avahi_portzero
2008-11-14
normal Avahi Source Port 0 DoS
dos/misc/dopewars
2009-10-05
normal Dopewars Denial of Service
dos/misc/ibm_sametime_webplayer_dos
2013-11-07
normal IBM Lotus Sametime WebPlayer DoS
dos/misc/memcached
normal Memcached Remote Denial of Service
dos/ntp/ntpd_reserved_dos
2009-10-04
normal NTP.org ntpd Reserved Mode Denial of Service
dos/pptp/ms02_063_pptp_dos
2002-09-26
normal MS02-063 PPTP Malformed Control Data Kernel D
dos/samba/lsa_addprivs_heap
normal Samba lsa_io_privilege_set Heap Overflow
Page 36
Sheet1
dos/samba/lsa_transnames_heap
normal Samba lsa_io_trans_names Heap Overflow
dos/samba/read_nttrans_ea_list
normal Samba read_nttrans_ea_list Integer Overflow
dos/sap/sap_soap_rfc_eps_delete_file
normal SAP SOAP EPS_DELETE_FILE File Deletion
dos/scada/beckhoff_twincat
2011-09-13
normal Beckhoff TwinCAT SCADA PLC 2.11.0.2004 DoS
dos/scada/d20_tftp_overflow
2012-01-19
normal General Electric D20ME TFTP Server Buffer Overflow
dos/scada/igss9_dataserver
2011-12-20
normal 7-Technologies IGSS 9 IGSSdataServer.exe DoS
dos/scada/yokogawa_logsvr
2014-03-10
normal Yokogawa CENTUM CS 3000 BKCLogSvr.exe Heap
dos/smtp/sendmail_prescan
2003-09-17
normal Sendmail SMTP Address prescan Memory Corruptio
dos/solaris/lpd/cascade_delete
normal Solaris LPD Arbitrary File Delete
dos/ssl/dtls_changecipherspec
2000-04-26
normal OpenSSL DTLS ChangeCipherSpec Remote DoS
dos/ssl/dtls_fragment_overflow
2014-06-05
normal OpenSSL DTLS Fragment Buffer Overflow DoS
dos/ssl/openssl_aesni
2013-02-05
normal OpenSSL TLS 1.1 and 1.2 AES-NI DoS
dos/syslog/rsyslog_long_tag
2011-09-01
normal rsyslog Long Tag Off-By-Two DoS
dos/tcp/junos_tcp_opt
normal Juniper JunOS Malformed TCP Option
dos/tcp/synflood
normal TCP SYN Flooder
dos/upnp/miniupnpd_dos
2013-03-27
normal MiniUPnPd 1.4 Denial of Service (DoS) Exploit
dos/windows/appian/appian_bpm
2007-12-17
normal Appian Enterprise Business Suite 5.6 SP1 DoS
dos/windows/browser/ms09_065_eot_integer
2009-11-10
normal Microsoft Windows EOT Font Table Directory
dos/windows/ftp/filezilla_admin_user
2005-11-07
normal FileZilla FTP Server Admin Interface Denial of Serv
dos/windows/ftp/filezilla_server_port
2006-12-11
normal FileZilla FTP Server Malformed PORT Denial of Ser
dos/windows/ftp/guildftp_cwdlist
2008-10-12
normal Guild FTPd 0.999.8.11/0.999.14 Heap Corruption
dos/windows/ftp/iis75_ftpd_iac_bof
2010-12-21
normal Microsoft IIS FTP Server Encoded Response Overf
dos/windows/ftp/iis_list_exhaustion
2009-09-03
normal Microsoft IIS FTP Server LIST Stack Exhaustion
dos/windows/ftp/solarftp_user
2011-02-22
normal Solar FTP Server Malformed USER Denial of Service
dos/windows/ftp/titan626_site
2008-10-14
normal Titan FTP Server 6.26.630 SITE WHO DoS
dos/windows/ftp/vicftps50_list
2008-10-24
normal Victory FTP Server 5.0 LIST DoS
dos/windows/ftp/winftp230_nlst
2008-09-26
normal WinFTP 2.3.0 NLST Denial of Service
dos/windows/ftp/xmeasy560_nlst
2008-10-13
normal XM Easy Personal FTP Server 5.6.0 NLST DoS
2009-03-27
normal XM Easy Personal FTP Server 5.7.0 NLST DoS
dos/windows/games/kaillera
2011-07-02
normal Kaillera 0.86 Server Denial of Service
dos/windows/http/ms10_065_ii6_asp_dos
2010-09-14
normal Microsoft IIS 6.0 ASP Stack Exhaustion Denia
dos/windows/http/pi3web_isapi
2008-11-13
normal Pi3Web ISAPI DoS
dos/windows/llmnr/ms11_030_dnsapi
2011-04-12
normal Microsoft Windows DNSAPI.dll LLMNR Buffer U
dos/windows/nat/nat_helper
2006-10-26
normal Microsoft Windows NAT Helper Denial of Service
dos/windows/rdp/ms12_020_maxchannelids
2012-03-16
normal MS12-020 Microsoft Remote Desktop Use-A
dos/windows/smb/ms05_047_pnp
normal Microsoft Plug and Play Service Registry Overflow
dos/windows/smb/ms06_035_mailslot
2006-07-11
normal Microsoft SRV.SYS Mailslot Write Corruption
dos/windows/smb/ms06_063_trans
normal Microsoft SRV.SYS Pipe Transaction No Null
dos/windows/smb/ms09_001_write
normal Microsoft SRV.SYS WriteAndX Invalid DataOffset
dos/windows/smb/ms09_050_smb2_negotiate_pidhigh
normal Microsoft SRV2.SYS SMB Negotiate Process
dos/windows/smb/ms09_050_smb2_session_logoff
normal Microsoft SRV2.SYS SMB2 Logoff Remote Ke
dos/windows/smb/ms10_006_negotiate_response_loop
normal Microsoft Windows 7 / Server 2008 R2 SMB
dos/windows/smb/ms10_054_queryfs_pool_overflow
normal Microsoft Windows SRV.SYS SrvSmbQueryFs
dos/windows/smb/ms11_019_electbowser
normal Microsoft Windows Browser Pool DoS
dos/windows/smb/rras_vls_null_deref
2006-06-14
normal Microsoft RRAS InterfaceAdjustVLSPointers NUL
dos/windows/smb/vista_negotiate_stop
normal Microsoft Vista SP0 SMB Negotiate Protocol DoS
dos/windows/smtp/ms06_019_exchange
2004-11-12
normal MS06-019 Exchange MODPROP Heap Overf
dos/windows/ssh/sysax_sshd_kexchange
2013-03-17
normal Sysax Multi-Server 6.10 SSHD Key Exchange
dos/windows/tftp/pt360_write
2008-10-29
normal PacketTrap TFTP Server 2.2.5459.0 DoS
dos/windows/tftp/solarwinds
2010-05-21
normal SolarWinds TFTP Server 10.4.0.10 Denial of Service
dos/wireshark/capwap
2014-04-28
normal Wireshark CAPWAP Dissector DoS
dos/wireshark/chunked
2007-02-22
normal Wireshark chunked_encoding_dissector Function DOS
dos/wireshark/cldap
2011-03-01
normal Wireshark CLDAP Dissector DOS
dos/wireshark/ldap
2008-03-28
normal Wireshark LDAP Dissector DOS
fuzzers/dns/dns_fuzzer
normal DNS and DNSSEC Fuzzer
Page 37
Sheet1
fuzzers/ftp/client_ftp
fuzzers/ftp/ftp_pre_post
fuzzers/http/http_form_field
fuzzers/http/http_get_uri_long
fuzzers/http/http_get_uri_strings
fuzzers/ntp/ntp_protocol_fuzzer
fuzzers/smb/smb2_negotiate_corrupt
fuzzers/smb/smb_create_pipe
fuzzers/smb/smb_create_pipe_corrupt
fuzzers/smb/smb_negotiate_corrupt
fuzzers/smb/smb_ntlm1_login_corrupt
fuzzers/smb/smb_tree_connect
fuzzers/smb/smb_tree_connect_corrupt
fuzzers/smtp/smtp_fuzzer
fuzzers/ssh/ssh_kexinit_corrupt
fuzzers/ssh/ssh_version_15
fuzzers/ssh/ssh_version_corrupt
fuzzers/tds/tds_login_corrupt
fuzzers/tds/tds_login_username
gather/alienvault_iso27001_sqli
gather/alienvault_newpolicyform_sqli
gather/android_htmlfileprovider
gather/android_stock_browser_uxss
gather/apache_rave_creds
gather/apple_safari_webarchive_uxss
gather/checkpoint_hostname
gather/chromecast_wifi
gather/citrix_published_applications
gather/citrix_published_bruteforce
gather/coldfusion_pwd_props
gather/corpwatch_lookup_id
gather/corpwatch_lookup_name
gather/d20pass
gather/dns_bruteforce
gather/dns_cache_scraper
gather/dns_info
gather/dns_reverse_lookup
gather/dns_srv_enum
gather/doliwamp_traversal_creds
gather/drupal_openid_xxe
gather/eaton_nsm_creds
gather/emc_cta_xxe
gather/enum_dns
gather/external_ip
gather/f5_bigip_cookie_disclosure
gather/flash_rosetta_jsonp_url_disclosure
gather/hp_enum_perfd
gather/hp_snac_domain_creds
gather/ibm_sametime_enumerate_users
gather/ibm_sametime_room_brute
gather/ibm_sametime_version
gather/impersonate_ssl
gather/joomla_weblinks_sqli
gather/mantisbt_admin_sqli
normal Simple FTP Client Fuzzer

normal Simple FTP Fuzzer
normal HTTP Form Field Fuzzer
normal HTTP GET Request URI Fuzzer (Incrementing Lengths)
normal HTTP GET Request URI Fuzzer (Fuzzer Strings)
normal NTP Protocol Fuzzer
normal SMB Negotiate SMB2 Dialect Corruption
normal SMB Create Pipe Request Fuzzer
normal SMB Create Pipe Request Corruption
normal SMB Negotiate Dialect Corruption
normal SMB NTLMv1 Login Request Corruption
normal SMB Tree Connect Request Fuzzer
normal SMB Tree Connect Request Corruption
normal SMTP Simple Fuzzer
normal SSH Key Exchange Init Corruption
normal SSH 1.5 Version Fuzzer
normal SSH 2.0 Version Fuzzer
normal SSH Version Corruption
normal TDS Protocol Login Request Corruption Fuzzer
normal TDS Protocol Login Request Username Fuzzer
2014-03-30
normal AlienVault Authenticated SQL Injection Arbitrary File
2014-05-09
normal AlienVault Authenticated SQL Injection Arbitrary Fi
normal Android Content Provider File Disclosure
normal Android Open Source Platform (AOSP) Browser UXSS
normal Apache Rave User Information Disclosure
2013-02-22
normal Apple Safari .webarchive File Format UXSS
2011-12-14
normal CheckPoint Firewall-1 SecuRemote Topology Servic
normal Chromecast Wifi Enumeration
normal Citrix MetaFrame ICA Published Applications Scanner
normal Citrix MetaFrame ICA Published Applications Bruteforcer
2013-05-07
normal ColdFusion 'password.properties' Hash Extraction
normal CorpWatch Company ID Information Search
normal CorpWatch Company Name Information Search
2012-01-19
normal General Electric D20 Password Recovery
normal DNS Brutefoce Enumeration
normal DNS Non-Recursive Record Scraper
normal DNS Basic Information Enumeration
normal DNS Reverse Lookup Enumeration
normal DNS Common Service Record Enumeration
2014-01-12
normal DoliWamp 'jqueryFileTree.php' Traversal Gather Cr
2012-10-17
normal Drupal OpenID External Entity Injection
2012-06-26
normal Network Shutdown Module sort_values Credential Du
2014-03-31
normal EMC CTA v10.0 Unauthenticated XXE Arbitrary File Rea
normal DNS Record Scanner and Enumerator
normal Discover External IP via Ifconfig.me
normal F5 BigIP Backend Cookie Disclosure
2014-07-08
normal Flash "Rosetta" JSONP GET/POST Response D
normal HP Operations Manager Perfd Environment Scanner
2013-09-09
normal HP ProCurve SNAC Domain Controller Credential
2013-12-27
normal IBM Lotus Notes Sametime User Enumeration
2013-12-27
normal IBM Lotus Notes Sametime Room Name Brutefor
2013-12-27
normal IBM Lotus Sametime Version Enumeration
normal HTTP SSL Certificate Impersonation
2014-03-02
normal Joomla weblinks-categories Unauthenticated SQL Inje
2014-02-28
normal MantisBT Admin SQL Injection Arbitrary File Read
Page 38
Sheet1
gather/mongodb_js_inject_collection_enum
2014-06-07
normal MongoDB NoSQL Collection Enumeration Via
gather/mybb_db_fingerprint
2014-02-13
normal MyBB Database Fingerprint
gather/natpmp_external_address
normal NAT-PMP External Address Scanner
gather/search_email_collector
normal Search Engine Domain Email Address Collector
gather/shodan_search
normal Shodan Search
gather/trackit_sql_domain_creds
2014-10-07
normal BMC / Numara Track-It! Domain Administrator and S
gather/vbulletin_vote_sqli
2013-03-24
normal vBulletin Password Collector via nodeid SQL Injection
gather/windows_deployment_services_shares
normal Microsoft Windows Deployment Services Unatten
gather/wp_w3_total_cache_hash_extract
normal W3-Total-Cache Wordpress-plugin 0.9.2.4 (or before
gather/xbmc_traversal
2012-11-04
normal XBMC Web Server Directory Traversal
metamodule/firewall_egress
normal Segmentation and Firewall Testing
parser/unattend
normal Auxilliary Parser Windows Unattend Passwords
pdf/foxit/authbypass
2009-03-09
normal Foxit Reader Authorization Bypass
scanner/afp/afp_login
normal Apple Filing Protocol Login Utility
scanner/afp/afp_server_info
normal Apple Filing Protocol Info Enumerator
scanner/backdoor/energizer_duo_detect
normal Energizer DUO Trojan Scanner
scanner/chargen/chargen_probe
1996-02-08
normal Chargen Probe Utility
scanner/couchdb/couchdb_enum
normal CouchDB Enum Utility
scanner/couchdb/couchdb_login
normal CouchDB Login Utility
scanner/db2/db2_auth
normal DB2 Authentication Brute Force Utility
scanner/db2/db2_version
normal DB2 Probe Utility
scanner/db2/discovery
normal DB2 Discovery Service Detection
scanner/dcerpc/endpoint_mapper
normal Endpoint Mapper Service Discovery
scanner/dcerpc/hidden
normal Hidden DCERPC Service Discovery
scanner/dcerpc/management
normal Remote Management Interface Discovery
scanner/dcerpc/tcp_dcerpc_auditor
normal DCERPC TCP Service Auditor
scanner/dcerpc/windows_deployment_services
normal Microsoft Windows Deployment Services Unatten
scanner/dect/call_scanner
normal DECT Call Scanner
scanner/dect/station_scanner
normal DECT Base Station Scanner
scanner/discovery/arp_sweep
normal ARP Sweep Local Network Discovery
scanner/discovery/empty_udp
normal UDP Empty Prober
scanner/discovery/ipv6_multicast_ping
normal IPv6 Link Local/Node Local Ping Discovery
scanner/discovery/ipv6_neighbor
normal IPv6 Local Neighbor Discovery
scanner/discovery/ipv6_neighbor_router_advertisement
normal IPv6 Local Neighbor Discovery Using Router A
scanner/discovery/udp_probe
normal UDP Service Prober
scanner/discovery/udp_sweep
normal UDP Service Sweeper
scanner/dns/dns_amp
normal DNS Amplification Scanner
scanner/elasticsearch/indices_enum
normal ElasticSearch Indices Enumeration Utility
scanner/emc/alphastor_devicemanager
normal EMC AlphaStor Device Manager Service
scanner/emc/alphastor_librarymanager
normal EMC AlphaStor Library Manager Service
scanner/finger/finger_users
normal Finger Service User Enumerator
scanner/ftp/anonymous
normal Anonymous FTP Access Detection
scanner/ftp/ftp_login
normal FTP Authentication Scanner
scanner/ftp/ftp_version
normal FTP Version Scanner
scanner/ftp/titanftp_xcrc_traversal
2010-06-15
normal Titan FTP XCRC Directory Traversal Information Disc
scanner/h323/h323_version
normal H.323 Version Scanner
scanner/http/a10networks_ax_directory_traversal
2014-01-28
normal A10 Networks AX Loadbalancer Directory Tra
scanner/http/adobe_xml_inject
normal Adobe XML External Entity Injection
scanner/http/apache_activemq_source_disclosure
normal Apache ActiveMQ JSP Files Source Disclosure
scanner/http/apache_activemq_traversal
normal Apache ActiveMQ Directory Traversal
scanner/http/apache_mod_cgi_bash_env
2014-09-24
normal Apache mod_cgi Bash Environment Variable R
scanner/http/apache_userdir_enum
normal Apache "mod_userdir" User Enumeration
scanner/http/appletv_login
normal AppleTV AirPlay Login Utility
scanner/http/atlassian_crowd_fileaccess
normal Atlassian Crowd XML Entity Expansion Remote File Ac
scanner/http/axis_local_file_include
normal Apache Axis2 v1.4.1 Local File Inclusion
Page 39
Sheet1
scanner/http/axis_login
normal Apache Axis2 Brute Force Utility
scanner/http/backup_file
normal HTTP Backup File Scanner
scanner/http/barracuda_directory_traversal
2010-10-08
normal Barracuda Multiple Product "locale" Directory Tra
scanner/http/bitweaver_overlay_type_traversal
2012-10-23
normal Bitweaver overlay_type Directory Traversal
scanner/http/blind_sql_query
normal HTTP Blind SQL Injection Scanner
scanner/http/brute_dirs
normal HTTP Directory Brute Force Scanner
scanner/http/canon_wireless
2013-06-18
normal Canon Printer Wireless Configuration Disclosure
scanner/http/cert
normal HTTP SSL Certificate Checker
scanner/http/cisco_asa_asdm
normal Cisco ASA ASDM Bruteforce Login Utility
scanner/http/cisco_device_manager
2000-10-26
normal Cisco Device HTTP Device Manager Access
scanner/http/cisco_ios_auth_bypass
2001-06-27
normal Cisco IOS HTTP Unauthorized Administrative Acc
scanner/http/cisco_ironport_enum
normal Cisco Ironport Bruteforce Login Utility
scanner/http/cisco_nac_manager_traversal
normal Cisco Network Access Manager Directory Traversal
scanner/http/cisco_ssl_vpn
normal Cisco SSL VPN Bruteforce Login Utility
scanner/http/clansphere_traversal
2012-10-23
normal ClanSphere 2011.3 Local File Inclusion Vulnerability
scanner/http/cold_fusion_version
normal ColdFusion Version Scanner
scanner/http/coldfusion_locale_traversal
normal ColdFusion Server Check
scanner/http/concrete5_member_list
normal Concrete5 Member List Enumeration
scanner/http/copy_of_file
normal HTTP Copy File Scanner
scanner/http/crawler
normal Web Site Crawler
scanner/http/dell_idrac
normal Dell iDRAC Default Login
scanner/http/dir_listing
normal HTTP Directory Listing Scanner
scanner/http/dir_scanner
normal HTTP Directory Scanner
scanner/http/dir_webdav_unicode_bypass
normal MS09-020 IIS6 WebDAV Unicode Auth Bypass Dire
scanner/http/dlink_dir_300_615_http_login
normal D-Link DIR-300A / DIR-320 / DIR-615D HTTP Login U
scanner/http/dlink_dir_615h_http_login
normal D-Link DIR-615H HTTP Login Utility
scanner/http/dlink_dir_session_cgi_http_login
normal D-Link DIR-300B / DIR-600B / DIR-815 / DIR-645 HT
scanner/http/dlink_user_agent_backdoor
2013-10-12
normal DLink User-Agent Backdoor Scanner
scanner/http/dolibarr_login
normal Dolibarr ERP/CRM Login Utility
scanner/http/drupal_views_user_enum
2010-07-02
normal Drupal Views Module Users Enumeration
scanner/http/ektron_cms400net
normal Ektron CMS400.NET Default Password Scanner
scanner/http/enum_wayback
normal Archive.org Stored Domain URLs
scanner/http/error_sql_injection
normal HTTP Error Based SQL Injection Scanner
scanner/http/etherpad_duo_login
normal EtherPAD Duo Login Bruteforce Utility
scanner/http/file_same_name_dir
normal HTTP File Same Name Directory Scanner
scanner/http/files_dir
normal HTTP Interesting File Scanner
scanner/http/frontpage_login
normal FrontPage Server Extensions Anonymous Login Scanner
scanner/http/glassfish_login
normal GlassFish Brute Force Utility
scanner/http/groupwise_agents_http_traversal
normal Novell Groupwise Agents HTTP Directory Traversal
scanner/http/hp_imc_bims_downloadservlet_traversal
normal HP Intelligent Management BIMS DownloadSer
scanner/http/hp_imc_faultdownloadservlet_traversal
normal HP Intelligent Management FaultDownloadServle
scanner/http/hp_imc_ictdownloadservlet_traversal
normal HP Intelligent Management IctDownloadServlet Di
scanner/http/hp_imc_reportimgservlt_traversal
normal HP Intelligent Management ReportImgServlt Directo
scanner/http/hp_imc_som_file_download
normal HP Intelligent Management SOM FileDownloadServl
scanner/http/hp_sitescope_getfileinternal_fileaccess
normal HP SiteScope SOAP Call getFileInternal Remote F
scanner/http/hp_sitescope_getsitescopeconfiguration
normal HP SiteScope SOAP Call getSiteScopeConfigura
scanner/http/hp_sitescope_loadfilecontent_fileaccess
normal HP SiteScope SOAP Call loadFileContent Remot
scanner/http/hp_sys_mgmt_login
normal HP System Management Homepage Login Utility
scanner/http/http_header
normal HTTP Header Detection
scanner/http/http_hsts
normal HTTP Strict Transport Security (HSTS) Detection
scanner/http/http_login
normal HTTP Login Utility
scanner/http/http_put
normal HTTP Writable Path PUT/DELETE File Access
scanner/http/http_traversal
normal Generic HTTP Directory Traversal Utility
scanner/http/http_version
normal HTTP Version Detection
scanner/http/httpbl_lookup
normal Http:BL Lookup
Page 40
Sheet1
scanner/http/iis_internal_ip
normal Microsoft IIS HTTP Internal IP Disclosure
scanner/http/infovista_enum
normal InfoVista VistaPortal Application Bruteforce Login Utility
scanner/http/ipboard_login
normal IP Board Login Auxiliary Module
scanner/http/jboss_status
normal JBoss Status Servlet Information Gathering
scanner/http/jboss_vulnscan
normal JBoss Vulnerability Scanner
scanner/http/jenkins_enum
normal Jenkins Enumeration
scanner/http/jenkins_login
normal Jenkins-CI Login Utility
scanner/http/joomla_bruteforce_login
normal Joomla Bruteforce Login Utility
scanner/http/joomla_pages
normal Joomla Page Scanner
scanner/http/joomla_plugins
normal Joomla Plugins Scanner
scanner/http/joomla_version
normal Joomla Version Scanner
scanner/http/linksys_e1500_traversal
normal Linksys E1500 Directory Traversal Vulnerability
scanner/http/litespeed_source_disclosure
normal LiteSpeed Source Code Disclosure/Download
scanner/http/lucky_punch
normal HTTP Microsoft SQL Injection Table XSS Infection
scanner/http/majordomo2_directory_traversal
2011-03-08
normal Majordomo2 _list_file_get() Directory Traversa
scanner/http/manageengine_deviceexpert_traversal
2012-03-18
normal ManageEngine DeviceExpert 5.6 Schedule
scanner/http/manageengine_deviceexpert_user_creds
2014-08-28
normal ManageEngine DeviceExpert User Crede
scanner/http/manageengine_securitymanager_traversal
2012-10-19
normal ManageEngine SecurityManager Plus 5.5
scanner/http/mediawiki_svg_fileaccess
normal MediaWiki SVG XML Entity Expansion Remote File Ac
scanner/http/mod_negotiation_brute
normal Apache HTTPD mod_negotiation Filename Bruter
scanner/http/mod_negotiation_scanner
normal Apache HTTPD mod_negotiation Scanner
scanner/http/ms09_020_webdav_unicode_bypass
normal MS09-020 IIS6 WebDAV Unicode Authenticatio
scanner/http/mybook_live_login
normal Western Digital MyBook Live Login Utility
scanner/http/netdecision_traversal
2012-03-07
normal NetDecision NOCVision Server Directory Traversal
scanner/http/netgear_sph200d_traversal
normal Netgear SPH200D Directory Traversal Vulnerability
scanner/http/nginx_source_disclosure
normal Nginx Source Code Disclosure/Download
scanner/http/novell_file_reporter_fsfui_fileaccess
2012-11-16
normal NFR Agent FSFUI Record Arbitrary Remote File
scanner/http/novell_file_reporter_srs_fileaccess
2012-11-16
normal NFR Agent SRS Record Arbitrary Remote File A
scanner/http/novell_mdm_creds
normal Novell Zenworks Mobile Device Managment Admin Cred
scanner/http/ntlm_info_enumeration
normal Host Information Enumeration via NTLM Authentication
scanner/http/open_proxy
normal HTTP Open Proxy Detection
scanner/http/openmind_messageos_login
normal OpenMind Message-OS Portal Login Brute Force U
scanner/http/options
normal HTTP Options Detection
scanner/http/oracle_demantra_database_credentials_leak
2014-02-28
normal Oracle Demantra Database Credentials L
scanner/http/oracle_demantra_file_retrieval
2014-02-28
normal Oracle Demantra Arbitrary File Retrieval with Aut
scanner/http/oracle_ilom_login
normal Oracle ILO Manager Login Brute Force Utility
scanner/http/owa_login
normal Outlook Web App (OWA) Brute Force Utility
scanner/http/pocketpad_login
normal PocketPAD Login Bruteforce Force Utility
scanner/http/prev_dir_same_name_file
normal HTTP Previous Directory File Scanner
scanner/http/radware_appdirector_enum
normal Radware AppDirector Bruteforce Login Utility
scanner/http/rails_json_yaml_scanner
normal Ruby on Rails JSON Processor YAML Deserialization S
scanner/http/rails_mass_assignment
normal Ruby On Rails Attributes Mass Assignment Scanner
scanner/http/rails_xml_yaml_scanner
normal Ruby on Rails XML Processor YAML Deserialization Sc
scanner/http/replace_ext
normal HTTP File Extension Scanner
scanner/http/rewrite_proxy_bypass
normal Apache Reverse Proxy Bypass Vulnerability Scanner
scanner/http/rfcode_reader_enum
normal RFCode Reader Web Interface Login / Bruteforce Utility
scanner/http/robots_txt
normal HTTP Robots.txt Content Scanner
scanner/http/s40_traversal
2011-04-07
normal S40 0.4.2 CMS Directory Traversal Vulnerability
scanner/http/sap_businessobjects_user_brute
normal SAP BusinessObjects User Bruteforcer
scanner/http/sap_businessobjects_user_brute_web
normal SAP BusinessObjects Web User Bruteforcer
scanner/http/sap_businessobjects_user_enum
normal SAP BusinessObjects User Enumeration
scanner/http/sap_businessobjects_version_enum
normal SAP BusinessObjects Version Detection
scanner/http/scraper
normal HTTP Page Scraper
scanner/http/sentry_cdu_enum
normal Sentry Switched CDU Bruteforce Login Utility
scanner/http/sevone_enum
2013-06-07
normal SevOne Network Performance Management Applica
Page 41
Sheet1
scanner/http/simple_webserver_traversal
2013-01-03
normal Simple Web Server 2.3-RC1 Directory Traversal
scanner/http/smt_ipmi_49152_exposure
2014-06-19
normal Supermicro Onboard IPMI Port 49152 Sensitive
scanner/http/smt_ipmi_cgi_scanner
2013-11-06
normal Supermicro Onboard IPMI CGI Vulnerability Scann
scanner/http/smt_ipmi_static_cert_scanner
2013-11-06
normal Supermicro Onboard IPMI Static SSL Certificate
scanner/http/smt_ipmi_url_redirect_traversal
2013-11-06
normal Supermicro Onboard IPMI url_redirect.cgi Authe
scanner/http/soap_xml
normal HTTP SOAP Verb/Noun Brute Force Scanner
scanner/http/sockso_traversal
2012-03-14
normal Sockso Music Host Server 1.5 Directory Traversal
scanner/http/splunk_web_login
normal Splunk Web Interface Login Utility
scanner/http/squid_pivot_scanning
normal Squid Proxy Port Scanner
scanner/http/squiz_matrix_user_enum
2011-11-08
normal Squiz Matrix User Enumeration Scanner
scanner/http/ssl
normal HTTP SSL Certificate Information
scanner/http/ssl_version
2014-10-14
normal HTTP SSL/TLS Version Detection (POODLE scanner)
scanner/http/support_center_plus_directory_traversal
2014-01-28
normal ManageEngine Support Center Plus Directo
scanner/http/svn_scanner
normal HTTP Subversion Scanner
scanner/http/svn_wcdb_scanner
normal SVN wc.db Scanner
scanner/http/sybase_easerver_traversal
2011-05-25
normal Sybase Easerver 6.3 Directory Traversal
scanner/http/symantec_brightmail_logfile
2012-11-30
normal Symantec Messaging Gateway 9.5 Log File Down
scanner/http/titan_ftp_admin_pwd
normal Titan FTP Administrative Password Disclosure
scanner/http/tomcat_enum
normal Apache Tomcat User Enumeration
scanner/http/tomcat_mgr_login
normal Tomcat Application Manager Login Utility
scanner/http/tplink_traversal_noauth
normal TP-Link Wireless Lite N Access Point Directory Traversa
scanner/http/trace
normal HTTP TRACE Detection
scanner/http/trace_axd
normal HTTP trace.axd Content Scanner
scanner/http/typo3_bruteforce
normal Typo3 Login Bruteforcer
scanner/http/vcms_login
normal V-CMS Login Utility
scanner/http/verb_auth_bypass
normal HTTP Verb Authentication Bypass Scanner
scanner/http/vhost_scanner
normal HTTP Virtual Host Brute Force Scanner
scanner/http/vmware_server_dir_trav
normal VMware Server Directory Traversal Vulnerability
scanner/http/vmware_update_manager_traversal
2011-11-21
normal VMWare Update Manager 4 Directory Trave
scanner/http/wangkongbao_traversal
normal WANGKONGBAO CNS-1000 and 1100 UTM Directory
scanner/http/web_vulndb
normal HTTP Vuln Scanner
scanner/http/webdav_internal_ip
normal HTTP WebDAV Internal IP Scanner
scanner/http/webdav_scanner
normal HTTP WebDAV Scanner
scanner/http/webdav_website_content
normal HTTP WebDAV Website Content Scanner
scanner/http/webpagetest_traversal
2012-07-13
normal WebPageTest Directory Traversal
scanner/http/wordpress_login_enum
normal WordPress Brute Force and User Enumeration Utility
scanner/http/wordpress_pingback_access
normal Wordpress Pingback Locator
scanner/http/wordpress_scanner
normal Wordpress Scanner
scanner/http/wordpress_xmlrpc_login
normal Wordpress XML-RPC Username/Password Login Scan
scanner/http/xpath
normal HTTP Blind XPATH 1.0 Injector
scanner/http/yaws_traversal
2011-11-25
normal Yaws Web Server Directory Traversal
scanner/http/zenworks_assetmanagement_fileaccess
normal Novell ZENworks Asset Management 7.5 Rem
scanner/http/zenworks_assetmanagement_getconfig
normal Novell ZENworks Asset Management 7.5 Conf
scanner/imap/imap_version
normal IMAP4 Banner Grabber
scanner/ip/ipidseq
normal IPID Sequence Scanner
scanner/ipmi/ipmi_cipher_zero
2013-06-20
normal IPMI 2.0 Cipher Zero Authentication Bypass Scanner
scanner/ipmi/ipmi_dumphashes
2013-06-20
normal IPMI 2.0 RAKP Remote SHA1 Password Hash Ret
scanner/ipmi/ipmi_version
normal IPMI Information Discovery
scanner/lotus/lotus_domino_hashes
normal Lotus Domino Password Hash Collector
scanner/lotus/lotus_domino_login
normal Lotus Domino Brute Force Utility
scanner/lotus/lotus_domino_version
normal Lotus Domino Version
scanner/misc/cctv_dvr_login
normal CCTV DVR Login Scanning Utility
scanner/misc/dvr_config_disclosure
normal Multiple DVR Manufacturers Configuration Disclosure
scanner/misc/ib_service_mgr_info
normal Borland InterBase Services Manager Information
scanner/misc/java_rmi_server
2011-10-15
normal Java RMI Server Insecure Endpoint Code Execution
Page 42
Sheet1
scanner/misc/oki_scanner
scanner/misc/poisonivy_control_scanner
scanner/misc/raysharp_dvr_passwords
scanner/misc/redis_server
scanner/misc/rosewill_rxs3211_passwords
scanner/misc/sercomm_backdoor_scanner
scanner/misc/sunrpc_portmapper
scanner/misc/zenworks_preboot_fileaccess
scanner/mongodb/mongodb_login
scanner/motorola/timbuktu_udp
scanner/msf/msf_rpc_login
scanner/msf/msf_web_login
scanner/mssql/mssql_hashdump
scanner/mssql/mssql_login
scanner/mssql/mssql_ping
scanner/mssql/mssql_schemadump
scanner/mysql/mysql_authbypass_hashdump
scanner/mysql/mysql_file_enum
scanner/mysql/mysql_hashdump
scanner/mysql/mysql_login
scanner/mysql/mysql_schemadump
scanner/mysql/mysql_version
scanner/natpmp/natpmp_portscan
scanner/nessus/nessus_ntp_login
scanner/nessus/nessus_xmlrpc_login
scanner/nessus/nessus_xmlrpc_ping
scanner/netbios/nbname
scanner/netbios/nbname_probe
scanner/nexpose/nexpose_api_login
scanner/nfs/nfsmount
scanner/ntp/ntp_monlist
scanner/ntp/ntp_peer_list_dos
scanner/ntp/ntp_peer_list_sum_dos
scanner/ntp/ntp_readvar
scanner/ntp/ntp_req_nonce_dos
scanner/ntp/ntp_reslist_dos
scanner/ntp/ntp_unsettrap_dos
scanner/openvas/openvas_gsad_login
scanner/openvas/openvas_omp_login
scanner/openvas/openvas_otp_login
scanner/oracle/emc_sid
scanner/oracle/isqlplus_login
scanner/oracle/isqlplus_sidbrute
scanner/oracle/oracle_hashdump
scanner/oracle/oracle_login
scanner/oracle/sid_brute
scanner/oracle/sid_enum
scanner/oracle/spy_sid
scanner/oracle/tnslsnr_version
scanner/oracle/xdb_sid
scanner/oracle/xdb_sid_brute
scanner/pcanywhere/pcanywhere_login
scanner/pcanywhere/pcanywhere_tcp
scanner/pcanywhere/pcanywhere_udp
scanner/pop3/pop3_login
normal OKI Printer Default Login Credential Scanner

normal Poison Ivy Command and Control Scanner
normal Ray Sharp DVR Password Retriever
normal Redis-server Scanner
normal Rosewill RXS-3211 IP Camera Password Retriever
2013-12-31
normal SerComm Network Device Backdoor Detectio
normal SunRPC Portmap Program Enumerator
normal Novell ZENworks Configuration Management Prebo
normal MongoDB Login Utility
2009-09-25
normal Motorola Timbuktu Service Detection
normal Metasploit RPC Interface Login Utility
normal Metasploit Web Interface Login Utility
normal MSSQL Password Hashdump
normal MSSQL Login Utility
normal MSSQL Ping Utility
normal MSSQL Schema Dump
2012-06-09
normal MySQL Authentication Bypass Password Du
normal MYSQL File/Directory Enumerator
normal MYSQL Password Hashdump
normal MySQL Login Utility
normal MYSQL Schema Dump
normal MySQL Server Version Enumeration
normal NAT-PMP External Port Scanner
normal Nessus NTP Login Utility
normal Nessus XMLRPC Interface Login Utility
normal Nessus XMLRPC Interface Ping Utility
normal NetBIOS Information Discovery
normal NetBIOS Information Discovery Prober
normal NeXpose API Interface Login Utility
normal NFS Mount Scanner
normal NTP Monitor List Scanner
2014-08-25
normal NTP Mode 7 PEER_LIST DoS Scanner
2014-08-25
normal NTP Mode 7 PEER_LIST_SUM DoS Scanner
normal NTP Clock Variables Disclosure
2014-08-25
normal NTP Mode 6 REQ_NONCE DRDoS Scanner
2014-08-25
normal NTP Mode 7 GET_RESTRICT DRDoS Scanner
2014-08-25
normal NTP Mode 6 UNSETTRAP DRDoS Scanner
normal OpenVAS gsad Web Interface Login Utility
normal OpenVAS OMP Login Utility
normal OpenVAS OTP Login Utility
normal Oracle Enterprise Manager Control SID Discovery
normal Oracle iSQL*Plus Login Utility
normal Oracle iSQLPlus SID Check
normal Oracle Password Hashdump
normal Oracle RDBMS Login Utility
normal Oracle TNS Listener SID Bruteforce
2009-01-07
normal Oracle TNS Listener SID Enumeration
normal Oracle Application Server Spy Servlet SID Enumeration
2009-01-07
normal Oracle TNS Listener Service Version Query
normal Oracle XML DB SID Discovery
normal Oracle XML DB SID Discovery via Brute Force
normal PcAnywhere Login Scanner
normal PcAnywhere TCP Service Discovery
normal PcAnywhere UDP Service Discovery
normal POP3 Login Utility
Page 43
Sheet1
scanner/pop3/pop3_version
normal POP3 Banner Grabber
scanner/portscan/ack
normal TCP ACK Firewall Scanner
scanner/portscan/ftpbounce
normal FTP Bounce Port Scanner
scanner/portscan/syn
normal TCP SYN Port Scanner
scanner/portscan/tcp
normal TCP Port Scanner
scanner/portscan/xmas
normal TCP "XMas" Port Scanner
scanner/postgres/postgres_dbname_flag_injection
normal PostgreSQL Database Name Command Line Fla
scanner/postgres/postgres_hashdump
normal Postgres Password Hashdump
scanner/postgres/postgres_login
normal PostgreSQL Login Utility
scanner/postgres/postgres_schemadump
normal Postgres Schema Dump
scanner/postgres/postgres_version
normal PostgreSQL Version Probe
scanner/printer/printer_download_file
normal Printer File Download Scanner
scanner/printer/printer_env_vars
normal Printer Environment Variables Scanner
scanner/printer/printer_list_dir
normal Printer Directory Listing Scanner
scanner/printer/printer_list_volumes
normal Printer Volume Listing Scanner
scanner/printer/printer_ready_message
normal Printer Ready Message Scanner
scanner/printer/printer_version_info
normal Printer Version Information Scanner
scanner/rdp/ms12_020_check
normal MS12-020 Microsoft Remote Desktop Checker
scanner/rogue/rogue_recv
normal Rogue Gateway Detection: Receiver
scanner/rogue/rogue_send
normal Rogue Gateway Detection: Sender
scanner/rservices/rexec_login
normal rexec Authentication Scanner
scanner/rservices/rlogin_login
normal rlogin Authentication Scanner
scanner/rservices/rsh_login
normal rsh Authentication Scanner
scanner/rsync/modules_list
normal Rsync Unauthenticated List Command
scanner/sap/sap_ctc_verb_tampering_user_mgmt
normal SAP CTC Service Verb Tampering User Manag
scanner/sap/sap_hostctrl_getcomputersystem
normal SAP Host Agent Information Disclosure
scanner/sap/sap_icf_public_info
normal SAP ICF /sap/public/info Service Sensitive Information Ga
scanner/sap/sap_icm_urlscan
normal SAP URL Scanner
scanner/sap/sap_mgmt_con_abaplog
normal SAP Management Console ABAP Syslog Disclosure
scanner/sap/sap_mgmt_con_brute_login
normal SAP Management Console Brute Force
scanner/sap/sap_mgmt_con_extractusers
normal SAP Management Console Extract Users
scanner/sap/sap_mgmt_con_getaccesspoints
normal SAP Management Console Get Access Points
scanner/sap/sap_mgmt_con_getenv
normal SAP Management Console getEnvironment
scanner/sap/sap_mgmt_con_getlogfiles
normal SAP Management Console Get Logfile
scanner/sap/sap_mgmt_con_getprocesslist
normal SAP Management Console GetProcessList
scanner/sap/sap_mgmt_con_getprocessparameter
normal SAP Management Console Get Process Param
scanner/sap/sap_mgmt_con_instanceproperties
normal SAP Management Console Instance Properties
scanner/sap/sap_mgmt_con_listlogfiles
normal SAP Management Console List Logfiles
scanner/sap/sap_mgmt_con_startprofile
normal SAP Management Console getStartProfile
scanner/sap/sap_mgmt_con_version
normal SAP Management Console Version Detection
scanner/sap/sap_router_info_request
normal SAPRouter Admin Request
scanner/sap/sap_router_portscanner
normal SAPRouter Port Scanner
scanner/sap/sap_service_discovery
normal SAP Service Discovery
scanner/sap/sap_smb_relay
normal SAP SMB Relay Abuse
scanner/sap/sap_soap_bapi_user_create1
normal SAP /sap/bc/soap/rfc SOAP Service BAPI_USER_C
scanner/sap/sap_soap_rfc_brute_login
normal SAP SOAP Service RFC_PING Login Brute Forcer
scanner/sap/sap_soap_rfc_dbmcli_sxpg_call_system_command_exec
normal SAP /sap/bc/soap/rfc SOAP Service S
scanner/sap/sap_soap_rfc_dbmcli_sxpg_command_exec
normal SAP /sap/bc/soap/rfc SOAP Service SXPG
scanner/sap/sap_soap_rfc_eps_get_directory_listing
normal SAP SOAP RFC EPS_GET_DIRECTORY_LIST
scanner/sap/sap_soap_rfc_pfl_check_os_file_existence
normal SAP SOAP RFC PFL_CHECK_OS_FILE_EXIS
scanner/sap/sap_soap_rfc_ping
normal SAP /sap/bc/soap/rfc SOAP Service RFC_PING Functio
scanner/sap/sap_soap_rfc_read_table
normal SAP /sap/bc/soap/rfc SOAP Service RFC_READ_TAB
scanner/sap/sap_soap_rfc_rzl_read_dir
normal SAP SOAP RFC RZL_READ_DIR_LOCAL Directory C
scanner/sap/sap_soap_rfc_susr_rfc_user_interface
normal SAP /sap/bc/soap/rfc SOAP Service SUSR_RFC
scanner/sap/sap_soap_rfc_sxpg_call_system_exec
normal SAP /sap/bc/soap/rfc SOAP Service SXPG_CA
Page 44
Sheet1
scanner/sap/sap_soap_rfc_sxpg_command_exec
normal SAP SOAP RFC SXPG_COMMAND_EXECUT
scanner/sap/sap_soap_rfc_system_info
normal SAP /sap/bc/soap/rfc SOAP Service RFC_SYSTEM_
scanner/sap/sap_soap_th_saprel_disclosure
normal SAP /sap/bc/soap/rfc SOAP Service TH_SAPREL F
scanner/sap/sap_web_gui_brute_login
normal SAP Web GUI Login Brute Forcer
scanner/scada/digi_addp_reboot
normal Digi ADDP Remote Reboot Initiator
scanner/scada/digi_addp_version
normal Digi ADDP Information Discovery
scanner/scada/digi_realport_serialport_scan
normal Digi RealPort Serial Server Port Scanner
scanner/scada/digi_realport_version
normal Digi RealPort Serial Server Version
scanner/scada/indusoft_ntwebserver_fileaccess
normal Indusoft WebStudio NTWebServer Remote File Ac
scanner/scada/koyo_login
2012-01-19
normal Koyo DirectLogic PLC Password Brute Force Utility
scanner/scada/modbus_findunitid
2012-10-28
normal Modbus Unit ID and Station ID Enumerator
scanner/scada/modbusclient
normal Modbus Client Utility
scanner/scada/modbusdetect
2011-11-01
normal Modbus Version Scanner
scanner/scada/sielco_winlog_fileaccess
normal Sielco Sistemi Winlog Remote File Access
scanner/sip/enumerator
normal SIP Username Enumerator (UDP)
scanner/sip/enumerator_tcp
normal SIP Username Enumerator (TCP)
scanner/sip/options
normal SIP Endpoint Scanner (UDP)
scanner/sip/options_tcp
normal SIP Endpoint Scanner (TCP)
scanner/sip/sipdroid_ext_enum
normal SIPDroid Extension Grabber
scanner/smb/pipe_auditor
normal SMB Session Pipe Auditor
scanner/smb/pipe_dcerpc_auditor
normal SMB Session Pipe DCERPC Auditor
scanner/smb/psexec_loggedin_users
normal Microsoft Windows Authenticated Logged In Users En
scanner/smb/smb2
normal SMB 2.0 Protocol Detection
scanner/smb/smb_enumshares
normal SMB Share Enumeration
scanner/smb/smb_enumusers
normal SMB User Enumeration (SAM EnumUsers)
scanner/smb/smb_enumusers_domain
normal SMB Domain User Enumeration
scanner/smb/smb_login
normal SMB Login Check Scanner
scanner/smb/smb_lookupsid
normal SMB SID User Enumeration (LookupSid)
scanner/smb/smb_version
normal SMB Version Detection
scanner/smtp/smtp_enum
normal SMTP User Enumeration Utility
scanner/smtp/smtp_relay
normal SMTP Open Relay Detection
scanner/smtp/smtp_version
normal SMTP Banner Grabber
scanner/snmp/aix_version
normal AIX SNMP Scanner Auxiliary Module
scanner/snmp/arris_dg950
normal Arris DG950A Cable Modem Wifi Enumeration
scanner/snmp/brocade_enumhash
normal Brocade Password Hash Enumeration
scanner/snmp/cisco_config_tftp
normal Cisco IOS SNMP Configuration Grabber (TFTP)
scanner/snmp/cisco_upload_file
normal Cisco IOS SNMP File Upload (TFTP)
scanner/snmp/netopia_enum
normal Netopia 3347 Cable Modem Wifi Enumeration
scanner/snmp/sbg6580_enum
normal ARRIS / Motorola SBG6580 Cable Modem SNMP Enum
scanner/snmp/snmp_enum
normal SNMP Enumeration Module
scanner/snmp/snmp_enum_hp_laserjet
normal HP LaserJet Printer SNMP Enumeration
scanner/snmp/snmp_enumshares
normal SNMP Windows SMB Share Enumeration
scanner/snmp/snmp_enumusers
normal SNMP Windows Username Enumeration
scanner/snmp/snmp_login
normal SNMP Community Scanner
scanner/snmp/snmp_set
normal SNMP Set Module
scanner/snmp/ubee_ddw3611
normal Ubee DDW3611b Cable Modem Wifi Enumeration
scanner/snmp/xerox_workcentre_enumusers
normal Xerox WorkCentre User Enumeration (SNMP)
scanner/ssh/cerberus_sftp_enumusers
2014-05-27
normal Cerberus FTP Server SFTP Username Enumera
scanner/ssh/ssh_enumusers
normal SSH Username Enumeration
scanner/ssh/ssh_identify_pubkeys
normal SSH Public Key Acceptance Scanner
scanner/ssh/ssh_login
normal SSH Login Check Scanner
scanner/ssh/ssh_login_pubkey
normal SSH Public Key Login Scanner
scanner/ssh/ssh_version
normal SSH Version Scanner
scanner/ssl/openssl_ccs
2014-06-05
normal OpenSSL Server-Side ChangeCipherSpec Injection Sc
scanner/ssl/openssl_heartbleed
2014-04-07
normal OpenSSL Heartbeat (Heartbleed) Information Leak
Page 45
Sheet1
scanner/telephony/wardial
scanner/telnet/lantronix_telnet_password
scanner/telnet/lantronix_telnet_version
scanner/telnet/telnet_encrypt_overflow
scanner/telnet/telnet_login
scanner/telnet/telnet_ruggedcom
scanner/telnet/telnet_version
scanner/tftp/ipswitch_whatsupgold_tftp
scanner/tftp/netdecision_tftp
scanner/tftp/tftpbrute
scanner/upnp/ssdp_amp
scanner/upnp/ssdp_msearch
scanner/vmware/esx_fingerprint
scanner/vmware/vmauthd_login
scanner/vmware/vmauthd_version
scanner/vmware/vmware_enum_permissions
scanner/vmware/vmware_enum_sessions
scanner/vmware/vmware_enum_users
scanner/vmware/vmware_enum_vms
scanner/vmware/vmware_host_details
scanner/vmware/vmware_http_login
scanner/vmware/vmware_screenshot_stealer
scanner/vnc/vnc_login
scanner/vnc/vnc_none_auth
scanner/voice/recorder
scanner/vxworks/wdbrpc_bootline
scanner/vxworks/wdbrpc_version
scanner/winrm/winrm_auth_methods
scanner/winrm/winrm_cmd
scanner/winrm/winrm_login
scanner/winrm/winrm_wql
scanner/x11/open_x11
server/browser_autopwn
server/capture/drda
server/capture/ftp
server/capture/http
server/capture/http_basic
server/capture/http_javascript_keylogger
server/capture/http_ntlm
server/capture/imap
server/capture/mssql
server/capture/mysql
server/capture/pop3
server/capture/postgresql
server/capture/printjob_capture
server/capture/sip
server/capture/smb
server/capture/smtp
server/capture/telnet
server/capture/vnc
server/dhclient_bash_env
server/dhcp
server/dns/spoofhelper
server/fakedns
server/ftp
normal Wardialer
normal Lantronix Telnet Password Recovery
normal Lantronix Telnet Service Banner Detection
normal Telnet Service Encyption Key ID Overflow Detection
normal Telnet Login Check Scanner
normal RuggedCom Telnet Password Generator
normal Telnet Service Banner Detection
2011-12-12
normal IpSwitch WhatsUp Gold TFTP Directory Traversal
2009-05-16
normal NetDecision 4.2 TFTP Directory Traversal
normal TFTP Brute Forcer
normal SSDP ssdp:all M-SEARCH Amplification Scanner
normal UPnP SSDP M-SEARCH Information Discovery
normal VMWare ESX/ESXi Fingerprint Scanner
normal VMWare Authentication Daemon Login Scanner
normal VMWare Authentication Daemon Version Scanner
normal VMWare Enumerate Permissions
normal VMWare Enumerate Active Sessions
normal VMWare Enumerate User Accounts
normal VMWare Enumerate Virtual Machines
normal VMWare Enumerate Host Details
normal VMWare Web Login Scanner
normal VMWare Screenshot Stealer
normal VNC Authentication Scanner
normal VNC Authentication None Detection
normal Telephone Line Voice Scanner
normal VxWorks WDB Agent Boot Parameter Scanner
normal VxWorks WDB Agent Version Scanner
normal WinRM Authentication Method Detection
normal WinRM Command Runner
normal WinRM Login Utility
normal WinRM WQL Query Runner
normal X11 No-Auth Scanner
normal HTTP Client Automatic Exploiter
normal Authentication Capture: DRDA (DB2, Informix, Derby)
normal Authentication Capture: FTP
normal Authentication Capture: HTTP
normal HTTP Client Basic Authentication Credential Collector
normal Capture: HTTP JavaScript Keylogger
normal HTTP Client MS Credential Catcher
normal Authentication Capture: IMAP
normal Authentication Capture: MSSQL
normal Authentication Capture: MySQL
normal Authentication Capture: POP3
normal Authentication Capture: PostgreSQL
normal Printjob Capture Service
normal Authentication Capture: SIP
normal Authentication Capture: SMB
normal Authentication Capture: SMTP
normal Authentication Capture: Telnet
normal Authentication Capture: VNC
2014-09-24
normal DHCP Client Bash Environment Variable Code Injectio
normal DHCP Server
normal DNS Spoofing Helper Service
normal Fake DNS Service
normal FTP File Server
Page 46
Sheet1
server/http_ntlmrelay
normal HTTP Client MS Credential Relayer
server/icmp_exfil
normal ICMP Exfiltration Service
server/openssl_heartbeat_client_memory
2014-04-07
normal OpenSSL Heartbeat (Heartbleed) Client Memor
server/pxexploit
normal PXE Boot Exploit Server
server/socks4a
normal Socks4a Proxy Server
server/socks_unc
normal SOCKS Proxy UNC Path Redirection
server/tftp
normal TFTP File Server
server/webkit_xslt_dropper
normal Cross Platform Webkit File Dropper
server/wpad
normal WPAD.dat File Server
sniffer/psnuffle
normal pSnuffle Packet Sniffer
spoof/arp/arp_poisoning
1999-12-22
normal ARP Spoof
spoof/cisco/dtp
normal Forge Cisco DTP Packets
spoof/dns/bailiwicked_domain
2008-07-21
normal DNS BailiWicked Domain Attack
spoof/dns/bailiwicked_host
2008-07-21
normal DNS BailiWicked Host Attack
spoof/dns/compare_results
2008-07-21
normal DNS Lookup Result Comparison
spoof/llmnr/llmnr_response
normal LLMNR Spoofer
spoof/nbns/nbns_response
normal NetBIOS Name Service Spoofer
spoof/replay/pcap_replay
normal Pcap Replay Utility
sqli/oracle/dbms_cdc_ipublish
2008-10-22
normal Oracle DB SQL Injection via SYS.DBMS_CDC_IPUB
sqli/oracle/dbms_cdc_publish
2008-10-22
normal Oracle DB SQL Injection via SYS.DBMS_CDC_PUBL
sqli/oracle/dbms_cdc_publish2
2010-04-26
normal Oracle DB SQL Injection via SYS.DBMS_CDC_PUB
2010-10-13
normal Oracle DB SQL Injection via SYS.DBMS_CDC_PUB
sqli/oracle/dbms_cdc_subscribe_activate_subscription
2005-04-18
normal Oracle DB SQL Injection via SYS.DBMS_C
sqli/oracle/dbms_export_extension
2006-04-26
normal Oracle DB SQL Injection via DBMS_EXPORT_EXT
sqli/oracle/dbms_metadata_get_granted_xml
2008-01-05
normal Oracle DB SQL Injection via SYS.DBMS_MET
sqli/oracle/dbms_metadata_get_xml
2008-01-05
normal Oracle DB SQL Injection via SYS.DBMS_METAD
sqli/oracle/dbms_metadata_open
2008-01-05
normal Oracle DB SQL Injection via SYS.DBMS_METADA
sqli/oracle/droptable_trigger
2009-01-13
normal Oracle DB SQL Injection in MDSYS.SDO_TOPO_DRO
sqli/oracle/jvm_os_code_10g
2010-02-01
normal Oracle DB 10gR2, 11gR1/R2 DBMS_JVM_EXP_PER
2010-02-01
normal Oracle DB 11g R1/R2 DBMS_JVM_EXP_PERMS OS
sqli/oracle/lt_compressworkspace
2008-10-13
normal Oracle DB SQL Injection via SYS.LT.COMPRESSW
sqli/oracle/lt_findricset_cursor
2007-10-17
normal Oracle DB SQL Injection via SYS.LT.FINDRICSET Evil
sqli/oracle/lt_mergeworkspace
2008-10-22
normal Oracle DB SQL Injection via SYS.LT.MERGEWORK
sqli/oracle/lt_removeworkspace
2008-10-13
normal Oracle DB SQL Injection via SYS.LT.REMOVEWOR
sqli/oracle/lt_rollbackworkspace
2009-05-04
normal Oracle DB SQL Injection via SYS.LT.ROLLBACKWO
voip/asterisk_login
normal Asterisk Manager Login Utility
voip/sip_deregister
normal SIP Deregister Extension
voip/sip_invite_spoof
normal SIP Invite Spoof
vsploit/malware/dns/dns_mariposa
normal VSploit Mariposa DNS Query Module
vsploit/malware/dns/dns_query
normal VSploit DNS Beaconing Emulation
vsploit/malware/dns/dns_zeus
normal VSploit Zeus DNS Query Module
vsploit/pii/email_pii
normal VSploit Email PII
vsploit/pii/web_pii
normal VSploit Web PII
Post
#N/A
Name
---aix/hashdump
cisco/gather/enum_cisco
firefox/gather/cookies
firefox/gather/history
firefox/gather/passwords

--------------- ---- ----------normal AIX Gather Dump Password Hashes
normal Cisco Gather Device General Information
2014-03-26
normal Firefox Gather Cookies from Privileged Javascript Shell
2014-04-11
normal Firefox Gather History from Privileged Javascript Shell
2014-04-11
normal Firefox Gather Passwords from Privileged Javascript Shell
Page 47
Sheet1
firefox/gather/xss
firefox/manage/webcam_chat
linux/gather/checkvm
linux/gather/ecryptfs_creds
linux/gather/enum_configs
linux/gather/enum_network
linux/gather/enum_protections
linux/gather/enum_psk
linux/gather/enum_system
linux/gather/enum_users_history
linux/gather/enum_xchat
linux/gather/gnome_commander_creds
linux/gather/hashdump
linux/gather/mount_cifs_creds
linux/gather/pptpd_chap_secrets
linux/manage/download_exec
multi/escalate/cups_root_file_read
multi/escalate/metasploit_pcaplog
multi/gather/apple_ios_backup
multi/gather/check_malware
multi/gather/dbvis_enum
multi/gather/dns_bruteforce
multi/gather/dns_reverse_lookup
multi/gather/dns_srv_lookup
multi/gather/enum_vbox
multi/gather/env
multi/gather/fetchmailrc_creds
multi/gather/filezilla_client_cred
multi/gather/find_vmx
multi/gather/firefox_creds
multi/gather/gpg_creds
multi/gather/lastpass_creds
multi/gather/multi_command
multi/gather/netrc_creds
multi/gather/pgpass_creds
multi/gather/pidgin_cred
multi/gather/ping_sweep
multi/gather/resolve_hosts
multi/gather/run_console_rc_file
multi/gather/skype_enum
multi/gather/ssh_creds
multi/gather/thunderbird_creds
multi/gather/wlan_geolocate
multi/general/close
multi/general/execute
multi/manage/dbvis_add_db_admin
multi/manage/dbvis_query
multi/manage/multi_post
multi/manage/play_youtube
multi/manage/record_mic
multi/manage/shell_to_meterpreter
multi/manage/sudo
multi/manage/system_session
osx/admin/say
osx/capture/keylog_recorder
normal Firefox XSS

2014-05-13
normal Firefox Webcam Chat on Privileged Javascript Shell
normal Linux Gather Virtual Environment Detection
normal Gather eCryptfs Metadata
normal Linux Gather Configurations
normal Linux Gather Network Information
normal Linux Gather Protection Enumeration
normal Linux Gather 802-11-Wireless-Security Credentials
normal Linux Gather System and User Information
normal Linux Gather User History
normal Linux Gather XChat Enumeration
normal Linux Gather Gnome-Commander Creds
normal Linux Gather Dump Password Hashes for Linux Systems
normal Linux Gather Saved mount.cifs/mount.smbfs Credentials
normal Linux Gather PPTP VPN chap-secrets Credentials
normal Linux Manage Download and Execute
2012-11-20
normal CUPS 1.6.1 Root File Read
2012-07-16
manual Multi Escalate Metasploit pcap_log Local Privilege Escalatio
normal Windows Gather Apple iOS MobileSync Backup File Collection
normal Multi Gather Malware Verifier
normal Multi Gather DbVisualizer Connections Settings
normal Multi Gather DNS Forward Lookup Bruteforce
normal Multi Gather DNS Reverse Lookup Scan
normal Multi Gather DNS Service Record Lookup Scan
normal Multi Gather VirtualBox VM Enumeration
normal Multi Gather Generic Operating System Environment Settings
normal UNIX Gather .fetchmailrc Credentials
normal Multi Gather FileZilla FTP Client Credential Collection
normal Multi Gather VMWare VM Identification
normal Multi Gather Firefox Signon Credential Collection
normal Multi Gather GnuPG Credentials Collection
normal LastPass Master Password Extractor
normal Multi Gather Run Shell Command Resource File
normal UNIX Gather .netrc Credentials
normal Multi Gather pgpass Credentials
normal Multi Gather Pidgin Instant Messenger Credential Collection
normal Multi Gather Ping Sweep
normal Multi Gather Resolve Hosts
normal Multi Gather Run Console Resource File
normal Multi Gather Skype User Data Enumeration
normal Multi Gather OpenSSH PKI Credentials Collection
normal Multi Gather Mozilla Thunderbird Signon Credential Collection
normal Multiplatform WLAN Enumeration and Geolocation
normal Multi Generic Operating System Session Close
normal Multi Generic Operating System Session Command Execution
normal Multi Manage DbVisualizer Add Db Admin
normal Multi Manage DbVisualizer Query
normal Multi Manage Post Module Macro Execution
normal Multi Manage YouTube Broadcast
normal Multi Manage Record Microphone
normal Shell to Meterpreter Upgrade
normal Multiple Linux / Unix Post Sudo Upgrade Shell
normal Multi Manage System Remote TCP Shell Session
normal OS X Text to Speech Utility
normal OSX Capture Userspace Keylogger
Page 48
Sheet1
osx/capture/screen
normal OSX Screen Capture
osx/gather/autologin_password
normal OSX Gather Autologin Password as Root
osx/gather/enum_adium
normal OS X Gather Adium Enumeration
osx/gather/enum_airport
normal OS X Gather Airport Wireless Preferences
osx/gather/enum_chicken_vnc_profile
normal OS X Gather Chicken of the VNC Profile
osx/gather/enum_colloquy
normal OS X Gather Colloquy Enumeration
osx/gather/enum_keychain
normal OS X Gather Keychain Enumeration
osx/gather/enum_osx
normal OS X Gather Mac OS X System Information Enumeration
osx/gather/hashdump
normal OS X Gather Mac OS X Password Hash Collector
osx/gather/password_prompt_spoof
normal OSX Password Prompt Spoof
osx/gather/safari_lastsession
normal OSX Gather Safari LastSession.plist
osx/manage/mount_share
normal OSX Network Share Mounter
osx/manage/record_mic
normal OSX Manage Record Microphone
osx/manage/vpn
normal OSX VPN Manager
osx/manage/webcam
normal OSX Manage Webcam
solaris/gather/checkvm
normal Solaris Gather Virtual Environment Detection
solaris/gather/enum_packages
normal Solaris Gather Installed Packages
solaris/gather/enum_services
normal Solaris Gather Configured Services
solaris/gather/hashdump
normal Solaris Gather Dump Password Hashes for Solaris Systems
windows/capture/keylog_recorder
normal Windows Capture Keystroke Recorder
windows/capture/lockout_keylogger
normal Windows Capture Winlogon Lockout Credential Keylogger
windows/escalate/droplnk
normal Windows Escalate SMB Icon LNK Dropper
windows/escalate/getsystem
normal Windows Escalate Get System via Administrator
windows/escalate/ms10_073_kbdlayout
2010-10-12
normal Windows Escalate NtUserLoadKeyboardLayoutEx Privil
windows/escalate/net_runtime_modify
normal Windows Escalate Microsoft .NET Runtime Optimization Servic
windows/escalate/screen_unlock
normal Windows Escalate Locked Desktop Unlocker
windows/gather/arp_scanner
normal Windows Gather ARP Scanner
windows/gather/bitcoin_jacker
normal Windows Gather Bitcoin Wallet
windows/gather/cachedump
normal Windows Gather Credential Cache Dump
windows/gather/checkvm
normal Windows Gather Virtual Environment Detection
windows/gather/credentials/bulletproof_ftp
normal Windows Gather BulletProof FTP Client Saved Password Extra
windows/gather/credentials/coreftp
normal Windows Gather CoreFTP Saved Password Extraction
windows/gather/credentials/credential_collector
normal Windows Gather Credential Collector
windows/gather/credentials/dyndns
normal Windows Gather DynDNS Client Password Extractor
windows/gather/credentials/enum_cred_store
normal Windows Gather Credential Store Enumeration and Decrypt
windows/gather/credentials/enum_picasa_pwds
normal Windows Gather Google Picasa Password Extractor
windows/gather/credentials/epo_sql
normal Windows Gather McAfee ePO 4.6 Config SQL Credentials
windows/gather/credentials/filezilla_server
normal Windows Gather FileZilla FTP Server Credential Collection
windows/gather/credentials/flashfxp
normal Windows Gather FlashFXP Saved Password Extraction
windows/gather/credentials/ftpnavigator
normal Windows Gather FTP Navigator Saved Password Extraction
windows/gather/credentials/ftpx
normal Windows Gather FTP Explorer (FTPX) Credential Extraction
windows/gather/credentials/gpp
normal Windows Gather Group Policy Preference Saved Passwords
windows/gather/credentials/idm
normal Windows Gather Internet Download Manager (IDM) Password Extr
windows/gather/credentials/imail
normal Windows Gather IPSwitch iMail User Data Enumeration
windows/gather/credentials/imvu
normal Windows Gather Credentials IMVU Game Client
windows/gather/credentials/meebo
normal Windows Gather Meebo Password Extractor
windows/gather/credentials/mremote
normal Windows Gather mRemote Saved Password Extraction
windows/gather/credentials/nimbuzz
normal Windows Gather Nimbuzz Instant Messenger Password Extracto
windows/gather/credentials/outlook
normal Windows Gather Microsoft Outlook Saved Password Extraction
windows/gather/credentials/razer_synapse
normal Windows Gather Razer Synapse Password Extraction
windows/gather/credentials/razorsql
normal Windows Gather RazorSQL Credentials
windows/gather/credentials/rdc_manager_creds
normal Windows Gather Remote Desktop Connection Manager Sa
windows/gather/credentials/skype
normal Windows Gather Skype Saved Password Hash Extraction
windows/gather/credentials/smartermail
normal Windows Gather SmarterMail Password Extraction
windows/gather/credentials/smartftp
normal Windows Gather SmartFTP Saved Password Extraction
Page 49
Sheet1
windows/gather/credentials/spark_im
windows/gather/credentials/sso
windows/gather/credentials/steam
windows/gather/credentials/tortoisesvn
windows/gather/credentials/total_commander
windows/gather/credentials/trillian
windows/gather/credentials/vnc
windows/gather/credentials/windows_autologin
windows/gather/credentials/winscp
windows/gather/credentials/wsftp_client
windows/gather/dnscache_dump
windows/gather/dumplinks
windows/gather/enum_ad_computers
windows/gather/enum_ad_service_principal_names
windows/gather/enum_ad_user_comments
windows/gather/enum_applications
windows/gather/enum_artifacts
windows/gather/enum_chrome
windows/gather/enum_computers
windows/gather/enum_db
windows/gather/enum_devices
windows/gather/enum_dirperms
windows/gather/enum_domain
windows/gather/enum_domain_group_users
windows/gather/enum_domain_tokens
windows/gather/enum_domain_users
windows/gather/enum_domains
windows/gather/enum_files
windows/gather/enum_hostfile
windows/gather/enum_ie
windows/gather/enum_logged_on_users
windows/gather/enum_ms_product_keys
windows/gather/enum_muicache
windows/gather/enum_patches
windows/gather/enum_powershell_env
windows/gather/enum_prefetch
windows/gather/enum_proxy
windows/gather/enum_services
windows/gather/enum_shares
windows/gather/enum_snmp
windows/gather/enum_termserv
windows/gather/enum_tokens
windows/gather/enum_tomcat
windows/gather/enum_unattend
windows/gather/forensics/browser_history
windows/gather/forensics/duqu_check
windows/gather/forensics/enum_drives
windows/gather/forensics/imager
windows/gather/forensics/nbd_server
windows/gather/forensics/recovery_files
windows/gather/hashdump
windows/gather/local_admin_search_enum
windows/gather/lsa_secrets
windows/gather/memory_grep
windows/gather/netlm_downgrade
normal Windows Gather Spark IM Password Extraction

normal Windows Single Sign On Credential Collector (Mimikatz)
normal Windows Gather Steam Client Session Collector.
normal Windows Gather TortoiseSVN Saved Password Extraction
normal Windows Gather Total Commander Saved Password Extrac
normal Windows Gather Trillian Password Extractor
normal Windows Gather VNC Password Extraction
normal Windows Gather AutoLogin User Credential Extractor
normal Windows Gather WinSCP Saved Password Extraction
normal Windows Gather WS_FTP Saved Password Extraction
normal Windows Gather DNS Cache
normal Windows Gather Dump Recent Files lnk Info
normal Windows Gather Active Directory Computers
normal Windows Gather Active Directory Service Principal Nam
normal Windows Gather Active Directory User Comments
normal Windows Gather Installed Application Enumeration
normal Windows Gather File and Registry Artifacts Enumeration
normal Windows Gather Google Chrome User Data Enumeration
normal Windows Gather Enumerate Computers
normal Windows Gather Database Instance Enumeration
normal Windows Gather Hardware Enumeration
normal Windows Gather Directory Permissions Enumeration
normal Windows Gather Enumerate Domain
normal Windows Gather Enumerate Domain Group
normal Windows Gather Enumerate Domain Tokens
normal Windows Gather Enumerate Active Domain Users
normal Windows Gather Domain Enumeration
normal Windows Gather Generic File Collection
normal Windows Gather Windows Host File Enumeration
normal Windows Gather Internet Explorer User Data Enumeration
normal Windows Gather Logged On User Enumeration (Registry)
normal Windows Gather Product Key
normal Windows Gather Enum User MUICache
normal Windows Gather Applied Patches
normal Windows Gather Powershell Environment Setting Enumeratio
normal Windows Gather Prefetch File Information
normal Windows Gather Proxy Setting
normal Windows Gather Service Info Enumeration
normal Windows Gather SMB Share Enumeration via Registry
normal Windows Gather SNMP Settings Enumeration (Registry)
normal Windows Gather Terminal Server Client Connection Information
normal Windows Gather Enumerate Domain Admin Tokens (Token Hunte
normal Windows Gather Apache Tomcat Enumeration
normal Windows Gather Unattended Answer File Enumeration
normal Windows Gather Skype, Firefox, and Chrome Artifacts
normal Windows Gather Forensics Duqu Registry Check
normal Windows Gather Physical Drives and Logical Volumes
normal Windows Gather Forensic Imaging
normal Windows Gather Local NBD Server
normal Windows Gather Deleted Files Enumeration and Recovering
normal Windows Gather Local User Account Password Hashes (Registry)
normal Windows Gather Local Admin Search
normal Windows Enumerate LSA Secrets
normal Windows Gather Process Memory Grep
normal Windows NetLM Downgrade Attack
Page 50
Sheet1
windows/gather/resolve_sid
windows/gather/reverse_lookup
windows/gather/screen_spy
windows/gather/smart_hashdump
windows/gather/tcpnetstat
windows/gather/usb_history
windows/gather/win_privs
windows/gather/wmic_command
windows/gather/word_unc_injector
windows/manage/add_user_domain
windows/manage/autoroute
windows/manage/change_password
windows/manage/clone_proxy_settings
windows/manage/delete_user
windows/manage/download_exec
windows/manage/driver_loader
windows/manage/enable_rdp
windows/manage/enable_support_account
windows/manage/ie_proxypac
windows/manage/inject_ca
windows/manage/inject_host
windows/manage/migrate
windows/manage/mssql_local_auth_bypass
windows/manage/multi_meterpreter_inject
windows/manage/nbd_server
windows/manage/payload_inject
windows/manage/portproxy
windows/manage/powershell/exec_powershell
windows/manage/pptp_tunnel
windows/manage/pxexploit
windows/manage/reflective_dll_inject
windows/manage/remove_ca
windows/manage/remove_host
windows/manage/rpcapd_start
windows/manage/run_as
windows/manage/sdel
windows/manage/smart_migrate
windows/manage/vss_create
windows/manage/vss_list
windows/manage/vss_mount
windows/manage/vss_set_storage
windows/manage/vss_storage
windows/manage/webcam
windows/recon/computer_browser_discovery
windows/recon/resolve_ip
windows/wlan/wlan_bss_list
windows/wlan/wlan_current_connection
windows/wlan/wlan_disconnect
windows/wlan/wlan_profile
normal Windows Gather Local User Account SID Lookup

normal Windows Gather IP Range Reverse Lookup
normal Windows Gather Screen Spy
normal Windows Gather Local and Domain Controller Account Passwo
normal Windows Gather TCP Netstat
normal Windows Gather USB Drive History
normal Windows Gather Privileges Enumeration
normal Windows Gather Run Specified WMIC Command
normal Windows Gather Microsoft Office Word UNC Path Injector
normal Windows Manage Add User to the Domain and/or to a Domain
normal Windows Manage Network Route via Meterpreter Session
normal Windows Manage Change Password
normal Windows Manage Proxy Setting Cloner
normal Windows Manage Local User Account Deletion
normal Windows Manage Download and/or Execute
normal Windows Manage Driver Loader
normal Windows Manage Enable Remote Desktop
normal Windows Manage Trojanize Support Account
normal Windows Manage Proxy PAC File
normal Windows Manage Certificate Authority Injection
normal Windows Manage Hosts File Injection
normal Windows Manage Process Migration
normal Windows Manage Local Microsoft SQL Server Authorizatio
normal Windows Manage Inject in Memory Multiple Payloads
normal Windows Manage Local NBD Server for Remote Disks
normal Windows Manage Memory Payload Injection Module
normal Windows Manage Set Port Forwarding With PortProxy
normal Windows Manage PowerShell Download and/or Execute
normal Windows Manage Remote Point-to-Point Tunneling Protocol
normal Windows Manage PXE Exploit Server
normal Windows Manage Reflective DLL Injection Module
normal Windows Manage Certificate Authority Removal
normal Windows Manage Host File Entry Removal
normal Windows Manage Remote Packet Capture Service Starter
normal Windows Manage Run Command As User
normal Windows Manage Safe Delete
normal Windows Manage Smart Process Migration
normal Windows Manage Create Shadow Copy
normal Windows Manage List Shadow Copies
normal Windows Manage Mount Shadow Copy
normal Windows Manage Set Shadow Copy Storage Space
normal Windows Manage Get Shadow Copy Storage Info
normal Windows Manage Webcam
normal Windows Recon Computer Browser Discovery
normal Windows Recon Resolve IP
normal Windows Gather Wireless BSS Info
normal Windows Gather Wireless Current Connection Info
normal Windows Disconnect Wireless Connection
normal Windows Gather Wireless Profile
Page 51
Sheet1
uilt in the background, this can take 2-5 minutes...
Page 52
Sheet1
Utility Command Encoder
ATH Privilege Escalation
Page 53
Sheet1
alendar Manager Service Daemon (rpc.cmsd) Opcode 21 Buffer Overflow

alk rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX)
l Android Browser and WebView addJavascriptInterface Code Execution
Adobe Reader for Android addJavascriptInterface Exploit
iOS MobileSafari LibTIFF Buffer Overflow
e iOS MobileMail LibTIFF Buffer Overflow
ple iOS Default SSH Password Vulnerability
antec SoftCart CGI Overflow
m V Derived /bin/login Extraneous Arguments Buffer Overflow
x Exec Shellcode from Privileged Javascript Shell
PD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (FreeBSD)
D 9 Address Space Manipulation Privilege Escalation
ba trans2open Overflow (*BSD x86)
ACACSD report() Buffer Overflow
eBSD Telnet Service Encryption Key ID Buffer Overflow
X LPD Command Execution
tagprinter Command Execution
eScan Web Management Console Command Injection
Adobe Flash Player ActionScript Launch Command Execution Vulnerability
D 1.2 - 1.3.0 sreplace Buffer Overflow (Linux)
D 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (Linux)
eal Tournament 2004 "secure" Overflow (Linux)
Alcatel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution
Vault OSSIM SQL Injection and Remote Code Execution
um Remote Code Execution
reon SQL and Command Injection
al Red Hat CloudForms Management Engine 5.1 agent/linuxpkgs Path Traversal
WRT HTTP Daemon Arbitrary Command Execution
Link authentication.cgi Buffer Overflow
ent D-Link Devices Unauthenticated Remote Command Execution
D-Link DIR-645 / DIR-815 diagnostic.php Command Execution
Link Devices Unauthenticated Remote Command Execution
-Link DIR-605L Captcha Handling Buffer Overflow
ink DIR615h OS Command Injection
D-Link info.cgi POST Request Buffer Overflow
nk hedwig.cgi Buffer Overflow in Cookie Header
HNAP Request Remote Buffer Overflow
-Link Devices UPnP SOAP Command Execution
barr ERP/CRM Post-Auth OS Command Injection
enPLI Webif Arbitrary Command Execution
Security Virtual Appliance learn-msg.cgi Command Injection
ntrol Remote Root Command Execution
al Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection
Box Webcm Unauthenticated Command Injection
authenticated Remote Command Execution
os GPSD Format String Vulnerability
nt GroundWork monarch_scan.cgi OS Command Injection
HP System Management Anonymous Access Code Execution
QL Injection and Remote Code Execution
Size UVC Authenticated RCE via Ping
WRT54 Access Point apply.cgi Buffer Overflow
inksys E1500/E2500 apply.cgi Remote Command Injection
ksys E-Series TheMoon Remote Command Injection
inksys Devices pingstr Remote Command Injection
Linksys WRT160nv2 apply.cgi Remote Command Injection
Page 54
Sheet1
inksys WRT54GL apply.cgi Command Execution

utiny 5 Arbitrary File Upload
t Netgear DGN1000B setup.cgi Remote Command Execution
Netgear DGN2200B pppoe.cgi Remote Command Execution
ETGEAR ReadyNAS Perl Code Evaluation
nx HTTP Server 1.3.9-1.4.0 Chunked Encoding Stack Buffer Overflow
Openfiler v2.x NetworkCard Command Execution
dora FMS Remote Code Execution
st URL Handling Buffer Overflow
PineApp Mail-SeCure ldapsyncnow.php Arbitrary Command Execution
eApp Mail-SeCure livelog.html Arbitrary Command Execution
ineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution
edHat Piranha Virtual Server Package passwd.php3 Arbitrary Command Execution
Raidsonic NAS Devices Unauthenticated Remote Command Execution
Supermicro Onboard IPMI close_window.cgi Buffer Overflow

ophos Web Protection Appliance Interface Authenticated Arbitrary Command Execution
Sophos Web Protection Appliance sblistpack Arbitrary Command Execution
t Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection
ent Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload Vulnerability
Symantec Web Gateway 5.0.2.8 relfile File Inclusion Vulnerability
nt Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection
llent Synology DiskStation Manager SLICEUPLOAD Remote Command Execution
S PHP File Upload and Execute
Emulator v2.3 Command Execution
WebCalendar 1.2.4 Pre-Auth Remote Code Injection
d converter.php Remote PHP Code Injection
.0.8 SQL Injection and Remote Code Execution
EN Load Balancer Filelog Command Execution
Zenoss 3 showDaemonXMLConfig Command Execution
AlienVault OSSIM av-centerd Command Injection
ck Orifice Pre-Preprocessor Buffer Overflow
IMAP Server LSUB Buffer Overflow
tem Management Homepage Local Privilege Escalation
Local Privilege Escalation
cyKit Race Condition Privilege Escalation
Kernel Sendpage Local Privilege Escalation
ophos Web Protection Appliance clear_keys.pl Local Privilege Escalation
ev Netlink Local Privilege Escalation
Ware Setuid vmware-mount Unsafe popen(3)
l zsudo Local Privilege Escalation Exploit
cellion File Transfer Appliance MPIPE2 Command Execution
istributed Ruby Send instance_eval/syscall Code Execution
eylisting Daemon) Postfix Buffer Overflow
HP Data Protector 6 EXEC_CMD Remote Code Execution
Network Node Manager I PMD Buffer Overflow
StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow
LIP hpssd.py From Address Arbitrary Command Execution
d InterBase INET_connect() Buffer Overflow
orland InterBase jrd8_create_database() Buffer Overflow
and InterBase open_marker_file() Buffer Overflow
and InterBase PWD_db_aliased() Buffer Overflow
ng use_syslog Remote Format String Vulnerability
ongoDB nativeHelper.apply Remote Code Execution
Nagios Remote Plugin Executor Arbitrary Command Execution
Page 55
Sheet1
NetSupport Manager Agent Remote Buffer Overflow

ovell eDirectory 8 Buffer Overflow
omm Device Remote Code Execution
bbix Server Arbitrary Command Execution
ySQL yaSSL CertDecoder::GetName Buffer Overflow
QL yaSSL SSL Hello Message Buffer Overflow
Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
stgreSQL for Linux Payload Execution
ptop Negative Read Overflow
uid NTLM Authenticate Overflow
a chain_reply Memory Corruption (Linux x86)
mba SetInformationPolicy AuditEventsInfo Heap Overflow
a trans2open Overflow (Linux x86)
xim and Dovecot Insecure Configuration Command Injection
5 BIG-IP SSH Private Key Exposure
ellent Loadbalancer.org Enterprise VA SSH Private Key Exposure
Quantum DXi V1000 SSH Private Key Exposure
Quantum vmPRO Backdoor Command
mantec Messaging Gateway 9.5 Default SSH Password Vulnerability
BSD-derived Telnet Service Encryption Key ID Buffer Overflow
D-Link Unauthenticated UPnP M-SEARCH Multicast Command Injection
niUPnPd 1.0 Stack Buffer Overflow Remote Code Execution
refox 3.5 escape() Return Value Memory Corruption
Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
efox location.QueryInterface() Code Execution
efox 17.0.1 Flash Privileged Code Injection
t Firefox toString console.time Privileged Javascript Injection
refox WebIDL Privileged Javascript Injection
nt Mozilla Firefox Bootstrapped Addon Social Engineering Code Execution
OS X iTunes 8.1.1 ITMS Overflow
Java AtomicReferenceArray Type Violation Vulnerability
Sun Java Calendar Deserialization Privilege Escalation
Sun Java JRE getSoundbank file:// URI Buffer Overflow
Java Applet Driver Manager Privileged toString() Remote Code Execution
a 7 Applet Remote Code Execution
cellent Java Applet AverageRangeStatisticImpl Remote Code Execution
a Applet JAX-WS Remote Code Execution
ava Applet JMX Remote Code Execution
Java Applet JMX Remote Code Execution
t Java Applet Method Handle Remote Code Execution
Java Applet ProviderSkeleton Insecure Invoke Method
Java Applet Reflection Type Confusion Remote Code Execution
Applet Rhino Script Engine Remote Code Execution
Java RMIConnectionImpl Deserialization Privilege Escalation
Java JRE AWT setDiffICM Buffer Overflow
va Signed Applet Social Engineering Code Execution
va storeImageArray() Invalid Array Indexing Vulnerability
va Statement.invoke() Trusted Method Chain Privilege Escalation
ava Applet Field Bytecode Verifier Cache Remote Code Execution
ozilla Suite/Firefox compareTo() Code Execution
ozilla Suite/Firefox Navigator Object Code Execution
pera 9 Configuration Overwrite
pera historysearch XSS
e QTJava toQTPointer() Arbitrary Memory Access
Page 56
Sheet1
asticSearch Dynamic Script Arbitrary Java Execution

Adobe U3D CLODProgressiveMeshDeclaration Array Overrun
le Maplet File Creation and Command Execution
ent Nodejs js-yaml load() Code Execution
PeaZip Zip Processing Command Injection
ure-FTPd External Authentication Bash Environment Variable Code Injection
-FTPD SITE EXEC/INDEX Format String Vulnerability
Server Remote Payload Execution
Collab "chat module" Remote PHP Code Injection Exploit

jaXplorer checkInstall.php Remote Command Execution
Apache mod_cgi Bash Environment Variable Code Injection
pache Roller OGNL Injection
pRain CMF Arbitrary PHP File Upload Vulnerability
xilium RateMyPet Arbitrary File Upload Vulnerability
SAP BusinessObjects Authenticated Code Execution (via SOAP)
co Prime Data Center Network Manager Arbitrary File Upload
ColdFusion 9 Administrative Login Bypass
teFlow v2.11.2 Arbitrary File Upload Vulnerability
exter (CasinoLoader) SQL Injection
pal HTTP Parameter Key/Value SQL Injection
etwork Shutdown Module (sort_values) Remote PHP Code Injection
ageEngine Eventlog Analyzer Arbitrary File Upload
plorer v2.1 Arbitrary File Upload Vulnerability
mily Connections less.php Remote Command Execution
NAS exec_raw.php Arbitrary Command Execution
P Remote Command Execution
us Arbitrary Command Execution

Oracle GlassFish Server Authenticated Code Execution
lossword v1.8.8 - 1.8.12 Arbitrary File Upload Vulnerability
stall.php Remote Command Execution
rde 3.3.12 Backdoor Arbitrary PHP Code Execution
HP SiteScope issueSiebelCmd Remote Code Execution
System Management Homepage JustGetSNMPQueue Command Injection
Mware Hyperic HQ Groovy Script-Console Java Execution
Config Authenticated Arbitrary PHP Code Execution
ss JMX Console Beanshell Deployer WAR Upload and Deployment
JBoss Java Class DeploymentFileRepository WAR Deployment
ss DeploymentFileRepository WAR Deployment (via JMXInvokerServlet)
ss JMX Console Deployer Upload and Execute
ins Script-Console Java Execution
Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload Vulnerability
CMS 3.0 eval() Remote Command Execution
Log1 CMS writeInfo() PHP Code Injection
t ManageEngine Desktop Central / Password Manager LinkViewFetchServlet.dat SQL Injection
ManageEngine Security Manager Plus 5.5 Build 5505 SQL Injection
aWiki Thumb.php Remote Command Execution
obileCartly 1.0 Arbitrary File Creation Vulnerability
dle Remote Command Execution
Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution
Mutiny Remote Command Execution
4Free Arbitrary Remote Code Execution
win SurgeFTP Remote Command Execution
Page 57
Sheet1
ense.php Remote Command Execution

welcome Remote Command Execution
enfire Admin Console Authentication Bypass
OpenMediaVault Cron Remote Command Execution
penX Backdoor PHP Code Execution
ManageEngine OpManager and Social IT Arbitrary File Upload
Forms and Reports Remote Code Execution
P CGI Argument Injection
PHP Volunteer Management System v1.0.2 Arbitrary File Upload Vulnerability
phpLDAPadmin query_engine Remote PHP Code Injection
phpMyAdmin 3.5.2.2 server_sync.php Backdoor
phpMyAdmin Authenticated Remote Code Execution via preg_replace()
pScheduleIt PHP reserve.php start_date Parameter Arbitrary Code Injection
x pfilez Parameter Exec Remote Code Injection
pwiki Ploticus Remote Code Execution
and Zope XMLTools Remote Command Execution
ki pagelist.php Remote PHP Code Injection Exploit
olarBear CMS PHP File Upload Vulnerability
cessMaker Open Source Authenticated PHP Code Execution
PM v7 Arbitrary PHP File Upload Vulnerability
Ruby on Rails JSON Processor YAML Deserialization Code Execution
by on Rails Known Secret Session Cookie Remote Code Execution
Ruby on Rails XML Processor YAML Deserialization Code Execution
Rocket Servergraph Admin Center fileRequestor Remote Code Execution
g! CMS 1.0 Arbitrary File Upload Vulnerability
Incident Tracker Remote Command Execution
eport nmap.php/nbtscan.php Remote Command Execution
nt SolarWinds Storage Manager Authentication Bypass
nicWALL GMS 6 Arbitrary File Upload
lunk Search Remote Code Execution
plunk 5.0 Custom App Remote Code Execution
eecommerce 0.60.1 Arbitrary Command Execution
preecommerce Arbitrary Command Execution
he Struts Remote Command Execution
Apache Struts ClassLoader Manipulation Remote Code Execution
ent Apache Struts Remote Command Execution
Apache Struts ParametersInterceptor Remote Code Execution
Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
he Struts 2 Developer Mode OGNL Execution
che Struts includeParams Remote Code Execution
HELL Web Shell Remote PHP Code Execution
HELL Web Shell Remote Code Execution
Java System Web Server WebDAV OPTIONS Buffer Overflow
Link v1.9.3 Arbitrary File Upload Vulnerability
che Tomcat Manager Application Deployer Authenticated Code Execution
ache Tomcat Manager Authenticated Upload Code Execution
admincp/common.php Remote Code Execution
me Monitoring Station post2file.php Arbitrary File Upload
w Web Shell Remote Code Execution
EO proc_deutf() Remote PHP Code Injection
Install Unauthenticated Remote Command Execution
rCRM v5.4.0/v5.3.0 Authenticated Remote Code Execution
er CRM SOAP AddEmailAttachment Arbitrary File Upload
WebPageTest Arbitrary PHP File Upload
kaWiki 1.3.2 Spam Logging PHP Injection
Page 58
Sheet1
ix Authenticated Remote Command Execution

Novell ZENworks Configuration Management Remote Execution
DCE/RPC Preprocessor Buffer Overflow
gle 1.7 SVG Browser Java Code Execution
HP Data Protector EXEC_INTEGUTIL Remote Code Execution
torageWorks P4000 Virtual SAN Appliance Command Execution
dobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution
va Debug Wire Protocol Remote Code Execution
RMI Server Insecure Default Configuration Java Code Execution
HP OpenView OmniBack II Command Execution
RC Bot pbot eval() Remote Code Execution
NX PHP Bot PubCall Authentication Bypass Remote Code Execution
VERITAS NetBackup Remote Command Execution
Wireshark LWRES Dissector getaddrsbyname_request Buffer Overflow
Wireshark LWRES Dissector getaddrsbyname_request Buffer Overflow (loop)
Server Java Bridge Arbitrary Java Code Execution
emon readvar Buffer Overflow
PHP 4 unserialize() ZVAL Reference Counter Overflow (Cookie)
ver Describe Buffer Overflow
2.2.2 - 2.2.6 nttrans Buffer Overflow
mba "username map script" Command Execution
ent SAP Management Console OSExecute Payload Execution
SAP SOAP RFC SXPG_CALL_SYSTEM Remote Command Execution
t
SAP SOAP RFC SXPG_COMMAND_EXECUTE Remote Command Execution
ortable UPnP SDK unique_service_name() Remote Code Execution

Wyse Rapport Hagent Fake Hserver Command Execution
l NetWare LSASS CIFS.NLM Driver Stack Buffer Overflow
are 6.5 SunRPC Portmapper CALLIT Stack Buffer Overflow
Server LoginExt PathName Overflow
Backup Client Type 77 Overflow (Mac OS X)
ozilla Firefox 3.6.16 mChannel Use-After-Free
e Safari file:// Arbitrary Code Execution
Safari Archive Metadata Command Execution
nual Safari User-Assisted Download and Run Attack
ple OS X Software Update Command Execution
Mail.app Image Attachment Command Execution
STAR FTP Server USER Overflow
acOS X EvoCam HTTP GET Buffer Overflow
OS X NFS Mount Privilege Escalation Exploit
X Persistent Payload Installer
d Tunnelblick Privilege Escalation
ity setuid-set ViscosityHelper Privilege Escalation
Mac OS X Sudo Password Bypass
OS X VMWare Fusion Privilege Escalation via Bash Environment Code Injection
OS X mDNSResponder UPnP Location Overflow
en Invasion IRC Client Buffer Overflow
MacOS X QuickTime RTSP Content-Type Overflow
a trans2open Overflow (Mac OS X PPC)
dtspcd Heap Overflow
s LPD Command Execution
Page 59
Sheet1
a trans2open Overflow (Solaris SPARC)

Sun Solaris sadmind adm_build_path() Buffer Overflow
aris sadmind Command Execution
laris ypupdated Command Execution
is Telnet Remote Authentication Bypass Vulnerability
n.telnetd TTYPROMPT Buffer Overflow
client Bash Environment Variable Injection
oFTPD-1.3.3c Backdoor Command Execution
FTPD v2.3.4 Backdoor Command Execution
t ContentKeeper Web Remote Command Execution
SkyRouter 4200 and 4300 Command Execution
ePBX 2.10.0 / 2.9.0 callmenum Remote Code Execution
e Room Command Injection
nt VMTurbo Operations Manager vmtadmin.cgi Remote Command Execution
UnrealIRCD 3.2.8.1 Backdoor Command Execution
Daemon Command Execution

X QCONN Remote Command Execution Vulnerability
pamAssassin spamd Remote Command Execution
bbix Agent net.tcp.listen Command Injection
lamAV Milter Blackhole-Mode Remote Code Execution
m4 string_format Function Heap Buffer Overflow
t Array Networks vAPV and vxAG Private Key Privilege Escalation Code Execution
Tectia SSH USERAUTH Change Request Password Reset Vulnerability
Western Digital Arkeia Remote Code Execution
AWStats configdir Remote Command Execution
AWStats migrate Remote Command Execution
WStats Totals multisort Remote Command Execution
Barracuda IMG.PL Remote Command Execution
BASE base_qry_common Remote File Include
ilic 1.5.14 diff.php Arbitrary Command Execution
Cacti graph_view.php Remote Command Execution
t CakePHP Cache Corruption Code Execution
Carberp Web Panel C2 Backdoor Remote PHP Code Execution
t Citrix Access Gateway Command Execution
ClipBucket Remote Code Execution
Coppermine Photo Gallery picEditor.php Command Execution
DataLife Engine preview.php PHP Code Injection
Dogfood CRM spell.php Remote Command Execution
EGallery PHP File Upload Vulnerability
FlashChat Arbitrary File Upload
swiki MAKETEXT Remote Command Execution
reePBX config.php Remote Code Execution
eric Web Application Unix Command Execution
ent GetSimpleCMS PHP File Upload Vulnerability
nt Google Appliance ProxyStyleSheet Command Execution
Graphite Web Unsafe Pickle Handling
Matt Wright guestbook.pl Arbitrary Command Execution
stymail 2.1.1 RC1 Command Injection
Havalite CMS Arbitary File Upload Vulnerability
Horde Framework Unserialize PHP Code Execution
HybridAuth install.php PHP Code Execution
stantCMS 1.6 Remote PHP Code Execution
ent Invision IP.Board unserialize() PHP Code Execution
t Joomla Akeeba Kickstart Unserialize Remote Code Execution
Page 60
Sheet1
ent Joomla Component JCE File Upload Remote Code Execution

nt Joomla Media Manager File Upload Vulnerability
oomla 1.5.12 TinyBrowser File Upload Code Execution
v0.9.2 'db_restore.php' SQL Injection
brettoCMS File Manager Arbitary File Upload Vulnerability
Mambo Cache_Lite Class mosConfig_absolute_path Remote File Include
el Audio and Web Conferencing Command Injection
MoinMoin twikidraw Action Traversal File Upload
yBB 1.6.4 Backdoor Arbitrary Command Execution
gios3 history.cgi Host Command Execution
Nagios3 statuswml.cgi Ping Command Execution
Nagios XI Network Monitor Graph Explorer Component Command Injection
Narcissus Image Configuration Passthru Vulnerability
nt OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution
OpenEMR PHP File Upload Vulnerability
nt OpenSIS 'modname' PHP Code Execution
ellent HP Openview connectedNodes.ovpl Remote Command Execution
OpenX banner-edit.php File Upload PHP Code Execution
Oracle VM Server Virtual Server Agent Command Injection
t osCommerce 2.2 Arbitrary PHP Code Execution
PAJAX Remote Command Execution
HP-Charts v1.0 PHP Code Execution Vulnerability
ric PHP Code Evaluation
Remote File Include Generic Code Execution
vBulletin misc.php Template Name Arbitrary Code Execution
t WordPress Plugin Foxypress uploadify.php Arbitrary Code Execution
t Wordpress InfusionSoft Upload Vulnerability
WordPress cache_lastpostdate Arbitrary Code Execution
WordPress OptimizePress Theme File Upload Vulnerability
nt Wordpress W3 Total Cache PHP Code Execution
HP XML-RPC Arbitrary Code Execution
BB viewtopic.php Arbitrary Code Execution
PhpMyAdmin Config File Code Injection
Project Pier Arbitrary File Upload Vulnerability
QuickTime Streaming Server parse_xml.cgi Remote Execution
Redmine SCM Repository Arbitrary Command Execution
Portal SQLi Remote Code Execution
ellent Simple E-Document Arbitrary File Upload
SkyBlueCanvas CMS Remote Code Execution
imple PHP Blog Remote Command Execution
PIP connect Parameter PHP Injection
Squash YAML Code Execution
SquirrelMail PGP Plugin Command Execution (SMTP)
t SugarCRM unserialize() PHP Code Execution
TikiWiki tiki-graph_formula Remote PHP Code Execution
Wiki jhot Remote Command Execution
iki Wiki unserialize() PHP Code Execution
ixbox langChoice PHP Local File Inclusion
History TWikiUsers rev Parameter Command Execution
ki MAKETEXT Remote Command Execution
i Search Function Arbitrary Command Execution
vBulletin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection
ellent VICIdial Manager Send OS Command Injection
t Webmin /file/show.cgi Remote Command Execution
Page 61
Sheet1
ebTester 5.x Command Execution

ellent WordPress Plugin Advanced Custom Fields Remote File Inclusion
ellent WordPress Asset-Manager PHP File Upload Vulnerability
normal WordPress Plugin Google Document Embedder Arbitrary File Disclosure
t WordPress WP-Property PHP File Upload Vulnerability
Wordpress WPTouch Authenticated File Upload
nt Wordpress MailPoet Newsletters (wysija-newsletters) Unauthenticated File Upload
DA 0.4.5 Arbitrary PHP File Upload Vulnerability
oShell Remote Code Execution
a Collaboration Server LFI
llent ZoneMinder Video Server packageControl Command Execution
ZPanel 10.0.0.2 htpasswd Module Username Command Execution
ymantec System Center Alert Management System (hndlrsvc.exe) Arbitrary Command Execution
antec System Center Alert Management System (xfr.exe) Arbitrary Command Execution
cellent Symantec Endpoint Protection Manager Remote Command Execution
mantec Alert Management System Intel Alert Originator Service Buffer Overflow
ymantec Remote Management Buffer Overflow
excellent Symantec Workspace Streaming Arbitrary File Upload
od
Trend Micro ServerProtect 5.58 CreateBinding() Buffer Overflow
d
Trend Micro ServerProtect 5.58 EarthAgent.EXE Buffer Overflow
Backup Client Type 77 Overflow (Win32)
nt Energizer DUO Trojan Code Execution
Veritas Backup Exec Name Service Overflow
Veritas Backup Exec Windows Remote Agent Overflow
Computer Associates ARCserve REPORTREMOTEEXECUTECML Buffer Overflow
A BrightStor Discovery Service TCP Overflow
A BrightStor Discovery Service Stack Buffer Overflow
omputer Associates Alert Notification Buffer Overflow
BrightStor HSM Buffer Overflow
BrightStor ARCserve for Laptops and Desktops LGServer Buffer Overflow
A BrightStor ARCserve for Laptops and Desktops LGServer Multiple Commands Buffer Overflow
A BrightStor ARCserve for Laptops and Desktops LGServer Buffer Overflow
verage CA BrightStor ARCserve for Laptops and Desktops LGServer rxsSetDataGrowthScheduleAndFilter Buffer Overflow
CA BrightStor ARCserve for Laptops and Desktops LGServer Buffer Overflow
BrightStor ARCserve License Service GCR NETWORK Buffer Overflow
CA BrightStor ArcServe Media Service Stack Buffer Overflow
CA BrightStor ARCserve Message Engine Buffer Overflow
CA BrightStor ARCserve Message Engine 0x72 Buffer Overflow
e CA BrightStor ARCserve Message Engine Heap Overflow
BrightStor Agent for Microsoft SQL Overflow
A BrightStor ARCserve Tape Engine Buffer Overflow
CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow
A BrightStor Universal Agent Overflow
Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow
Adobe Flash Player Integer Underflow Remote Code Execution
mal Adobe Flash Player Type Confusion Remote Code Execution
Adobe Flash Player MP4 'cprt' Overflow
Adobe Flash Player 11.3 Kern Table Parsing Integer Overflow
mal Adobe Flash Player Shader Buffer Overflow
Adobe Flash Player Regular Expression Heap Overflow
Adobe Flash Player Object Type Confusion
Adobe Flash Player MP4 SequenceParameterSetNALUnit Buffer Overflow
t
Adobe Flash Player AVM Verification Logic Array Indexing Code Execution
Adobe Flash Player AVM Bytecode Verification Vulnerability
Page 62
Sheet1
l Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability

mal Adobe Flash Player "newfunction" Invalid Pointer Use
d
Adobe FlateDecode Stream Predictor 02 Integer Overflow
dobe Collab.getIcon() Buffer Overflow
Adobe Doc.media.newPlayer Use After Free Vulnerability
rmal Adobe Shockwave rcsL Memory Corruption
Adobe Reader ToolButton Use After Free
obe util.printf() Buffer Overflow
ormal Advantech WebAccess dvs.ocx GetColor Buffer Overflow
OL Instant Messenger goaway Overflow
Aladdin Knowledge System Ltd ChooseFilePath Buffer Overflow
maya Browser v11.0 'bdo' Tag Overflow
AOL Radio AmpX ActiveX Control ConvertFile() Buffer Overflow
nt America Online ICQ ActiveX Control Arbitrary File Download and Execute
Apple ITunes 4.7 Playlist Buffer Overflow
eat
Apple QuickTime 7.6.7 _Marshaled_pUnk Code Execution
al Apple QuickTime 7.7.2 MIME Type Buffer Overflow
Apple Quicktime 7 Invalid Atom Length Buffer Overflow
Apple QuickTime 7.1.3 RTSP URI Buffer Overflow
Apple QuickTime 7.6.6 Invalid SMIL URI Buffer Overflow
mal Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow
sk.com Toolbar askBar.dll ActiveX Control Buffer Overflow
al ASUS Net4Switch ipswcom.dll ActiveX Stack Buffer Overflow
al AtHocGov IWSAlerts ActiveX Control Buffer Overflow
utodesk IDrop ActiveX Control Heap Memory Corruption
SonicWALL Aventail epi.dll AuthCredential Format String
AwingSoft Winds3D Player SceneURL Buffer Overflow
ent AwingSoft Winds3D Player 3.5 SceneURL Download and Execute
normal BaoFeng Storm mps.dll ActiveX OnBeforeVideoDownload Buffer Overflow
KD Software BarCodeAx.dll v4.9 ActiveX Remote Stack Buffer Overflow
ent Black Ice Cover Page ActiveX Control Arbitrary File Download
cellent Icona SpA C6 Messenger DownloaderActiveX Control Arbitrary File Download and Execute
CA BrightStor ARCserve Backup AddColumn() ActiveX Buffer Overflow
Chilkat Crypt ActiveX WriteFile Unsafe Method
nt Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute
Cisco Linksys PlayerPT ActiveX Control Buffer Overflow
al Cisco Linksys PlayerPT ActiveX Control SetSource sURL Argument Buffer Overflow
Citrix Gateway ActiveX Control Stack Based Buffer Overflow Vulnerability
BM Rational ClearQuest CQOle Remote Code Execution
CommuniCrypt Mail 1.16 SMTP ActiveX Stack Buffer Overflow
al Creative Software AutoUpdate Engine ActiveX Control Buffer Overflow
Crystal Reports CrystalPrintControl ActiveX ServerResourceVersion Property Overflow
Dell Webcam CrazyTalk ActiveX BackImage Vulnerability
Worldweaver DX Studio Player shell.execute() Command Execution
Electronic Arts SnoopyCtrl ActiveX Control Buffer Overflow
al FlipViewer FViewerLoading ActiveX Control Buffer Overflow
ellent EnjoySAP SAP GUI ActiveX Control Arbitrary File Download
al EnjoySAP SAP GUI ActiveX Control Buffer Overflow
Facebook Photo Uploader 4 ActiveX Control Buffer Overflow
Foxit Reader Plugin URL Processing Buffer Overflow
OM Player ActiveX Control Buffer Overflow
reen Dam URL Processing Buffer Overflow
cellent Honeywell HSC Remote Deployer ActiveX Remote Code Execution
nt Honeywell Tema Remote Installer ActiveX Remote Code Execution
Page 63
Sheet1
normal HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType() Remote Code Execution
eat
HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution
great
HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution
Persits XUpload ActiveX AddFile Buffer Overflow
HP LoadRunner 9.0 ActiveX AddFolder Buffer Overflow
HP LoadRunner lrFileIOService ActiveX Remote Code Execution
HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution
HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow
Hyleos ChemView ActiveX Control Stack Buffer Overflow
IBM SPSS SamplePower C1Tab ActiveX Heap Overflow
IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 ActiveX RunAndUploadFile() Method Overflow
IBM Access Support ActiveX Control Buffer Overflow
ormal IBM Lotus Domino Web Access Upload Module Buffer Overflow
S13-008 Microsoft Internet Explorer CButton Object Use-After-Free Vulnerability
MS13-038 Microsoft Internet Explorer CGenericElement Object Use-After-Free Vulnerability
S06-014 Microsoft Internet Explorer COM CreateObject Code Execution
MS12-063 Microsoft Internet Explorer execCommand Use-After-Free Vulnerability
Microsoft Internet Explorer isComponentInstalled Overflow
MS13-080 Microsoft Internet Explorer SetMouseCapture Use-After-Free
Microsoft Internet Explorer Unsafe Scripting Misconfiguration
Viscom Image Viewer CP Pro 8.0/Gold 6.0 ActiveX Control
ormal InduSoft Web Studio ISSymbol.ocx InternationalSeparator() Heap Overflow
IBM Lotus iNotes dwa85W ActiveX Buffer Overflow
Quest InTrust Annotation Objects Uninitialized Pointer
Sun Java Web Start BasicServiceImpl Code Execution
va CMM Remote Code Execution
Sun Java Applet2ClassLoader Remote Code Execution
Sun Java Runtime New Plugin docbase Buffer Overflow
Java MixerSequencer Object GM_Song Structure Handling Vulnerability
t Sun Java Web Start Plugin Command Line Argument Injection
nt Sun Java Web Start Double Quote Injection
Sun Java Web Start Plugin Command Line Argument Injection
Juniper SSL-VPN IVE JuniperSetupDLL.dll ActiveX Control Buffer Overflow
Kazaa Altnet Download Manager ActiveX Control Buffer Overflow
ent KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability
Logitech VideoCall ActiveX Control Buffer Overflow
emedia / Roxio / MGI Software LPViewer ActiveX Control Buffer Overflow
rmal Macrovision InstallShield Update Service Buffer Overflow
Macrovision InstallShield Update Service ActiveX Unsafe Method
Maxthon3 about:history XCS Trusted Zone Code Execution
al McAfee Subscription Manager Stack Buffer Overflow
McAfee Virtual Technician MVTControl 6.3.0.1911 GetObject Vulnerability
al McAfee Visual Trace ActiveX Control Buffer Overflow
C IRC URL Buffer Overflow
e Firefox 8/9 AttributeChildRemoved() Use-After-Free
mal Firefox onreadystatechange Event DocumentViewerImpl Use After Free
Firefox XMLSerializer Use After Free
Mozilla Firefox Interleaved document.write/appendChild Memory Corruption
Mozilla Firefox 3.6.16 mChannel Use-After-Free Vulnerability
Firefox nsSVGValue Out-of-Bounds Access Vulnerability
Mozilla Firefox "nsTreeRange" Dangling Pointer Vulnerability
Mozilla Firefox Array.reduceRight() Integer Overflow
MS03-020 Microsoft Internet Explorer Object Type
MS05-054 Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution
at
Windows XP/2003/Vista Metafile Escape() SetAbortProc Code Execution
Page 64
Sheet1
al MS06-013 Microsoft Internet Explorer createTextRange() Code Execution

al MS06-055 Microsoft Internet Explorer VML Fill Method Code Execution
mal MS06-057 Microsoft Internet Explorer WebViewFolderIcon setSlice() Overflow
MS06-067 Microsoft Internet Explorer Daxctle.OCX KeyFrame Method Heap Buffer Overflow Vulnerability
MS06-071 Microsoft Internet Explorer XML Core Services HTTP Request Handling
great
Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP)
lent Snapshot Viewer for Microsoft Access ActiveX Control Arbitrary File Download
al Windows Media Encoder 9 wmex.dll ActiveX Buffer Overflow
ormal Microsoft Visual Studio Mdmask32.ocx ActiveX Buffer Overflow
al MS08-078 Microsoft Internet Explorer Data Binding Memory Corruption
mal MS09-002 Microsoft Internet Explorer 7 CFunctionPointer Uninitialized Memory Corruption
Microsoft OWC Spreadsheet HTMLURL Buffer Overflow
al Microsoft OWC Spreadsheet msDataSourceObject Memory Corruption
MS09-072 Microsoft Internet Explorer Style getElementsByTagName Memory Corruption
MS10-002 Microsoft Internet Explorer "Aurora" Memory Corruption
MS10-002 Microsoft Internet Explorer Object Memory Use-After-Free
MS10-018 Microsoft Internet Explorer DHTML Behaviors Use After Free
MS10-018 Microsoft Internet Explorer Tabular Data Control ActiveX Memory Corruption
at
MS10-022 Microsoft Internet Explorer Winhlp32.exe MsgBox Code Execution
rmal MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow
xcellent Microsoft Help Center XSS and Command Execution
ellent Microsoft Windows Shell LNK Code Execution
MS10-090 Microsoft Internet Explorer CSS SetUserClip Memory Corruption
MS11-003 Microsoft Internet Explorer CSS Recursive Import Use After Free
ormal MS11-050 IE mshtml!CObjectElement Use After Free
MS11-081 Microsoft Internet Explorer Option Element Use-After-Free
MS11-093 Microsoft Windows OLE Object File Handling Remote Code Execution
MS12-004 midiOutPlayNextPolyEvent Heap Overflow
MS12-037 Microsoft Internet Explorer Fixed Table Col Span Heap Overflow
MS12-037 Microsoft Internet Explorer Same ID Property Deleted Object Handling Memory Corruption
age MS13-009 Microsoft Internet Explorer SLayoutRun Use-After-Free
mal MS12-022 Microsoft Silverlight ScriptObject Unsafe Memory Access
al MS13-037 Microsoft Internet Explorer COALineDashStyleArray Integer Overflow
MS13-055 Microsoft Internet Explorer CAnchorElement Use-After-Free
mal MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free
MS13-069 Microsoft Internet Explorer CCaret Use-After-Free
l MS13-080 Microsoft Internet Explorer CDisplayPointer Use-After-Free
rmal MS13-090 CardSpaceClaimCollection ActiveX Integer Underflow
al MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free
MS14-012 Microsoft Internet Explorer TextRange Use-After-Free
Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption
al Microsoft Whale Intelligent Application Gateway ActiveX Control Buffer Overflow
d
MS12-043 Microsoft XML Core Services MSXML Uninitialized Memory Corruption
mal NCTAudioFile2 v2.x ActiveX Control SetFormatLikeSample() Buffer Overflow
Norton AntiSpam 2004 SymSpamHelper ActiveX Control Buffer Overflow
mantec Norton Internet Security 2004 ActiveX Control Buffer Overflow
nt IBM Lotus Notes Client URL Handler Command Injection
mal Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution
Novell iPrint Client ActiveX Control call-back-url Buffer Overflow
ovell iPrint Client ActiveX Control Date/Time Buffer Overflow
Novell iPrint Client ActiveX Control ExecuteRequest Buffer Overflow
al Novell iPrint Client ActiveX Control ExecuteRequest debug Buffer Overflow
Novell iPrint Client ActiveX Control Buffer Overflow
Novell iPrint Client ActiveX Control target-frame Buffer Overflow
Page 65
Sheet1
NTR ActiveX Control Check() Method Buffer Overflow

NTR ActiveX Control StopModule() Remote Code Execution
rmal Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow
l Oracle Document Capture 10g ActiveX Control Buffer Overflow
xcellent Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution
rbit Downloader Connecting Log Creation Buffer Overflow
VMWare OVF Tools Format String Vulnerability
cVue 10.0 SV.UIGrdCtrl.1 'LoadObject()/SaveObject()' Trusted DWORD Vulnerability
t Persits XUpload ActiveX MakeHttpRequest Directory Traversal
BM Lotus QuickR qp2 ActiveX Buffer Overflow
Real Networks Arcade Games StubbyUtil.ProcessMgr ActiveX Arbitrary Code Execution
RealNetworks RealPlayer CDDA URI Initialization Vulnerability
RealPlayer rmoc3260.dll ActiveX Control Heap Corruption
ealPlayer ierpplug.dll ActiveX Control Playlist Name Buffer Overflow
ealNetworks Realplayer QCP Parsing Heap Overflow
ealNetworks RealPlayer SMIL Buffer Overflow
oxio CinePlayer ActiveX Control Buffer Overflow
pple Safari Webkit libxslt Arbitrary File Creation
normal Samsung NET-i Viewer Multiple ActiveX BackupToAvi() Remote Overflow
al SAP AG SAPgui EAI WebViewer3D Buffer Overflow
al Siemens Solid Edge ST4 SEListCtrlX ActiveX Remote Code Execution
SoftArtisans XFile FileManager ActiveX Control Buffer Overflow
SonicWall SSL-VPN NetExtender ActiveX Control Buffer Overflow
excellent Symantec Altiris Deployment Solution ActiveX Control Arbitrary File Download and Execute
rmal Symantec Altiris Deployment Solution ActiveX Control Buffer Overflow
ellent Symantec AppStream LaunchObj ActiveX Control Arbitrary File Download and Execute
ormal Symantec BackupExec Calendar Control Buffer Overflow
normal Symantec ConsoleUtilities ActiveX Control Buffer Overflow
al Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow
ellent Husdawg, LLC. System Requirements Lab ActiveX Unsafe Method
eChart Professional ActiveX Control Trusted Integer Dereference
al Tom Sawyer Software GET Extension Factory Remote Code Execution
Trend Micro Internet Security Pro 2010 ActiveX extSetOwner() Remote Code Execution
Trend Micro OfficeScan Client ActiveX Control Buffer Overflow
Tumbleweed FileTransfer vcst_eu.dll ActiveX Control Buffer Overflow
Ubisoft uplay 2.0.3 ActiveX Control Arbitrary Code Execution
TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow
Ultra Shareware Office Control ActiveX HttpUpload Buffer Overflow
VeryPDF PDFView OCX ActiveX OpenPDF Heap Overflow
al Viscom Software Movie Player Pro SDK ActiveX 6.8
AMV Dangling Pointer Vulnerability
LC MMS Stream Handling Buffer Overflow
WebDAV Application DLL Hijacker
WebEx UCF atucfobj.dll ActiveX NewObject Method Buffer Overflow
ood
KingScada kxClientDownload.ocx ActiveX Remote Code Execution
Winamp Playlist UNC Path Computer Name Overflow
Winamp Ultravox Streaming Metadata (in_mp3.dll) Buffer Overflow
WinDVD7 IASystemInfo.DLL ActiveX Control Buffer Overflow
nZip FileView (WZFILEVIEW.FileViewCtrl.61) ActiveX Buffer Overflow
icrosoft WMI Administration Tools ActiveX Buffer Overflow
Play 3.3.0.4 (ASX Filename) Buffer Overflow
al Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow
Yahoo! Messenger 8.1.0.249 ActiveX Control Buffer Overflow
llent Zenturi ProgramChecker ActiveX Control Arbitrary File Download
mal AdminStudio LaunchHelp.dll ActiveX Arbitrary Code Execution
Page 66
Sheet1
MS03-026 Microsoft RPC DCOM Interface Overflow

MS05-017 Microsoft Message Queueing Service Path Overflow
eat
MS07-029 Microsoft DNS RPC Service extractQuotedChar() Overflow (TCP)
MS07-065 Microsoft Message Queueing Service DNS Name Path Overflow
eat
Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP)
nt Outlook ATTACH_BY_REF_ONLY File Execution
ent Outlook ATTACH_BY_REF_RESOLVE File Execution
C AlphaStor Agent Buffer Overflow
ellent EMC AlphaStor Device Manager Opcode 0x75 Command Injection
EMC Networker Format String
EMC Replication Manager Command Execution
A-PDF WAV to MP3 v1.0.0 Buffer Overflow
BBS Audio Media Player .LST Buffer Overflow
ACDSee FotoSlate PLP File id Parameter Overflow
CDSee XPM File Section Buffer Overflow
ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow
activePDF WebGrabber ActiveX Control Buffer Overflow
Adobe Flash Player "Button" Remote Code Execution
al Adobe Flash Player "newfunction" Invalid Pointer Use
obe Collab.getIcon() Buffer Overflow
e Acrobat Bundled LibTIFF Integer Overflow
lent Adobe PDF Embedded EXE Social Engineering
cellent Adobe PDF Escape EXE Social Engineering (No JavaScript)
Adobe Reader U3D Memory Corruption Vulnerability
dobe Reader ToolButton Use After Free
be util.printf() Buffer Overflow
ALLPlayer M3U Buffer Overflow
Altap Salamander 2.5 PE Viewer Buffer Overflow
AOL Desktop 9.6 RTX Buffer Overflow
AOL 9.5 Phobos.Playlist Import() Stack-based Buffer Overflow
Apple QuickTime TeXML Style Element Stack Buffer Overflow
AudioCoder .M3U Buffer Overflow
udio Workstation 6.4.2.4.3 pls Buffer Overflow
iotran 1.4.1 (PLS File) Stack Buffer Overflow
osoft Digital TV Player Professional 1.0 Stack Buffer Overflow
Cnet OPC Client Buffer Overflow
Beetel Connection Manager NetConfig.ini Buffer Overflow
BlazeVideo HDTV Player Pro v6.6 Filename Handling Vulnerability
zeDVD 6.1 PLF Buffer Overflow
S.Player 2.57 Buffer Overflow (Unicode SEH)
ntivirus Engine CAB Buffer Overflow
CCMPlayer 1.5 m3u Playlist Stack Based Buffer Overflow
al Chasys Draw IES Buffer Overflow
l Cool PDF Image Stream Buffer Overflow
Page 67
Sheet1
Corel PDF Fusion Stack Buffer Overflow

Csound hetro File Handling Stack Buffer Overflow
balSCAPE CuteZIP Stack Buffer Overflow
yberLink Power2Go name Attribute (p2g) Stack Buffer Overflow Exploit
tel Studio 9.0 (CY3 File) Stack Buffer Overflow
stonSoft DeepBurner (DBR File) Path Buffer Overflow
Destiny Media Player 1.61 PLS M3U Buffer Overflow
Digital Music Pad Version 8.2.3.3.4 Stack Buffer Overflow
J Studio Pro 5.1 .pls Stack Buffer Overflow
u DjVu_ActiveX_MSOffice.dll ActiveX ComponentBuffer Overflow
D X Player 5.5 .plf PlayList Buffer Overflow
Easy CD-DA Recorder PLS Buffer Overflow
age EMC ApplicationXtender (KeyWorks) ActiveX Control Buffer Overflow
ERS Viewer 2011 ERS File Handling Buffer Overflow
al ERS Viewer 2013 ERS File Handling Buffer Overflow
eSignal and eSignal Pro File Parsing Buffer Overflow in QUO
A eTrust PestPatrol ActiveX Control Buffer Overflow
ip Wizard 3.0 Stack Buffer Overflow
t Player Media Player 0.6b0 Buffer Overflow
Download Manager Torrent Parsing Buffer Overflow
eedDemon Stack Buffer Overflow
oxit PDF Reader 4.2 Javascript File Write
oxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow
PDF Reader v4.1.1 Title Stack Buffer Overflow
Free MP3 CD Ripper 1.1 WAV File Stack Buffer Overflow
gAlan 0.2.1 Buffer Overflow
M SIM Editor 5.15 Buffer Overflow
A SA-MP server.cfg Buffer Overflow
HTML Help Workshop 4.74 (hhp Project File) Buffer Overflow
HT-MP3Player 1.0 HT3 File Parsing Buffer Overflow
al IBM Forms Viewer Unicode Buffer Overflow
M Personal Communications iSeries Access WorkStation 5.9 Profile
X Stack Buffer Overflow
intDev IDEAL Migration Buffer Overflow
Irfanview JPEG2000 jp2 Stack Buffer Overflow
attice Semiconductor ispVM System XCF File Handling Overflow
KingView Log File Parsing Buffer Overflow
ttice Semiconductor PAC-Designer 6.21 Symbol Value Buffer Overflow
us Notes 8.0.x - 8.5.2 FP2 - Autonomy Keyview (.lzh Attachment)
od
Magix Musik Maker 16 .mmm Stack Buffer Overflow
McAfee Remediation Client ActiveX Control Buffer Overflow
McAfee SaaS MyCioScan ShowReport Remote Command Execution
MediaCoder .M3U Buffer Overflow
edia Jukebox 8.0.400 Buffer Overflow (SEH)
roP 0.1.1.1600 (MPPL File) Stack Buffer Overflow
Millenium MP3 Studio 2.0 (PLS File) Stack Buffer Overflow
Mini-Stream RM-MP3 Converter v3.1.2.1 PLS File Stack Buffer Overflow
MJM Core Player 2011 .s3m Stack Buffer Overflow
MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 .s3m Stack Buffer Overflow
e MOXA MediaDBPlayback ActiveX Control Buffer Overflow
MPlayer Lite M3U Buffer Overflow
MPlayer SAMI Subtitle File Buffer Overflow
MS09-067 Microsoft Excel Malformed FEATHEADER Record Vulnerability
Page 68
Sheet1
MS10-004 Microsoft PowerPoint Viewer TextBytesAtom Stack Buffer Overflow

MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow
t
MS10-087 Microsoft Word RTF pFragments Stack Buffer Overflow (File Format)
at
MS11-006 Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow
MS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow
S12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability
ge MS12-027 MSCOMCTL ActiveX Buffer Overflow
MS13-071 Microsoft Windows Theme File Handling Arbitrary Code Execution
S14-017 Microsoft Word RTF Object Confusion
nt MS14-060 Microsoft Windows OLE Package Manager Code Execution
MS13-096 Microsoft Tagged Image File Format (TIFF) Integer Overflow
Microsoft Works 7 WkImgSrv.dll WKsPictureInterface() ActiveX Code Execution
p Remote Control Client 9.5 Buffer Overflow
Nuance PDF Reader v6.0 Launch Stack Buffer Overflow
penOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
Orbit Downloader URL Unicode Conversion Overflow
bital Viewer ORB File Parsing Buffer Overflow
MWare OVF Tools Format String Vulnerability
ProShow Gold v4.0.2549 (PSH File) Stack Buffer Overflow
Photodex ProShow Producer 5.0.3256 load File Handling Buffer Overflow
Real Networks Netzip Classic 7.5.1 86 File Parsing Buffer Overflow Vulnerability
RealPlayer RealMedia File Handling Buffer Overflow
RealNetworks RealPlayer Version Attribute Buffer Overflow
d
SafeNet SoftRemote GROUPNAME Buffer Overflow
Cam Webcam Server v.2.6.5 Get() Method Buffer Overflow
cadaTEC ScadaPhone Stack Buffer Overflow
al Shadow Stream Recorder 3.0.1.7 Buffer Overflow
.O.M.P.L 1.0 Player Buffer Overflow
l Subtitle Processor 7.7.1 .M3U SEH Unicode Buffer Overflow
TFM MMPlayer (m3u/ppl File) Buffer Overflow
Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow
3.5 Zip File Parsing Buffer Overflow Vulnerability
SO CCD File Parsing Buffer Overflow
SO CUE File Parsing Buffer Overflow
RSoft W32Dasm Disassembler Function Buffer Overflow
CAD 2010-2.05 EN (DWB File) Stack Buffer Overflow
eoLAN VLC TiVo Buffer Overflow
yTools Video Spirit Pro
osoft Office Visio VISIODWG.DLL DXF File Handling Vulnerability
isiWave VWR File Parsing Vulnerability
VideoLAN VLC ModPlug ReadS3M Stack Buffer Overflow
Media Player RealText Subtitle Overflow
oLAN Client (VLC) Win32 smb:// URI Buffer Overflow
oLAN VLC MKV Memory Corruption
Player CUE Buffer Overflow
UPlayer M3U Buffer Overflow
Winamp MAKI Buffer Overflow
t WinRAR Filename Spoofing
Wireshark wiretap/mpeg.c Stack Buffer Overflow
Wireshark packet-dect.c Stack Buffer Overflow (local)
WM Downloader 3.1.2.2 Buffer Overflow
norate 2.50 (.xpl) Universal Local Buffer Overflow (SEH)
ion Audio Player 1.0.126 Unicode Stack Buffer Overflow
Page 69
Sheet1
Radio 0.95b Buffer Overflow

Zinf Audio Player 2.2.1 (PLS File) Stack Buffer Overflow
S PAM.dll ICQ Parser Buffer Overflow
o Firewall 2.1.4 Authentication Packet Overflow
FTP Client Stack Buffer Overflow
Com 3CDaemon 2.0 FTP Username Overflow
ync v2.2.1.0 (Win32) Stack Buffer Overflow (LIST)
y Server 2.34 STOR Command Stack Buffer Overflow
soluteFTP 1.9.6 - 2.2.10 LIST Command Remote Buffer Overflow
ar FTP 0.99g MKD Command Buffer Overflow
mSndFTP v1.3.7 Beta USER Format String (Write4) Vulnerability
nTech Dream FTP Server 1.02 Format String
asy File Sharing FTP Server 2.0 PASS Overflow
FTP Server CWD Command Stack Buffer Overflow
TP Server LIST Command Stack Buffer Overflow
yFTP Server MKD Command Stack Buffer Overflow
eCopa FTP Server Pre 18 Jul Version
Wrangler 5.30 Stack Buffer Overflow
Float FTP Server USER Command Buffer Overflow
eFloat FTP Server Arbitrary File Upload
TPd PASS Command Buffer Overflow
TPd 1.0 Username Overflow
PGetter Standard v3.55.0.05 Stack Buffer Overflow (PWD)
ad 1.2.0 Stack Buffer Overflow
PShell 5.1 Stack Buffer Overflow
Synchronizer Professional 4.0.73.274 Stack Buffer Overflow
kko Manager FTP Client Stack Buffer Overflow
balSCAPE Secure FTP Server Input Overflow
oldenFTP PASS Stack Buffer Overflow
PDX tolog() Function Format String Vulnerability
FTP 3.0.1 Stack Buffer Overflow
apWare LeapFTP v2.7.3.600 PASV Reply Client Overflow
09-053 Microsoft IIS FTP Server NLST Response Overflow
Term NetFTPD USER Buffer Overflow
ecure FTP 4.1 Stack Buffer Overflow (LIST)
pen-FTPD 1.2 Arbitrary File Upload
acle 9i XDB FTP PASS Overflow (win32)
acle 9i XDB FTP UNLOCK Overflow (win32)
AN FTP Server Post-Authentication STOR Command Stack Buffer Overflow
TP 2.9 Banner Remote Buffer Overflow
QuickShare File Server 1.2.1 Directory Traversal Vulnerability
DC DL-10 SR10 FTP USER Command Buffer Overflow
TP Server LIST Command Buffer Overflow
aSoft Sami FTP Server v2.02 USER Overflow
sser Worm avserve FTP PORT Buffer Overflow
P LIST Remote Buffer Overflow
ull FTP v3.3 Build 409 Stack Buffer Overflow
-U FTP Server Buffer Overflow
U FTPD MDTM Overflow
FTPd LIST Concatenation Overflow
ian FTP Client 3.01 PASV Remote Buffer Overflow
FTP Server 1.30.823 PORT Overflow
million FTP Daemon PORT Command Memory Corruption
ar-FTPD 1.65 Password Overflow
ar-FTPD 1.65 Username Overflow
Page 70
Sheet1
Imperial Software WFTPD 3.23 SIZE Overflow

Wing FTP Server Authenticated Command Execution
Ipswitch WS_FTP Server 5.05 XMD5 Overflow
FTP Client 3.0 PWD Remote Buffer Overflow
TP Client Buffer Overflow
TP Server Buffer Overflow
edal of Honor Allied Assault getinfo Stack Buffer Overflow
acer v0.5.3 Beta 5 Buffer Overflow
nreal Tournament 2004 "secure" Overflow (Win32)
ent Adobe RoboHelp Server 8 Arbitrary File Upload and Execute
lt-N SecurityGateway username Buffer Overflow
-N WebAdmin USER Buffer Overflow
Amlibweb NetOpacs webquery.dll Stack Buffer Overflow
ache Win32 Chunked Encoding
Apache Module mod_rewrite LDAP Protocol Buffer Overflow
ent Avaya IP Office Customer Call Reporter ImageUpload.ashx Remote Command Execution
adBlue 2.5 EXT.dll Buffer Overflow
dBlue 2.72b PassThru Buffer Overflow
BEA WebLogic JSESSIONID Cookie Value Overflow
Oracle Weblogic Apache Connector POST Request Buffer Overflow
BEA Weblogic Transfer-Encoding Buffer Overflow
kin Bulldog Plus Web Service Buffer Overflow
nt CA Arcserve D2D GWT RPC Credential Information Disclosure
CA iTechnology iGateway Debug Mode Buffer Overflow
ent CA Total Defense Suite reGenerateReports Stored Procedure SQL Injection
l Cogent DataHub Command Injection
mal Cogent DataHub HTTP Server Buffer Overflow
ldFusion 8.0.1 Arbitrary File Upload and Execute
clope Employee Surveillance Solution v6 SQL Injection
ManageEngine Desktop Central AgentLogUpload Arbitrary File Upload
llent ManageEngine Desktop Central StatusUpdate Arbitrary File Upload
P Server list.html path Stack Buffer Overflow
l eDirectory NDS Server Host Header Overflow
ectory 8.7.3 iMonitor Remote Stack Buffer Overflow
EFS Easy Chat Server Authentication Request Handling Buffer Overflow
Easy File Management Web Server Stack Buffer Overflow
ron 8.02 XSLT Transform Remote Code Execution
Ericom AccessNow Server Buffer Overflow
omeTech EzServer Stack Buffer Overflow Vulnerability
e Download Manager Remote Control Server Buffer Overflow
HP Intelligent Management Center BIMS UploadServlet Directory Traversal
P Intelligent Management Center Arbitrary File Upload
nt HP LoadRunner EmulationAdmin Web Service Directory Traversal
P Managed Printing Administration jobAcct Remote Command Execution
t
HP OpenView Network Node Manager getnnmdata.exe (Hostname) CGI Buffer Overflow
HP OpenView Network Node Manager getnnmdata.exe (ICount) CGI Buffer Overflow
HP OpenView Network Node Manager getnnmdata.exe (MaxAge) CGI Buffer Overflow
rmal HP OpenView NNM nnmRptConfig nameParams Buffer Overflow
mal HP OpenView NNM nnmRptConfig.exe schdParams Buffer Overflow
P OpenView Network Node Manager OpenView5.exe CGI Buffer Overflow
HP OpenView Network Node Manager ovalarm.exe CGI Buffer Overflow
OpenView NNM 7.53, 7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow
Page 71
Sheet1
HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow

P OpenView Network Node Manager OvWebHelp.exe CGI Buffer Overflow
HP OpenView Network Node Manager ovwebsnmpsrv.exe main Buffer Overflow
HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil Buffer Overflow
HP OpenView Network Node Manager ovwebsnmpsrv.exe Unrecognized Option Buffer Overflow
OpenView Network Node Manager Snmp.exe CGI Buffer Overflow
HP OpenView Network Node Manager snmpviewer.exe Buffer Overflow
P OpenView Network Node Manager Toolbar.exe CGI Buffer Overflow
HP OpenView Network Node Manager Toolbar.exe CGI Cookie Handling Buffer Overflow
HP OpenView Network Node Manager execvp_nc Buffer Overflow
at
HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow
ent HP OpenView Performance Insight Server Backdoor Account Code Execution
ent HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload
lent HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload
l HP Power Manager 'formExportDataLogs' Buffer Overflow
Hewlett-Packard Power Manager Administration Buffer Overflow
anual HP SiteScope Remote Code Execution
TPDX h_handlepeer() Function Buffer Overflow
TPDX tolog() Function Format String Vulnerability
ebMail 3.x Buffer Overflow
BM Tivoli Endpoint Manager POST Query Buffer Overflow
BM TPM for OS Deployment 5.1.0.x rembo.exe Buffer Overflow
BM Tivoli Storage Manager Express CAD Service Buffer Overflow
Race River Integard Home/Pro LoginAdmin Password Stack Buffer Overflow

erSystems Cache UtilConfigHome.csp Argument Buffer Overflow
rv 1.0 Buffer Overflow
pswitch WhatsUp Gold 8.03 Buffer Overflow
RA Issues Collector Directory Traversal
ent Kaseya uploadImage Arbitrary File Upload
HTTP Server HEAD Buffer Overflow
xcellent LANDesk Lenovo ThinkManagement Console Remote Command Execution
MailEnable Authorization Header Buffer Overflow
e ManageEngine Applications Manager Authenticated Code Execution
MaxDB WebDBM Database Parameter Overflow
McAfee ePolicy Orchestrator / ProtectionPilot Overflow
MDaemon WorldClient form2raw.cgi Stack Buffer Overflow
Minishare 1.4.1 Buffer Overflow
MiniWeb (Build 300) Arbitrary File Upload
aviCOPA 2.0.1 URL Handling Buffer Overflow
etDecision 4.5.1 HTTP Server Buffer Overflow
Novell iManager getMultiPartParameters Arbitrary File Upload
ell Zenworks Mobile Managment MDM.php Local File Inclusion Vulnerability
e Novell Messenger Server 2.0 Accept-Language Overflow
MS/MMS Gateway Buffer Overflow
acle 9i XDB HTTP PASS Overflow (win32)
racle Business Transaction Management FlashTunnelService Remote Code Execution
Oracle Endeca Server Remote Command Execution
ent Oracle Event Processing FileUploadServlet Arbitrary File Upload
acle Secure Backup Authentication Bypass/Command Injection Vulnerability
Cast URL Handling Buffer Overflow
mal PHP apache_request_headers Function Buffer Overflow
rivate Wire Gateway Buffer Overflow
PSO Proxy v0.91 Stack Buffer Overflow
Page 72
Sheet1
abidHamster R4 Log Entry sprintf() Buffer Overflow

etto HttpFileServer Remote Command Execution
Sambar 6 Search Results Buffer Overflow
e SAP NetWeaver HostControl Command Injection
P DB 7.4 WebTools Buffer Overflow
vant 3.1 Web Server Overflow
Rhinosoft Serv-U Session Cookie Buffer Overflow
HOUTcast DNAS/win32 1.9.4 File Request Format String Overflow
TPD URI-Encoded POST Request Overflow
ent Solarwinds Storage Manager 5.1.0 SQL Injection
Dell SonicWALL (Plixer) Scrutinizer 9 SQL Injection
Streamcast HTTP User-Agent Buffer Overflow
imple Web Server Connection Header Buffer Overflow
ybase EAServer 5.2 Remote Stack Buffer Overflow
ysax Multi Server 5.64 Create Folder Buffer Overflow
e TrackerCam PHP Argument Buffer Overflow
mara / BMC Track-It! FileStorageService Arbitrary File Upload
end Micro OfficeScan Remote Stack Buffer Overflow
a Mini HTTPD Stack Buffer Overflow
Umbraco CMS Remote Command Execution
cellent VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload
ster HTTP Server GET Buffer Overflow
ent XAMPP WebDAV PHP Upload
itami 2.5c2 Web Server If-Modified-Since Overflow
ellent Novell ZENworks Asset Management Remote Execution
Microsoft IIS WebDAV Write Access Code Execution
01-023 Microsoft IIS 5.0 Printer Host Header Overflow
MS01-026 Microsoft IIS/PWS CGI Filename Double Decode Command Execution
1-033 Microsoft IIS 5.0 IDQ Path Overflow
2-018 Microsoft IIS 4.0 .HTR Path Overflow
S02-065 Microsoft IIS MDAC msadcs.dll RDS DataStub Content-Type Overflow
MS03-007 Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow
25 Microsoft IIS MDAC msadcs.dll RDS Arbitrary Remote Command Execution
omm WorldMail 3.0 IMAPD LIST Buffer Overflow
l IMAP4D Delete Overflow
switch IMail IMAP SEARCH Buffer Overflow
lEnable IMAPD (2.34/2.35) Login Request Buffer Overflow
ilEnable IMAPD (1.54) STATUS Request Buffer Overflow
MailEnable IMAPD W3C Logging Buffer Overflow
Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow
Daemon 9.6.4 IMAPD FETCH Buffer Overflow
ge Mercur v5.0 IMAP SP3 SELECT Buffer Overflow
rcur Messaging 2005 IMAP Login Buffer Overflow
ercury/32 LOGIN Buffer Overflow
Mercury/32 v4.01a IMAP RENAME Buffer Overflow
Novell NetMail IMAP APPEND Buffer Overflow
Novell NetMail IMAP AUTHENTICATE Buffer Overflow
Novell NetMail IMAP STATUS Buffer Overflow
Novell NetMail IMAP SUBSCRIBE Buffer Overflow
MS00-094 Microsoft IIS Phone Book Service Overflow
MS03-022 Microsoft IIS ISAPI nsiislog.dll ISAPI POST Overflow
MS03-051 Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow
Microsoft IIS ISAPI RSA WebAgent Redirect Overflow
Page 73
Sheet1
rosoft IIS ISAPI w3who.dll Query String Overflow

LDAP Service Buffer Overflow
work Associates PGP KeyServer 7 LDAP Buffer Overflow
omputer Associates License Client GETCONFIG Overflow
omputer Associates License Server GETCONFIG Overflow
exNet License Server Manager lmgrd Buffer Overflow
SentinelLM UDP Buffer Overflow
t
AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass
Agnitum Outpost Internet Security Local Privilege Escalation
Windows AlwaysInstallElevated MSI
s Escalate UAC Execute RunAs
oft Bluetooth Personal Area Networking (BthPan.sys) Privilege Escalation
dows Escalate UAC Protection Bypass
Windows Escalate UAC Protection Bypass (In Memory Injection)
PsExec via Current User Token
and AuthIP IPsec Keyring Modules Service (IKEEXT) Missing DLL
AC.sys Arbitrary Write Privilege Escalation
indows SYSTEM Escalation via KiTrap0D
Windows Escalate Task Scheduler XML Privilege Escalation
MS11-080 AfdJoinLeaf Privilege Escalation
ent MS13-005 HWND_BROADCAST Low to Medium Integrity Privilege Escalation
Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)
age Windows TrackPopupMenuEx Win32k NULL Page
MS13-097 Registry Symlink IE Sandbox Escape
S14-009 .NET Deployment Service IE Sandbox Escape
mal Windows TrackPopupMenu Win32k NULL Pointer Dereference
14-002 Microsoft Windows ndproxy.sys Local Privilege Escalation
ovell Client 2 SP3 nicm.sys Local Privilege Escalation
ovell Client 4.91 SP4 nwfs.sys Local Privilege Escalation
dia (nvsvc) Display Driver Service Local Privilege Escalation
dows Manage Memory Payload Injection
ows Manage Persistent Payload Installer
t Windows Command Shell Upgrade (Powershell)
dows EPATHOBJ::pprFlattenRec Local Privilege Escalation
ndows Manage User Level Persistent Payload Installer

ndows Escalate Service Permissions Local Privilege Escalation
Windows Service Trusted Path Privilege Escalation
VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation
VirtualBox 3D Acceleration Virtual Machine Escape
sistent Payload in Windows Volume Shadow Copy
s Management Instrumentation (WMI) Remote Command Execution
ge IBM Lotus Domino Web Server Accept-Language Stack Buffer Overflow
IBM Lotus Domino iCalendar MAILTO Buffer Overflow
e IBM Lotus Domino Sametime STMux.exe Stack Buffer Overflow
s Notes 8.0.x - 8.5.2 FP2 - Autonomy Keyview (.lzh Attachment)
Hummingbird Connectivity 10 SP5 LPD Buffer Overflow
PLPD 6.28 Buffer Overflow

nComLPD Buffer Overflow
ActFax 5.01 RAW Server Buffer Overflow
AgentX++ Master AgentX::receive_agentx Stack Buffer Overflow
LLMediaServer 0.8 Buffer Overflow
antec Altiris DS SQL Injection
al Apple QuickTime 7.3 RTSP Response Header Buffer Overflow
Page 74
Sheet1
Asus Dpcproxy Buffer Overflow

l Avaya WinPMD UniteHostRouter Buffer Overflow
vid Media Composer 5.5 - Avid Phonetic Indexer Buffer Overflow
BakBone NetVault Remote Heap Overflow
Coat Authentication and Authorization Agent (BCAAA) 5 Buffer Overflow
Ant Server 2.2 Buffer Overflow
gAnt Server 2.50 SP1 Buffer Overflow
nt BigAnt Server DUPF Command Arbitrary File Upload
BigAnt Server 2 SCH And DUPF Buffer Overflow
gAnt Server 2.52 USV Buffer Overflow
Bomberclone 0.11.6 Buffer Overflow
pup Communications Server Buffer Overflow
orland Interbase Create-Request Buffer Overflow
orland CaliberRM StarTeam Multicast Service Buffer Overflow
trix Provisioning Services 5.6 streamprocess.exe Buffer Overflow
al Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020000 Buffer Overflow
normal Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020004 Buffer Overflow
Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020002 Buffer Overflow
l Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020006 Buffer Overflow
bleTake/HP StorageWorks Storage Mirroring Service Authentication Overflow
IQNetworks ESA License Manager LICMGR_ADDLICENSE Overflow
eIQNetworks ESA Topology DELETEDEVICE Overflow
Enterasys NetSight nssyslogd.exe Buffer Overflow
reka Email 2.2q ERR Remote Buffer Overflow
ebird Relational Database CNCT Group Number Buffer Overflow
Firebird Relational Database isc_attach_database() Buffer Overflow
Firebird Relational Database isc_create_database() Buffer Overflow
ebird Relational Database SVC_attach() Buffer Overflow
MP script-fu Server Buffer Overflow
HP Data Protector Cell Request Service Buffer Overflow
HP Data Protector DtbClsLogin Buffer Overflow
nt HP Data Protector Backup Client Service Remote Code Execution
HP Data Protector Create New Folder Buffer Overflow
HP Data Protector Backup Client Service Directory Traversal
Intelligent Management Center UAM Buffer Overflow
HP LoadRunner magentproc.exe Overflow
HP Diagnostics Server magentservice.exe Overflow
OmniInet.exe MSG_PROTOCOL Buffer Overflow
OmniInet.exe MSG_PROTOCOL Buffer Overflow
OmniInet.exe Opcode 27 Buffer Overflow
OmniInet.exe Opcode 20 Buffer Overflow
al HP Operations Agent Opcode coda.exe 0x34 Buffer Overflow
al HP Operations Agent Opcode coda.exe 0x8c Buffer Overflow
OpenView Operations OVTrace Buffer Overflow
Borland InterBase isc_attach_database() Buffer Overflow
Borland InterBase isc_create_database() Buffer Overflow
and InterBase SVC_attach() Buffer Overflow
al IBM Cognos tm1admsd.exe Overflow
IBM System Director Agent DLL Injection
BM Tivoli Storage Manager Express CAD Service Buffer Overflow
IBM Tivoli Storage Manager Express RCA Service Buffer Overflow
Apple iTunes 10 Extended M3U Stack Buffer Overflow
ANDesk Management Suite 8.7 Alert Service Buffer Overflow
ja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow
Mercury/32 PH Server Module Buffer Overflow
Page 75
Sheet1
-Stream 3.0.1.1 Buffer Overflow

mIRC PRIVMSG Handling Stack Buffer Overflow
MS07-064 Microsoft DirectX DirectShow SAMI Buffer Overflow
MS10-104 Microsoft Office SharePoint Server 2007 Remote Code Execution
at v1.10 NT Stack Buffer Overflow
ransport Download Manager 2.90.510 Buffer Overflow
son Ivy Server Buffer Overflow
OP Peeper v3.4 DATE Buffer Overflow
OP Peeper v3.4 UIDL Buffer Overflow
owerShell Payload Web Delivery
ek Media Player Playlist Buffer Overflow

AP Business One License Manager 2005 Buffer Overflow
SAP NetWeaver Dispatcher DiagTraceR3Info Buffer Overflow
xNOTE 6.net Font Field Overflow
good
SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write
SPlayer 3.7 Content-Type Buffer Overflow
oCSoft StreamDown 6.8.0 Buffer Overflow
alkative IRC v0.4.4.16 Response Buffer Overflow
TinyIdentD 2.2 Stack Buffer Overflow
d
TrendMicro Control Manger CmdProcessor.exe Stack Buffer Overflow
Alien Invasion IRC Client Buffer Overflow
ndows RSH Daemon Buffer Overflow
eshark console.lua Pre-Loading Script Execution
reat
Windows Media Services ConnectFunnel Stack Buffer Overflow
Timbuktu Pro Directory Traversal/File Upload
ent Lyris ListManager MSDE Weak sa Password
MS02-039 Microsoft SQL Server Resolution Overflow
S02-056 Microsoft SQL Server Hello Overflow
MS09-004 Microsoft SQL Server sp_replwritetovarbin Memory Corruption
ellent MS09-004 Microsoft SQL Server sp_replwritetovarbin Memory Corruption via SQL Injection
crosoft SQL Server Database Link Crawling Command Execution
icrosoft SQL Server Payload Execution
Microsoft SQL Server Payload Execution via SQL Injection
cle MySQL for Microsoft Windows MOF Execution
racle MySQL for Microsoft Windows Payload Execution
Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
NFS Server Buffer Overflow
S05-030 Microsoft Outlook Express NNTP Response Parsing Buffer Overflow
FR Agent FSFUI Record File Upload RCE
Novell GroupWise Messenger Client Buffer Overflow
etIQ Privileged User Manager 2.3.1 ldapagnt_eval() Remote Perl Code Execution
ell NetMail NMAP STOR Buffer Overflow
Novell ZENworks 6.5 Desktop/Server Management Overflow
l Novell ZENworks Configuration Management Preboot Service 0x21 Buffer Overflow
l Novell ZENworks Configuration Management Preboot Service 0x4c Buffer Overflow
Novell ZENworks Configuration Management Preboot Service 0x06 Buffer Overflow
l Novell ZENworks Configuration Management Preboot Service 0x6c Buffer Overflow
ent Oracle Database Client System Analyzer Arbitrary File Upload
Job Scheduler Named Pipe Command Execution
racle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow
acle 8i TNS Listener (ARGUMENTS) Buffer Overflow
acle 10gR2 TNS Listener AUTH_SESSKEY Buffer Overflow
Page 76
Sheet1
racle 8i TNS Listener SERVICE_NAME Buffer Overflow

ttle Lab Mail 5.5 POP3 Buffer Overflow
PostgreSQL for Microsoft Windows Payload Execution
CCProxy Telnet Proxy Ping Overflow
oxy-Pro Professional GateKeeper 4.7 GET Request Overflow
Qbik WinGate WWW Proxy Server URL Processing Overflow
ABB MicroSCADA wserver.exe Remote Code Execution
CitectSCADA/CitectFacilities ODBC Buffer Overflow
ellent SCADA 3S CoDeSys Gateway Server Directory Traversal
SCADA 3S CoDeSys CmpWebServer Stack Buffer Overflow
qFactory HMI NETB Request Overflow
Siemens FactoryLink 8 CSService Logging Path Param Buffer Overflow
Siemens FactoryLink vrn.exe Opcode 9 Buffer Overflow
t GE Proficy CIMPLICITY gefebt.exe Remote Code Execution
onics GENESIS32 Integer Overflow Version 9.21.201.01
7-Technologies IGSS IGSSdataServer.exe Stack Buffer Overflow
al 7-Technologies IGSS 9 IGSSdataServer .RMS Rename Buffer Overflow
echnologies IGSS 9 Data Server/Collector Packet Handling Vulnerabilities
eractive Graphical SCADA System Remote Command Injection
nt InduSoft Web Studio Arbitrary Upload Remote Code Execution
OXA Device Manager Tool 2.1 Buffer Overflow
Procyon Core Server HMI Coreservice.exe Stack Buffer Overflow
C RealWin SCADA Server Buffer Overflow
DATAC RealWin SCADA Server 2 On_FC_CONNECT_FCS_a_FILE Buffer Overflow
ealWin SCADA Server DATAC Login Buffer Overflow
ATAC RealWin SCADA Server SCPC_INITIALIZE Buffer Overflow
DATAC RealWin SCADA Server SCPC_INITIALIZE_RF Buffer Overflow
DATAC RealWin SCADA Server SCPC_TXTEVENT Buffer Overflow
Measuresoft ScadaPro Remote Command Execution
Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57
co Sistemi Winlog Buffer Overflow
Sielco Sistemi Winlog Buffer Overflow 2.07.14 - 2.07.16
l Yokogawa CENTUM CS 3000 BKBCopyD.exe Buffer Overflow
al Yokogawa CS3000 BKESimmgr.exe Buffer Overflow
Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow
e Yokogawa CENTUM CS 3000 BKHOdeq.exe Buffer Overflow
Triton 1.0.4 CSeq Buffer Overflow
Pfoundry sipXezPhone 0.35a CSeq Field Overflow
oundry sipXphone 2.6.0.27 CSeq Buffer Overflow
MS03-049 Microsoft Workstation Service NetAddAlternateComputerName Overflow
4-007 Microsoft ASN.1 Library Bitstring Heap Overflow
S04-011 Microsoft LSASS Service DsRolerUpgradeDownlevelServer Overflow
S05-039 Microsoft Plug and Play Service Overflow
MS06-025 Microsoft RRAS Service RASMAN Registry Overflow
MS06-025 Microsoft RRAS Service Overflow
MS06-040 Microsoft Server Service NetpwPathCanonicalize Overflow
MS06-066 Microsoft Services nwapi32.dll Module Exploit
MS06-066 Microsoft Services nwwks.dll Module Exploit
MS06-070 Microsoft Workstation Service NetpManageIPCConnect Overflow
nual MS07-029 Microsoft DNS RPC Service extractQuotedChar() Overflow (SMB)
S08-067 Microsoft Server Service Relative Path Stack Corruption
good
MS09-050 Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference
Page 77
Sheet1
MS10-061 Microsoft Print Spooler Service Impersonation Vulnerability

ovell NetIdentity Agent XTIERRPCPIPE Named Pipe Buffer Overflow
soft Windows Authenticated User Code Execution
crosoft Windows Authenticated Powershell Command Execution
8-068 Microsoft Windows SMB Relay Code Execution
t
Timbuktu PlughNTCommand Named Pipe Buffer Overflow
Mercury Mail SMTP AUTH CRAM-MD5 Buffer Overflow
ood
MS03-046 Exchange 2000 XEXCH50 Heap Overflow
Star Communicator 3.00 MiniSMTP Buffer Overflow
tiaCom WMailserver 1.0 Buffer Overflow
YPOPS 0.6 Buffer Overflow
FreeFTPd 1.0.10 Key Exchange Algorithm String Buffer Overflow
Freesshd Authentication Bypass
FreeSSHd 1.0.9 Key Exchange Algorithm String Buffer Overflow
cureCRT SSH1 Buffer Overflow

Sysax 5.53 SSH Username Buffer Overflow
S04-011 Microsoft Private Communications Transport Overflow
GAMSoft TelSrv 1.5 Username Buffer Overflow
oodTech Telnet Server Buffer Overflow
ied Telesyn TFTP Server 1.9 Long Filename Overflow
inct TFTP 3.10 Writable Directory Traversal Execution
ink TFTP 1.0 Long Filename Buffer Overflow
FutureSoft TFTP Server 2000 Transfer-Mode Overflow
etDecision 4.2 TFTP Writable Directory Traversal Execution
penTFTP SP 1.4 Error Packet Overflow
uick FTP Pro 2.1 Transfer-Mode Overflow
FTPD32 Long Filename Buffer Overflow
TPDWIN v0.4.2 Long Filename Buffer Overflow
TP Server for Windows 1.4 ST WRQ Buffer Overflow
CTftpSvc TFTP Long Mode Buffer Overflow
A CAM log_security() Stack Buffer Overflow (Win32)
VNC 3.3.7 Client Buffer Overflow
VNC 1.0.1 Client Buffer Overflow
traVNC 1.0.2 Client (vncviewer.exe) Buffer Overflow
nVNC Web Server GET Overflow
feNet SoftRemote IKE Service Buffer Overflow
WinRM Script Exec Remote Code Execution
S04-045 Microsoft WINS Service Memory Overwrite
er, Dalvik Reverse HTTP Stager

er, Dalvik Reverse HTTPS Stager
er, Dalvik Reverse TCP Stager
ik Reverse HTTP Stager
Page 78
Sheet1
ik Reverse HTTPS Stager

k Reverse TCP Stager
er Service, Reverse TCP Inline

l, Bind TCP Stager (IPv6)
ell, Reverse TCP Stager (IPv6)
ll, Bind TCP Inline (IPv6)
ell, Reverse TCP Inline (IPv6)
, Reverse TCP Stager
ell, Bind TCP (via netcat -e)

Shell, Bind TCP (via netcat -e) IPv6
Bind TCP (via nodejs)
Bind TCP (via perl) IPv6
, Bind TCP (via Ruby) IPv6
with Established Connection

ouble Reverse TCP (telnet)
Reverse TCP (via AWK)
Reverse TCP (/dev/tcp)
hell, Reverse TCP SSL (telnet)
Reverse TCP (via Lua)
Reverse TCP (via netcat)
hell, Reverse TCP (via netcat -e)
, Reverse TCP (via nodejs)
l, Double Reverse TCP SSL (openssl)
Reverse TCP (via Perl)
, Reverse TCP SSL (via perl)
l, Reverse TCP SSL (via php)
, Reverse TCP (via Python)
ell, Reverse TCP SSL (via python)
Reverse TCP (via Ruby)
l, Reverse TCP SSL (via Ruby)
Shell, Double Reverse TCP SSL (telnet)
Reverse TCP (via Zsh)
Page 79
Sheet1
Shell, Bind TCP (via Lua)

Shell, Bind TCP (via Perl)
d Shell, Bind TCP (via perl) IPv6
Shell, Bind TCP (via Ruby)
table Download and Evaluate VBS
utable Download and Execute (via .vbs)
Generic Command Execution
Shell, Reverse TCP (via Lua)
, Double Reverse TCP Connection (via Perl)
and Shell, Reverse TCP (via Powershell)
d Shell, Reverse TCP (via Ruby)
CP (via Firefox XPCOM script)

rse TCP (via Firefox XPCOM script)
hell, Reverse TCP Inline
Shell, Reverse TCP Inline
ava Reverse HTTP Stager

ava Reverse HTTPS Stager
va Reverse TCP Stager
Shell, Bind TCP Stager

d Shell, Reverse TCP Stager
ell, Reverse TCP Inline
ell, Reverse TCP Stager
ll, Reverse TCP Stager
Page 80
Sheet1
Shell, Bind TCP Random Port Inline
Bind TCP Stager (IPv6)
r, Reverse TCP Stager (IPv6)

er, Reverse TCP Stager
ervice, Reverse TCP Inline
ll, Bind TCP Stager (IPv6)
ell, Reverse TCP Stager (IPv6)

hell, Reverse TCP Stager
ell, Bind TCP Inline (IPv6)
Shell, Bind TCP Random Port Inline
ll, Reverse TCP Inline - Metasm Demo

Shell, Reverse TCP Stager
verse TCP SSL (via nodejs)

cute Binary, Bind TCP Stager
ecute Binary, Reverse TCP Stager
ll, Reverse TCP Stager

Shell, Bind TCP Inline
d Shell, Reverse TCP Inline
mand Shell, Bind TCP Stager

mand Shell, Reverse TCP Stager
ch-O Bundle, Bind TCP Stager

ach-O Bundle, Reverse TCP Stager
Page 81
Sheet1
hoto Capture, Bind TCP Stager

Photo Capture, Reverse TCP Stager
nd Shell, Bind TCP Stager

and Shell, Reverse TCP Stager
nd Shell, Bind TCP Inline
and Shell, Reverse TCP Inline
ind TCP (via perl) IPv6
Bind TCP (via php) IPv6
HP Reverse TCP Stager
Reverse TCP Connection (via Perl)

everse TCP (via PHP)
Python Bind TCP Stager

, Python Reverse TCP Stager
verse TCP SSL (via python)
tion, Bind TCP Stager (IPv6)

ction, Bind TCP Stager (No NX or Win7)
tion, Bind TCP Stager (RC4 Stage Encryption)

n, Find Tag Ordinal Stager
ection, Reverse Hop HTTP Stager
ion, Reverse HTTP Stager
ection, Reverse TCP Stager (IPv6)
ection, Reverse TCP Stager (No NX or Win7)
ction, Reverse Ordinal TCP Stager (No NX or Win7)
ion, Reverse TCP Stager
ection, Reverse All-Port TCP Stager
ection, Reverse TCP Stager (DNS)
ction, Reverse TCP Stager (RC4 Stage Encryption)
njection, Reverse TCP Stager (RC4 Stage Encryption DNS)
Payload Download and Execution
Page 82
Sheet1
e Download (http,https,ftp) and Execute
reter (Reflective Injection), Bind TCP Stager (IPv6)

preter (Reflective Injection), Bind TCP Stager (No NX or Win7)
er (Reflective Injection), Bind TCP Stager
eter (Reflective Injection), Bind TCP Stager (RC4 Stage Encryption)
er (Reflective Injection), Find Tag Ordinal Stager
preter (Reflective Injection), Reverse Hop HTTP Stager
eter (Reflective Injection), Reverse HTTP Stager
eter (Reflective Injection), Reverse HTTPS Stager
erpreter (Reflective Injection), Reverse HTTPS Stager with Support for Custom Proxy
preter (Reflective Injection), Reverse TCP Stager (IPv6)
rpreter (Reflective Injection), Reverse TCP Stager (No NX or Win7)
preter (Reflective Injection), Reverse Ordinal TCP Stager (No NX or Win7)
eter (Reflective Injection), Reverse TCP Stager
rpreter (Reflective Injection), Reverse All-Port TCP Stager
preter (Reflective Injection), Reverse TCP Stager (DNS)
preter (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption)
erpreter (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption DNS)
ter Service, Reverse TCP Inline

DLL, Bind TCP Stager (IPv6)
DLL, Bind TCP Stager (No NX or Win7)
DLL, Bind TCP Stager (RC4 Stage Encryption)

L, Find Tag Ordinal Stager
t DLL, Reverse TCP Stager (IPv6)
ct DLL, Reverse TCP Stager (No NX or Win7)
DLL, Reverse Ordinal TCP Stager (No NX or Win7)
DLL, Reverse TCP Stager
ct DLL, Reverse All-Port TCP Stager
t DLL, Reverse TCP Stager (DNS)
DLL, Reverse TCP Stager (RC4 Stage Encryption)
ect DLL, Reverse TCP Stager (RC4 Stage Encryption DNS)
erpreter (skape/jt Injection), Bind TCP Stager (IPv6)
terpreter (skape/jt Injection), Bind TCP Stager (No NX or Win7)
preter (skape/jt Injection), Bind TCP Stager
erpreter (skape/jt Injection), Bind TCP Stager (RC4 Stage Encryption)
preter (skape/jt Injection), Find Tag Ordinal Stager
eterpreter (skape/jt Injection), Reverse TCP Stager (IPv6)
Meterpreter (skape/jt Injection), Reverse TCP Stager (No NX or Win7)
eterpreter (skape/jt Injection), Reverse Ordinal TCP Stager (No NX or Win7)
erpreter (skape/jt Injection), Reverse TCP Stager
Meterpreter (skape/jt Injection), Reverse All-Port TCP Stager
eterpreter (skape/jt Injection), Reverse TCP Stager (DNS)
eterpreter (skape/jt Injection), Reverse TCP Stager (RC4 Stage Encryption)
Meterpreter (skape/jt Injection), Reverse TCP Stager (RC4 Stage Encryption DNS)
Shell, Bind TCP Stager (IPv6)
d Shell, Bind TCP Stager (No NX or Win7)
Shell, Bind TCP Stager (RC4 Stage Encryption)

hell, Find Tag Ordinal Stager
nd Shell, Reverse Hop HTTP Stager
Page 83
Sheet1
Shell, Reverse HTTP Stager

d Shell, Reverse TCP Stager (IPv6)
nd Shell, Reverse TCP Stager (No NX or Win7)
d Shell, Reverse Ordinal TCP Stager (No NX or Win7)
Shell, Reverse TCP Stager
nd Shell, Reverse All-Port TCP Stager
d Shell, Reverse TCP Stager (DNS)
d Shell, Reverse TCP Stager (RC4 Stage Encryption)
and Shell, Reverse TCP Stager (RC4 Stage Encryption DNS)
Windows ICF, Command Shell, Bind TCP Inline

nd Shell, Hidden Bind TCP Inline
Shell, Reverse TCP Inline
PI - Say "You Got Pwned!"
Execute, Bind TCP Stager (IPv6)
Execute, Bind TCP Stager (No NX or Win7)
ecute, Bind TCP Stager
Execute, Bind TCP Stager (RC4 Stage Encryption)
ecute, Find Tag Ordinal Stager
d/Execute, Reverse Hop HTTP Stager
xecute, Reverse HTTP Stager
/Execute, Reverse TCP Stager (IPv6)
d/Execute, Reverse TCP Stager (No NX or Win7)
/Execute, Reverse Ordinal TCP Stager (No NX or Win7)
xecute, Reverse TCP Stager
d/Execute, Reverse All-Port TCP Stager
/Execute, Reverse TCP Stager (DNS)
/Execute, Reverse TCP Stager (RC4 Stage Encryption)
ad/Execute, Reverse TCP Stager (RC4 Stage Encryption DNS)
ctive Injection), Bind TCP Stager (IPv6)
ective Injection), Bind TCP Stager (No NX or Win7)
ve Injection), Bind TCP Stager
ctive Injection), Bind TCP Stager (RC4 Stage Encryption)
ve Injection), Find Tag Ordinal Stager
lective Injection), Reverse Hop HTTP Stager
ctive Injection), Reverse HTTP Stager
lective Injection), Reverse TCP Stager (IPv6)
flective Injection), Reverse TCP Stager (No NX or Win7)
ective Injection), Reverse Ordinal TCP Stager (No NX or Win7)
ctive Injection), Reverse TCP Stager
flective Injection), Reverse All-Port TCP Stager
lective Injection), Reverse TCP Stager (DNS)
ective Injection), Reverse TCP Stager (RC4 Stage Encryption)
eflective Injection), Reverse TCP Stager (RC4 Stage Encryption DNS)
erpreter, Windows x64 Bind TCP Stager

Meterpreter, Windows x64 Reverse HTTPS Stager
eterpreter, Windows x64 Reverse TCP Stager
and Shell, Windows x64 Bind TCP Stager
mand Shell, Windows x64 Reverse HTTPS Stager
mand Shell, Windows x64 Reverse TCP Stager
mand Shell, Bind TCP Inline
mand Shell, Reverse TCP Inline
Server (Reflective Injection), Windows x64 Bind TCP Stager
Page 84
Sheet1
C Server (Reflective Injection), Windows x64 Reverse HTTPS Stager

C Server (Reflective Injection), Windows x64 Reverse TCP Stager
re Cross-Site Request Forgery Password Reset Vulnerability

TV Image Remote Control
V Video Remote Control
ckup Exec Windows Remote File Access
kup Exec Server Registry Access
ecast Factory Reset DoS
mecast YouTube Remote Control
Secure ACS Unauthorized Password Change
sco VPN Concentrator 3000 FTP Unauthorized Administrative Access
2 db2rcmd.exe Command Execution Vulnerability
eDirectory DHOST Predictable Session Cookie
rectory eMBox Unauthenticated File Access
al EMC AlphaStor Device Manager Arbitrary Command Execution
EMC AlphaStor Library Manager Arbitrary Command Execution
P Data Protector 6.1 EXEC_CMD Command Execution
HP Intelligent Management SOM Account Creation
n Arbitrary File Read and Delete
al Red Hat CloudForms Management Engine 5.1 miq_policy/explorer SQL Injection
Keeper Web Appliance mimencode File Access
D-Link DIR-600 / DIR-300 Unauthenticated Remote Command Execution
nk DIR 645 Password Extractor
nk DSL 320B Password Extractor
al Foreman (Red Hat OpenStack/Satellite) users/create Mass Assignment
P Web JetAdmin 6.5 Server Arbitrary Command Execution
065 Microsoft IIS 5 NTFS Stream Authentication Bypass
(Boa) HTTPd Basic Authentication Password Reset
ga StorCenter Pro NAS Web Authentication Bypass
X Console Beanshell Deployer WAR Upload and Deployment
s Seam 2 Remote Command Execution
llo (Red Hat Satellite) users/update_roles Missing Authorization
Linksys E1500/E2500 Remote Command Execution
al Linksys WRT120N tmUnblock Stack Buffer Overflow
sys WRT54GL Remote Command Execution
Mutiny 5 Arbitrary File Read and Delete
XXE Arbitrary File Read
le Reporter Agent Arbitrary File Delete
bravo ERP XXE Arbitrary File Read
by on Rails Devise Authentication Password Reset
r Scrutinizer NetFlow and sFlow Analyzer HTTP Authentication Bypass
phos Web Protection Appliance patience.cgi Directory Traversal
dministration Tool Default Access
TF-8 Directory Traversal Vulnerability
cro Data Loss Prevention 5.5 Directory Traversal
PO3 sa-2009-001 Weak Encryption Key File Disclosure
o3 sa-2009-002 File Disclosure
a-2010-020 Remote File Disclosure
Page 85
Sheet1
O3 Winstaller Default Encryption Keys

ulletin Administrator Account Creation
WordPress custom-contact-forms Plugin SQL Upload
EL GS1510-16 Password Extractor
AP MaxDB cons.exe Remote Command Injection
SerComm Device Configuration Dump
rola WR850G v4.03 Credentials

rosoft Host Integration Server 2006 Command Execution Vulnerability
SQL Server Configuration Enumerator
soft SQL Server - Escalate Db_Owner
osoft SQL Server - SQLi Escalate Db_Owner
QL Server xp_cmdshell Command Execution
soft SQL Server - Find and Sample Data
L Server - Interesting Data Finder
SQL Server NTLM Stealer
oft SQL Server NTLM Stealer - SQLi
L Server Generic Query
QL Server Generic Query from File
ro OfficeScanNT Listener Traversal Arbitrary File Access

e SMB Relay Code Execution
Secure Backup exec_qr() Command Injection Vulnerability

Secure Backup Authentication Bypass/Command Injection Vulnerability
Secure Backup Authentication Bypass/Command Injection Vulnerability
Oracle Java execCommand (Win32)
Oracle URL Download
NS Listener SID Brute Forcer
NS Listener Command Issuer
op2d Remote File Retrieval Vulnerability
QL Server Generic Query
L Server Generic Query
SAP ConfigServlet OS Command Execution
Management Console OSExecute
mal Advantech WebAccess SQL Injection
GE Proficy Cimplicity WebView substitute.bcl Directory Traversal
chneider Modicon Remote START/STOP Command
l Schneider Modicon Quantum Password Recovery
chneider Modicon Ladder Logic Upload/Download
en-Bradley/Rockwell Automation EtherNet/IP CIP Commands
Yokogawa BKBCopyD.exe Client
rverProtect File Access
er Check File/Directory Utility
ft Windows Authenticated Administration Utility

TDS.dit And SYSTEM Hive Download Utility
a Symlink Directory Traversal
Page 86
Sheet1
aris KCMS + TTDB Arbitrary File Read
Power Off Virtual Machine

Power On Virtual Machine
are Terminate ESX Login Sessions

lVNC NULL Authentication Mode Bypass
pple Airport Extreme Password Extraction (WDBRPC)
k i2eye Video Conference AutoAnswer (WDBRPC)
Works WDB Agent Remote Memory Dump
WDB Agent Remote Reboot
ebmin edit_html.cgi file Parameter Traversal Arbitrary File Access
erver Java Bridge Design Flaw Remote Code Execution
r Password Cracker (Fast Mode)

inux Password Cracker
er MS SQL Password Cracker (Fast Mode)
er MySQL Password Cracker (Fast Mode)
er Oracle Password Cracker (Fast Mode)
per Postgres SQL Password Cracker
o IOS HTTP GET /%% Request Denial of Service

Zero Length ClientID Denial of Service Module
Remote NFS RPC Request Denial of Service
a Protector Manager RDS DOS
om SuperStack Switch Denial of Service
Apache Commons FileUpload and Apache Tomcat DoS
he mod_isapi Dangling Pointer
he Range Header DoS (Apache Killer)
Apache Tomcat Transfer-Encoding Information Disclosure and DoS
n Wireless Printer Denial Of Service
OpenManage POST Request Heap Overflow (win32)
emory Bomb Denial Of Service
ey HTTPD Header Parsing Denial of Service (DoS)

HTTP Pipelining Denial of Service
R Agent Heap Overflow Vulnerability
Rails Action View MIME Memory Exhaustion
n Rails JSON Processor Floating Point Heap Overflow DoS
WALL SSL-VPN Format String Vulnerability
EBrick::HTTP::DefaultFileHandler DoS
dpress XMLRPC DoS
IBM Lotus Sametime WebPlayer DoS

Remote Denial of Service
org ntpd Reserved Mode Denial of Service
02-063 PPTP Malformed Control Data Kernel Denial of Service
a_io_privilege_set Heap Overflow
Page 87
Sheet1
lsa_io_trans_names Heap Overflow

ad_nttrans_ea_list Integer Overflow
OAP EPS_DELETE_FILE File Deletion
off TwinCAT SCADA PLC 2.11.0.2004 DoS
ral Electric D20ME TFTP Server Buffer Overflow DoS
hnologies IGSS 9 IGSSdataServer.exe DoS
gawa CENTUM CS 3000 BKCLogSvr.exe Heap Buffer Overflow
mail SMTP Address prescan Memory Corruption
nSSL DTLS ChangeCipherSpec Remote DoS

SSL DTLS Fragment Buffer Overflow DoS
L TLS 1.1 and 1.2 AES-NI DoS
g Long Tag Off-By-Two DoS
S Malformed TCP Option
PnPd 1.4 Denial of Service (DoS) Exploit

pian Enterprise Business Suite 5.6 SP1 DoS
al Microsoft Windows EOT Font Table Directory Integer Overflow
Zilla FTP Server Admin Interface Denial of Service
illa FTP Server Malformed PORT Denial of Service
FTPd 0.999.8.11/0.999.14 Heap Corruption
osoft IIS FTP Server Encoded Response Overflow Trigger
osoft IIS FTP Server LIST Stack Exhaustion
FTP Server Malformed USER Denial of Service
FTP Server 6.26.630 SITE WHO DoS
FTP Server 5.0 LIST DoS
TP 2.3.0 NLST Denial of Service
Easy Personal FTP Server 5.6.0 NLST DoS
Easy Personal FTP Server 5.7.0 NLST DoS
a 0.86 Server Denial of Service
Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service
Microsoft Windows DNSAPI.dll LLMNR Buffer Underrun DoS

soft Windows NAT Helper Denial of Service
al MS12-020 Microsoft Remote Desktop Use-After-Free DoS
oft Plug and Play Service Registry Overflow
Microsoft SRV.SYS Mailslot Write Corruption
oft SRV.SYS Pipe Transaction No Null
oft SRV.SYS WriteAndX Invalid DataOffset
al Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference
Microsoft SRV2.SYS SMB2 Logoff Remote Kernel NULL Pointer Dereference
al Microsoft Windows 7 / Server 2008 R2 SMB Client Infinite Loop
Microsoft Windows SRV.SYS SrvSmbQueryFsInformation Pool Overflow DoS
rosoft Windows Browser Pool DoS
crosoft RRAS InterfaceAdjustVLSPointers NULL Dereference
oft Vista SP0 SMB Negotiate Protocol DoS
MS06-019 Exchange MODPROP Heap Overflow
Sysax Multi-Server 6.10 SSHD Key Exchange Denial of Service
tTrap TFTP Server 2.2.5459.0 DoS
Winds TFTP Server 10.4.0.10 Denial of Service
ark CAPWAP Dissector DoS
ark chunked_encoding_dissector Function DOS
k CLDAP Dissector DOS
LDAP Dissector DOS
Page 88
Sheet1
Request URI Fuzzer (Incrementing Lengths)

Request URI Fuzzer (Fuzzer Strings)
egotiate SMB2 Dialect Corruption

ate Pipe Request Fuzzer
Create Pipe Request Corruption
egotiate Dialect Corruption
NTLMv1 Login Request Corruption
e Connect Request Fuzzer
Tree Connect Request Corruption
Exchange Init Corruption
ol Login Request Corruption Fuzzer

ocol Login Request Username Fuzzer
Vault Authenticated SQL Injection Arbitrary File Read
enVault Authenticated SQL Injection Arbitrary File Read
ntent Provider File Disclosure
Open Source Platform (AOSP) Browser UXSS
ve User Information Disclosure
pple Safari .webarchive File Format UXSS
kPoint Firewall-1 SecuRemote Topology Service Hostname Disclosure
aFrame ICA Published Applications Scanner

aFrame ICA Published Applications Bruteforcer
Fusion 'password.properties' Hash Extraction
Company ID Information Search
tch Company Name Information Search
ectric D20 Password Recovery
Recursive Record Scraper
se Lookup Enumeration
n Service Record Enumeration
Wamp 'jqueryFileTree.php' Traversal Gather Credentials
OpenID External Entity Injection
rk Shutdown Module sort_values Credential Dumper
A v10.0 Unauthenticated XXE Arbitrary File Read
canner and Enumerator
Backend Cookie Disclosure

ash "Rosetta" JSONP GET/POST Response Disclosure
ns Manager Perfd Environment Scanner
ProCurve SNAC Domain Controller Credential Dumper
IBM Lotus Notes Sametime User Enumeration
M Lotus Notes Sametime Room Name Bruteforce
Lotus Sametime Version Enumeration
ertificate Impersonation
a weblinks-categories Unauthenticated SQL Injection Arbitrary File Read
BT Admin SQL Injection Arbitrary File Read
Page 89
Sheet1
MongoDB NoSQL Collection Enumeration Via Injection
P External Address Scanner

gine Domain Email Address Collector
C / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure
Password Collector via nodeid SQL Injection
crosoft Windows Deployment Services Unattend Gatherer
otal-Cache Wordpress-plugin 0.9.2.4 (or before) Username and Hash Extract
Web Server Directory Traversal
on and Firewall Testing
Windows Unattend Passwords
der Authorization Bypass
Protocol Info Enumerator

izer DUO Trojan Scanner
cation Brute Force Utility
t Mapper Service Discovery

RPC Service Discovery
Management Interface Discovery
C TCP Service Auditor
crosoft Windows Deployment Services Unattend Retrieval
ep Local Network Discovery
nk Local/Node Local Ping Discovery
IPv6 Local Neighbor Discovery Using Router Advertisement
earch Indices Enumeration Utility

AlphaStor Device Manager Service
AlphaStor Library Manager Service
FTP Access Detection
FTP XCRC Directory Traversal Information Disclosure
l A10 Networks AX Loadbalancer Directory Traversal

L External Entity Injection
pache ActiveMQ JSP Files Source Disclosure
e ActiveMQ Directory Traversal
Apache mod_cgi Bash Environment Variable RCE Scanner
"mod_userdir" User Enumeration
an Crowd XML Entity Expansion Remote File Access

xis2 v1.4.1 Local File Inclusion
Page 90
Sheet1
Barracuda Multiple Product "locale" Directory Traversal

Bitweaver overlay_type Directory Traversal
SQL Injection Scanner
y Brute Force Scanner
n Printer Wireless Configuration Disclosure
A ASDM Bruteforce Login Utility

sco Device HTTP Device Manager Access
sco IOS HTTP Unauthorized Administrative Access
nport Bruteforce Login Utility
o Network Access Manager Directory Traversal Vulnerability
VPN Bruteforce Login Utility
Sphere 2011.3 Local File Inclusion Vulnerability
e5 Member List Enumeration
9-020 IIS6 WebDAV Unicode Auth Bypass Directory Scanner

k DIR-300A / DIR-320 / DIR-615D HTTP Login Utility
DIR-615H HTTP Login Utility
k DIR-300B / DIR-600B / DIR-815 / DIR-645 HTTP Login Utility
DLink User-Agent Backdoor Scanner
Drupal Views Module Users Enumeration

MS400.NET Default Password Scanner
g Stored Domain URLs
Based SQL Injection Scanner
D Duo Login Bruteforce Utility
e Same Name Directory Scanner
Server Extensions Anonymous Login Scanner
ell Groupwise Agents HTTP Directory Traversal

HP Intelligent Management BIMS DownloadServlet Directory Traversal
P Intelligent Management FaultDownloadServlet Directory Traversal
Intelligent Management IctDownloadServlet Directory Traversal
ntelligent Management ReportImgServlt Directory Traversal
ntelligent Management SOM FileDownloadServlet Arbitrary Download
SiteScope SOAP Call getFileInternal Remote File Access
P SiteScope SOAP Call getSiteScopeConfiguration Configuration Access
P SiteScope SOAP Call loadFileContent Remote File Access
em Management Homepage Login Utility
ansport Security (HSTS) Detection
Path PUT/DELETE File Access

P Directory Traversal Utility
Page 91
Sheet1
HTTP Internal IP Disclosure

staPortal Application Bruteforce Login Utility
Servlet Information Gathering
Bruteforce Login Utility
E1500 Directory Traversal Vulnerability

eed Source Code Disclosure/Download
soft SQL Injection Table XSS Infection
Majordomo2 _list_file_get() Directory Traversal
mal ManageEngine DeviceExpert 5.6 ScheduleResultViewer FileName Traversal
ormal ManageEngine DeviceExpert User Credentials
ormal ManageEngine SecurityManager Plus 5.5 Directory Traversal
Wiki SVG XML Entity Expansion Remote File Access
HTTPD mod_negotiation Filename Bruter
e HTTPD mod_negotiation Scanner
MS09-020 IIS6 WebDAV Unicode Authentication Bypass
Digital MyBook Live Login Utility
Decision NOCVision Server Directory Traversal
ar SPH200D Directory Traversal Vulnerability
ource Code Disclosure/Download
NFR Agent FSFUI Record Arbitrary Remote File Access
NFR Agent SRS Record Arbitrary Remote File Access
enworks Mobile Device Managment Admin Credentials
ormation Enumeration via NTLM Authentication
nMind Message-OS Portal Login Brute Force Utility
ormal Oracle Demantra Database Credentials Leak

Oracle Demantra Arbitrary File Retrieval with Authentication Bypass
Manager Login Brute Force Utility
App (OWA) Brute Force Utility
D Login Bruteforce Force Utility
Previous Directory File Scanner
are AppDirector Bruteforce Login Utility
n Rails JSON Processor YAML Deserialization Scanner
n Rails Attributes Mass Assignment Scanner
n Rails XML Processor YAML Deserialization Scanner
Reverse Proxy Bypass Vulnerability Scanner

Reader Web Interface Login / Bruteforce Utility
4.2 CMS Directory Traversal Vulnerability

P BusinessObjects User Bruteforcer
SAP BusinessObjects Web User Bruteforcer
P BusinessObjects User Enumeration
AP BusinessObjects Version Detection
witched CDU Bruteforce Login Utility

ne Network Performance Management Application Brute Force Login Utility
Page 92
Sheet1
Simple Web Server 2.3-RC1 Directory Traversal

Supermicro Onboard IPMI Port 49152 Sensitive File Exposure
permicro Onboard IPMI CGI Vulnerability Scanner
Supermicro Onboard IPMI Static SSL Certificate Scanner
Supermicro Onboard IPMI url_redirect.cgi Authenticated Directory Traversal
Verb/Noun Brute Force Scanner
so Music Host Server 1.5 Directory Traversal
eb Interface Login Utility
quiz Matrix User Enumeration Scanner
SL/TLS Version Detection (POODLE scanner)

al ManageEngine Support Center Plus Directory Traversal
ybase Easerver 6.3 Directory Traversal

ymantec Messaging Gateway 9.5 Log File Download Vulnerability
P Administrative Password Disclosure
mcat User Enumeration
pplication Manager Login Utility
Wireless Lite N Access Point Directory Traversal Vulnerability
rb Authentication Bypass Scanner

al Host Brute Force Scanner
e Server Directory Traversal Vulnerability
mal VMWare Update Manager 4 Directory Traversal
KONGBAO CNS-1000 and 1100 UTM Directory Traversal
bDAV Internal IP Scanner
WebDAV Website Content Scanner

bPageTest Directory Traversal
ress Brute Force and User Enumeration Utility
dpress Pingback Locator
ess XML-RPC Username/Password Login Scanner
Web Server Directory Traversal

Novell ZENworks Asset Management 7.5 Remote File Access
Novell ZENworks Asset Management 7.5 Configuration Access
2.0 Cipher Zero Authentication Bypass Scanner

MI 2.0 RAKP Remote SHA1 Password Hash Retreival
omino Password Hash Collector

mino Brute Force Utility
Login Scanning Utility

DVR Manufacturers Configuration Disclosure
nterBase Services Manager Information
RMI Server Insecure Endpoint Code Execution Scanner
Page 93
Sheet1
Default Login Credential Scanner

n Ivy Command and Control Scanner
harp DVR Password Retriever
ewill RXS-3211 IP Camera Password Retriever

al SerComm Network Device Backdoor Detection
C Portmap Program Enumerator
ell ZENworks Configuration Management Preboot Service Remote File Access
orola Timbuktu Service Detection

RPC Interface Login Utility
Web Interface Login Utility
Password Hashdump
mal MySQL Authentication Bypass Password Dump

File/Directory Enumerator
Password Hashdump
erver Version Enumeration

MP External Port Scanner
s XMLRPC Interface Login Utility

s XMLRPC Interface Ping Utility
Information Discovery Prober

se API Interface Login Utility
Mode 7 PEER_LIST DoS Scanner

TP Mode 7 PEER_LIST_SUM DoS Scanner
P Mode 6 REQ_NONCE DRDoS Scanner

ode 7 GET_RESTRICT DRDoS Scanner
Mode 6 UNSETTRAP DRDoS Scanner
VAS gsad Web Interface Login Utility
VAS OMP Login Utility
prise Manager Control SID Discovery
Listener SID Bruteforce

TNS Listener SID Enumeration
ation Server Spy Servlet SID Enumeration
e TNS Listener Service Version Query
L DB SID Discovery via Brute Force

ywhere Login Scanner
ywhere TCP Service Discovery
ywhere UDP Service Discovery
Page 94
Sheet1
ostgreSQL Database Name Command Line Flag Injection

res Password Hashdump
vironment Variables Scanner
Ready Message Scanner

rsion Information Scanner
0 Microsoft Remote Desktop Checker
eway Detection: Receiver
eway Detection: Sender
thenticated List Command

SAP CTC Service Verb Tampering User Management
P Host Agent Information Disclosure
sap/public/info Service Sensitive Information Gathering
Management Console ABAP Syslog Disclosure

Management Console Brute Force
Management Console Extract Users
AP Management Console Get Access Points
Management Console getEnvironment
Management Console Get Logfile
P Management Console GetProcessList
SAP Management Console Get Process Parameters
AP Management Console Instance Properties
Management Console List Logfiles
Management Console getStartProfile
Management Console Version Detection
P /sap/bc/soap/rfc SOAP Service BAPI_USER_CREATE1 Function User Creation

OAP Service RFC_PING Login Brute Forcer
normal SAP /sap/bc/soap/rfc SOAP Service SXPG_CALL_SYSTEM Function Command Injection
mal SAP /sap/bc/soap/rfc SOAP Service SXPG_COMMAND_EXEC Function Command Injection
AP SOAP RFC EPS_GET_DIRECTORY_LISTING Directories Information Disclosure
SAP SOAP RFC PFL_CHECK_OS_FILE_EXISTENCE File Existence Check
/bc/soap/rfc SOAP Service RFC_PING Function Service Discovery
sap/bc/soap/rfc SOAP Service RFC_READ_TABLE Function Dump Data
OAP RFC RZL_READ_DIR_LOCAL Directory Contents Listing
AP /sap/bc/soap/rfc SOAP Service SUSR_RFC_USER_INTERFACE Function User Creation
SAP /sap/bc/soap/rfc SOAP Service SXPG_CALL_SYSTEM Function Command Execution
Page 95
Sheet1
SAP SOAP RFC SXPG_COMMAND_EXECUTE

sap/bc/soap/rfc SOAP Service RFC_SYSTEM_INFO Function Sensitive Information Gathering
P /sap/bc/soap/rfc SOAP Service TH_SAPREL Function Information Disclosure
Web GUI Login Brute Forcer
P Remote Reboot Initiator
DP Information Discovery
RealPort Serial Server Port Scanner
lPort Serial Server Version
usoft WebStudio NTWebServer Remote File Access
DirectLogic PLC Password Brute Force Utility
dbus Unit ID and Station ID Enumerator
Sistemi Winlog Remote File Access
me Enumerator (TCP)
ssion Pipe DCERPC Auditor

oft Windows Authenticated Logged In Users Enumeration
er Enumeration (SAM EnumUsers)

B Domain User Enumeration
User Enumeration (LookupSid)
Scanner Auxiliary Module

0A Cable Modem Wifi Enumeration
de Password Hash Enumeration
SNMP Configuration Grabber (TFTP)
S SNMP File Upload (TFTP)
347 Cable Modem Wifi Enumeration
Motorola SBG6580 Cable Modem SNMP Enumeration Module
aserJet Printer SNMP Enumeration

Windows SMB Share Enumeration
Windows Username Enumeration
DW3611b Cable Modem Wifi Enumeration

rox WorkCentre User Enumeration (SNMP)
Cerberus FTP Server SFTP Username Enumeration
blic Key Acceptance Scanner
SL Server-Side ChangeCipherSpec Injection Scanner

nSSL Heartbeat (Heartbleed) Information Leak
Page 96
Sheet1
nix Telnet Password Recovery

x Telnet Service Banner Detection
ervice Encyption Key ID Overflow Detection
om Telnet Password Generator
Switch WhatsUp Gold TFTP Directory Traversal

ision 4.2 TFTP Directory Traversal
:all M-SEARCH Amplification Scanner

DP M-SEARCH Information Discovery
ESX/ESXi Fingerprint Scanner
Authentication Daemon Login Scanner
e Authentication Daemon Version Scanner
MWare Enumerate Permissions
MWare Enumerate Active Sessions
Ware Enumerate User Accounts
Ware Enumerate Virtual Machines
are Enumerate Host Details
re Web Login Scanner
MWare Screenshot Stealer
entication None Detection
s WDB Agent Boot Parameter Scanner

s WDB Agent Version Scanner
M Authentication Method Detection
Capture: DRDA (DB2, Informix, Derby)
Basic Authentication Credential Collector

e: HTTP JavaScript Keylogger
MS Credential Catcher
n Capture: PostgreSQL
Client Bash Environment Variable Code Injection
Page 97
Sheet1
OpenSSL Heartbeat (Heartbleed) Client Memory Exposure
rm Webkit File Dropper
BailiWicked Domain Attack

ailiWicked Host Attack
Lookup Result Comparison
e DB SQL Injection via SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE

e DB SQL Injection via SYS.DBMS_CDC_PUBLISH.ALTER_AUTOLOG_CHANGE_SOURCE
e DB SQL Injection via SYS.DBMS_CDC_PUBLISH.DROP_CHANGE_SOURCE
e DB SQL Injection via SYS.DBMS_CDC_PUBLISH.CREATE_CHANGE_SET
mal Oracle DB SQL Injection via SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION
cle DB SQL Injection via DBMS_EXPORT_EXTENSION
Oracle DB SQL Injection via SYS.DBMS_METADATA.GET_GRANTED_XML
acle DB SQL Injection via SYS.DBMS_METADATA.GET_XML
acle DB SQL Injection via SYS.DBMS_METADATA.OPEN
DB SQL Injection in MDSYS.SDO_TOPO_DROP_FTBL Trigger
e DB 10gR2, 11gR1/R2 DBMS_JVM_EXP_PERMS OS Command Execution
e DB 11g R1/R2 DBMS_JVM_EXP_PERMS OS Code Execution
cle DB SQL Injection via SYS.LT.COMPRESSWORKSPACE
DB SQL Injection via SYS.LT.FINDRICSET Evil Cursor Method
e DB SQL Injection via SYS.LT.MERGEWORKSPACE
le DB SQL Injection via SYS.LT.REMOVEWORKSPACE
e DB SQL Injection via SYS.LT.ROLLBACKWORKSPACE
Mariposa DNS Query Module

NS Beaconing Emulation
us DNS Query Module
okies from Privileged Javascript Shell

ory from Privileged Javascript Shell
asswords from Privileged Javascript Shell
Page 98
Sheet1
am Chat on Privileged Javascript Shell
Wireless-Security Credentials
m and User Information
Gnome-Commander Creds
assword Hashes for Linux Systems
mount.cifs/mount.smbfs Credentials
P VPN chap-secrets Credentials
e Metasploit pcap_log Local Privilege Escalation

pple iOS MobileSync Backup File Collection
lizer Connections Settings

rward Lookup Bruteforce
Reverse Lookup Scan
ervice Record Lookup Scan
rating System Environment Settings
FTP Client Credential Collection
gnon Credential Collection
hell Command Resource File
tant Messenger Credential Collection
User Data Enumeration

PKI Credentials Collection
Thunderbird Signon Credential Collection
Enumeration and Geolocation
System Session Close
g System Session Command Execution
bVisualizer Add Db Admin
odule Macro Execution
st Sudo Upgrade Shell

em Remote TCP Shell Session
Page 99
Sheet1
ogin Password as Root
hicken of the VNC Profile
X System Information Enumeration

X Password Hash Collector
Environment Detection
Password Hashes for Solaris Systems
e Winlogon Lockout Credential Keylogger
Get System via Administrator

s Escalate NtUserLoadKeyboardLayoutEx Privilege Escalation
ate Microsoft .NET Runtime Optimization Service Privilege Escalation
e Locked Desktop Unlocker
redential Cache Dump

tual Environment Detection
r BulletProof FTP Client Saved Password Extraction
CoreFTP Saved Password Extraction
her Credential Collector
DynDNS Client Password Extractor
ther Credential Store Enumeration and Decryption Module
Gather Google Picasa Password Extractor
McAfee ePO 4.6 Config SQL Credentials
FileZilla FTP Server Credential Collection
FlashFXP Saved Password Extraction
FTP Navigator Saved Password Extraction
P Explorer (FTPX) Credential Extraction
roup Policy Preference Saved Passwords
ternet Download Manager (IDM) Password Extractor
Switch iMail User Data Enumeration
Credentials IMVU Game Client
Meebo Password Extractor
mRemote Saved Password Extraction
Nimbuzz Instant Messenger Password Extractor
Microsoft Outlook Saved Password Extraction
her Razer Synapse Password Extraction
RazorSQL Credentials
ather Remote Desktop Connection Manager Saved Password Extraction
Skype Saved Password Hash Extraction
r SmarterMail Password Extraction
SmartFTP Saved Password Extraction
Page 100
Sheet1
Spark IM Password Extraction

gn On Credential Collector (Mimikatz)
Steam Client Session Collector.
TortoiseSVN Saved Password Extraction
ther Total Commander Saved Password Extraction
llian Password Extractor
NC Password Extraction
ther AutoLogin User Credential Extractor
WinSCP Saved Password Extraction
WS_FTP Saved Password Extraction
mp Recent Files lnk Info

er Active Directory Computers
s Gather Active Directory Service Principal Names
ather Active Directory User Comments
Installed Application Enumeration
ile and Registry Artifacts Enumeration
Google Chrome User Data Enumeration
r Enumerate Computers
tabase Instance Enumeration
Hardware Enumeration
Directory Permissions Enumeration
ather Enumerate Domain Group

her Enumerate Domain Tokens
er Enumerate Active Domain Users
Windows Host File Enumeration

ernet Explorer User Data Enumeration
her Logged On User Enumeration (Registry)
Enum User MUICache
her Powershell Environment Setting Enumeration

Prefetch File Information
Service Info Enumeration

SMB Share Enumeration via Registry
SNMP Settings Enumeration (Registry)
Terminal Server Client Connection Information Dumper
Enumerate Domain Admin Tokens (Token Hunter)
Apache Tomcat Enumeration
Unattended Answer File Enumeration
er Skype, Firefox, and Chrome Artifacts
er Forensics Duqu Registry Check
er Physical Drives and Logical Volumes
r Deleted Files Enumeration and Recovering

ocal User Account Password Hashes (Registry)
ather Local Admin Search
Process Memory Grep
Page 101
Sheet1
cal User Account SID Lookup

P Range Reverse Lookup
r Local and Domain Controller Account Password Hashes
r Run Specified WMIC Command

Microsoft Office Word UNC Path Injector
age Add User to the Domain and/or to a Domain Group
Network Route via Meterpreter Session
age Change Password
age Proxy Setting Cloner
Local User Account Deletion
ge Download and/or Execute
Enable Remote Desktop

anage Trojanize Support Account
Certificate Authority Injection
anage Local Microsoft SQL Server Authorization Bypass

age Inject in Memory Multiple Payloads
Local NBD Server for Remote Disks
e Memory Payload Injection Module
Set Port Forwarding With PortProxy
Manage PowerShell Download and/or Execute
Remote Point-to-Point Tunneling Protocol
e Reflective DLL Injection Module

e Certificate Authority Removal
e Host File Entry Removal
Remote Packet Capture Service Starter
un Command As User
e Smart Process Migration
ge Set Shadow Copy Storage Space

Get Shadow Copy Storage Info
econ Computer Browser Discovery
er Wireless Current Connection Info

ect Wireless Connection
Page 102
Sheet1
Page 103
Sheet1
Page 104
Sheet1
Page 105
Sheet1
Page 106
Sheet1
Page 107
Sheet1
Page 108
Sheet1
Page 109
Sheet1
Page 110
Sheet1
Page 111
Sheet1
Page 112
Sheet1
ndFilter Buffer Overflow
Page 113
Sheet1
Page 114
Sheet1
ploadFile() Method Overflow
Page 115
Sheet1 (2)
root@kali:/home/wladimir# msfconsole
[*] Starting the Metasploit Framework console...
|
########
#################
######################
#########################
############################
##############################
###############################
###############################
##############################
# ######## #
##
###
#### ##
### ###
#### ###
####
########## ####
####################### ####
#################### ####
################## ####
############
##
########
###
#########
#####
############
######
########
#########
#####
########
###
#########
###### ############
#######################
# # ### # # ##
########################
## ## ## ##
http://metasploit.pr
[*] The ini
tial module cache
#
#
#
#
Tired of typing 'set RHOSTS'? Click & pwn with M

Learn more on http://rapid7.com/metasploit
etasploit P
ro
=[ metasploit v4.10.0-2014102901 [core:4.

+ -- --=[ 1361 exploits - 749 auxiliary - 219 po
+ -- --=[ 340 payloads - 37 encoders - 8 nops
+ -- --=[ Free Metasploit Pro trial: http://r-7.
10.0.pre.20
st
]
]
co/trymsp ]
14102901 api:1.0.
Rank
---good
manual
low
normal
excellent
Description
----------Echo Command Encoder
Generic Shell VariableSubstitution Com
Generic ${IFS}Substitution Command
Perl Command Encoder
Powershell Base64 Command Encode
msf > show

Encoders
#N/A
Name
Disclosure Date
-----------------cmd/echo
cmd/generic_sh
cmd/ifs
cmd/perl
cmd/powershell_base64
Page 1
Sheet1 (2)
cmd/printf_php_mq
generic/eicar
generic/none
mipsbe/byte_xori
mipsbe/longxor
mipsle/byte_xori
mipsle/longxor
php/base64
ppc/longxor
ppc/longxor_tag
sparc/longxor_tag
x64/xor
x86/add_sub
x86/alpha_mixed
x86/alpha_upper
x86/avoid_underscore_tolower
x86/avoid_utf8_tolower
x86/bloxor
x86/call4_dword_xor
x86/context_cpuid
x86/context_stat
x86/context_time
x86/countdown
x86/fnstenv_mov
x86/jmp_call_additive
x86/nonalpha
x86/nonupper
x86/opt_sub
x86/shikata_ga_nai
x86/single_static_bit
x86/unicode_mixed
x86/unicode_upper
manual
manual
normal
normal
normal
normal
normal
great
normal
normal
normal
normal
manual
low
low
manual
manual
manual
normal
manual
manual
manual
normal
normal
normal
low
low
manual
excellent
manual
manual
manual
printf(1) via PHP magic_quotes Utility

The EICAR Encoder
The "none" Encoder
Byte XORi Encoder
XOR Encoder
Byte XORi Encoder
XOR Encoder
PHP Base64 Encoder
PPC LongXOR Encoder
PPC LongXOR Encoder
SPARC DWORD XOREncoder
XOR Encoder
Add/Sub Encoder
Alpha2 Alphanumeric Mixedcase Enco
Alpha2 Alphanumeric Uppercase Enco
Avoid underscore/tolower
Avoid UTF8/tolower
BloXor - A MetamorphicBlock Based X
Call+4 Dword XOR Encoder
CPUID-based Context Keyed Payload
stat(2)-based ContextKeyed Payload E
time(2)-based ContextKeyed Payload
Single-byte XORCountdown Encoder
Variable-lengthFnstenv/mov DwordXO
Jump/Call XOR AdditiveFeedback Enc
Non-Alpha Encoder
Non-Upper Encoder
Sub Encoder (optimised)
Polymorphic XORAdditive FeedbackE
Single Static Bit
Alpha2 Alphanumeric Unicode Mixedc
Alpha2 Alphanumeric Unicode Upperc
NOP Generators
#N/A
Name
Disclosure Date Rank Des
------------------ ---- --armle/simple
normal Sim
php/generic
normal PHP
ppc/simple
normal Sim
sparc/random
normal SPA
tty/generic
normal TTY
x64/simple
normal Sim
x86/opty2
normal Opt
x86/single_byte
normal Sin
cription
-------ple
Nop Generator
ple
RC NOP Generator
Nop Generator
ple
y2
gle Byte
Exploits
#N/A
Name
---windows/browser/symantec_altirisdeployment_downloadandinstall
Page 2
Disclosure
2009/09/09
Date
---------excellent
Sheet1 (2)
windows/brightstor/lgserver_rxssetdatagrowthscheduleandfilter
multi/browser/java_jre17_glassfish_averagerangestatisticimpl
windows/browser/symantec_consoleutilities_browseandsavefile
windows/misc/citrix_streamprocess_get_boot_record_request
multi/http/drupal_drupageddon
linux/http/centreon_sqli_exec
windows/fileformat/ms14_060_sandworm
windows/http/trackit_file_upload
multi/misc/hp_data_protector_exec_integutil
unix/webapp/joomla_akeeba_unserialize
multi/http/opmanager_socialit_file_upload
unix/webapp/php_wordpress_infusionsoft
unix/dhcp/bash_environment
osx/local/vmware_bash_function_root
multi/http/apache_mod_cgi_bash_env_exec
multi/ftp/pureftpd_bash_env_exec
windows/http/rejetto_hfs_exec
multi/http/phpwiki_ploticus_exec
linux/misc/hp_nnmi_pmd_bof
windows/http/desktopcentral_statusupdate_upload
multi/http/eventlog_file_upload
linux/http/railo_cfml_rfi
multi/gdb/gdb_server_exec
multi/http/solarwinds_store_manager_auth_filter
unix/webapp/hybridauth_install_php_exec
windows/local/mqac_write
windows/local/bthpan
windows/browser/advantech_webaccess_dvs_getcolor
windows/local/virtual_box_guest_additions
unix/webapp/wp_wptouch_file_upload
unix/webapp/wp_wysija_newsletters_upload
linux/http/gitlist_exec
unix/http/vmturbo_vmtadmin_exec_noauth
windows/ftp/wing_ftp_admin_exec
multi/http/manage_engine_dc_pmp_sqli
windows/http/ericom_access_now_bof
windows/scada/yokogawa_bkfsim_vhfd
linux/http/dlink_dspw215_info_cgi_bof
windows/http/efs_fmws_userid_bof
linux/http/dlink_hnap_bof
windows/antivirus/symantec_workspace_streaming_exec
linux/ids/alienvault_centerd_soap_exec
windows/http/cogent_datahub_command
windows/browser/adobe_flash_pixel_bender_bof
linux/http/alienvault_sqli_exec
windows/http/oracle_event_processing_upload
android/fileformat/adobe_reader_pdf_js_interface
osx/local/nfs_mount_root
linux/http/sophos_wpa_iface_exec
linux/antivirus/escan_password_exec
windows/fileformat/ms14_017_rtf
unix/webapp/freepbx_config_exec
linux/http/lifesize_uvc_ping_rce
windows/fileformat/wireshark_mpeg_overflow
Page 3
2007-06-06
2012-10-16
2009-11-02
2011-11-04
10/15/2014
10/15/2014
10/14/2014
10/14/2014
10/7/2014
10/2/2014
9/29/2014
9/27/2014
9/25/2014
9/24/2014
9/24/2014
9/24/2014
9/24/2014
9/11/2014
9/11/2014
9/9/2014
8/31/2014
8/31/2014
8/26/2014
8/24/2014
8/19/2014
8/4/2014
7/22/2014
7/18/2014
7/17/2014
7/15/2014
7/14/2014
7/1/2014
6/30/2014
6/25/2014
6/19/2014
6/8/2014
6/2/2014
5/23/2014
5/22/2014
5/20/2014
5/15/2014
5/12/2014
5/5/2014
4/29/2014
4/28/2014
4/24/2014
4/21/2014
4/13/2014
4/11/2014
4/8/2014
4/4/2014
4/1/2014
3/21/2014
3/21/2014
3/20/2014
average
excellent
normal
normal
excellent
excellent
normal
excellent
excellent
great
excellent
excellent
excellent
excellent
normal
good
excellent
excellent
excellent
normal
excellent
excellent
excellent
great
excellent
manual
average
average
normal
average
excellent
excellent
excellent
excellent
normal
excellent
normal
normal
normal
normal
normal
excellent
excellent
manual
normal
excellent
excellent
good
normal
excellent
excellent
normal
excellent
excellent
good
Sheet1 (2)
unix/webapp/seportal_sqli_exec
multi/browser/firefox_webidl_injection
linux/ssh/quantum_vmpro_backdoor
linux/ssh/quantum_dxi_known_privkey
linux/ssh/loadbalancerorg_enterprise_known_privkey
windows/local/virtual_box_opengl_escape
windows/browser/ms14_012_textrange
windows/scada/yokogawa_bkhodeq_bof
windows/scada/yokogawa_bkesimmgr_bof
windows/scada/yokogawa_bkbcopyd_bof
osx/browser/safari_user_assisted_download_launch
firefox/local/exec_shellcode
multi/http/struts_code_exec_classloader
multi/http/vtiger_install_rce
windows/http/jira_collector_traversal
windows/antivirus/symantec_endpoint_manager_rcece
windows/misc/solidworks_workgroup_pdmwservice_file_write
windows/browser/ms14_012_cmarkup_uaf
linux/http/linksys_themoon_exec
windows/local/ms14_009_ie_dfsvc
linux/http/fritzbox_echo_exec
multi/http/dexter_casinoloader_exec
windows/browser/adobe_flash_avm2
unix/ssh/array_vxag_vapv_privkey_privesc
linux/http/pandora_fms_exec
unix/webapp/skybluecanvas_exec
multi/http/mediawiki_thumb
linux/http/kloxo_sqli
windows/scada/ge_proficy_cimplicity_gefebt
unix/webapp/simple_e_document_upload_exec
multi/http/oracle_reports_rce
windows/browser/wellintech_kingscada_kxclientdownload
windows/http/hp_autopass_license_traversal
unix/webapp/get_simple_cms_upload_exec
windows/misc/hp_dataprotector_traversal
windows/misc/hp_dataprotector_exec_bar
windows/wins/ms04_045_wins
windows/winrm/winrm_script_exec
windows/vpn/safenet_ike_11
windows/vnc/winvnc_http_get
windows/vnc/ultravnc_viewer_bof
windows/vnc/ultravnc_client
windows/vnc/realvnc_client
windows/unicenter/cam_log_security
windows/tftp/threectftpsvc_long_mode
windows/tftp/tftpserver_wrq_bof
windows/tftp/tftpdwin_long_filename
windows/tftp/tftpd32_long_filename
windows/tftp/quick_tftp_pro_mode
windows/tftp/opentftp_error_code
windows/tftp/netdecision_tftp_traversal
windows/tftp/futuresoft_transfermode
windows/tftp/dlink_long_filename
windows/tftp/distinct_tftp_traversal
windows/tftp/attftp_long_filename
Page 4
3/20/2014
3/17/2014
3/17/2014
3/17/2014
3/17/2014
3/11/2014
3/11/2014
3/10/2014
3/10/2014
3/10/2014
3/10/2014
3/10/2014
3/6/2014
3/5/2014
2/26/2014
2/24/2014
2/22/2014
2/13/2014
2/13/2014
2/11/2014
2/11/2014
2/8/2014
2/5/2014
2/3/2014
1/29/2014
1/28/2014
1/28/2014
1/28/2014
1/23/2014
1/23/2014
1/15/2014
1/14/2014
1/10/2014
1/4/2014
1/2/2014
1/2/2014
12/14/2004
11/1/2012
6/1/2009
1/29/2001
2/6/2008
4/4/2006
1/29/2001
8/22/2005
11/27/2006
3/26/2008
9/21/2006
11/19/2002
3/27/2008
7/5/2008
5/16/2009
5/31/2005
3/12/2007
4/8/2012
11/27/2006
excellent
excellent
excellent
excellent
excellent
average
normal
average
normal
normal
manual
normal
manual
manual
normal
excellent
good
normal
excellent
great
excellent
excellent
normal
excellent
excellent
excellent
excellent
manual
excellent
excellent
great
good
great
excellent
great
excellent
great
manual
average
average
normal
normal
normal
great
great
normal
great
average
good
average
excellent
average
good
excellent
average
Sheet1 (2)
windows/telnet/goodtech_telnet
windows/telnet/gamsoft_telsrv_username
windows/ssl/ms04_011_pct
windows/ssh/sysax_ssh_username
windows/ssh/securecrt_ssh1
windows/ssh/putty_msg_debug
windows/ssh/freesshd_key_exchange
windows/ssh/freesshd_authbypass
windows/ssh/freeftpd_key_exchange
windows/smtp/ypops_overflow1
windows/smtp/wmailserver
windows/smtp/njstar_smtp_bof
windows/smtp/ms03_046_exchange2000_xexch50
windows/smtp/mercury_cram_md5
windows/smtp/mailcarrier_smtp_ehlo
windows/smb/timbuktu_plughntcommand_bof
windows/smb/smb_relay
windows/smb/psexec_psh
windows/smb/psexec
windows/smb/netidentity_xtierrpcpipe
windows/smb/ms10_061_spoolss
windows/smb/ms09_050_smb2_negotiate_func_index
windows/smb/ms07_029_msdns_zonename
windows/smb/ms06_070_wkssvc
windows/smb/ms06_066_nwwks
windows/smb/ms06_066_nwapi
windows/smb/ms06_025_rras
windows/smb/ms06_025_rasmans_reg
windows/smb/ms05_039_pnp
windows/smb/ms04_031_netdde
windows/smb/ms04_011_lsass
windows/smb/ms04_007_killbill
windows/sip/sipxphone_cseq
windows/sip/sipxezphone_cseq
windows/sip/aim_triton_cseq
windows/scada/winlog_runtime_2
windows/scada/winlog_runtime
windows/scada/sunway_force_control_netdbsrv
windows/scada/scadapro_cmdexe
windows/scada/realwin_scpc_txtevent
windows/scada/realwin_scpc_initialize_rf
windows/scada/realwin_scpc_initialize
windows/scada/realwin_on_fcs_login
windows/scada/realwin_on_fc_binfile_a
windows/scada/realwin
windows/scada/procyon_core_server
windows/scada/moxa_mdmtool
windows/scada/indusoft_webstudio_exec
windows/scada/igss9_misc
windows/scada/igss9_igssdataserver_rename
windows/scada/igss9_igssdataserver_listall
windows/scada/igss_exec_17
Page 5
3/15/2005
7/17/2000
4/13/2004
2/27/2012
7/23/2002
12/16/2002
5/12/2006
8/11/2010
5/12/2006
9/27/2004
7/11/2005
10/31/2011
10/15/2003
8/18/2007
10/26/2004
6/25/2009
3/31/2001
1/1/1999
1/1/1999
4/6/2009
9/14/2010
9/7/2009
10/28/2008
4/12/2007
11/14/2006
11/14/2006
11/14/2006
8/8/2006
6/13/2006
6/13/2006
8/9/2005
10/12/2004
4/13/2004
2/10/2004
11/11/2003
7/10/2006
7/10/2006
7/10/2006
6/4/2012
1/13/2011
9/22/2011
9/16/2011
11/18/2010
10/15/2010
10/15/2010
3/21/2011
3/21/2011
9/26/2008
9/8/2011
10/20/2010
11/4/2011
3/24/2011
3/24/2011
3/24/2011
3/21/2011
average
average
average
normal
average
normal
average
excellent
average
average
average
normal
good
great
good
great
excellent
manual
manual
great
excellent
good
great
manual
manual
good
good
good
average
good
good
good
good
low
good
great
great
great
normal
great
great
excellent
great
great
great
great
great
great
normal
great
excellent
excellent
normal
good
excellent
Sheet1 (2)
windows/scada/iconics_webhmi_setactivexguid
windows/scada/iconics_genbroker
windows/scada/factorylink_vrn_09
windows/scada/factorylink_csservice
windows/scada/daq_factory_bof
windows/scada/codesys_web_server
windows/scada/codesys_gateway_server_traversal
windows/scada/citect_scada_odbc
windows/scada/abb_wserver_exec
windows/proxy/qbik_wingate_wwwproxy
windows/proxy/proxypro_http_get
windows/proxy/ccproxy_telnet_ping
windows/proxy/bluecoat_winproxy_host
windows/postgres/postgres_payload
windows/pop3/seattlelab_pass
windows/oracle/tns_service_name
windows/oracle/tns_auth_sesskey
windows/oracle/tns_arguments
windows/oracle/osb_ndmp_auth
windows/oracle/extjob
windows/oracle/client_system_analyzer_upload
windows/novell/zenworks_desktop_agent
windows/novell/nmap_stor
windows/novell/netiq_pum_eval
windows/novell/groupwisemessenger_client
windows/novell/file_reporter_fsfui_upload
windows/nntp/ms05_030_nntp
windows/nfs/xlink_nfsd
windows/mysql/scrutinizer_upload_exec
windows/mysql/mysql_yassl_hello
windows/mysql/mysql_payload
windows/mysql/mysql_mof
windows/mssql/mssql_payload_sqli
windows/mssql/mssql_payload
windows/mssql/mssql_linkcrawler
windows/mssql/ms09_004_sp_replwritetovarbin_sqli
windows/mssql/ms09_004_sp_replwritetovarbin
windows/mssql/ms02_056_hello
windows/mssql/ms02_039_slammer
windows/mssql/lyris_listmanager_weak_pass
windows/motorola/timbuktu_fileupload
windows/mmsp/ms10_025_wmss_connect_funnel
windows/misc/wireshark_packet_dect
windows/misc/wireshark_lua
windows/misc/windows_rsh
windows/misc/ufo_ai
windows/misc/trendmicro_cmdprocessor_addtask
windows/misc/tiny_identd_overflow
windows/misc/talkative_response
windows/misc/stream_down_bof
windows/misc/splayer_content_type
Page 6
5/5/2011
3/21/2011
3/21/2011
3/25/2011
9/13/2011
12/2/2011
2/2/2013
6/11/2008
4/5/2013
6/7/2006
2/23/2004
11/11/2004
1/5/2005
4/10/2009
5/7/2003
5/27/2002
10/20/2009
6/28/2001
1/14/2009
1/1/2007
1/18/2011
2/22/2012
3/30/2010
2/22/2012
3/30/2010
5/19/2005
12/23/2006
11/15/2012
7/2/2008
11/16/2012
6/14/2005
11/6/2006
7/27/2012
1/4/2008
1/16/2009
12/1/2012
5/30/2000
5/30/2000
1/1/2000
12/9/2008
12/9/2008
8/5/2002
7/24/2002
12/8/2005
5/10/2008
4/13/2010
4/18/2011
7/18/2011
7/24/2007
10/28/2009
12/7/2011
5/14/2007
3/17/2009
12/27/2011
5/4/2011
good
good
average
normal
good
normal
excellent
normal
excellent
good
great
average
great
excellent
great
good
great
good
good
excellent
excellent
normal
normal
normal
normal
good
average
excellent
normal
great
normal
average
excellent
average
excellent
excellent
excellent
excellent
great
excellent
good
good
good
excellent
excellent
great
good
excellent
average
average
good
average
normal
good
normal
Sheet1 (2)
windows/misc/shixxnote_font
windows/misc/sap_netweaver_dispatcher
windows/misc/sap_2005_license
windows/misc/realtek_playlist
windows/misc/pxexploit
windows/misc/psh_web_delivery
windows/misc/poppeeper_uidl
windows/misc/poppeeper_date
windows/misc/poisonivy_bof
windows/misc/nettransport
windows/misc/netcat110_nt
windows/misc/ms10_104_sharepoint
windows/misc/ms07_064_sami
windows/misc/mirc_privmsg_server
windows/misc/mini_stream
windows/misc/mercury_phonebook
windows/misc/lianja_db_net
windows/misc/landesk_aolnsrvr
windows/misc/itunes_extm3u_bof
windows/misc/ibm_tsm_rca_dicugetidentify
windows/misc/ibm_tsm_cad_ping
windows/misc/ibm_director_cim_dllinject
windows/misc/ibm_cognos_tm1admsd_bof
windows/misc/ib_svc_attach
windows/misc/ib_isc_create_database
windows/misc/ib_isc_attach_database
windows/misc/hp_ovtrace
windows/misc/hp_operations_agent_coda_8c
windows/misc/hp_operations_agent_coda_34
windows/misc/hp_magentservice
windows/misc/hp_loadrunner_magentproc
windows/misc/hp_imc_uam
windows/misc/hp_dataprotector_new_folder
windows/misc/hp_dataprotector_dtbclslogin
windows/misc/hp_dataprotector_crs
windows/misc/gimp_script_fu
windows/misc/fb_svc_attach
windows/misc/fb_isc_create_database
windows/misc/fb_isc_attach_database
windows/misc/fb_cnct_group
windows/misc/eureka_mail_err
windows/misc/enterasys_netsight_syslog_bof
windows/misc/eiqnetworks_esa_topology
windows/misc/eiqnetworks_esa
windows/misc/doubletake
windows/misc/citrix_streamprocess_get_objects
windows/misc/citrix_streamprocess_get_footer
windows/misc/citrix_streamprocess_data_msg
windows/misc/citrix_streamprocess
windows/misc/borland_starteam
windows/misc/borland_interbase
10/4/2004
5/8/2012
8/1/2009
12/16/2008
8/5/2011
7/19/2013
2/27/2009
2/27/2009
6/24/2012
1/2/2010
12/27/2004
12/14/2010
12/11/2007
10/2/2008
12/25/2009
12/19/2005
5/22/2013
4/13/2007
6/21/2012
11/4/2009
11/4/2009
3/10/2009
4/2/2012
10/3/2007
10/3/2007
10/3/2007
8/9/2007
7/9/2012
7/9/2012
6/29/2011
6/29/2011
12/17/2009
12/17/2009
1/12/2012
7/27/2013
8/29/2012
3/12/2012
9/9/2010
6/3/2013
5/18/2012
10/3/2007
10/3/2007
10/3/2007
1/31/2013
10/22/2009
12/19/2011
7/25/2006
7/24/2006
6/4/2008
11/4/2011
11/4/2011
11/4/2011
1/20/2011
4/2/2008
7/24/2007
Page 7
great
normal
great
great
excellent
normal
normal
normal
normal
normal
great
excellent
normal
normal
normal
average
normal
average
normal
great
good
excellent
normal
good
good
good
average
normal
normal
good
great
great
great
average
normal
normal
normal
normal
normal
normal
average
average
average
normal
normal
normal
average
average
average
normal
normal
normal
good
average
average
Sheet1 (2)
windows/misc/bopup_comm
windows/misc/bomberclone_overflow
windows/misc/bigant_server_usv
windows/misc/bigant_server_sch_dupf_bof
windows/misc/bigant_server_dupf_upload
windows/misc/bigant_server_250
windows/misc/bigant_server
windows/misc/bcaaa_bof
windows/misc/bakbone_netvault_heap
windows/misc/avidphoneticindexer
windows/misc/avaya_winpmd_unihostrouter
windows/misc/asus_dpcproxy_overflow
windows/misc/apple_quicktime_rtsp_response
windows/misc/altiris_ds_sqli
windows/misc/allmediaserver_bof
windows/misc/agentxpp_receive_agentx
windows/misc/actfax_raw_server_bof
windows/lpd/wincomlpd_admin
windows/lpd/saplpd
windows/lpd/niprint
windows/lpd/hummingbird_exceed
windows/lotus/lotusnotes_lzh
windows/lotus/domino_sametime_stmux
windows/lotus/domino_icalendar_organizer
windows/lotus/domino_http_accept_language
windows/local/wmi
windows/local/vss_persistence
windows/local/trusted_service_path
windows/local/service_permissions
windows/local/s4u_persistence
windows/local/pxeexploit
windows/local/ppr_flatten_rec
windows/local/powershell_cmd_upgrade
windows/local/persistence
windows/local/payload_inject
windows/local/nvidia_nvsvc
windows/local/novell_client_nwfs
windows/local/novell_client_nicm
windows/local/ms13_097_ie_registry_symlink
windows/local/ms13_053_schlamperei
windows/local/ms13_005_hwnd_broadcast
windows/local/ms11_080_afdjoinleaf
windows/local/ms10_092_schelevator
windows/local/ms10_015_kitrap0d
windows/local/ms_ndproxy
windows/local/ikeext_service
windows/local/current_user_psexec
windows/local/bypassuac_injection
windows/local/bypassuac
windows/local/ask
windows/local/always_install_elevated
windows/local/agnitum_outpost_acs
windows/local/adobe_sandbox_adobecollabsync
windows/license/sentinel_lm7_udp
6/18/2009
2/16/2006
12/29/2009
1/9/2013
1/9/2013
4/15/2008
4/15/2008
4/4/2011
4/1/2005
11/29/2011
5/23/2011
3/21/2008
11/23/2007
5/15/2008
7/4/2012
4/16/2010
2/5/2013
2/4/2008
2/4/2008
11/5/2003
5/27/2005
5/24/2011
5/21/2008
9/14/2010
5/20/2008
1/1/1999
10/21/2011
10/25/2001
10/15/2012
1/2/2013
8/5/2011
5/15/2013
1/1/1999
10/19/2011
10/12/2011
12/25/2012
6/26/2008
5/22/2013
12/10/2013
10/8/2013
12/1/2013
11/27/2012
11/30/2011
9/13/2010
1/19/2010
11/27/2013
10/9/2012
1/1/1999
12/31/2010
12/31/2010
1/3/2012
3/18/2010
8/2/2013
5/14/2013
3/7/2005
Page 8
good
average
great
normal
excellent
great
average
good
average
normal
normal
average
normal
normal
normal
good
normal
good
good
good
average
normal
average
normal
average
excellent
excellent
excellent
great
excellent
excellent
average
excellent
excellent
excellent
average
average
average
great
average
average
excellent
average
excellent
great
average
good
excellent
excellent
excellent
excellent
excellent
excellent
great
average
Sheet1 (2)
windows/license/flexnet_lmgrd_bof
windows/license/calicserv_getconfig
windows/license/calicclnt_getconfig
windows/ldap/pgp_keyserver7
windows/ldap/imail_thc
windows/isapi/w3who_query
windows/isapi/rsa_webagent_redirect
windows/isapi/ms03_051_fp30reg_chunked
windows/isapi/ms03_022_nsiislog_post
windows/isapi/ms00_094_pbserver
windows/imap/novell_netmail_subscribe
windows/imap/novell_netmail_status
windows/imap/novell_netmail_auth
windows/imap/novell_netmail_append
windows/imap/mercury_rename
windows/imap/mercury_login
windows/imap/mercur_login
windows/imap/mercur_imap_select_overflow
windows/imap/mdaemon_fetch
windows/imap/mdaemon_cram_md5
windows/imap/mailenable_w3c_select
windows/imap/mailenable_status
windows/imap/mailenable_login
windows/imap/ipswitch_search
windows/imap/imail_delete
windows/imap/eudora_list
windows/iis/msadc
windows/iis/ms03_007_ntdll_webdav
windows/iis/ms02_065_msadc
windows/iis/ms02_018_htr
windows/iis/ms01_033_idq
windows/iis/ms01_026_dbldecode
windows/iis/ms01_023_printer
windows/iis/iis_webdav_upload_asp
windows/http/zenworks_uploadservlet
windows/http/zenworks_assetmgmt_uploadservlet
windows/http/xitami_if_mod_since
windows/http/xampp_webdav_upload_php
windows/http/webster_http
windows/http/vmware_vcenter_chargeback_upload
windows/http/umbraco_upload_aspx
windows/http/ultraminihttp_bof
windows/http/trendmicro_officescan
windows/http/trackercam_phparg_overflow
windows/http/sysax_create_folder
windows/http/sybase_easerver
windows/http/sws_connection_bof
windows/http/steamcast_useragent
windows/http/sonicwall_scrutinizer_sqli
windows/http/solarwinds_storage_manager_sql
windows/http/shttpd_post
windows/http/shoutcast_format
windows/http/servu_session_cookie
windows/http/savant_31_overflow
windows/http/sapdb_webtools
Page 9
3/23/2012
3/2/2005
3/2/2005
7/16/2001
2/17/2004
12/6/2004
10/21/2005
11/11/2003
6/25/2003
12/4/2000
12/23/2006
11/18/2005
1/7/2007
12/23/2006
11/29/2004
3/6/2007
3/17/2006
3/17/2006
3/13/2008
11/12/2004
10/3/2005
7/13/2005
12/11/2006
7/18/2007
11/12/2004
12/20/2005
7/17/1998
5/30/2003
11/20/2002
4/10/2002
6/18/2001
5/15/2001
5/1/2001
1/1/1994
3/30/2010
11/2/2011
9/24/2007
1/14/2012
12/2/2002
5/15/2013
6/28/2012
7/10/2013
6/28/2007
2/18/2005
7/29/2012
7/25/2005
7/20/2012
1/24/2008
7/22/2012
12/7/2011
10/6/2006
12/23/2004
11/1/2009
9/10/2002
7/5/2007
normal
normal
average
good
average
good
good
good
good
good
average
average
average
average
average
average
average
average
great
great
great
great
great
average
average
great
excellent
great
normal
good
good
excellent
good
excellent
excellent
excellent
average
excellent
average
excellent
excellent
normal
good
average
normal
average
normal
average
excellent
excellent
average
average
good
great
great
Sheet1 (2)
windows/http/sap_host_control_cmd_exec
windows/http/sap_configservlet_exec_noauth
windows/http/sambar6_search_results
windows/http/rabidhamster_r4_log
windows/http/psoproxy91_overflow
windows/http/privatewire_gateway
windows/http/php_apache_request_headers_bof
windows/http/peercast_url
windows/http/osb_uname_jlist
windows/http/oracle9i_xdb_pass
windows/http/oracle_endeca_exec
windows/http/oracle_btm_writetofile
windows/http/nowsms
windows/http/novell_messenger_acceptlang
windows/http/novell_mdm_lfi
windows/http/novell_imanager_upload
windows/http/netdecision_http_bof
windows/http/navicopa_get_overflow
windows/http/miniweb_upload_wbem
windows/http/minishare_get_overflow
windows/http/mdaemon_worldclient_form2raw
windows/http/mcafee_epolicy_source
windows/http/maxdb_webdbm_get_overflow
windows/http/maxdb_webdbm_database
windows/http/manageengine_apps_mngr
windows/http/mailenable_auth_header
windows/http/landesk_thinkmanagement_upload_asp
windows/http/kolibri_http
windows/http/kaseya_uploadimage_file_upload
windows/http/ipswitch_wug_maincfgret
windows/http/intrasrv_bof
windows/http/intersystems_cache
windows/http/integard_password_bof
windows/http/icecast_header
windows/http/ibm_tsm_cad_header
windows/http/ibm_tpmfosd_overflow
windows/http/ibm_tivoli_endpoint_bof
windows/http/ia_webmail
windows/http/httpdx_tolog_format
windows/http/httpdx_handlepeer
windows/http/hp_sitescope_runomagentcommand
windows/http/hp_power_manager_login
windows/http/hp_power_manager_filename
windows/http/hp_pcm_snac_update_domain
windows/http/hp_pcm_snac_update_certificates
windows/http/hp_openview_insight_backdoor
windows/http/hp_nnm_webappmon_ovjavalocale
windows/http/hp_nnm_webappmon_execvp
windows/http/hp_nnm_snmpviewer_actapp
windows/http/hp_nnm_snmp
windows/http/hp_nnm_ovwebsnmpsrv_uro
windows/http/hp_nnm_ovwebsnmpsrv_ovutil
windows/http/hp_nnm_ovwebsnmpsrv_main
Page 10
8/14/2012
11/1/2012
6/21/2003
2/9/2012
2/20/2004
6/26/2006
5/8/2012
3/8/2006
7/13/2010
8/18/2003
7/16/2013
8/7/2012
2/19/2008
4/13/2006
3/13/2013
10/1/2010
2/24/2012
9/28/2006
4/9/2013
11/7/2004
12/29/2003
7/17/2006
4/26/2005
8/29/2006
4/8/2011
4/24/2005
2/15/2012
12/26/2010
11/11/2013
8/25/2004
5/30/2013
9/29/2009
9/7/2010
9/28/2004
9/24/2007
5/2/2007
5/31/2011
11/3/2003
11/17/2009
10/8/2009
7/29/2013
11/4/2009
10/19/2011
9/9/2013
9/9/2013
1/31/2011
8/3/2010
7/20/2010
1/21/2009
1/7/2009
5/11/2010
12/9/2009
6/8/2010
6/16/2010
6/16/2010
average
great
normal
normal
average
average
normal
average
excellent
great
excellent
excellent
good
average
normal
excellent
normal
great
excellent
average
great
average
good
good
average
great
excellent
good
excellent
great
manual
great
great
great
good
good
good
average
great
great
manual
average
normal
excellent
excellent
excellent
great
great
normal
great
great
great
great
great
great
Sheet1 (2)
windows/http/hp_nnm_ovwebhelp
windows/http/hp_nnm_ovbuildpath_textfile
windows/http/hp_nnm_ovas
windows/http/hp_nnm_ovalarm_lang
windows/http/hp_nnm_openview5
windows/http/hp_nnm_nnmrptconfig_schdparams
windows/http/hp_nnm_nnmrptconfig_nameparams
windows/http/hp_nnm_getnnmdata_maxage
windows/http/hp_nnm_getnnmdata_icount
windows/http/hp_nnm_getnnmdata_hostname
windows/http/hp_mpa_job_acct
windows/http/hp_loadrunner_copyfiletoserver
windows/http/hp_imc_mibfileupload
windows/http/hp_imc_bims_upload
windows/http/fdm_auth_header
windows/http/ezserver_http
windows/http/ektron_xslt_exec
windows/http/efs_easychatserver_username
windows/http/edirectory_imonitor
windows/http/edirectory_host
windows/http/easyftp_list
windows/http/desktopcentral_file_upload
windows/http/cyclope_ess_sqli
windows/http/coldfusion_fckeditor
windows/http/cogent_datahub_request_headers_bof
windows/http/ca_totaldefense_regeneratereports
windows/http/ca_igateway_debug
windows/http/ca_arcserve_rpc_authbypass
windows/http/belkin_bulldog
windows/http/bea_weblogic_transfer_encoding
windows/http/bea_weblogic_post_bof
windows/http/bea_weblogic_jsessionid
windows/http/badblue_passthru
windows/http/badblue_ext_overflow
windows/http/avaya_ccr_imageupload_exec
windows/http/apache_modjk_overflow
windows/http/apache_mod_rewrite_ldap
windows/http/apache_chunked
windows/http/amlibweb_webquerydll_app
windows/http/altn_webadmin
windows/http/altn_securitygateway
windows/http/adobe_robohelper_authbypass
windows/games/ut2004_secure
windows/games/racer_503beta5
windows/games/mohaa_getinfo
windows/ftp/xlink_server
windows/ftp/xlink_client
windows/ftp/xftp_client_pwd
windows/ftp/wsftp_server_505_xmd5
windows/ftp/wsftp_server_503_mkd
windows/ftp/wftpd_size
windows/ftp/warftpd_165_user
windows/ftp/warftpd_165_pass
windows/ftp/vermillion_ftpd_port
windows/ftp/turboftp_port
Page 11
12/9/2009
11/1/2011
4/2/2008
12/9/2009
12/6/2007
1/10/2011
1/10/2011
5/11/2010
5/11/2010
5/11/2010
12/21/2011
10/30/2013
3/7/2013
10/8/2013
2/2/2009
6/18/2012
10/16/2012
8/14/2007
8/11/2005
10/21/2006
2/18/2010
11/11/2013
8/8/2012
7/3/2009
7/26/2013
4/13/2011
10/6/2005
7/25/2011
3/8/2009
9/9/2008
7/17/2008
1/13/2009
12/10/2007
4/20/2003
6/28/2012
3/2/2007
7/28/2006
6/19/2002
8/3/2010
6/24/2003
6/2/2008
9/23/2009
6/18/2004
8/10/2008
7/17/2004
10/3/2009
10/3/2009
4/22/2010
9/14/2006
11/29/2004
8/23/2006
3/19/1998
3/19/1998
9/23/2009
10/3/2012
great
normal
good
great
great
normal
normal
great
great
great
excellent
excellent
great
excellent
great
excellent
excellent
great
great
great
great
excellent
excellent
excellent
normal
excellent
average
excellent
average
great
great
good
great
great
excellent
great
great
good
normal
average
average
excellent
good
great
great
good
normal
normal
average
great
average
average
average
great
great
Sheet1 (2)
windows/ftp/trellian_client_pasv
windows/ftp/slimftpd_list_concat
windows/ftp/servu_mdtm
windows/ftp/servu_chmod
windows/ftp/seagull_list_reply
windows/ftp/scriptftp_list
windows/ftp/sasser_ftpd_port
windows/ftp/sami_ftpd_user
windows/ftp/sami_ftpd_list
windows/ftp/ricoh_dl_bof
windows/ftp/quickshare_traversal_write
windows/ftp/proftp_banner
windows/ftp/pcman_stor
windows/ftp/oracle9i_xdb_ftp_unlock
windows/ftp/oracle9i_xdb_ftp_pass
windows/ftp/open_ftpd_wbem
windows/ftp/odin_list_reply
windows/ftp/netterm_netftpd_user
windows/ftp/ms09_053_ftpd_nlst
windows/ftp/leapftp_pasv_reply
windows/ftp/leapftp_list_reply
windows/ftp/httpdx_tolog_format
windows/ftp/goldenftp_pass_bof
windows/ftp/globalscapeftp_input
windows/ftp/gekkomgr_list_reply
windows/ftp/ftpsynch_list_reply
windows/ftp/ftpshell51_pwd_reply
windows/ftp/ftppad_list_reply
windows/ftp/ftpgetter_pwd_reply
windows/ftp/freeftpd_user
windows/ftp/freeftpd_pass
windows/ftp/freefloatftp_wbem
windows/ftp/freefloatftp_user
windows/ftp/filewrangler_list_reply
windows/ftp/filecopa_list_overflow
windows/ftp/easyftp_mkd_fixret
windows/ftp/easyftp_list_fixret
windows/ftp/easyftp_cwd_fixret
windows/ftp/easyfilesharing_pass
windows/ftp/dreamftp_format
windows/ftp/comsnd_ftpd_fmtstr
windows/ftp/cesarftp_mkd
windows/ftp/absolute_ftp_list_bof
windows/ftp/ability_server_stor
windows/ftp/aasync_list_reply
windows/ftp/3cdaemon_ftp_user
windows/ftp/32bitftp_list_reply
windows/firewall/kerio_auth
windows/firewall/blackice_pam_icq
windows/fileformat/zinfaudioplayer221_pls
windows/fileformat/xradio_xrl_sehbof
windows/fileformat/xion_m3u_sehbof
windows/fileformat/xenorate_xpl_bof
windows/fileformat/wm_downloader_m3u
windows/fileformat/wireshark_packet_dect
4/11/2010
7/21/2005
2/26/2004
12/31/2004
10/12/2010
10/12/2011
5/10/2004
1/24/2006
2/27/2013
3/1/2012
2/3/2011
8/25/2009
6/27/2013
8/18/2003
8/18/2003
6/18/2012
10/12/2010
4/26/2005
8/31/2009
6/9/2003
10/12/2010
11/17/2009
1/23/2011
5/1/2005
10/12/2010
10/12/2010
10/12/2010
10/12/2010
10/12/2010
11/16/2005
8/20/2013
12/7/2012
6/12/2012
10/12/2010
7/19/2006
4/4/2010
7/5/2010
2/16/2010
7/31/2006
3/3/2004
6/8/2012
6/12/2006
11/9/2011
10/22/2004
10/12/2010
1/4/2005
10/12/2010
4/28/2003
3/18/2004
9/24/2004
2/8/2011
11/23/2010
8/19/2009
7/28/2010
4/18/2011
Page 12
normal
great
good
normal
good
good
average
normal
low
normal
excellent
normal
normal
great
great
excellent
good
great
great
normal
good
great
average
great
good
good
good
good
good
average
normal
excellent
normal
good
average
great
great
great
average
good
good
average
normal
normal
good
average
good
average
great
good
normal
great
great
normal
good
Sheet1 (2)
windows/fileformat/winrar_name_spoofing
windows/fileformat/winamp_maki_bof
windows/fileformat/vuplayer_m3u
windows/fileformat/vuplayer_cue
windows/fileformat/vlc_webm
windows/fileformat/vlc_smb_uri
windows/fileformat/vlc_realtext
windows/fileformat/vlc_modplug_s3m
windows/fileformat/visiwave_vwr_type
windows/fileformat/visio_dxf_bof
windows/fileformat/videospirit_visprj
windows/fileformat/videolan_tivo
windows/fileformat/varicad_dwb
windows/fileformat/ursoft_w32dasm
windows/fileformat/ultraiso_cue
windows/fileformat/ultraiso_ccd
windows/fileformat/tugzip
windows/fileformat/total_video_player_ini_bof
windows/fileformat/tfm_mmplayer_m3u_ppl_bof
windows/fileformat/subtitle_processor_m3u_bof
windows/fileformat/somplplayer_m3u
windows/fileformat/shadow_stream_recorder_bof
windows/fileformat/scadaphone_zip
windows/fileformat/sascam_get
windows/fileformat/safenet_softremote_groupname
windows/fileformat/realplayer_ver_attribute_bof
windows/fileformat/real_player_url_property_bof
windows/fileformat/real_networks_netzip_bof
windows/fileformat/proshow_load_bof
windows/fileformat/proshow_cellimage_bof
windows/fileformat/ovf_format_string
windows/fileformat/orbital_viewer_orb
windows/fileformat/orbit_download_failed_bof
windows/fileformat/openoffice_ole
windows/fileformat/nuance_pdf_launch_overflow
windows/fileformat/netop
windows/fileformat/mymp3player_m3u
windows/fileformat/msworks_wkspictureinterface
windows/fileformat/mswin_tiff_overflow
windows/fileformat/ms13_071_theme
windows/fileformat/ms12_027_mscomctl_bof
windows/fileformat/ms12_005
windows/fileformat/ms11_021_xlb_bof
windows/fileformat/ms11_006_createsizeddibsection
windows/fileformat/ms10_087_rtf_pfragments_bo
windows/fileformat/ms10_038_excel_obj_bof
windows/fileformat/ms10_004_textbytesatom
windows/fileformat/ms09_067_excel_featheader
windows/fileformat/ms_visual_basic_vbp
windows/fileformat/mplayer_sami_bof
windows/fileformat/mplayer_m3u_bof
windows/fileformat/moxa_mediadbplayback
windows/fileformat/mjm_quickplayer_s3m
windows/fileformat/mjm_coreplayer2011_s3m
windows/fileformat/mini_stream_pls_bof
Page 13
9/28/2009
5/20/2009
8/18/2009
8/18/2009
1/31/2011
6/24/2009
11/5/2008
4/7/2011
5/20/2011
5/4/2010
4/11/2011
10/22/2008
3/17/2010
1/24/2005
5/24/2007
4/3/2009
10/28/2008
11/24/2013
3/23/2012
4/26/2011
1/22/2010
3/29/2010
9/12/2011
12/29/2008
10/30/2009
12/20/2013
12/14/2012
1/30/2011
6/6/2012
8/20/2009
11/8/2012
2/27/2010
4/3/2008
4/17/2008
10/8/2010
4/28/2011
3/18/2010
11/28/2008
11/5/2013
9/10/2013
4/10/2012
1/10/2012
8/9/2011
12/15/2010
11/9/2010
6/8/2010
2/9/2010
11/10/2009
9/4/2007
5/19/2011
3/19/2011
10/19/2010
4/30/2011
4/30/2011
7/16/2010
excellent
normal
good
good
good
great
good
average
great
good
good
good
great
good
great
great
good
normal
good
normal
great
normal
good
low
good
normal
normal
good
normal
great
normal
great
normal
normal
great
normal
good
low
average
excellent
average
excellent
normal
great
great
normal
good
good
good
normal
average
average
good
good
great
Sheet1 (2)
windows/fileformat/millenium_mp3_pls
windows/fileformat/microp_mppl
windows/fileformat/mediajukebox
windows/fileformat/mediacoder_m3u
windows/fileformat/mcafee_showreport_exec
windows/fileformat/mcafee_hercules_deletesnapshot
windows/fileformat/magix_musikmaker_16_mmm
windows/fileformat/lotusnotes_lzh
windows/fileformat/lattice_pac_bof
windows/fileformat/kingview_kingmess_kvl
windows/fileformat/ispvm_xcf_ispxcf
windows/fileformat/irfanview_jpeg2000_bof
windows/fileformat/ideal_migration_ipj
windows/fileformat/icofx_bof
windows/fileformat/ibm_pcm_ws
windows/fileformat/ibm_forms_viewer_fontname
windows/fileformat/ht_mp3player_ht3_bof
windows/fileformat/hhw_hhp_indexfile_bof
windows/fileformat/hhw_hhp_contentfile_bof
windows/fileformat/hhw_hhp_compiledfile_bof
windows/fileformat/gta_samp
windows/fileformat/gsm_sim
windows/fileformat/galan_fileformat_bof
windows/fileformat/free_mp3_ripper_wav
windows/fileformat/foxit_title_bof
windows/fileformat/foxit_reader_launch
windows/fileformat/foxit_reader_filewrite
windows/fileformat/feeddemon_opml
windows/fileformat/fdm_torrent
windows/fileformat/fatplayer_wav
windows/fileformat/ezip_wizard_bof
windows/fileformat/etrust_pestscan
windows/fileformat/esignal_styletemplate_bof
windows/fileformat/erdas_er_viewer_rf_report_error
windows/fileformat/erdas_er_viewer_bof
windows/fileformat/emc_appextender_keyworks
windows/fileformat/easycdda_pls_bof
windows/fileformat/dvdx_plf_bof
windows/fileformat/djvu_imageurl
windows/fileformat/djstudio_pls_bof
windows/fileformat/digital_music_pad_pls
windows/fileformat/destinymediaplayer16
windows/fileformat/deepburner_path
windows/fileformat/cytel_studio_cy3
windows/fileformat/cyberlink_p2g_bof
windows/fileformat/cutezip_bof
windows/fileformat/csound_getnum_bof
windows/fileformat/corelpdf_fusion_bof
windows/fileformat/coolpdf_image_stream_bof
windows/fileformat/chasys_draw_ies_bmp_bof
windows/fileformat/ccmplayer_m3u_bof
windows/fileformat/cain_abel_4918_rdp
windows/fileformat/ca_cab
windows/fileformat/bsplayer_m3u
windows/fileformat/blazedvd_plf
Page 14
7/30/2009
8/23/2010
7/1/2009
6/24/2013
1/12/2012
8/4/2008
4/26/2011
5/24/2011
5/16/2012
11/20/2012
5/16/2012
1/16/2012
12/5/2009
12/10/2013
2/28/2012
12/5/2013
6/29/2009
1/17/2009
2/6/2006
2/6/2006
9/18/2011
7/7/2010
12/7/2009
8/27/2011
11/13/2010
3/9/2009
3/5/2011
2/9/2009
2/2/2009
10/18/2010
3/9/2009
11/2/2009
9/6/2011
5/23/2013
4/23/2013
9/29/2009
6/7/2010
6/2/2007
10/30/2008
12/30/2009
9/17/2010
1/3/2009
12/19/2006
10/2/2011
9/12/2011
2/12/2011
2/23/2012
7/8/2013
1/18/2013
7/26/2013
11/30/2011
11/30/2008
6/5/2007
1/7/2010
8/3/2009
great
great
normal
normal
normal
low
good
good
normal
normal
normal
normal
great
normal
great
normal
good
good
good
good
normal
normal
normal
great
great
good
normal
great
good
normal
good
average
normal
normal
normal
average
normal
normal
low
normal
normal
good
great
good
great
normal
normal
normal
normal
normal
good
good
good
normal
good
Sheet1 (2)
windows/fileformat/blazedvd_hdtv_bof
windows/fileformat/beetel_netconfig_ini_bof
windows/fileformat/bacnet_csv
windows/fileformat/aviosoft_plf_buf
windows/fileformat/audiotran_pls_1424
windows/fileformat/audiotran_pls
windows/fileformat/audio_wkstn_pls
windows/fileformat/audio_coder_m3u
windows/fileformat/apple_quicktime_texml
windows/fileformat/apple_quicktime_rdrf
windows/fileformat/apple_quicktime_pnsize
windows/fileformat/aol_phobos_bof
windows/fileformat/aol_desktop_linktag
windows/fileformat/altap_salamander_pdb
windows/fileformat/allplayer_m3u_bof
windows/fileformat/adobe_utilprintf
windows/fileformat/adobe_u3d_meshdecl
windows/fileformat/adobe_toolbutton
windows/fileformat/adobe_reader_u3d
windows/fileformat/adobe_pdf_embedded_exe_nojs
windows/fileformat/adobe_pdf_embedded_exe
windows/fileformat/adobe_media_newplayer
windows/fileformat/adobe_libtiff
windows/fileformat/adobe_jbig2decode
windows/fileformat/adobe_illustrator_v14_eps
windows/fileformat/adobe_geticon
windows/fileformat/adobe_flatedecode_predictor02
windows/fileformat/adobe_flashplayer_newfunction
windows/fileformat/adobe_flashplayer_button
windows/fileformat/adobe_cooltype_sing
windows/fileformat/adobe_collectemailinfo
windows/fileformat/activepdf_webgrabber
windows/fileformat/actfax_import_users_bof
windows/fileformat/acdsee_xpm
windows/fileformat/acdsee_fotoslate_string
windows/fileformat/abbs_amp_lst
windows/fileformat/a_pdf_wav_to_mp3
windows/emc/replication_manager_exec
windows/emc/networker_format_string
windows/emc/alphastor_device_manager_exec
windows/emc/alphastor_agent
windows/email/ms10_045_outlook_ref_resolve
windows/email/ms10_045_outlook_ref_only
windows/email/ms07_017_ani_loadimage_chunksize
windows/dcerpc/ms07_029_msdns_zonename
windows/dcerpc/ms03_026_dcom
windows/browser/zenworks_helplauncher_exec
windows/browser/zenturiprogramchecker_unsafe
windows/browser/yahoomessenger_server
windows/browser/yahoomessenger_fvcom
windows/browser/xmplay_asx
windows/browser/wmi_admintools
windows/browser/winzip_fileview
Page 15
4/3/2012
10/12/2013
9/16/2010
11/9/2011
9/9/2010
1/9/2010
12/8/2009
5/1/2013
5/15/2012
5/22/2013
8/8/2011
1/20/2010
1/31/2011
6/19/2007
10/9/2013
2/8/2008
10/13/2009
8/8/2013
12/6/2011
3/29/2010
3/29/2010
12/14/2009
2/16/2010
2/19/2009
12/3/2009
3/24/2009
10/8/2009
6/4/2010
10/28/2010
9/7/2010
2/8/2008
8/26/2008
8/28/2012
11/23/2007
9/12/2011
6/30/2013
8/17/2010
2/7/2011
8/29/2012
1/18/2013
5/27/2008
6/1/2010
6/1/2010
3/28/2007
12/11/2007
4/12/2007
4/12/2005
7/16/2003
10/19/2011
5/29/2007
6/5/2007
8/30/2007
11/21/2006
12/21/2010
11/2/2007
normal
normal
good
good
good
good
good
normal
normal
normal
good
average
normal
good
normal
good
good
normal
average
excellent
excellent
good
good
good
great
good
good
normal
normal
great
good
low
normal
good
good
normal
normal
great
normal
excellent
great
excellent
excellent
great
good
great
good
great
normal
excellent
good
normal
good
great
normal
Sheet1 (2)
windows/browser/windvd7_applicationtype
windows/browser/winamp_ultravox
windows/browser/winamp_playlist_unc
windows/browser/webex_ucf_newobject
windows/browser/webdav_dll_hijacker
windows/browser/vlc_mms_bof
windows/browser/vlc_amv
windows/browser/viscom_movieplayer_drawtext
windows/browser/verypdf_pdfview
windows/browser/ultraoffice_httpupload
windows/browser/ultramjcam_openfiledig_bof
windows/browser/ubisoft_uplay_cmd_exec
windows/browser/tumbleweed_filetransfer
windows/browser/trendmicro_officescan
windows/browser/trendmicro_extsetowner
windows/browser/tom_sawyer_tsgetx71ex552
windows/browser/teechart_pro
windows/browser/systemrequirementslab_unsafe
windows/browser/synactis_connecttosynactis_bof
windows/browser/symantec_backupexec_pvcalendar
windows/browser/symantec_appstream_unsafe
windows/browser/symantec_altirisdeployment_runcmd
windows/browser/sonicwall_addrouteentry
windows/browser/softartisans_getdrivename
windows/browser/siemens_solid_edge_selistctrlx
windows/browser/sapgui_saveviewtosessionfile
windows/browser/samsung_neti_wiewer_backuptoavi_bof
windows/browser/safari_xslt_output
windows/browser/roxio_cineplayer
windows/browser/realplayer_smil
windows/browser/realplayer_qcp
windows/browser/realplayer_import
windows/browser/realplayer_console
windows/browser/realplayer_cdda_uri
windows/browser/real_arcade_installerdlg
windows/browser/quickr_qp2_bof
windows/browser/persits_xupload_traversal
windows/browser/pcvue_func
windows/browser/ovftool_format_string
windows/browser/orbit_connecting
windows/browser/oracle_webcenter_checkoutandopen
windows/browser/oracle_dc_submittoexpress
windows/browser/oracle_autovue_setmarkupmode
windows/browser/ntr_activex_stopmodule
windows/browser/ntr_activex_check_bof
windows/browser/novelliprint_target_frame
windows/browser/novelliprint_getdriversettings_2
windows/browser/novelliprint_getdriversettings
windows/browser/novelliprint_executerequest_dbg
windows/browser/novelliprint_executerequest
windows/browser/novelliprint_datetime
windows/browser/novelliprint_callbackurl
windows/browser/novell_groupwise_gwcls1_actvx
windows/browser/notes_handler_cmdinject
windows/browser/nis2004_get
Page 16
3/20/2007
1/18/2008
1/29/2006
8/6/2008
8/18/2010
3/15/2012
3/23/2011
1/12/2010
6/16/2008
8/27/2008
3/28/2012
7/29/2012
4/7/2008
2/12/2007
8/25/2010
5/3/2011
8/11/2011
10/16/2008
5/30/2013
2/28/2008
1/15/2009
11/4/2009
11/1/2007
8/25/2008
5/26/2013
3/31/2009
4/21/2012
7/20/2011
4/11/2007
3/1/2005
8/16/2011
10/18/2007
3/8/2008
11/15/2010
4/3/2011
5/23/2012
9/29/2009
10/5/2011
11/8/2012
2/3/2009
4/16/2013
8/28/2009
4/18/2012
1/11/2012
1/11/2012
12/8/2009
11/15/2010
6/16/2008
8/4/2010
2/22/2008
12/8/2009
8/20/2010
1/30/2013
6/18/2012
5/16/2007
normal
normal
great
good
manual
normal
good
normal
normal
good
normal
normal
great
normal
normal
normal
normal
excellent
normal
normal
excellent
normal
normal
normal
normal
normal
normal
excellent
normal
normal
average
normal
normal
normal
normal
normal
excellent
average
normal
normal
excellent
normal
normal
normal
normal
great
normal
normal
normal
normal
great
normal
normal
excellent
normal
Sheet1 (2)
windows/browser/nis2004_antispam
windows/browser/nctaudiofile2_setformatlikesample
windows/browser/msxml_get_definition_code_exec
windows/browser/mswhale_checkforupdates
windows/browser/msvidctl_mpeg2
windows/browser/ms13_090_cardspacesigninhelper
windows/browser/ms13_080_cdisplaypointer
windows/browser/ms13_069_caret
windows/browser/ms13_059_cflatmarkuppointer
windows/browser/ms13_055_canchor
windows/browser/ms13_037_svg_dashstyle
windows/browser/ms13_022_silverlight_script_object
windows/browser/ms13_009_ie_slayoutrun_uaf
windows/browser/ms12_037_same_id
windows/browser/ms12_037_ie_colspan
windows/browser/ms12_004_midi
windows/browser/ms11_093_ole32
windows/browser/ms11_081_option
windows/browser/ms11_050_mshtml_cobjectelement
windows/browser/ms11_003_ie_css_import
windows/browser/ms10_090_ie_css_clip
windows/browser/ms10_046_shortcut_icon_dllloader
windows/browser/ms10_042_helpctr_xss_cmd_exec
windows/browser/ms10_026_avi_nsamplespersec
windows/browser/ms10_022_ie_vbscript_winhlp32
windows/browser/ms10_018_ie_tabular_activex
windows/browser/ms10_018_ie_behaviors
windows/browser/ms10_002_ie_object
windows/browser/ms10_002_aurora
windows/browser/ms09_072_style_object
windows/browser/ms09_043_owc_msdso
windows/browser/ms09_043_owc_htmlurl
windows/browser/ms09_002_memory_corruption
windows/browser/ms08_078_xml_corruption
windows/browser/ms08_070_visual_studio_msmask
windows/browser/ms08_053_mediaencoder
windows/browser/ms08_041_snapshotviewer
windows/browser/ms07_017_ani_loadimage_chunksize
windows/browser/ms06_071_xml_core
windows/browser/ms06_067_keyframe
windows/browser/ms06_057_webview_setslice
windows/browser/ms06_055_vml_method
windows/browser/ms06_013_createtextrange
windows/browser/ms06_001_wmf_setabortproc
windows/browser/ms05_054_onload
windows/browser/ms03_020_ie_objecttype
windows/browser/mozilla_reduceright
windows/browser/mozilla_nstreerange
windows/browser/mozilla_nssvgvalue
windows/browser/mozilla_mchannel
windows/browser/mozilla_interleaved_write
windows/browser/mozilla_firefox_xmlserializer
windows/browser/mozilla_firefox_onreadystatechange
windows/browser/mozilla_attribchildremoved
windows/browser/mirc_irc_url
Page 17
3/19/2004
1/24/2007
6/12/2012
4/15/2009
7/5/2009
11/8/2013
10/8/2013
9/10/2013
6/27/2013
7/9/2013
3/6/2013
3/12/2013
2/13/2013
6/12/2012
6/12/2012
1/10/2012
12/13/2011
10/11/2012
6/16/2011
11/29/2010
11/3/2010
7/16/2010
6/9/2010
4/13/2010
2/26/2010
3/9/2010
3/9/2010
1/21/2010
1/14/2010
11/20/2009
7/13/2009
8/11/2009
2/10/2009
12/7/2008
8/13/2008
9/9/2008
7/7/2008
3/28/2007
10/10/2006
11/14/2006
7/17/2006
9/19/2006
3/19/2006
12/27/2005
11/21/2005
6/4/2003
6/21/2011
2/2/2011
12/6/2011
5/10/2011
10/25/2010
1/8/2013
6/25/2013
12/6/2011
10/13/2003
normal
normal
good
normal
normal
normal
normal
normal
normal
normal
normal
normal
average
normal
normal
normal
normal
normal
normal
good
good
excellent
excellent
normal
great
good
good
normal
normal
normal
normal
normal
normal
normal
normal
normal
excellent
great
normal
normal
normal
normal
normal
great
normal
normal
normal
normal
average
normal
normal
normal
normal
average
normal
Sheet1 (2)
windows/browser/mcafeevisualtrace_tracetarget
windows/browser/mcafee_mvt_exec
windows/browser/mcafee_mcsubmgr_vsprintf
windows/browser/maxthon_history_xcs
windows/browser/macrovision_unsafe
windows/browser/macrovision_downloadandexecute
windows/browser/lpviewer_url
windows/browser/logitechvideocall_start
windows/browser/keyhelp_launchtripane_exec
windows/browser/kazaa_altnet_heap
windows/browser/juniper_sslvpn_ive_setupdll
windows/browser/java_ws_vmargs
windows/browser/java_ws_double_quote
windows/browser/java_ws_arginject_altjvm
windows/browser/java_mixer_sequencer
windows/browser/java_docbase_bof
windows/browser/java_codebase_trust
windows/browser/java_cmm
windows/browser/java_basicservice_impl
windows/browser/intrust_annotatex_add
windows/browser/inotes_dwa85w_bof
windows/browser/indusoft_issymbol_internationalseparator
windows/browser/imgeviewer_tifmergemultifiles
windows/browser/ie_unsafe_scripting
windows/browser/ie_setmousecapture_uaf
windows/browser/ie_iscomponentinstalled
windows/browser/ie_execcommand_uaf
windows/browser/ie_createobject
windows/browser/ie_cgenericelement_uaf
windows/browser/ie_cbutton_uaf
windows/browser/ibmlotusdomino_dwa_uploadmodule
windows/browser/ibmegath_getxmlvalue
windows/browser/ibm_tivoli_pme_activex_bof
windows/browser/ibm_spss_c1sizer
windows/browser/hyleos_chemviewx_activex
windows/browser/hpmqc_progcolor
windows/browser/hp_loadrunner_writefilestring
windows/browser/hp_loadrunner_writefilebinary
windows/browser/hp_loadrunner_addfolder
windows/browser/hp_loadrunner_addfile
windows/browser/hp_easy_printer_care_xmlsimpleaccessor
windows/browser/hp_easy_printer_care_xmlcachemgr
windows/browser/hp_alm_xgo_setshapenodetype_exec
windows/browser/honeywell_tema_exec
windows/browser/honeywell_hscremotedeploy_exec
windows/browser/greendam_url
windows/browser/gom_openurl
windows/browser/foxit_reader_plugin_url_bof
windows/browser/facebook_extractiptc
windows/browser/enjoysapgui_preparetoposthtml
windows/browser/enjoysapgui_comp_download
windows/browser/ebook_flipviewer_fviewerloading
windows/browser/ea_checkrequirements
windows/browser/dxstudio_player_exec
windows/browser/dell_webcam_crazytalk
Page 18
7/7/2007
4/30/2012
8/1/2006
11/26/2012
10/20/2007
10/31/2007
10/6/2008
5/31/2007
6/26/2012
10/3/2007
4/26/2006
2/14/2012
10/16/2012
4/9/2010
3/30/2010
10/12/2010
2/15/2011
3/1/2013
10/12/2010
3/28/2012
6/1/2012
4/28/2012
3/3/2010
9/20/2010
9/17/2013
2/24/2006
9/14/2012
4/11/2006
5/3/2013
12/27/2012
12/20/2007
3/24/2009
3/1/2012
4/26/2013
2/10/2010
4/4/2007
7/24/2013
7/24/2013
12/25/2007
1/25/2008
8/16/2011
1/11/2012
8/29/2012
10/20/2011
2/22/2013
6/11/2009
10/27/2007
1/7/2013
1/31/2008
7/5/2007
4/15/2009
6/6/2007
10/8/2007
6/9/2009
3/19/2012
normal
excellent
normal
excellent
excellent
normal
normal
normal
excellent
normal
normal
excellent
excellent
excellent
great
great
excellent
normal
excellent
average
normal
normal
normal
excellent
normal
normal
good
excellent
good
normal
normal
normal
normal
normal
good
normal
normal
normal
good
normal
great
great
normal
excellent
excellent
normal
normal
normal
normal
normal
excellent
normal
normal
excellent
normal
Sheet1 (2)
windows/browser/crystal_reports_printcontrol
windows/browser/creative_software_cachefolder
windows/browser/communicrypt_mail_activex
windows/browser/clear_quest_cqole
windows/browser/citrix_gateway_actx
windows/browser/cisco_playerpt_setsource_surl
windows/browser/cisco_playerpt_setsource
windows/browser/cisco_anyconnect_exec
windows/browser/chilkat_crypt_writefile
windows/browser/ca_brightstor_addcolumn
windows/browser/c6_messenger_downloaderactivex
windows/browser/blackice_downloadimagefileurl
windows/browser/barcode_ax49
windows/browser/baofeng_storm_onbeforevideodownload
windows/browser/awingsoft_winds3d_sceneurl
windows/browser/awingsoft_web3d_bof
windows/browser/aventail_epi_activex
windows/browser/autodesk_idrop
windows/browser/athocgov_completeinstallation
windows/browser/asus_net4switch_ipswcom
windows/browser/ask_shortformat
windows/browser/apple_quicktime_texml_font_table
windows/browser/apple_quicktime_smil_debug
windows/browser/apple_quicktime_rtsp
windows/browser/apple_quicktime_rdrf
windows/browser/apple_quicktime_mime_type
windows/browser/apple_quicktime_marshaled_punk
windows/browser/apple_itunes_playlist
windows/browser/aol_icq_downloadagent
windows/browser/aol_ampx_convertfile
windows/browser/amaya_bdo
windows/browser/aladdin_choosefilepath_bof
windows/browser/aim_goaway
windows/browser/adobe_utilprintf
windows/browser/adobe_toolbutton
windows/browser/adobe_shockwave_rcsl_corruption
windows/browser/adobe_media_newplayer
windows/browser/adobe_jbig2decode
windows/browser/adobe_geticon
windows/browser/adobe_flatedecode_predictor02
windows/browser/adobe_flashplayer_newfunction
windows/browser/adobe_flashplayer_flash10o
windows/browser/adobe_flashplayer_avm
windows/browser/adobe_flashplayer_arrayindexing
windows/browser/adobe_flash_sps
windows/browser/adobe_flash_rtmp
windows/browser/adobe_flash_regex_value
windows/browser/adobe_flash_otf_font
windows/browser/adobe_flash_mp4_cprt
windows/browser/adobe_flash_filters_type_confusion
windows/browser/adobe_cooltype_sing
windows/brightstor/universal_agent
windows/brightstor/tape_engine_0x8a
windows/brightstor/tape_engine
windows/brightstor/sql_agent
Page 19
12/14/2010
5/28/2008
5/19/2010
5/19/2012
7/14/2011
7/17/2012
3/22/2012
6/1/2011
11/3/2008
3/16/2008
6/3/2008
6/5/2008
6/22/2007
4/30/2009
11/14/2009
7/10/2009
8/19/2010
4/2/2009
2/15/2008
2/17/2012
9/24/2007
11/7/2012
8/12/2010
1/1/2007
5/22/2013
11/7/2012
8/30/2010
1/11/2005
11/6/2006
5/19/2009
1/28/2009
4/1/2012
8/9/2004
2/8/2008
8/8/2013
10/21/2010
12/14/2009
2/19/2009
3/24/2009
10/8/2009
6/4/2010
4/11/2011
3/15/2011
6/21/2012
8/9/2011
5/4/2012
2/8/2013
8/9/2012
2/15/2012
12/10/2013
9/7/2010
4/11/2005
10/4/2010
11/21/2006
8/2/2005
normal
normal
great
normal
normal
normal
normal
excellent
excellent
normal
excellent
excellent
normal
normal
excellent
average
normal
normal
normal
normal
normal
normal
good
normal
normal
normal
great
normal
excellent
normal
normal
normal
great
good
normal
normal
good
good
good
good
normal
normal
good
great
normal
normal
normal
normal
normal
normal
great
average
average
average
average
Sheet1 (2)
windows/brightstor/message_engine_heap
windows/brightstor/message_engine_72
windows/brightstor/message_engine
windows/brightstor/mediasrv_sunrpc
windows/brightstor/license_gcr
windows/brightstor/lgserver_rxsuselicenseini
windows/brightstor/lgserver_rxrlogin
windows/brightstor/lgserver_multi
windows/brightstor/lgserver
windows/brightstor/hsmserver
windows/brightstor/etrust_itm_alert
windows/brightstor/discovery_udp
windows/brightstor/discovery_tcp
windows/brightstor/ca_arcserve_342
windows/backupexec/remote_agent
windows/backupexec/name_service
windows/backdoor/energizer_duo_payload
windows/arkeia/type77
windows/antivirus/trendmicro_serverprotect_earthagent
windows/antivirus/trendmicro_serverprotect_createbinding
windows/antivirus/trendmicro_serverprotect
windows/antivirus/symantec_rtvscan
windows/antivirus/symantec_iao
windows/antivirus/ams_xfr
windows/antivirus/ams_hndlrsvc
unix/webapp/zpanel_username_exec
unix/webapp/zoneminder_packagecontrol_exec
unix/webapp/zimbra_lfi
unix/webapp/zeroshell_exec
unix/webapp/xoda_file_upload
unix/webapp/wp_property_upload_exec
unix/webapp/wp_google_document_embedder_exec
unix/webapp/wp_asset_manager_upload_exec
unix/webapp/wp_advanced_custom_fields_exec
unix/webapp/webtester_exec
unix/webapp/webmin_show_cgi_exec
unix/webapp/vicidial_manager_send_cmd_exec
unix/webapp/vbulletin_vote_sqli_exec
unix/webapp/twiki_search
unix/webapp/twiki_maketext
unix/webapp/twiki_history
unix/webapp/trixbox_langchoice
unix/webapp/tikiwiki_unserialize_exec
unix/webapp/tikiwiki_jhot_exec
unix/webapp/tikiwiki_graph_formula_exec
unix/webapp/sugarcrm_unserialize_exec
unix/webapp/squirrelmail_pgp_plugin
unix/webapp/squash_yaml_exec
unix/webapp/spip_connect_exec
unix/webapp/sphpblog_file_upload
unix/webapp/redmine_scm_exec
unix/webapp/qtss_parse_xml_exec
unix/webapp/projectpier_upload_exec
unix/webapp/phpmyadmin_config
unix/webapp/phpbb_highlight
Page 20
10/5/2006
10/4/2010
1/11/2007
4/25/2007
3/2/2005
6/6/2007
6/6/2007
6/6/2007
1/31/2007
9/27/2007
4/4/2008
12/20/2004
2/14/2005
10/9/2008
6/22/2005
12/16/2004
3/5/2010
2/18/2005
5/7/2007
5/7/2007
2/20/2007
5/24/2006
4/28/2009
4/28/2009
7/26/2010
6/7/2013
1/22/2013
12/6/2013
9/22/2013
8/21/2012
3/26/2012
1/3/2013
5/26/2012
11/14/2012
10/17/2013
9/6/2012
10/23/2013
3/25/2013
10/1/2004
12/15/2012
9/14/2005
7/9/2008
7/4/2012
9/2/2006
10/10/2007
6/23/2012
7/9/2007
8/6/2013
7/4/2012
8/25/2005
12/19/2010
2/24/2003
10/8/2012
3/24/2009
11/12/2004
average
average
average
average
average
average
average
average
average
great
average
average
average
average
great
average
excellent
good
good
good
good
good
good
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
normal
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
manual
excellent
excellent
excellent
excellent
manual
excellent
normal
excellent
excellent
excellent
excellent
excellent
excellent
Sheet1 (2)
unix/webapp/php_xmlrpc_eval
unix/webapp/php_wordpress_total_cache
unix/webapp/php_wordpress_optimizepress
unix/webapp/php_wordpress_lastpost
unix/webapp/php_wordpress_foxypress
unix/webapp/php_vbulletin_template
unix/webapp/php_include
unix/webapp/php_eval
unix/webapp/php_charts_exec
unix/webapp/pajax_remote_exec
unix/webapp/oscommerce_filemanager
unix/webapp/oracle_vm_agent_utl
unix/webapp/openx_banner_edit
unix/webapp/openview_connectednodes_exec
unix/webapp/opensis_modname_exec
unix/webapp/openemr_upload_exec
unix/webapp/openemr_sqli_privesc_upload
unix/webapp/open_flash_chart_upload_exec
unix/webapp/narcissus_backend_exec
unix/webapp/nagios3_statuswml_ping
unix/webapp/nagios3_history_cgi
unix/webapp/nagios_graph_explorer
unix/webapp/mybb_backdoor
unix/webapp/moinmoin_twikidraw
unix/webapp/mitel_awc_exec
unix/webapp/mambo_cache_lite
unix/webapp/libretto_upload_exec
unix/webapp/kimai_sqli
unix/webapp/joomla_tinybrowser
unix/webapp/joomla_media_upload_exec
unix/webapp/joomla_comjce_imgmanager
unix/webapp/invision_pboard_unserialize_exec
unix/webapp/instantcms_exec
unix/webapp/horde_unserialize_exec
unix/webapp/havalite_upload_exec
unix/webapp/hastymail_exec
unix/webapp/guestbook_ssi_exec
unix/webapp/graphite_pickle_exec
unix/webapp/google_proxystylesheet_exec
unix/webapp/generic_exec
unix/webapp/foswiki_maketext
unix/webapp/flashchat_upload_exec
unix/webapp/egallery_upload_exec
unix/webapp/dogfood_spell_exec
unix/webapp/datalife_preview_exec
unix/webapp/coppermine_piceditor
unix/webapp/clipbucket_upload_exec
unix/webapp/citrix_access_gateway_exec
unix/webapp/carberp_backdoor_exec
unix/webapp/cakephp_cache_corruption
unix/webapp/cacti_graphimage_exec
unix/webapp/basilic_diff_exec
unix/webapp/base_qry_common
unix/webapp/barracuda_img_exec
unix/webapp/awstatstotals_multisort
6/29/2005
4/17/2013
11/29/2013
8/9/2005
6/5/2012
2/25/2005
12/17/2006
10/13/2008
1/16/2013
3/30/2006
8/31/2009
10/12/2010
11/24/2009
8/25/2005
12/4/2012
2/13/2013
9/16/2013
12/14/2009
11/14/2012
6/22/2009
12/9/2012
11/30/2012
10/6/2011
12/30/2012
12/12/2010
6/14/2008
6/14/2013
5/21/2013
7/22/2009
8/1/2013
8/2/2012
10/25/2012
6/26/2013
6/27/2013
6/17/2013
11/22/2011
11/5/1999
8/20/2013
8/16/2005
11/14/1993
12/3/2012
10/4/2013
7/8/2012
3/3/2009
1/28/2013
1/30/2008
10/4/2013
12/21/2010
6/28/2013
11/15/2010
1/15/2005
6/28/2012
6/14/2008
9/1/2005
8/26/2008
Page 21
excellent
excellent
normal
excellent
excellent
excellent
normal
manual
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
great
excellent
excellent
great
excellent
excellent
manual
excellent
excellent
excellent
average
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
great
excellent
excellent
excellent
excellent
excellent
excellent
Sheet1 (2)
unix/webapp/awstats_migrate_exec
unix/webapp/awstats_configdir_exec
unix/webapp/arkeia_upload_exec
unix/ssh/tectia_passwd_changereq
unix/smtp/exim4_string_format
unix/smtp/clamav_milter_blackhole
unix/misc/zabbix_agent_exec
unix/misc/spamassassin_exec
unix/misc/qnx_qconn_exec
unix/misc/distcc_exec
unix/local/setuid_nmap
unix/irc/unreal_ircd_3281_backdoor
unix/http/lifesize_room
unix/http/freepbx_callmenum
unix/http/ctek_skyrouter
unix/http/contentkeeperweb_mimencode
unix/ftp/vsftpd_234_backdoor
unix/ftp/proftpd_133c_backdoor
solaris/telnet/ttyprompt
solaris/telnet/fuser
solaris/sunrpc/ypupdated_exec
solaris/sunrpc/sadmind_exec
solaris/sunrpc/sadmind_adm_build_path
solaris/samba/trans2open
solaris/samba/lsa_transnames_heap
solaris/lpd/sendmail_exec
solaris/dtspcd/heap_noir
osx/samba/trans2open
osx/samba/lsa_transnames_heap
osx/rtsp/quicktime_rtsp_content_type
osx/misc/ufo_ai
osx/mdns/upnp_location
osx/local/sudo_password_bypass
osx/local/setuid_viscosity
osx/local/setuid_tunnelblick
osx/local/persistence
osx/http/evocam_webserver
osx/ftp/webstar_ftp_user
osx/email/mailapp_image_exec
osx/browser/software_update
osx/browser/safari_metadata_archive
osx/browser/safari_file_policy
osx/browser/mozilla_mchannel
osx/arkeia/type77
osx/afp/loginext
netware/sunrpc/pkernel_callit
netware/smb/lsass_cifs
multi/wyse/hagent_untrusted_hsdata
multi/upnp/libupnp_ssdp_overflow
multi/svn/svnserve_date
multi/ssh/sshexec
multi/script/web_delivery
multi/sap/sap_soap_rfc_sxpg_command_exec
multi/sap/sap_soap_rfc_sxpg_call_system_exec
multi/sap/sap_mgmt_con_osexec_payload
5/4/2006
1/15/2005
9/16/2013
12/1/2012
12/7/2010
8/24/2007
9/10/2009
6/6/2006
9/4/2012
2/1/2002
7/19/2012
6/12/2010
7/13/2011
3/20/2012
9/8/2011
2/25/2009
7/3/2011
12/2/2010
1/18/2002
2/12/2007
12/12/1994
9/13/2003
10/14/2008
4/7/2003
5/14/2007
8/31/2001
7/10/2002
4/7/2003
5/14/2007
11/23/2007
10/28/2009
5/25/2007
2/28/2013
8/12/2012
8/11/2012
4/1/2012
6/1/2010
7/13/2004
3/1/2006
12/17/2007
2/21/2006
10/12/2011
5/10/2011
2/18/2005
5/3/2004
9/30/2009
1/21/2007
7/10/2009
1/29/2013
5/19/2004
1/1/1999
7/19/2013
5/8/2012
3/26/2013
3/8/2011
Page 22
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
manual
average
excellent
excellent
excellent
excellent
excellent
excellent
excellent
great
great
average
excellent
great
great
average
average
average
average
normal
excellent
excellent
excellent
average
average
manual
excellent
excellent
normal
normal
average
average
good
average
excellent
normal
average
manual
manual
great
great
excellent
Sheet1 (2)
multi/samba/usermap_script
multi/samba/nttrans
multi/realserver/describe
multi/php/php_unserialize_zval_cookie
multi/ntp/ntp_overflow
multi/misc/zend_java_bridge
multi/misc/wireshark_lwres_getaddrbyname_loop
multi/misc/wireshark_lwres_getaddrbyname
multi/misc/veritas_netbackup_cmdexec
multi/misc/ra1nx_pubcall_exec
multi/misc/pbot_exec
multi/misc/openview_omniback_exec
multi/misc/java_rmi_server
multi/misc/java_jdwp_debugger
multi/misc/indesign_server_soap
multi/misc/hp_vsa_exec
multi/misc/batik_svg_java
multi/ids/snort_dce_rpc
multi/http/zenworks_control_center_upload
multi/http/zabbix_script_exec
multi/http/wikka_spam_exec
multi/http/webpagetest_upload_exec
multi/http/vtiger_soap_upload
multi/http/vtiger_php_exec
multi/http/vbseo_proc_deutf
multi/http/v0pcr3w_exec
multi/http/uptime_file_upload
multi/http/traq_plugin_exec
multi/http/tomcat_mgr_upload
multi/http/tomcat_mgr_deploy
multi/http/testlink_upload_exec
multi/http/sun_jsws_dav_options
multi/http/stunshell_exec
multi/http/stunshell_eval
multi/http/struts_include_params
multi/http/struts_dev_mode
multi/http/struts_default_action_mapper
multi/http/struts_code_exec_parameters
multi/http/struts_code_exec_exception_delegator
multi/http/struts_code_exec
multi/http/spree_searchlogic_exec
multi/http/spree_search_exec
multi/http/splunk_upload_app_exec
multi/http/splunk_mappy_exec
multi/http/sonicwall_gms_upload
multi/http/snortreport_exec
multi/http/sit_file_upload
multi/http/sflog_upload_exec
multi/http/rocket_servergraph_file_requestor_rce
multi/http/rails_xml_yaml_code_exec
multi/http/rails_secret_deserialization
multi/http/rails_json_yaml_code_exec
multi/http/qdpm_upload_exec
multi/http/processmaker_exec
multi/http/polarcms_upload_exec
5/14/2007
4/7/2003
12/20/2002
3/4/2007
4/4/2001
3/28/2011
1/27/2010
1/27/2010
10/21/2004
3/24/2013
11/2/2009
2/28/2001
10/15/2011
3/12/2010
11/11/2012
11/11/2011
5/11/2012
2/19/2007
3/22/2013
10/30/2013
11/30/2011
7/13/2012
3/26/2013
10/30/2013
1/23/2012
3/23/2013
11/19/2013
12/12/2011
11/9/2009
11/9/2009
8/13/2012
1/20/2010
3/23/2013
3/23/2013
5/24/2013
1/6/2012
7/2/2013
10/1/2011
1/6/2012
7/13/2010
4/19/2011
10/5/2011
9/27/2012
12/12/2011
1/17/2012
9/19/2011
11/10/2011
7/6/2012
10/30/2013
1/7/2013
4/11/2013
1/28/2013
6/14/2012
10/24/2013
1/21/2012
Page 23
excellent
average
great
average
good
great
great
great
excellent
great
excellent
excellent
excellent
good
excellent
excellent
excellent
good
great
excellent
excellent
excellent
excellent
excellent
excellent
great
excellent
excellent
excellent
excellent
excellent
great
great
great
great
excellent
excellent
excellent
excellent
good
excellent
excellent
good
excellent
excellent
excellent
excellent
excellent
great
excellent
excellent
excellent
excellent
excellent
excellent
Sheet1 (2)
multi/http/pmwiki_pagelist
multi/http/plone_popen2
multi/http/phptax_exec
multi/http/phpscheduleit_start_date
multi/http/phpmyadmin_preg_replace
multi/http/phpmyadmin_3522_backdoor
multi/http/phpldapadmin_query_engine
multi/http/php_volunteer_upload_exec
multi/http/php_cgi_arg_injection
multi/http/openx_backdoor_php
multi/http/openmediavault_cmd_exec
multi/http/openfire_auth_bypass
multi/http/op5_welcome
multi/http/op5_license
multi/http/netwin_surgeftp_exec
multi/http/nas4free_php_exec
multi/http/mutiny_subnetmask_exec
multi/http/movabletype_upgrade_exec
multi/http/moodle_cmd_exec
multi/http/mobilecartly_upload_exec
multi/http/manageengine_search_sqli
multi/http/log1cms_ajax_create_folder
multi/http/lcms_php_exec
multi/http/kordil_edms_upload_exec
multi/http/jenkins_script_console
multi/http/jboss_maindeployer
multi/http/jboss_invoke_deploy
multi/http/jboss_deploymentfilerepository
multi/http/jboss_bshdeployer
multi/http/ispconfig_php_exec
multi/http/hyperic_hq_script_console
multi/http/hp_sys_mgmt_exec
multi/http/hp_sitescope_uploadfileshandler
multi/http/hp_sitescope_issuesiebelcmd
multi/http/horde_href_backdoor
multi/http/glpi_install_rce
multi/http/glossword_upload_exec
multi/http/glassfish_deployer
multi/http/gitorious_graph
multi/http/gitlab_shell_exec
multi/http/gestioip_exec
multi/http/freenas_exec_raw
multi/http/familycms_less_exec
multi/http/extplorer_upload_exec
multi/http/eaton_nsm_code_exec
multi/http/cuteflow_upload_exec
multi/http/coldfusion_rds
multi/http/cisco_dcnm_upload
multi/http/axis2_deployer
multi/http/auxilium_upload_exec
multi/http/apprain_upload_exec
multi/http/apache_roller_ognl_injection
multi/http/ajaxplorer_checkinstall_exec
multi/http/activecollab_chat
multi/handler
11/9/2011
10/4/2011
10/8/2012
10/1/2008
4/25/2013
9/25/2012
10/24/2011
5/28/2012
5/3/2012
8/7/2013
10/30/2013
11/10/2008
1/5/2012
1/5/2012
12/6/2012
10/30/2013
10/22/2012
1/7/2013
10/30/2013
8/10/2012
10/18/2012
4/11/2011
3/3/2011
2/22/2013
1/18/2013
2/20/2007
2/20/2007
4/26/2010
4/26/2010
10/30/2013
10/10/2013
6/11/2013
8/29/2012
10/30/2013
2/13/2012
9/12/2013
2/5/2013
8/4/2011
1/19/2012
11/4/2013
10/4/2013
11/6/2010
11/29/2011
12/31/2012
6/26/2012
7/27/2012
8/8/2013
9/18/2013
12/30/2010
9/14/2012
1/19/2012
10/31/2013
4/4/2010
5/30/2012
Page 24
excellent
excellent
excellent
excellent
excellent
normal
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
good
great
excellent
normal
good
excellent
excellent
excellent
excellent
excellent
good
excellent
excellent
excellent
excellent
excellent
excellent
excellent
good
great
excellent
manual
excellent
excellent
excellent
excellent
excellent
great
excellent
excellent
excellent
excellent
great
excellent
excellent
excellent
excellent
excellent
excellent
excellent
manual
Sheet1 (2)
multi/ftp/wuftpd_site_exec_format
multi/fileformat/peazip_command_injection
multi/fileformat/nodejs_js_yaml_load_code_exec
multi/fileformat/maple_maplet
multi/fileformat/adobe_u3d_meshcont
multi/elasticsearch/script_mvel_rce
multi/browser/qtjava_pointer
multi/browser/opera_historysearch
multi/browser/opera_configoverwrite
multi/browser/mozilla_navigatorjava
multi/browser/mozilla_compareto
multi/browser/java_verifier_field_access
multi/browser/java_trusted_chain
multi/browser/java_storeimagearray
multi/browser/java_signed_applet
multi/browser/java_setdifficm_bof
multi/browser/java_rmi_connection_impl
multi/browser/java_rhino
multi/browser/java_jre17_reflection_types
multi/browser/java_jre17_provider_skeleton
multi/browser/java_jre17_method_handle
multi/browser/java_jre17_jmxbean_2
multi/browser/java_jre17_jmxbean
multi/browser/java_jre17_jaxws
multi/browser/java_jre17_exec
multi/browser/java_jre17_driver_manager
multi/browser/java_getsoundbank_bof
multi/browser/java_calendar_deserialize
multi/browser/java_atomicreferencearray
multi/browser/itms_overflow
multi/browser/firefox_xpi_bootstrapped_addon
multi/browser/firefox_tostring_console_injection
multi/browser/firefox_svg_plugin
multi/browser/firefox_queryinterface
multi/browser/firefox_proto_crmfrequest
multi/browser/firefox_escape_retval
linux/upnp/miniupnpd_soap_bof
linux/upnp/dlink_upnp_msearch_exec
linux/telnet/telnet_encrypt_keyid
linux/ssh/symantec_smg_ssh
linux/ssh/f5_bigip_known_privkey
linux/smtp/exim4_dovecot_exec
linux/samba/trans2open
linux/samba/setinfopolicy_heap
linux/samba/lsa_transnames_heap
linux/samba/chain_reply
linux/proxy/squid_ntlm_authenticate
linux/pptp/poptop_negative_read
linux/postgres/postgres_payload
linux/pop3/cyrus_pop3d_popsubfolders
linux/mysql/mysql_yassl_hello
linux/mysql/mysql_yassl_getname
linux/misc/zabbix_server_exec
linux/misc/sercomm_exec
linux/misc/novell_edirectory_ncp_bof
6/22/2000
6/5/2009
6/28/2013
4/26/2010
10/13/2009
12/9/2013
4/23/2007
10/23/2008
3/5/2007
7/25/2006
7/13/2005
6/6/2012
3/31/2010
8/12/2013
2/19/1997
11/4/2009
3/31/2010
10/18/2011
1/10/2013
6/18/2013
10/16/2012
1/19/2013
1/10/2013
10/16/2012
8/26/2012
1/10/2013
11/4/2009
12/3/2008
2/14/2012
6/1/2009
6/27/2007
5/14/2013
1/8/2013
2/2/2006
8/6/2013
7/13/2009
3/27/2013
2/1/2013
12/23/2011
8/27/2012
6/11/2012
5/3/2013
4/7/2003
4/10/2012
5/14/2007
6/16/2010
6/8/2004
4/9/2003
6/5/2007
5/21/2006
1/4/2008
1/25/2010
9/10/2009
12/31/2013
12/12/2012
Page 25
great
excellent
excellent
excellent
good
excellent
excellent
excellent
excellent
normal
normal
excellent
excellent
great
excellent
great
excellent
excellent
excellent
great
excellent
excellent
excellent
excellent
excellent
excellent
great
excellent
excellent
great
excellent
excellent
excellent
normal
excellent
normal
normal
excellent
great
excellent
excellent
excellent
great
normal
good
good
great
great
excellent
normal
good
good
excellent
great
normal
Sheet1 (2)
linux/misc/netsupport_manager_agent
linux/misc/nagios_nrpe_arguments
linux/misc/mongod_native_helper
linux/misc/lprng_format_string
linux/misc/ib_pwd_db_aliased
linux/misc/ib_open_marker_file
linux/misc/ib_jrd8_create_database
linux/misc/ib_inet_connect
linux/misc/hplip_hpssd_exec
linux/misc/hp_vsa_login_bof
linux/misc/hp_data_protector_cmd_exec
linux/misc/gld_postfix
linux/misc/drb_remote_codeexec
linux/misc/accellion_fta_mpipe2
linux/local/zpanel_zsudo
linux/local/vmware_mount
linux/local/udev_netlink
linux/local/sophos_wpa_clear_keys
linux/local/sock_sendpage
linux/local/pkexec
linux/local/kloxo_lxsuexec
linux/local/hp_smhstart
linux/imap/imap_uw_lsub
linux/ids/snortbopre
linux/http/zenoss_showdaemonxmlconfig_exec
linux/http/zen_load_balancer_exec
linux/http/zabbix_sqli
linux/http/webid_converter
linux/http/webcalendar_settings_exec
linux/http/wanem_exec
linux/http/vcms_upload
linux/http/synology_dsm_sliceupload_exec_noauth
linux/http/symantec_web_gateway_pbcontrol
linux/http/symantec_web_gateway_lfi
linux/http/symantec_web_gateway_file_upload
linux/http/symantec_web_gateway_exec
linux/http/sophos_wpa_sblistpack_exec
linux/http/smt_ipmi_close_window_bof
linux/http/raidsonic_nas_ib5220_exec_noauth
linux/http/piranha_passwd_exec
linux/http/pineapp_test_li_conn_exec
linux/http/pineapp_livelog_exec
linux/http/pineapp_ldapsyncnow_exec
linux/http/peercast_url
linux/http/openfiler_networkcard_exec
linux/http/nginx_chunked_size
linux/http/netgear_readynas_exec
linux/http/netgear_dgn2200b_pppoe_exec
linux/http/netgear_dgn1000b_setup_exec
linux/http/mutiny_frontend_upload
linux/http/linksys_wrt54gl_apply_exec
linux/http/linksys_wrt160nv2_apply_exec
linux/http/linksys_wrt110_cmd_exec
linux/http/linksys_e1500_apply_exec
linux/http/linksys_apply_cgi
Page 26
1/8/2011
2/21/2013
3/24/2013
9/25/2000
10/3/2007
10/3/2007
10/3/2007
10/3/2007
10/4/2007
6/28/2013
2/7/2011
4/12/2005
3/23/2011
2/7/2011
6/7/2013
8/22/2013
4/16/2009
9/6/2013
8/13/2009
4/1/2011
9/18/2012
3/30/2013
4/16/2000
10/18/2005
7/30/2012
9/14/2012
9/23/2013
7/5/2011
4/23/2012
8/12/2012
11/27/2011
10/31/2013
7/23/2012
5/17/2012
5/17/2012
5/17/2012
9/6/2013
11/6/2013
2/4/2013
4/4/2000
7/26/2013
7/26/2013
7/26/2013
3/8/2006
9/4/2012
5/7/2013
7/12/2013
2/15/2013
2/6/2013
5/15/2013
1/18/2013
2/11/2013
7/12/2013
2/5/2013
9/13/2005
average
excellent
normal
normal
good
good
good
good
excellent
normal
excellent
good
excellent
excellent
excellent
normal
great
excellent
great
great
normal
normal
good
good
good
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
excellent
good
manual
excellent
excellent
excellent
excellent
average
excellent
normal
manual
manual
excellent
excellent
manual
excellent
excellent
excellent
great
Sheet1 (2)
linux/http/hp_system_management
linux/http/groundwork_monarch_cmd_exec
linux/http/gpsd_format_string
linux/http/foreman_openstack_satellite_code_exec
linux/http/f5_icontrol_exec
linux/http/esva_exec
linux/http/dreambox_openpli_shell
linux/http/dolibarr_cmd_exec
linux/http/dlink_upnp_exec_noauth
linux/http/dlink_hedwig_cgi_bof
linux/http/dlink_dir615_up_exec
linux/http/dlink_dir605l_captcha_bof
linux/http/dlink_dir300_exec_telnet
linux/http/dlink_diagnostic_exec_noauth
linux/http/dlink_command_php_exec_noauth
linux/http/dlink_authentication_cgi_bof
linux/http/ddwrt_cgibin_exec
linux/http/cfme_manageiq_evm_upload_exec
linux/http/astium_sqli_upload
linux/http/alcatel_omnipcx_mastercgi_exec
linux/games/ut2004_secure
linux/ftp/proftp_telnet_iac
linux/ftp/proftp_sreplace
linux/browser/adobe_flashplayer_aslaunch
irix/lpd/tagprinter_exec
hpux/lpd/cleanup_exec
freebsd/telnet/telnet_encrypt_keyid
freebsd/tacacs/xtacacsd_report
freebsd/samba/trans2open
freebsd/local/mmap
freebsd/ftp/proftp_telnet_iac
dialup/multi/login/manyargs
bsdi/softcart/mercantec_softcart
apple_ios/ssh/cydia_default_ssh
apple_ios/email/mobilemail_libtiff
apple_ios/browser/safari_libtiff
android/browser/webview_addjavascriptinterface
aix/rpc_ttdbserverd_realpath
aix/rpc_cmsd_opcode21
aix/local/ibstat_path
9/1/2012
3/8/2013
5/25/2005
6/6/2013
9/17/2013
8/16/2012
2/8/2013
4/6/2012
7/5/2013
2/8/2013
2/7/2013
10/8/2012
4/22/2013
3/5/2013
2/4/2013
2/8/2013
7/20/2009
9/4/2013
9/17/2013
9/9/2007
6/18/2004
11/1/2010
11/26/2006
12/17/2008
9/1/2001
8/28/2002
12/23/2011
1/8/2008
4/7/2003
6/18/2013
11/1/2010
12/12/2001
8/19/2004
7/2/2007
8/1/2006
8/1/2006
12/21/2012
6/17/2009
10/7/2009
9/24/2013
normal
excellent
average
normal
excellent
excellent
great
excellent
normal
normal
excellent
manual
excellent
excellent
excellent
normal
excellent
normal
manual
manual
good
great
great
good
excellent
excellent
great
average
great
great
great
good
great
excellent
good
good
normal
great
great
excellent
Payloads
#N/A
Name
---aix/ppc/shell_bind_tcp
aix/ppc/shell_find_port
aix/ppc/shell_interact
aix/ppc/shell_reverse_tcp
android/meterpreter/reverse_http
android/meterpreter/reverse_https
android/meterpreter/reverse_tcp
android/shell/reverse_http

-------------- ---normal
normal
normal
normal
normal
normal
normal
normal
Page 27
Sheet1 (2)
android/shell/reverse_https
android/shell/reverse_tcp
bsd/sparc/shell_bind_tcp
bsd/sparc/shell_reverse_tcp
bsd/x86/exec
bsd/x86/metsvc_bind_tcp
bsd/x86/metsvc_reverse_tcp
bsd/x86/shell/bind_ipv6_tcp
bsd/x86/shell/bind_tcp
bsd/x86/shell/find_tag
bsd/x86/shell/reverse_ipv6_tcp
bsd/x86/shell/reverse_tcp
bsd/x86/shell_bind_tcp
bsd/x86/shell_bind_tcp_ipv6
bsd/x86/shell_find_port
bsd/x86/shell_find_tag
bsd/x86/shell_reverse_tcp
bsd/x86/shell_reverse_tcp_ipv6
bsdi/x86/shell/bind_tcp
bsdi/x86/shell/reverse_tcp
bsdi/x86/shell_bind_tcp
bsdi/x86/shell_find_port
bsdi/x86/shell_reverse_tcp
cmd/unix/bind_awk
cmd/unix/bind_inetd
cmd/unix/bind_lua
cmd/unix/bind_netcat
cmd/unix/bind_netcat_gaping
cmd/unix/bind_netcat_gaping_ipv6
cmd/unix/bind_nodejs
cmd/unix/bind_perl
cmd/unix/bind_perl_ipv6
cmd/unix/bind_ruby
cmd/unix/bind_ruby_ipv6
cmd/unix/bind_zsh
cmd/unix/generic
cmd/unix/interact
cmd/unix/reverse
cmd/unix/reverse_awk
cmd/unix/reverse_bash
cmd/unix/reverse_bash_telnet_ssl
cmd/unix/reverse_lua
cmd/unix/reverse_netcat
cmd/unix/reverse_netcat_gaping
cmd/unix/reverse_nodejs
cmd/unix/reverse_openssl
cmd/unix/reverse_perl
cmd/unix/reverse_perl_ssl
cmd/unix/reverse_php_ssl
cmd/unix/reverse_python
cmd/unix/reverse_python_ssl
cmd/unix/reverse_ruby
cmd/unix/reverse_ruby_ssl
cmd/unix/reverse_ssl_double_telnet
cmd/unix/reverse_zsh
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Page 28
Sheet1 (2)
cmd/windows/adduser
cmd/windows/bind_lua
cmd/windows/bind_perl
cmd/windows/bind_perl_ipv6
cmd/windows/bind_ruby
cmd/windows/download_eval_vbs
cmd/windows/download_exec_vbs
cmd/windows/generic
cmd/windows/reverse_lua
cmd/windows/reverse_perl
cmd/windows/reverse_powershell
cmd/windows/reverse_ruby
firefox/exec
firefox/shell_bind_tcp
firefox/shell_reverse_tcp
generic/custom
generic/debug_trap
generic/shell_bind_tcp
generic/shell_reverse_tcp
generic/tight_loop
java/jsp_shell_bind_tcp
java/jsp_shell_reverse_tcp
java/meterpreter/bind_tcp
java/meterpreter/reverse_http
java/meterpreter/reverse_https
java/meterpreter/reverse_tcp
java/shell/bind_tcp
java/shell/reverse_tcp
java/shell_reverse_tcp
linux/armle/adduser
linux/armle/exec
linux/armle/shell/bind_tcp
linux/armle/shell/reverse_tcp
linux/armle/shell_bind_tcp
linux/armle/shell_reverse_tcp
linux/mipsbe/exec
linux/mipsbe/reboot
linux/mipsbe/shell/reverse_tcp
linux/mipsbe/shell_bind_tcp
linux/mipsbe/shell_reverse_tcp
linux/mipsle/exec
linux/mipsle/reboot
linux/mipsle/shell/reverse_tcp
linux/mipsle/shell_bind_tcp
linux/mipsle/shell_reverse_tcp
linux/ppc/shell_bind_tcp
linux/ppc/shell_find_port
linux/ppc/shell_reverse_tcp
linux/ppc64/shell_bind_tcp
linux/ppc64/shell_find_port
linux/ppc64/shell_reverse_tcp
linux/x64/exec
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Page 29
Sheet1 (2)
linux/x86/adduser
linux/x86/chmod
linux/x86/exec
linux/x86/meterpreter/bind_ipv6_tcp
linux/x86/meterpreter/bind_nonx_tcp
linux/x86/meterpreter/bind_tcp
linux/x86/meterpreter/find_tag
linux/x86/meterpreter/reverse_ipv6_tcp
linux/x86/meterpreter/reverse_nonx_tcp
linux/x86/meterpreter/reverse_tcp
linux/x86/metsvc_bind_tcp
linux/x86/metsvc_reverse_tcp
linux/x86/read_file
linux/x86/shell/bind_ipv6_tcp
linux/x86/shell/bind_nonx_tcp
linux/x86/shell/find_tag
linux/x86/shell/reverse_ipv6_tcp
linux/x86/shell/reverse_nonx_tcp
linux/x86/shell_bind_ipv6_tcp
linux/x86/shell_find_tag
linux/x86/shell_reverse_tcp2
netware/shell/reverse_tcp
nodejs/shell_bind_tcp
nodejs/shell_reverse_tcp
nodejs/shell_reverse_tcp_ssl
osx/armle/execute/bind_tcp
osx/armle/execute/reverse_tcp
osx/armle/shell/bind_tcp
osx/armle/shell/reverse_tcp
osx/armle/shell_bind_tcp
osx/armle/shell_reverse_tcp
osx/armle/vibrate
osx/ppc/shell/bind_tcp
osx/ppc/shell/find_tag
osx/ppc/shell/reverse_tcp
osx/ppc/shell_bind_tcp
osx/ppc/shell_reverse_tcp
osx/x64/dupandexecve/bind_tcp
osx/x64/dupandexecve/reverse_tcp
osx/x64/exec
osx/x64/say
osx/x64/shell_find_tag
osx/x86/bundleinject/bind_tcp
osx/x86/bundleinject/reverse_tcp
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Page 30
Sheet1 (2)
osx/x86/exec
osx/x86/isight/bind_tcp
osx/x86/isight/reverse_tcp
osx/x86/shell_find_port
osx/x86/vforkshell/bind_tcp
osx/x86/vforkshell/reverse_tcp
osx/x86/vforkshell_bind_tcp
osx/x86/vforkshell_reverse_tcp
php/bind_perl
php/bind_perl_ipv6
php/bind_php
php/bind_php_ipv6
php/download_exec
php/exec
php/meterpreter/bind_tcp
php/meterpreter/bind_tcp_ipv6
php/meterpreter/reverse_tcp
php/meterpreter_reverse_tcp
php/reverse_perl
php/reverse_php
php/shell_findsock
python/meterpreter/bind_tcp
python/meterpreter/reverse_tcp
python/shell_reverse_tcp
python/shell_reverse_tcp_ssl
ruby/shell_bind_tcp
ruby/shell_bind_tcp_ipv6
ruby/shell_reverse_tcp
ruby/shell_reverse_tcp_ssl
solaris/sparc/shell_bind_tcp
solaris/sparc/shell_find_port
solaris/sparc/shell_reverse_tcp
solaris/x86/shell_bind_tcp
solaris/x86/shell_find_port
solaris/x86/shell_reverse_tcp
tty/unix/interact
windows/adduser
windows/dllinject/bind_ipv6_tcp
windows/dllinject/bind_nonx_tcp
windows/dllinject/bind_tcp
windows/dllinject/bind_tcp_rc4
windows/dllinject/find_tag
windows/dllinject/reverse_hop_http
windows/dllinject/reverse_http
windows/dllinject/reverse_ipv6_tcp
windows/dllinject/reverse_nonx_tcp
windows/dllinject/reverse_ord_tcp
windows/dllinject/reverse_tcp
windows/dllinject/reverse_tcp_allports
windows/dllinject/reverse_tcp_dns
windows/dllinject/reverse_tcp_rc4
windows/dllinject/reverse_tcp_rc4_dns
windows/dns_txt_query_exec
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Page 31
Sheet1 (2)
windows/download_exec
windows/exec
windows/loadlibrary
windows/messagebox
windows/meterpreter/bind_ipv6_tcp
windows/meterpreter/bind_nonx_tcp
windows/meterpreter/bind_tcp
windows/meterpreter/bind_tcp_rc4
windows/meterpreter/find_tag
windows/meterpreter/reverse_hop_http
windows/meterpreter/reverse_http
windows/meterpreter/reverse_https
windows/meterpreter/reverse_https_proxy
windows/meterpreter/reverse_ipv6_tcp
windows/meterpreter/reverse_nonx_tcp
windows/meterpreter/reverse_ord_tcp
windows/meterpreter/reverse_tcp
windows/meterpreter/reverse_tcp_allports
windows/meterpreter/reverse_tcp_dns
windows/meterpreter/reverse_tcp_rc4
windows/meterpreter/reverse_tcp_rc4_dns
windows/metsvc_bind_tcp
windows/metsvc_reverse_tcp
windows/patchupdllinject/bind_ipv6_tcp
windows/patchupdllinject/bind_nonx_tcp
windows/patchupdllinject/bind_tcp
windows/patchupdllinject/bind_tcp_rc4
windows/patchupdllinject/find_tag
windows/patchupdllinject/reverse_ipv6_tcp
windows/patchupdllinject/reverse_nonx_tcp
windows/patchupdllinject/reverse_ord_tcp
windows/patchupdllinject/reverse_tcp
windows/patchupdllinject/reverse_tcp_allports
windows/patchupdllinject/reverse_tcp_dns
windows/patchupdllinject/reverse_tcp_rc4
windows/patchupdllinject/reverse_tcp_rc4_dns
windows/patchupmeterpreter/bind_ipv6_tcp
windows/patchupmeterpreter/bind_nonx_tcp
windows/patchupmeterpreter/bind_tcp
windows/patchupmeterpreter/bind_tcp_rc4
windows/patchupmeterpreter/find_tag
windows/patchupmeterpreter/reverse_ipv6_tcp
windows/patchupmeterpreter/reverse_nonx_tcp
windows/patchupmeterpreter/reverse_ord_tcp
windows/patchupmeterpreter/reverse_tcp
windows/patchupmeterpreter/reverse_tcp_allports
windows/patchupmeterpreter/reverse_tcp_dns
windows/patchupmeterpreter/reverse_tcp_rc4
windows/patchupmeterpreter/reverse_tcp_rc4_dns
windows/shell/bind_ipv6_tcp
windows/shell/bind_nonx_tcp
windows/shell/bind_tcp
windows/shell/bind_tcp_rc4
windows/shell/find_tag
windows/shell/reverse_hop_http
Page 32
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Sheet1 (2)
windows/shell/reverse_http
windows/shell/reverse_ipv6_tcp
windows/shell/reverse_nonx_tcp
windows/shell/reverse_ord_tcp
windows/shell/reverse_tcp
windows/shell/reverse_tcp_allports
windows/shell/reverse_tcp_dns
windows/shell/reverse_tcp_rc4
windows/shell/reverse_tcp_rc4_dns
windows/shell_bind_tcp
windows/shell_bind_tcp_xpfw
windows/shell_hidden_bind_tcp
windows/shell_reverse_tcp
windows/speak_pwned
windows/upexec/bind_ipv6_tcp
windows/upexec/bind_nonx_tcp
windows/upexec/bind_tcp
windows/upexec/bind_tcp_rc4
windows/upexec/find_tag
windows/upexec/reverse_hop_http
windows/upexec/reverse_http
windows/upexec/reverse_ipv6_tcp
windows/upexec/reverse_nonx_tcp
windows/upexec/reverse_ord_tcp
windows/upexec/reverse_tcp
windows/upexec/reverse_tcp_allports
windows/upexec/reverse_tcp_dns
windows/upexec/reverse_tcp_rc4
windows/upexec/reverse_tcp_rc4_dns
windows/vncinject/bind_ipv6_tcp
windows/vncinject/bind_nonx_tcp
windows/vncinject/bind_tcp
windows/vncinject/bind_tcp_rc4
windows/vncinject/find_tag
windows/vncinject/reverse_hop_http
windows/vncinject/reverse_http
windows/vncinject/reverse_ipv6_tcp
windows/vncinject/reverse_nonx_tcp
windows/vncinject/reverse_ord_tcp
windows/vncinject/reverse_tcp
windows/vncinject/reverse_tcp_allports
windows/vncinject/reverse_tcp_dns
windows/vncinject/reverse_tcp_rc4
windows/vncinject/reverse_tcp_rc4_dns
windows/x64/exec
windows/x64/loadlibrary
windows/x64/meterpreter/bind_tcp
windows/x64/meterpreter/reverse_https
windows/x64/meterpreter/reverse_tcp
windows/x64/shell/bind_tcp
windows/x64/shell/reverse_https
windows/x64/shell/reverse_tcp
windows/x64/shell_bind_tcp
windows/x64/shell_reverse_tcp
windows/x64/vncinject/bind_tcp
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Page 33
Sheet1 (2)
windows/x64/vncinject/reverse_https
windows/x64/vncinject/reverse_tcp
normal
normal
Auxiliary
#N/A
Name
---admin/2wire/xslt_password_reset
admin/appletv/appletv_display_image
admin/appletv/appletv_display_video
admin/backupexec/dump
admin/backupexec/registry
admin/chromecast/chromecast_reset
admin/chromecast/chromecast_youtube
admin/cisco/cisco_secure_acs_bypass
admin/cisco/vpn_3000_ftp_bypass
admin/db2/db2rcmd
admin/edirectory/edirectory_dhost_cookie
admin/edirectory/edirectory_edirutil
admin/emc/alphastor_devicemanager_exec
admin/emc/alphastor_librarymanager_exec
admin/hp/hp_data_protector_cmd
admin/hp/hp_imc_som_create_account
admin/http/axigen_file_access
admin/http/cfme_manageiq_evm_pass_reset
admin/http/contentkeeper_fileaccess
admin/http/dlink_dir_300_600_exec_noauth
admin/http/dlink_dir_645_password_extractor
admin/http/dlink_dsl320b_password_extractor
admin/http/foreman_openstack_satellite_priv_esc
admin/http/hp_web_jetadmin_exec
admin/http/iis_auth_bypass
admin/http/intersil_pass_reset
admin/http/iomega_storcenterpro_sessionid
admin/http/jboss_bshdeployer
admin/http/jboss_seam_exec
admin/http/katello_satellite_priv_esc
admin/http/linksys_e1500_e2500_exec
admin/http/linksys_tmunblock_admin_reset_bof
admin/http/linksys_wrt54gl_exec
admin/http/mutiny_frontend_read_delete
admin/http/nexpose_xxe_file_read
admin/http/novell_file_reporter_filedelete
admin/http/openbravo_xxe
admin/http/rails_devise_pass_reset
admin/http/scrutinizer_add_user
admin/http/sophos_wpa_traversal
admin/http/tomcat_administration
admin/http/tomcat_utf8_traversal
admin/http/trendmicro_dlp_traversal
Page 34
Disclosure
Date
-------------8/15/2007 normal
normal
normal
normal
normal
normal
normal
normal
8/23/2006 normal
3/4/2004 normal
normal
normal
5/27/2008 normal
5/27/2008 normal
2/7/2011 normal
10/8/2013 normal
10/31/2012 normal
11/12/2013 normal
normal
2/4/2013 normal
normal
normal
6/6/2013 normal
4/27/2004 normal
7/2/2010 normal
9/10/2007 normal
normal
normal
7/19/2010 normal
3/24/2014 normal
2/5/2013 normal
2/19/2014 normal
1/18/2013 normal
5/15/2013 normal
normal
normal
10/30/2013 normal
1/28/2013 normal
7/27/2012 normal
4/3/2013 normal
normal
normal
normal
1/20/2009 normal
2/10/2009 normal
normal
Sheet1 (2)
admin/http/typo3_winstaller_default_enc_keys
admin/http/vbulletin_upgrade_admin
admin/http/wp_custom_contact_forms
admin/http/zyxel_admin_password_extractor
admin/maxdb/maxdb_cons_exec
admin/misc/sercomm_dump_config
admin/misc/wol
admin/motorola/wr850g_cred
admin/ms/ms08_059_his2006
admin/mssql/mssql_enum
admin/mssql/mssql_escalate_dbowner
admin/mssql/mssql_escalate_dbowner_sqli
admin/mssql/mssql_exec
admin/mssql/mssql_findandsampledata
admin/mssql/mssql_idf
admin/mssql/mssql_ntlm_stealer
admin/mssql/mssql_ntlm_stealer_sqli
admin/mssql/mssql_sql
admin/mssql/mssql_sql_file
admin/mysql/mysql_enum
admin/mysql/mysql_sql
admin/natpmp/natpmp_map
admin/officescan/tmlisten_traversal
admin/oracle/ora_ntlm_stealer
admin/oracle/oracle_login
admin/oracle/oracle_sql
admin/oracle/oraenum
admin/oracle/osb_execqr
admin/oracle/post_exploitation/win32exec
admin/oracle/post_exploitation/win32upload
admin/oracle/sid_brute
admin/oracle/tnscmd
admin/pop2/uw_fileretrieval
admin/postgres/postgres_readfile
admin/postgres/postgres_sql
admin/sap/sap_configservlet_exec_noauth
admin/sap/sap_mgmt_con_osexec
admin/scada/advantech_webaccess_dbvisitor_sqli
admin/scada/ge_proficy_substitute_traversal
admin/scada/modicon_command
admin/scada/modicon_password_recovery
admin/scada/modicon_stux_transfer
admin/scada/multi_cip_command
admin/scada/yokogawa_bkbcopyd_client
admin/serverprotect/file
admin/smb/check_dir_file
admin/smb/delete_file
admin/smb/download_file
admin/smb/list_directory
admin/smb/psexec_command
admin/smb/psexec_ntdsgrab
admin/smb/samba_symlink_traversal
admin/smb/upload_file
Page 35
normal
10/9/2013 normal
8/7/2014 normal
normal
1/9/2008 normal
12/31/2013 normal
normal
9/24/2004 normal
10/14/2008 normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
4/7/2009 normal
11/20/2008 normal
12/7/2007 normal
normal
1/14/2009 normal
8/18/2009 normal
7/13/2010 normal
12/7/2007 normal
2/10/2005 normal
1/7/2009 normal
2/1/2009 normal
7/14/2000 normal
normal
normal
11/1/2012 normal
normal
4/8/2014 normal
1/22/2013 normal
4/5/2012 normal
1/19/2012 normal
4/5/2012 normal
1/19/2012 normal
8/9/2014 normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Sheet1 (2)
admin/sunrpc/solaris_kcms_readfile
admin/tftp/tftp_transfer_util
admin/tikiwiki/tikidblib
admin/vmware/poweroff_vm
admin/vmware/poweron_vm
admin/vmware/tag_vm
admin/vmware/terminate_esx_sessions
admin/vnc/realvnc_41_bypass
admin/vxworks/apple_airport_extreme_password
admin/vxworks/dlink_i2eye_autoanswer
admin/vxworks/wdbrpc_memory_dump
admin/vxworks/wdbrpc_reboot
admin/webmin/edit_html_fileaccess
admin/webmin/file_disclosure
admin/zend/java_bridge
analyze/jtr_aix
analyze/jtr_crack_fast
analyze/jtr_linux
analyze/jtr_mssql_fast
analyze/jtr_mysql_fast
analyze/jtr_oracle_fast
analyze/jtr_postgres_fast
bnat/bnat_router
bnat/bnat_scan
client/smtp/emailer
crawler/msfcrawler
docx/word_unc_injector
dos/cisco/ios_http_percentpercent
dos/dhcp/isc_dhcpd_clientid
dos/freebsd/nfsd/nfsd_mount
dos/hp/data_protector_rds
dos/http/3com_superstack_switch
dos/http/apache_commons_fileupload_dos
dos/http/apache_mod_isapi
dos/http/apache_range_dos
dos/http/apache_tomcat_transfer_encoding
dos/http/canon_wireless_printer
dos/http/dell_openmanage_post
dos/http/gzip_bomb_dos
dos/http/hashcollision_dos
dos/http/monkey_headers
dos/http/nodejs_pipelining
dos/http/novell_file_reporter_heap_bof
dos/http/rails_action_view
dos/http/rails_json_float_dos
dos/http/sonicwall_ssl_format
dos/http/webrick_regex
dos/http/wordpress_xmlrpc_dos
dos/mdns/avahi_portzero
dos/misc/dopewars
dos/misc/ibm_sametime_webplayer_dos
dos/misc/memcached
dos/ntp/ntpd_reserved_dos
dos/pptp/ms02_063_pptp_dos
dos/samba/lsa_addprivs_heap
1/22/2003 normal
normal
11/1/2006 normal
normal
normal
normal
normal
5/15/2006 normal
normal
normal
normal
normal
9/6/2012 normal
6/30/2006 normal
3/28/2011 normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
4/26/2000 normal
normal
normal
1/8/2011 normal
6/24/2004 normal
2/6/2014 normal
3/5/2010 normal
8/19/2011 normal
7/9/2010 normal
6/18/2013 normal
2/26/2004 normal
1/1/2004 normal
12/28/2011 normal
5/30/2013 normal
10/18/2013 normal
11/16/2012 normal
12/4/2013 normal
11/22/2013 normal
5/29/2009 normal
8/8/2008 normal
8/6/2014 normal
11/14/2008 normal
10/5/2009 normal
11/7/2013 normal
normal
10/4/2009 normal
9/26/2002 normal
normal
Page 36
Sheet1 (2)
dos/samba/lsa_transnames_heap
dos/samba/read_nttrans_ea_list
dos/sap/sap_soap_rfc_eps_delete_file
dos/scada/beckhoff_twincat
dos/scada/d20_tftp_overflow
dos/scada/igss9_dataserver
dos/scada/yokogawa_logsvr
dos/smtp/sendmail_prescan
dos/solaris/lpd/cascade_delete
dos/ssl/dtls_changecipherspec
dos/ssl/dtls_fragment_overflow
dos/ssl/openssl_aesni
dos/syslog/rsyslog_long_tag
dos/tcp/junos_tcp_opt
dos/tcp/synflood
dos/upnp/miniupnpd_dos
dos/windows/appian/appian_bpm
dos/windows/browser/ms09_065_eot_integer
dos/windows/ftp/filezilla_admin_user
dos/windows/ftp/filezilla_server_port
dos/windows/ftp/guildftp_cwdlist
dos/windows/ftp/iis75_ftpd_iac_bof
dos/windows/ftp/iis_list_exhaustion
dos/windows/ftp/solarftp_user
dos/windows/ftp/titan626_site
dos/windows/ftp/vicftps50_list
dos/windows/ftp/winftp230_nlst
dos/windows/games/kaillera
dos/windows/http/ms10_065_ii6_asp_dos
dos/windows/http/pi3web_isapi
dos/windows/llmnr/ms11_030_dnsapi
dos/windows/nat/nat_helper
dos/windows/rdp/ms12_020_maxchannelids
dos/windows/smb/ms05_047_pnp
dos/windows/smb/ms06_035_mailslot
dos/windows/smb/ms06_063_trans
dos/windows/smb/ms09_001_write
dos/windows/smb/ms09_050_smb2_negotiate_pidhigh
dos/windows/smb/ms09_050_smb2_session_logoff
dos/windows/smb/ms10_006_negotiate_response_loop
dos/windows/smb/ms10_054_queryfs_pool_overflow
dos/windows/smb/ms11_019_electbowser
dos/windows/smb/rras_vls_null_deref
dos/windows/smb/vista_negotiate_stop
dos/windows/smtp/ms06_019_exchange
dos/windows/ssh/sysax_sshd_kexchange
dos/windows/tftp/pt360_write
dos/windows/tftp/solarwinds
dos/wireshark/capwap
dos/wireshark/chunked
dos/wireshark/cldap
dos/wireshark/ldap
fuzzers/dns/dns_fuzzer
Page 37
9/13/2011
1/19/2012
12/20/2011
3/10/2014
9/17/2003
4/26/2000
6/5/2014
2/5/2013
9/1/2011
3/27/2013
12/17/2007
11/10/2009
11/7/2005
12/11/2006
10/12/2008
12/21/2010
9/3/2009
2/22/2011
10/14/2008
10/24/2008
9/26/2008
10/13/2008
3/27/2009
7/2/2011
9/14/2010
11/13/2008
4/12/2011
10/26/2006
3/16/2012
7/11/2006
6/14/2006
11/12/2004
3/17/2013
10/29/2008
5/21/2010
4/28/2014
2/22/2007
3/1/2011
3/28/2008
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Sheet1 (2)
fuzzers/ftp/client_ftp
fuzzers/ftp/ftp_pre_post
fuzzers/http/http_form_field
fuzzers/http/http_get_uri_long
fuzzers/http/http_get_uri_strings
fuzzers/ntp/ntp_protocol_fuzzer
fuzzers/smb/smb2_negotiate_corrupt
fuzzers/smb/smb_create_pipe
fuzzers/smb/smb_create_pipe_corrupt
fuzzers/smb/smb_negotiate_corrupt
fuzzers/smb/smb_ntlm1_login_corrupt
fuzzers/smb/smb_tree_connect
fuzzers/smb/smb_tree_connect_corrupt
fuzzers/smtp/smtp_fuzzer
fuzzers/ssh/ssh_kexinit_corrupt
fuzzers/ssh/ssh_version_corrupt
fuzzers/tds/tds_login_corrupt
fuzzers/tds/tds_login_username
gather/alienvault_iso27001_sqli
gather/alienvault_newpolicyform_sqli
gather/android_htmlfileprovider
gather/android_stock_browser_uxss
gather/apache_rave_creds
gather/apple_safari_webarchive_uxss
gather/checkpoint_hostname
gather/chromecast_wifi
gather/citrix_published_applications
gather/citrix_published_bruteforce
gather/coldfusion_pwd_props
gather/corpwatch_lookup_id
gather/corpwatch_lookup_name
gather/d20pass
gather/dns_bruteforce
gather/dns_cache_scraper
gather/dns_info
gather/dns_reverse_lookup
gather/dns_srv_enum
gather/doliwamp_traversal_creds
gather/drupal_openid_xxe
gather/eaton_nsm_creds
gather/emc_cta_xxe
gather/enum_dns
gather/external_ip
gather/f5_bigip_cookie_disclosure
gather/flash_rosetta_jsonp_url_disclosure
gather/hp_enum_perfd
gather/hp_snac_domain_creds
gather/ibm_sametime_enumerate_users
gather/ibm_sametime_room_brute
gather/ibm_sametime_version
gather/impersonate_ssl
gather/joomla_weblinks_sqli
gather/mantisbt_admin_sqli
3/30/2014
5/9/2014
2/22/2013
12/14/2011
5/7/2013
1/19/2012
1/12/2014
10/17/2012
6/26/2012
3/31/2014
7/8/2014
9/9/2013
12/27/2013
12/27/2013
12/27/2013
3/2/2014
2/28/2014
Page 38
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Sheet1 (2)
gather/mongodb_js_inject_collection_enum
gather/mybb_db_fingerprint
gather/natpmp_external_address
gather/search_email_collector
gather/shodan_search
gather/trackit_sql_domain_creds
gather/vbulletin_vote_sqli
gather/windows_deployment_services_shares
gather/wp_w3_total_cache_hash_extract
gather/xbmc_traversal
metamodule/firewall_egress
parser/unattend
pdf/foxit/authbypass
scanner/afp/afp_login
scanner/afp/afp_server_info
scanner/backdoor/energizer_duo_detect
scanner/chargen/chargen_probe
scanner/couchdb/couchdb_enum
scanner/couchdb/couchdb_login
scanner/db2/db2_auth
scanner/db2/db2_version
scanner/db2/discovery
scanner/dcerpc/endpoint_mapper
scanner/dcerpc/hidden
scanner/dcerpc/management
scanner/dcerpc/tcp_dcerpc_auditor
scanner/dcerpc/windows_deployment_services
scanner/dect/call_scanner
scanner/dect/station_scanner
scanner/discovery/arp_sweep
scanner/discovery/empty_udp
scanner/discovery/ipv6_multicast_ping
scanner/discovery/ipv6_neighbor
scanner/discovery/ipv6_neighbor_router_advertisement
scanner/discovery/udp_probe
scanner/discovery/udp_sweep
scanner/dns/dns_amp
scanner/elasticsearch/indices_enum
scanner/emc/alphastor_devicemanager
scanner/emc/alphastor_librarymanager
scanner/finger/finger_users
scanner/ftp/anonymous
scanner/ftp/ftp_login
scanner/ftp/ftp_version
scanner/ftp/titanftp_xcrc_traversal
scanner/h323/h323_version
scanner/http/a10networks_ax_directory_traversal
scanner/http/adobe_xml_inject
scanner/http/apache_activemq_source_disclosure
scanner/http/apache_activemq_traversal
scanner/http/apache_mod_cgi_bash_env
scanner/http/apache_userdir_enum
scanner/http/appletv_login
scanner/http/atlassian_crowd_fileaccess
scanner/http/axis_local_file_include
Page 39
6/7/2014 normal
2/13/2014 normal
10/7/2014
3/24/2013
11/4/2012
3/9/2009
2/8/1996
6/15/2010
1/28/2014
9/24/2014
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Sheet1 (2)
scanner/http/axis_login
scanner/http/backup_file
scanner/http/barracuda_directory_traversal
scanner/http/bitweaver_overlay_type_traversal
scanner/http/blind_sql_query
scanner/http/brute_dirs
scanner/http/canon_wireless
scanner/http/cert
scanner/http/cisco_asa_asdm
scanner/http/cisco_device_manager
scanner/http/cisco_ios_auth_bypass
scanner/http/cisco_ironport_enum
scanner/http/cisco_nac_manager_traversal
scanner/http/cisco_ssl_vpn
scanner/http/clansphere_traversal
scanner/http/cold_fusion_version
scanner/http/coldfusion_locale_traversal
scanner/http/concrete5_member_list
scanner/http/copy_of_file
scanner/http/crawler
scanner/http/dell_idrac
scanner/http/dir_listing
scanner/http/dir_scanner
scanner/http/dir_webdav_unicode_bypass
scanner/http/dlink_dir_300_615_http_login
scanner/http/dlink_dir_615h_http_login
scanner/http/dlink_dir_session_cgi_http_login
scanner/http/dlink_user_agent_backdoor
scanner/http/dolibarr_login
scanner/http/drupal_views_user_enum
scanner/http/ektron_cms400net
scanner/http/enum_wayback
scanner/http/error_sql_injection
scanner/http/etherpad_duo_login
scanner/http/file_same_name_dir
scanner/http/files_dir
scanner/http/frontpage_login
scanner/http/glassfish_login
scanner/http/groupwise_agents_http_traversal
scanner/http/hp_imc_bims_downloadservlet_traversal
scanner/http/hp_imc_faultdownloadservlet_traversal
scanner/http/hp_imc_ictdownloadservlet_traversal
scanner/http/hp_imc_reportimgservlt_traversal
scanner/http/hp_imc_som_file_download
scanner/http/hp_sitescope_getfileinternal_fileaccess
scanner/http/hp_sitescope_getsitescopeconfiguration
scanner/http/hp_sitescope_loadfilecontent_fileaccess
scanner/http/hp_sys_mgmt_login
scanner/http/http_header
scanner/http/http_hsts
scanner/http/http_login
scanner/http/http_put
scanner/http/http_traversal
scanner/http/http_version
scanner/http/httpbl_lookup
Page 40
10/8/2010
10/23/2012
6/18/2013
10/26/2000
6/27/2001
10/23/2012
10/12/2013
7/2/2010
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Sheet1 (2)
scanner/http/iis_internal_ip
scanner/http/infovista_enum
scanner/http/ipboard_login
scanner/http/jboss_status
scanner/http/jboss_vulnscan
scanner/http/jenkins_enum
scanner/http/jenkins_login
scanner/http/joomla_bruteforce_login
scanner/http/joomla_pages
scanner/http/joomla_plugins
scanner/http/joomla_version
scanner/http/linksys_e1500_traversal
scanner/http/litespeed_source_disclosure
scanner/http/lucky_punch
scanner/http/majordomo2_directory_traversal
scanner/http/manageengine_deviceexpert_traversal
scanner/http/manageengine_deviceexpert_user_creds
scanner/http/manageengine_securitymanager_traversal
scanner/http/mediawiki_svg_fileaccess
scanner/http/mod_negotiation_brute
scanner/http/mod_negotiation_scanner
scanner/http/ms09_020_webdav_unicode_bypass
scanner/http/mybook_live_login
scanner/http/netdecision_traversal
scanner/http/netgear_sph200d_traversal
scanner/http/nginx_source_disclosure
scanner/http/novell_file_reporter_fsfui_fileaccess
scanner/http/novell_file_reporter_srs_fileaccess
scanner/http/novell_mdm_creds
scanner/http/ntlm_info_enumeration
scanner/http/open_proxy
scanner/http/openmind_messageos_login
scanner/http/options
scanner/http/oracle_demantra_database_credentials_leak
scanner/http/oracle_demantra_file_retrieval
scanner/http/oracle_ilom_login
scanner/http/owa_login
scanner/http/pocketpad_login
scanner/http/prev_dir_same_name_file
scanner/http/radware_appdirector_enum
scanner/http/rails_json_yaml_scanner
scanner/http/rails_mass_assignment
scanner/http/rails_xml_yaml_scanner
scanner/http/replace_ext
scanner/http/rewrite_proxy_bypass
scanner/http/rfcode_reader_enum
scanner/http/robots_txt
scanner/http/s40_traversal
scanner/http/sap_businessobjects_user_brute
scanner/http/sap_businessobjects_user_brute_web
scanner/http/sap_businessobjects_user_enum
scanner/http/sap_businessobjects_version_enum
scanner/http/scraper
scanner/http/sentry_cdu_enum
scanner/http/sevone_enum
Page 41
3/8/2011
3/18/2012
8/28/2014
10/19/2012
3/7/2012
11/16/2012
11/16/2012
2/28/2014
2/28/2014
4/7/2011
6/7/2013
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Sheet1 (2)
scanner/http/simple_webserver_traversal
scanner/http/smt_ipmi_49152_exposure
scanner/http/smt_ipmi_cgi_scanner
scanner/http/smt_ipmi_static_cert_scanner
scanner/http/smt_ipmi_url_redirect_traversal
scanner/http/soap_xml
scanner/http/sockso_traversal
scanner/http/splunk_web_login
scanner/http/squid_pivot_scanning
scanner/http/squiz_matrix_user_enum
scanner/http/ssl
scanner/http/ssl_version
scanner/http/support_center_plus_directory_traversal
scanner/http/svn_scanner
scanner/http/svn_wcdb_scanner
scanner/http/sybase_easerver_traversal
scanner/http/symantec_brightmail_logfile
scanner/http/titan_ftp_admin_pwd
scanner/http/tomcat_enum
scanner/http/tomcat_mgr_login
scanner/http/tplink_traversal_noauth
scanner/http/trace
scanner/http/trace_axd
scanner/http/typo3_bruteforce
scanner/http/vcms_login
scanner/http/verb_auth_bypass
scanner/http/vhost_scanner
scanner/http/vmware_server_dir_trav
scanner/http/vmware_update_manager_traversal
scanner/http/wangkongbao_traversal
scanner/http/web_vulndb
scanner/http/webdav_internal_ip
scanner/http/webdav_scanner
scanner/http/webdav_website_content
scanner/http/webpagetest_traversal
scanner/http/wordpress_login_enum
scanner/http/wordpress_pingback_access
scanner/http/wordpress_scanner
scanner/http/wordpress_xmlrpc_login
scanner/http/xpath
scanner/http/yaws_traversal
scanner/http/zenworks_assetmanagement_fileaccess
scanner/http/zenworks_assetmanagement_getconfig
scanner/imap/imap_version
scanner/ip/ipidseq
scanner/ipmi/ipmi_cipher_zero
scanner/ipmi/ipmi_dumphashes
scanner/ipmi/ipmi_version
scanner/lotus/lotus_domino_hashes
scanner/lotus/lotus_domino_login
scanner/lotus/lotus_domino_version
scanner/misc/cctv_dvr_login
scanner/misc/dvr_config_disclosure
scanner/misc/ib_service_mgr_info
scanner/misc/java_rmi_server
Page 42
1/3/2013
6/19/2014
11/6/2013
11/6/2013
11/6/2013
3/14/2012
11/8/2011
10/14/2014
1/28/2014
5/25/2011
11/30/2012
11/21/2011
7/13/2012
11/25/2011
6/20/2013
6/20/2013
10/15/2011
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Sheet1 (2)
scanner/misc/oki_scanner
scanner/misc/poisonivy_control_scanner
scanner/misc/raysharp_dvr_passwords
scanner/misc/redis_server
scanner/misc/rosewill_rxs3211_passwords
scanner/misc/sercomm_backdoor_scanner
scanner/misc/sunrpc_portmapper
scanner/misc/zenworks_preboot_fileaccess
scanner/mongodb/mongodb_login
scanner/motorola/timbuktu_udp
scanner/msf/msf_rpc_login
scanner/msf/msf_web_login
scanner/mssql/mssql_hashdump
scanner/mssql/mssql_login
scanner/mssql/mssql_ping
scanner/mssql/mssql_schemadump
scanner/mysql/mysql_authbypass_hashdump
scanner/mysql/mysql_file_enum
scanner/mysql/mysql_hashdump
scanner/mysql/mysql_login
scanner/mysql/mysql_schemadump
scanner/mysql/mysql_version
scanner/natpmp/natpmp_portscan
scanner/nessus/nessus_ntp_login
scanner/nessus/nessus_xmlrpc_login
scanner/nessus/nessus_xmlrpc_ping
scanner/netbios/nbname
scanner/netbios/nbname_probe
scanner/nexpose/nexpose_api_login
scanner/nfs/nfsmount
scanner/ntp/ntp_monlist
scanner/ntp/ntp_peer_list_dos
scanner/ntp/ntp_peer_list_sum_dos
scanner/ntp/ntp_readvar
scanner/ntp/ntp_req_nonce_dos
scanner/ntp/ntp_reslist_dos
scanner/ntp/ntp_unsettrap_dos
scanner/openvas/openvas_gsad_login
scanner/openvas/openvas_omp_login
scanner/openvas/openvas_otp_login
scanner/oracle/emc_sid
scanner/oracle/isqlplus_login
scanner/oracle/isqlplus_sidbrute
scanner/oracle/oracle_hashdump
scanner/oracle/oracle_login
scanner/oracle/sid_brute
scanner/oracle/sid_enum
scanner/oracle/spy_sid
scanner/oracle/tnslsnr_version
scanner/oracle/xdb_sid
scanner/oracle/xdb_sid_brute
scanner/pcanywhere/pcanywhere_login
scanner/pcanywhere/pcanywhere_tcp
scanner/pcanywhere/pcanywhere_udp
scanner/pop3/pop3_login
12/31/2013
9/25/2009
6/9/2012
8/25/2014
8/25/2014
8/25/2014
8/25/2014
8/25/2014
1/7/2009
1/7/2009
Page 43
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Sheet1 (2)
scanner/pop3/pop3_version
scanner/portscan/ack
scanner/portscan/ftpbounce
scanner/portscan/syn
scanner/portscan/tcp
scanner/portscan/xmas
scanner/postgres/postgres_dbname_flag_injection
scanner/postgres/postgres_hashdump
scanner/postgres/postgres_login
scanner/postgres/postgres_schemadump
scanner/postgres/postgres_version
scanner/printer/printer_download_file
scanner/printer/printer_env_vars
scanner/printer/printer_list_dir
scanner/printer/printer_list_volumes
scanner/printer/printer_ready_message
scanner/printer/printer_version_info
scanner/rdp/ms12_020_check
scanner/rogue/rogue_recv
scanner/rogue/rogue_send
scanner/rservices/rexec_login
scanner/rservices/rlogin_login
scanner/rservices/rsh_login
scanner/rsync/modules_list
scanner/sap/sap_ctc_verb_tampering_user_mgmt
scanner/sap/sap_hostctrl_getcomputersystem
scanner/sap/sap_icf_public_info
scanner/sap/sap_icm_urlscan
scanner/sap/sap_mgmt_con_abaplog
scanner/sap/sap_mgmt_con_brute_login
scanner/sap/sap_mgmt_con_extractusers
scanner/sap/sap_mgmt_con_getaccesspoints
scanner/sap/sap_mgmt_con_getenv
scanner/sap/sap_mgmt_con_getlogfiles
scanner/sap/sap_mgmt_con_getprocesslist
scanner/sap/sap_mgmt_con_getprocessparameter
scanner/sap/sap_mgmt_con_instanceproperties
scanner/sap/sap_mgmt_con_listlogfiles
scanner/sap/sap_mgmt_con_startprofile
scanner/sap/sap_mgmt_con_version
scanner/sap/sap_router_info_request
scanner/sap/sap_router_portscanner
scanner/sap/sap_service_discovery
scanner/sap/sap_smb_relay
scanner/sap/sap_soap_bapi_user_create1
scanner/sap/sap_soap_rfc_brute_login
scanner/sap/sap_soap_rfc_dbmcli_sxpg_call_system_command_exec
scanner/sap/sap_soap_rfc_dbmcli_sxpg_command_exec
scanner/sap/sap_soap_rfc_eps_get_directory_listing
scanner/sap/sap_soap_rfc_pfl_check_os_file_existence
scanner/sap/sap_soap_rfc_ping
scanner/sap/sap_soap_rfc_read_table
scanner/sap/sap_soap_rfc_rzl_read_dir
scanner/sap/sap_soap_rfc_susr_rfc_user_interface
scanner/sap/sap_soap_rfc_sxpg_call_system_exec
Page 44
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Sheet1 (2)
scanner/sap/sap_soap_rfc_sxpg_command_exec
scanner/sap/sap_soap_rfc_system_info
scanner/sap/sap_soap_th_saprel_disclosure
scanner/sap/sap_web_gui_brute_login
scanner/scada/digi_addp_reboot
scanner/scada/digi_addp_version
scanner/scada/digi_realport_serialport_scan
scanner/scada/digi_realport_version
scanner/scada/indusoft_ntwebserver_fileaccess
scanner/scada/koyo_login
scanner/scada/modbus_findunitid
scanner/scada/modbusclient
scanner/scada/modbusdetect
scanner/scada/sielco_winlog_fileaccess
scanner/sip/enumerator
scanner/sip/enumerator_tcp
scanner/sip/options
scanner/sip/options_tcp
scanner/sip/sipdroid_ext_enum
scanner/smb/pipe_auditor
scanner/smb/pipe_dcerpc_auditor
scanner/smb/psexec_loggedin_users
scanner/smb/smb2
scanner/smb/smb_enumshares
scanner/smb/smb_enumusers
scanner/smb/smb_enumusers_domain
scanner/smb/smb_login
scanner/smb/smb_lookupsid
scanner/smb/smb_version
scanner/smtp/smtp_enum
scanner/smtp/smtp_relay
scanner/smtp/smtp_version
scanner/snmp/aix_version
scanner/snmp/arris_dg950
scanner/snmp/brocade_enumhash
scanner/snmp/cisco_config_tftp
scanner/snmp/cisco_upload_file
scanner/snmp/netopia_enum
scanner/snmp/sbg6580_enum
scanner/snmp/snmp_enum
scanner/snmp/snmp_enum_hp_laserjet
scanner/snmp/snmp_enumshares
scanner/snmp/snmp_enumusers
scanner/snmp/snmp_login
scanner/snmp/snmp_set
scanner/snmp/ubee_ddw3611
scanner/snmp/xerox_workcentre_enumusers
scanner/ssh/cerberus_sftp_enumusers
scanner/ssh/ssh_enumusers
scanner/ssh/ssh_identify_pubkeys
scanner/ssh/ssh_login
scanner/ssh/ssh_login_pubkey
scanner/ssh/ssh_version
scanner/ssl/openssl_ccs
scanner/ssl/openssl_heartbleed
Page 45
1/19/2012
10/28/2012
11/1/2011
5/27/2014
6/5/2014
4/7/2014
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Sheet1 (2)
scanner/telephony/wardial
scanner/telnet/lantronix_telnet_password
scanner/telnet/lantronix_telnet_version
scanner/telnet/telnet_encrypt_overflow
scanner/telnet/telnet_login
scanner/telnet/telnet_ruggedcom
scanner/telnet/telnet_version
scanner/tftp/ipswitch_whatsupgold_tftp
scanner/tftp/netdecision_tftp
scanner/tftp/tftpbrute
scanner/upnp/ssdp_amp
scanner/upnp/ssdp_msearch
scanner/vmware/esx_fingerprint
scanner/vmware/vmauthd_login
scanner/vmware/vmauthd_version
scanner/vmware/vmware_enum_permissions
scanner/vmware/vmware_enum_sessions
scanner/vmware/vmware_enum_users
scanner/vmware/vmware_enum_vms
scanner/vmware/vmware_host_details
scanner/vmware/vmware_http_login
scanner/vmware/vmware_screenshot_stealer
scanner/vnc/vnc_login
scanner/vnc/vnc_none_auth
scanner/voice/recorder
scanner/vxworks/wdbrpc_bootline
scanner/vxworks/wdbrpc_version
scanner/winrm/winrm_auth_methods
scanner/winrm/winrm_cmd
scanner/winrm/winrm_login
scanner/winrm/winrm_wql
scanner/x11/open_x11
server/browser_autopwn
server/capture/drda
server/capture/ftp
server/capture/http
server/capture/http_basic
server/capture/http_javascript_keylogger
server/capture/http_ntlm
server/capture/imap
server/capture/mssql
server/capture/mysql
server/capture/pop3
server/capture/postgresql
server/capture/printjob_capture
server/capture/sip
server/capture/smb
server/capture/smtp
server/capture/telnet
server/capture/vnc
server/dhclient_bash_env
server/dhcp
server/dns/spoofhelper
server/fakedns
server/ftp
normal
normal
normal
normal
normal
normal
normal
12/12/2011 normal
5/16/2009 normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
9/24/2014 normal
normal
normal
normal
normal
Page 46
Sheet1 (2)
server/http_ntlmrelay
server/icmp_exfil
server/openssl_heartbeat_client_memory
server/pxexploit
server/socks4a
server/socks_unc
server/tftp
server/webkit_xslt_dropper
server/wpad
sniffer/psnuffle
spoof/arp/arp_poisoning
spoof/cisco/dtp
spoof/dns/bailiwicked_domain
spoof/dns/bailiwicked_host
spoof/dns/compare_results
spoof/llmnr/llmnr_response
spoof/nbns/nbns_response
spoof/replay/pcap_replay
sqli/oracle/dbms_cdc_ipublish
sqli/oracle/dbms_cdc_publish
sqli/oracle/dbms_cdc_subscribe_activate_subscription
sqli/oracle/dbms_export_extension
sqli/oracle/dbms_metadata_get_granted_xml
sqli/oracle/dbms_metadata_get_xml
sqli/oracle/dbms_metadata_open
sqli/oracle/droptable_trigger
sqli/oracle/lt_compressworkspace
sqli/oracle/lt_findricset_cursor
sqli/oracle/lt_mergeworkspace
sqli/oracle/lt_removeworkspace
sqli/oracle/lt_rollbackworkspace
voip/asterisk_login
voip/sip_deregister
voip/sip_invite_spoof
vsploit/malware/dns/dns_mariposa
vsploit/malware/dns/dns_query
vsploit/malware/dns/dns_zeus
vsploit/pii/email_pii
vsploit/pii/web_pii
4/7/2014
12/22/1999
7/21/2008
7/21/2008
7/21/2008
10/22/2008
10/22/2008
4/26/2010
10/13/2010
4/18/2005
4/26/2006
1/5/2008
1/5/2008
1/5/2008
1/13/2009
2/1/2010
2/1/2010
10/13/2008
10/17/2007
10/22/2008
10/13/2008
5/4/2009
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Post
#N/A
Name
---aix/hashdump
cisco/gather/enum_cisco
firefox/gather/cookies
firefox/gather/history
firefox/gather/passwords
Disclos
-------
ure Date Rank

-------- ---normal
normal
3/26/2014 normal
4/11/2014 normal
4/11/2014 normal
Page 47
Sheet1 (2)
firefox/gather/xss
firefox/manage/webcam_chat
linux/gather/checkvm
linux/gather/ecryptfs_creds
linux/gather/enum_configs
linux/gather/enum_network
linux/gather/enum_protections
linux/gather/enum_psk
linux/gather/enum_system
linux/gather/enum_users_history
linux/gather/enum_xchat
linux/gather/gnome_commander_creds
linux/gather/hashdump
linux/gather/mount_cifs_creds
linux/gather/pptpd_chap_secrets
linux/manage/download_exec
multi/escalate/cups_root_file_read
multi/escalate/metasploit_pcaplog
multi/gather/apple_ios_backup
multi/gather/check_malware
multi/gather/dbvis_enum
multi/gather/dns_bruteforce
multi/gather/dns_reverse_lookup
multi/gather/dns_srv_lookup
multi/gather/enum_vbox
multi/gather/env
multi/gather/fetchmailrc_creds
multi/gather/filezilla_client_cred
multi/gather/find_vmx
multi/gather/firefox_creds
multi/gather/gpg_creds
multi/gather/lastpass_creds
multi/gather/multi_command
multi/gather/netrc_creds
multi/gather/pgpass_creds
multi/gather/pidgin_cred
multi/gather/ping_sweep
multi/gather/resolve_hosts
multi/gather/run_console_rc_file
multi/gather/skype_enum
multi/gather/ssh_creds
multi/gather/thunderbird_creds
multi/gather/wlan_geolocate
multi/general/close
multi/general/execute
multi/manage/dbvis_add_db_admin
multi/manage/dbvis_query
multi/manage/multi_post
multi/manage/play_youtube
multi/manage/record_mic
multi/manage/shell_to_meterpreter
multi/manage/sudo
multi/manage/system_session
osx/admin/say
osx/capture/keylog_recorder
normal
5/13/2014 normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
11/20/2012 normal
7/16/2012 manual
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Page 48
Sheet1 (2)
osx/capture/screen
osx/gather/autologin_password
osx/gather/enum_adium
osx/gather/enum_airport
osx/gather/enum_chicken_vnc_profile
osx/gather/enum_colloquy
osx/gather/enum_keychain
osx/gather/enum_osx
osx/gather/hashdump
osx/gather/password_prompt_spoof
osx/gather/safari_lastsession
osx/manage/mount_share
osx/manage/record_mic
osx/manage/vpn
osx/manage/webcam
solaris/gather/checkvm
solaris/gather/enum_packages
solaris/gather/enum_services
solaris/gather/hashdump
windows/capture/keylog_recorder
windows/capture/lockout_keylogger
windows/escalate/droplnk
windows/escalate/getsystem
windows/escalate/ms10_073_kbdlayout
windows/escalate/net_runtime_modify
windows/escalate/screen_unlock
windows/gather/arp_scanner
windows/gather/bitcoin_jacker
windows/gather/cachedump
windows/gather/checkvm
windows/gather/credentials/bulletproof_ftp
windows/gather/credentials/coreftp
windows/gather/credentials/credential_collector
windows/gather/credentials/dyndns
windows/gather/credentials/enum_cred_store
windows/gather/credentials/enum_picasa_pwds
windows/gather/credentials/epo_sql
windows/gather/credentials/filezilla_server
windows/gather/credentials/flashfxp
windows/gather/credentials/ftpnavigator
windows/gather/credentials/ftpx
windows/gather/credentials/gpp
windows/gather/credentials/idm
windows/gather/credentials/imail
windows/gather/credentials/imvu
windows/gather/credentials/meebo
windows/gather/credentials/mremote
windows/gather/credentials/nimbuzz
windows/gather/credentials/outlook
windows/gather/credentials/razer_synapse
windows/gather/credentials/razorsql
windows/gather/credentials/rdc_manager_creds
windows/gather/credentials/skype
windows/gather/credentials/smartermail
windows/gather/credentials/smartftp
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
10/12/2010 normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Page 49
Sheet1 (2)
windows/gather/credentials/spark_im
windows/gather/credentials/sso
windows/gather/credentials/steam
windows/gather/credentials/tortoisesvn
windows/gather/credentials/total_commander
windows/gather/credentials/trillian
windows/gather/credentials/vnc
windows/gather/credentials/windows_autologin
windows/gather/credentials/winscp
windows/gather/credentials/wsftp_client
windows/gather/dnscache_dump
windows/gather/dumplinks
windows/gather/enum_ad_computers
windows/gather/enum_ad_service_principal_names
windows/gather/enum_ad_user_comments
windows/gather/enum_applications
windows/gather/enum_artifacts
windows/gather/enum_chrome
windows/gather/enum_computers
windows/gather/enum_db
windows/gather/enum_devices
windows/gather/enum_dirperms
windows/gather/enum_domain
windows/gather/enum_domain_group_users
windows/gather/enum_domain_tokens
windows/gather/enum_domain_users
windows/gather/enum_domains
windows/gather/enum_files
windows/gather/enum_hostfile
windows/gather/enum_ie
windows/gather/enum_logged_on_users
windows/gather/enum_ms_product_keys
windows/gather/enum_muicache
windows/gather/enum_patches
windows/gather/enum_powershell_env
windows/gather/enum_prefetch
windows/gather/enum_proxy
windows/gather/enum_services
windows/gather/enum_shares
windows/gather/enum_snmp
windows/gather/enum_termserv
windows/gather/enum_tokens
windows/gather/enum_tomcat
windows/gather/enum_unattend
windows/gather/forensics/browser_history
windows/gather/forensics/duqu_check
windows/gather/forensics/enum_drives
windows/gather/forensics/imager
windows/gather/forensics/nbd_server
windows/gather/forensics/recovery_files
windows/gather/hashdump
windows/gather/local_admin_search_enum
windows/gather/lsa_secrets
windows/gather/memory_grep
windows/gather/netlm_downgrade
Page 50
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Sheet1 (2)
windows/gather/resolve_sid
windows/gather/reverse_lookup
windows/gather/screen_spy
windows/gather/smart_hashdump
windows/gather/tcpnetstat
windows/gather/usb_history
windows/gather/win_privs
windows/gather/wmic_command
windows/gather/word_unc_injector
windows/manage/add_user_domain
windows/manage/autoroute
windows/manage/change_password
windows/manage/clone_proxy_settings
windows/manage/delete_user
windows/manage/download_exec
windows/manage/driver_loader
windows/manage/enable_rdp
windows/manage/enable_support_account
windows/manage/ie_proxypac
windows/manage/inject_ca
windows/manage/inject_host
windows/manage/migrate
windows/manage/mssql_local_auth_bypass
windows/manage/multi_meterpreter_inject
windows/manage/nbd_server
windows/manage/payload_inject
windows/manage/portproxy
windows/manage/powershell/exec_powershell
windows/manage/pptp_tunnel
windows/manage/pxexploit
windows/manage/reflective_dll_inject
windows/manage/remove_ca
windows/manage/remove_host
windows/manage/rpcapd_start
windows/manage/run_as
windows/manage/sdel
windows/manage/smart_migrate
windows/manage/vss_create
windows/manage/vss_list
windows/manage/vss_mount
windows/manage/vss_set_storage
windows/manage/vss_storage
windows/manage/webcam
windows/recon/computer_browser_discovery
windows/recon/resolve_ip
windows/wlan/wlan_bss_list
windows/wlan/wlan_current_connection
windows/wlan/wlan_disconnect
windows/wlan/wlan_profile
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
normal
Page 51
Sheet1 (2)
will be builtthe
in background, this can take 2-5 minutes...
0]]
Echo Command Encoder

Generic Shell VariableSubstitution Command Encoder
Generic ${IFS}Substitution Command Encoder
Perl Command Encoder
Powershell Base64 Command Encoder
Page 52
Sheet1 (2)
printf(1) via PHP magic_quotes Utility Command Encoder
The EICAR Encoder
The "none" Encoder
Byte XORi Encoder
XOR Encoder
Byte XORi Encoder
XOR Encoder
PHP Base64 Encoder
PPC LongXOR Encoder
PPC LongXOR Encoder
SPARC DWORD XOREncoder
XOR Encoder
Add/Sub Encoder
Alpha2 Alphanumeric Mixedcase Encoder
Alpha2 Alphanumeric Uppercase Encoder
Avoid underscore/tolower
Avoid UTF8/tolower
BloXor - A MetamorphicBlock Based XOR Encoder
Call+4 Dword XOR Encoder
CPUID-based Context Keyed PayloadEncoder
stat(2)-based ContextKeyed Payload Encoder
time(2)-based ContextKeyed Payload Encoder
Single-byte XORCountdown Encoder
Variable-lengthFnstenv/mov DwordXOR Encoder
Jump/Call XOR AdditiveFeedback Encoder
Non-Alpha Encoder
Non-Upper Encoder
Sub Encoder (optimised)
Polymorphic XORAdditive FeedbackEncoder
Single Static Bit
Alpha2 Alphanumeric Unicode Mixedcase Encoder
Alpha2 Alphanumeric Unicode Uppercase Encoder
RankDescription
----- ---- ----------Symantec Altiris Deployment Solution ActiveX Control Arbitrary File Download and Execute
Page 53
Sheet1 (2)
CA BrightStor ARCserve for Laptops and Desktops LGServer rxsSetDataGrowthScheduleAndFilter Buffer Overflow
Java Applet AverageRangeStatisticImpl Remote Code Execution
Symantec ConsoleUtilities ActiveX Control Buffer Overflow
Drupal HTTP Parameter Key/Value SQL Injection
Centreon SQL and Command Injection
Windows TrackPopupMenu Win32k NULL Pointer Dereference
MS14-060 Microsoft Windows OLE Package Manager Code Execution
Numara / BMC Track-It! FileStorageService Arbitrary File Upload
HP Data Protector EXEC_INTEGUTIL Remote Code Execution
Joomla Akeeba Kickstart Unserialize Remote Code Execution
ManageEngine OpManager and Social IT Arbitrary File Upload
Wordpress InfusionSoft Upload Vulnerability
Dhclient Bash Environment Variable Injection
OS X VMWare Fusion Privilege Escalation via Bash Environment Code Injection
Apache mod_cgi Bash Environment Variable Code Injection
Pure-FTPd External Authentication Bash Environment Variable Code Injection
Rejetto HttpFileServer Remote Command Execution
Phpwiki Ploticus Remote Code Execution
HP Network Node Manager I PMD Buffer Overflow
ManageEngine Desktop Central StatusUpdate Arbitrary File Upload
ManageEngine Eventlog Analyzer Arbitrary File Upload
Railo Remote File Include
GDB Server Remote Payload Execution
SolarWinds Storage Manager Authentication Bypass
HybridAuth install.php PHP Code Execution
MQAC.sys Arbitrary Write Privilege Escalation
Microsoft Bluetooth Personal Area Networking (BthPan.sys) Privilege Escalation
Advantech WebAccess dvs.ocx GetColor Buffer Overflow
VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation
Wordpress WPTouch Authenticated File Upload
Wordpress MailPoet Newsletters (wysija-newsletters) Unauthenticated File Upload
Gitlist Unauthenticated Remote Command Execution
VMTurbo Operations Manager vmtadmin.cgi Remote Command Execution
Wing FTP Server Authenticated Command Execution
ManageEngine Desktop Central / Password Manager LinkViewFetchServlet.dat SQL Injection
Ericom AccessNow Server Buffer Overflow
Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow
D-Link info.cgi POST Request Buffer Overflow
Easy File Management Web Server Stack Buffer Overflow
D-Link HNAP Request Remote Buffer Overflow
Symantec Workspace Streaming Arbitrary File Upload
AlienVault OSSIM av-centerd Command Injection
Cogent DataHub Command Injection
Adobe Flash Player Shader Buffer Overflow
AlienVault OSSIM SQL Injection and Remote Code Execution
Oracle Event Processing FileUploadServlet Arbitrary File Upload
Adobe Reader for Android addJavascriptInterface Exploit
Mac OS X NFS Mount Privilege Escalation Exploit
Sophos Web Protection Appliance Interface Authenticated Arbitrary Command Execution
eScan Web Management Console Command Injection
MS14-017 Microsoft Word RTF Object Confusion
FreePBX config.php Remote Code Execution
LifeSize UVC Authenticated RCE via Ping
Wireshark wiretap/mpeg.c Stack Buffer Overflow
Page 54
Sheet1 (2)
SePortal SQLi Remote Code Execution
Firefox WebIDL Privileged Javascript Injection
Quantum vmPRO Backdoor Command
Quantum DXi V1000 SSH Private Key Exposure
Loadbalancer.org Enterprise VA SSH Private Key Exposure
VirtualBox 3D Acceleration Virtual Machine Escape
MS14-012 Microsoft Internet Explorer TextRange Use-After-Free
Yokogawa CENTUM CS 3000 BKHOdeq.exe Buffer Overflow
Yokogawa CS3000 BKESimmgr.exe Buffer Overflow
Yokogawa CENTUM CS 3000 BKBCopyD.exe Buffer Overflow
Safari User-Assisted Download and Run Attack
Firefox Exec Shellcode from Privileged Javascript Shell
Apache Struts ClassLoader Manipulation Remote Code Execution
Vtiger Install Unauthenticated Remote Command Execution
JIRA Issues Collector Directory Traversal
Symantec Endpoint Protection Manager Remote Command Execution
SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write
MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free
Linksys E-Series TheMoon Remote Command Injection
MS14-009 .NET Deployment Service IE Sandbox Escape
Fritz!Box Webcm Unauthenticated Command Injection
Dexter (CasinoLoader) SQL Injection
Adobe Flash Player Integer Underflow Remote Code Execution
Array Networks vAPV and vxAG Private Key Privilege Escalation Code Execution
Pandora FMS Remote Code Execution
SkyBlueCanvas CMS Remote Code Execution
MediaWiki Thumb.php Remote Command Execution
Kloxo SQL Injection and Remote Code Execution
GE Proficy CIMPLICITY gefebt.exe Remote Code Execution
Simple E-Document Arbitrary File Upload
Oracle Forms and Reports Remote Code Execution
KingScada kxClientDownload.ocx ActiveX Remote Code Execution
GetSimpleCMS PHP File Upload Vulnerability
HP Data Protector Backup Client Service Directory Traversal
HP Data Protector Backup Client Service Remote Code Execution
MS04-045 Microsoft WINS Service Memory Overwrite
WinRM Script Exec Remote Code Execution
SafeNet SoftRemote IKE Service Buffer Overflow
WinVNC Web Server GET Overflow
UltraVNC 1.0.2 Client (vncviewer.exe) Buffer Overflow
UltraVNC 1.0.1 Client Buffer Overflow
RealVNC 3.3.7 Client Buffer Overflow
CA CAM log_security() Stack Buffer Overflow (Win32)
3CTftpSvc TFTP Long Mode Buffer Overflow
TFTP Server for Windows 1.4 ST WRQ Buffer Overflow
TFTPDWIN v0.4.2 Long Filename Buffer Overflow
TFTPD32 Long Filename Buffer Overflow
Quick FTP Pro 2.1 Transfer-Mode Overflow
OpenTFTP SP 1.4 Error Packet Overflow
NetDecision 4.2 TFTP Writable Directory Traversal Execution
FutureSoft TFTP Server 2000 Transfer-Mode Overflow
D-Link TFTP 1.0 Long Filename Buffer Overflow
Distinct TFTP 3.10 Writable Directory Traversal Execution
Allied Telesyn TFTP Server 1.9 Long Filename Overflow
Page 55
Sheet1 (2)
GoodTech Telnet Server Buffer Overflow
GAMSoft TelSrv 1.5 Username Buffer Overflow
MS04-011 Microsoft Private Communications Transport Overflow
Sysax 5.53 SSH Username Buffer Overflow
SecureCRT SSH1 Buffer Overflow
PuTTY Buffer Overflow
FreeSSHd 1.0.9 Key Exchange Algorithm String Buffer Overflow
Freesshd Authentication Bypass
FreeFTPd 1.0.10 Key Exchange Algorithm String Buffer Overflow
YPOPS 0.6 Buffer Overflow
SoftiaCom WMailserver 1.0 Buffer Overflow
NJStar Communicator 3.00 MiniSMTP Buffer Overflow
MS03-046 Exchange 2000 XEXCH50 Heap Overflow
Mercury Mail SMTP AUTH CRAM-MD5 Buffer Overflow
Timbuktu PlughNTCommand Named Pipe Buffer Overflow
MS08-068 Microsoft Windows SMB Relay Code Execution
Microsoft Windows Authenticated Powershell Command Execution
Microsoft Windows Authenticated User Code Execution
Novell NetIdentity Agent XTIERRPCPIPE Named Pipe Buffer Overflow
MS10-061 Microsoft Print Spooler Service Impersonation Vulnerability
MS09-050 Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference
MS08-067 Microsoft Server Service Relative Path Stack Corruption
MS07-029 Microsoft DNS RPC Service extractQuotedChar() Overflow (SMB)
MS06-070 Microsoft Workstation Service NetpManageIPCConnect Overflow
MS06-066 Microsoft Services nwwks.dll Module Exploit
MS06-066 Microsoft Services nwapi32.dll Module Exploit
MS06-040 Microsoft Server Service NetpwPathCanonicalize Overflow
MS06-025 Microsoft RRAS Service Overflow
MS06-025 Microsoft RRAS Service RASMAN Registry Overflow
MS05-039 Microsoft Plug and Play Service Overflow
MS04-011 Microsoft LSASS Service DsRolerUpgradeDownlevelServer Overflow
MS04-007 Microsoft ASN.1 Library Bitstring Heap Overflow
MS03-049 Microsoft Workstation Service NetAddAlternateComputerName Overflow
SIPfoundry sipXphone 2.6.0.27 CSeq Buffer Overflow
SIPfoundry sipXezPhone 0.35a CSeq Field Overflow
AIM Triton 1.0.4 CSeq Buffer Overflow
Sielco Sistemi Winlog Buffer Overflow 2.07.14 - 2.07.16
Sielco Sistemi Winlog Buffer Overflow
Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57
Measuresoft ScadaPro Remote Command Execution
DATAC RealWin SCADA Server SCPC_TXTEVENT Buffer Overflow
DATAC RealWin SCADA Server SCPC_INITIALIZE_RF Buffer Overflow
DATAC RealWin SCADA Server SCPC_INITIALIZE Buffer Overflow
RealWin SCADA Server DATAC Login Buffer Overflow
DATAC RealWin SCADA Server 2 On_FC_CONNECT_FCS_a_FILE Buffer Overflow
DATAC RealWin SCADA Server Buffer Overflow
Procyon Core Server HMI Coreservice.exe Stack Buffer Overflow
MOXA Device Manager Tool 2.1 Buffer Overflow
InduSoft Web Studio Arbitrary Upload Remote Code Execution
7-Technologies IGSS 9 Data Server/Collector Packet Handling Vulnerabilities
7-Technologies IGSS 9 IGSSdataServer .RMS Rename Buffer Overflow
7-Technologies IGSS IGSSdataServer.exe Stack Buffer Overflow
Interactive Graphical SCADA System Remote Command Injection
Page 56
Sheet1 (2)
Iconics GENESIS32 Integer Overflow Version 9.21.201.01
Siemens FactoryLink vrn.exe Opcode 9 Buffer Overflow
Siemens FactoryLink 8 CSService Logging Path Param Buffer Overflow
DaqFactory HMI NETB Request Overflow
SCADA 3S CoDeSys CmpWebServer Stack Buffer Overflow
SCADA 3S CoDeSys Gateway Server Directory Traversal
CitectSCADA/CitectFacilities ODBC Buffer Overflow
ABB MicroSCADA wserver.exe Remote Code Execution
Qbik WinGate WWW Proxy Server URL Processing Overflow
Proxy-Pro Professional GateKeeper 4.7 GET Request Overflow
CCProxy Telnet Proxy Ping Overflow
PostgreSQL for Microsoft Windows Payload Execution
Seattle Lab Mail 5.5 POP3 Buffer Overflow
Oracle 8i TNS Listener SERVICE_NAME Buffer Overflow
Oracle 10gR2 TNS Listener AUTH_SESSKEY Buffer Overflow
Oracle 8i TNS Listener (ARGUMENTS) Buffer Overflow
Oracle Secure Backup NDMP_CONNECT_CLIENT_AUTH Buffer Overflow
Oracle Job Scheduler Named Pipe Command Execution
Oracle Database Client System Analyzer Arbitrary File Upload
Novell ZENworks Configuration Management Preboot Service 0x6c Buffer Overflow
Novell ZENworks Configuration Management Preboot Service 0x4c Buffer Overflow
Novell ZENworks 6.5 Desktop/Server Management Overflow
Novell NetMail NMAP STOR Buffer Overflow
NetIQ Privileged User Manager 2.3.1 ldapagnt_eval() Remote Perl Code Execution
Novell GroupWise Messenger Client Buffer Overflow
NFR Agent FSFUI Record File Upload RCE
MS05-030 Microsoft Outlook Express NNTP Response Parsing Buffer Overflow
Omni-NFS Server Buffer Overflow
Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
Oracle MySQL for Microsoft Windows Payload Execution
Oracle MySQL for Microsoft Windows MOF Execution
Microsoft SQL Server Payload Execution via SQL Injection
Microsoft SQL Server Payload Execution
Microsoft SQL Server Database Link Crawling Command Execution
MS09-004 Microsoft SQL Server sp_replwritetovarbin Memory Corruption via SQL Injection
MS09-004 Microsoft SQL Server sp_replwritetovarbin Memory Corruption
MS02-056 Microsoft SQL Server Hello Overflow
MS02-039 Microsoft SQL Server Resolution Overflow
Lyris ListManager MSDE Weak sa Password
Timbuktu Pro Directory Traversal/File Upload
Windows Media Services ConnectFunnel Stack Buffer Overflow
Wireshark console.lua Pre-Loading Script Execution
Windows RSH Daemon Buffer Overflow
UFO: Alien Invasion IRC Client Buffer Overflow
TrendMicro Control Manger CmdProcessor.exe Stack Buffer Overflow
TinyIdentD 2.2 Stack Buffer Overflow
Talkative IRC v0.4.4.16 Response Buffer Overflow
CoCSoft StreamDown 6.8.0 Buffer Overflow
SPlayer 3.7 Content-Type Buffer Overflow
Page 57
Sheet1 (2)
ShixxNOTE 6.net Font Field Overflow
SAP NetWeaver Dispatcher DiagTraceR3Info Buffer Overflow
SAP Business One License Manager 2005 Buffer Overflow
Realtek Media Player Playlist Buffer Overflow
PXE Exploit Server
PowerShell Payload Web Delivery
POP Peeper v3.4 UIDL Buffer Overflow
POP Peeper v3.4 DATE Buffer Overflow
Poison Ivy Server Buffer Overflow
NetTransport Download Manager 2.90.510 Buffer Overflow
Netcat v1.10 NT Stack Buffer Overflow
MS10-104 Microsoft Office SharePoint Server 2007 Remote Code Execution
MS07-064 Microsoft DirectX DirectShow SAMI Buffer Overflow
mIRC PRIVMSG Handling Stack Buffer Overflow
Mini-Stream 3.0.1.1 Buffer Overflow
Mercury/32 PH Server Module Buffer Overflow
Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow
LANDesk Management Suite 8.7 Alert Service Buffer Overflow
Apple iTunes 10 Extended M3U Stack Buffer Overflow
IBM Tivoli Storage Manager Express RCA Service Buffer Overflow
IBM Tivoli Storage Manager Express CAD Service Buffer Overflow
IBM System Director Agent DLL Injection
IBM Cognos tm1admsd.exe Overflow
Borland InterBase SVC_attach() Buffer Overflow
Borland InterBase isc_create_database() Buffer Overflow
Borland InterBase isc_attach_database() Buffer Overflow
HP OpenView Operations OVTrace Buffer Overflow
HP Operations Agent Opcode coda.exe 0x8c Buffer Overflow
HP Operations Agent Opcode coda.exe 0x34 Buffer Overflow
HP OmniInet.exe MSG_PROTOCOL Buffer Overflow
HP OmniInet.exe MSG_PROTOCOL Buffer Overflow
HP Diagnostics Server magentservice.exe Overflow
HP LoadRunner magentproc.exe Overflow
HP Intelligent Management Center UAM Buffer Overflow
HP Data Protector Create New Folder Buffer Overflow
HP Data Protector DtbClsLogin Buffer Overflow
HP Data Protector Cell Request Service Buffer Overflow
GIMP script-fu Server Buffer Overflow
Firebird Relational Database SVC_attach() Buffer Overflow
Firebird Relational Database isc_create_database() Buffer Overflow
Firebird Relational Database isc_attach_database() Buffer Overflow
Firebird Relational Database CNCT Group Number Buffer Overflow
Eureka Email 2.2q ERR Remote Buffer Overflow
Enterasys NetSight nssyslogd.exe Buffer Overflow
eIQNetworks ESA Topology DELETEDEVICE Overflow
eIQNetworks ESA License Manager LICMGR_ADDLICENSE Overflow
DoubleTake/HP StorageWorks Storage Mirroring Service Authentication Overflow
Citrix Provisioning Services 5.6 streamprocess.exe Buffer Overflow
Borland CaliberRM StarTeam Multicast Service Buffer Overflow
Borland Interbase Create-Request Buffer Overflow
Page 58
Sheet1 (2)
Bopup Communications Server Buffer Overflow
Bomberclone 0.11.6 Buffer Overflow
BigAnt Server 2.52 USV Buffer Overflow
BigAnt Server 2 SCH And DUPF Buffer Overflow
BigAnt Server DUPF Command Arbitrary File Upload
BigAnt Server 2.50 SP1 Buffer Overflow
BigAnt Server 2.2 Buffer Overflow
Blue Coat Authentication and Authorization Agent (BCAAA) 5 Buffer Overflow
BakBone NetVault Remote Heap Overflow
Avid Media Composer 5.5 - Avid Phonetic Indexer Buffer Overflow
Avaya WinPMD UniteHostRouter Buffer Overflow
Asus Dpcproxy Buffer Overflow
Apple QuickTime 7.3 RTSP Response Header Buffer Overflow
Symantec Altiris DS SQL Injection
ALLMediaServer 0.8 Buffer Overflow
AgentX++ Master AgentX::receive_agentx Stack Buffer Overflow
ActFax 5.01 RAW Server Buffer Overflow
WinComLPD Buffer Overflow
SAP SAPLPD 6.28 Buffer Overflow
NIPrint LPD Request Overflow
Hummingbird Connectivity 10 SP5 LPD Buffer Overflow
Lotus Notes 8.0.x - 8.5.2 FP2 - Autonomy Keyview (.lzh Attachment)
IBM Lotus Domino Sametime STMux.exe Stack Buffer Overflow
IBM Lotus Domino iCalendar MAILTO Buffer Overflow
IBM Lotus Domino Web Server Accept-Language Stack Buffer Overflow
Windows Management Instrumentation (WMI) Remote Command Execution
Persistent Payload in Windows Volume Shadow Copy
Windows Service Trusted Path Privilege Escalation
Windows Escalate Service Permissions Local Privilege Escalation
Windows Manage User Level Persistent Payload Installer
PXE Exploit Server
Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation
Windows Command Shell Upgrade (Powershell)
Windows Manage Persistent Payload Installer
Windows Manage Memory Payload Injection
Nvidia (nvsvc) Display Driver Service Local Privilege Escalation
Novell Client 4.91 SP4 nwfs.sys Local Privilege Escalation
Novell Client 2 SP3 nicm.sys Local Privilege Escalation
MS13-097 Registry Symlink IE Sandbox Escape
Windows TrackPopupMenuEx Win32k NULL Page
Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)
MS13-005 HWND_BROADCAST Low to Medium Integrity Privilege Escalation
MS11-080 AfdJoinLeaf Privilege Escalation
Windows Escalate Task Scheduler XML Privilege Escalation
Windows SYSTEM Escalation via KiTrap0D
MS14-002 Microsoft Windows ndproxy.sys Local Privilege Escalation
IKE and AuthIP IPsec Keyring Modules Service (IKEEXT) Missing DLL
PsExec via Current User Token
Windows Escalate UAC Protection Bypass (In Memory Injection)
Windows Escalate UAC Protection Bypass
Windows Escalate UAC Execute RunAs
Windows AlwaysInstallElevated MSI
Agnitum Outpost Internet Security Local Privilege Escalation
AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass
SentinelLM UDP Buffer Overflow
Page 59
Sheet1 (2)
FlexNet License Server Manager lmgrd Buffer Overflow
Computer Associates License Server GETCONFIG Overflow
Computer Associates License Client GETCONFIG Overflow
Network Associates PGP KeyServer 7 LDAP Buffer Overflow
IMail LDAP Service Buffer Overflow
Microsoft IIS ISAPI w3who.dll Query String Overflow
Microsoft IIS ISAPI RSA WebAgent Redirect Overflow
MS03-051 Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow
MS03-022 Microsoft IIS ISAPI nsiislog.dll ISAPI POST Overflow
MS00-094 Microsoft IIS Phone Book Service Overflow
Novell NetMail IMAP SUBSCRIBE Buffer Overflow
Novell NetMail IMAP STATUS Buffer Overflow
Novell NetMail IMAP AUTHENTICATE Buffer Overflow
Novell NetMail IMAP APPEND Buffer Overflow
Mercury/32 v4.01a IMAP RENAME Buffer Overflow
Mercury/32 LOGIN Buffer Overflow
Mercur Messaging 2005 IMAP Login Buffer Overflow
Mercur v5.0 IMAP SP3 SELECT Buffer Overflow
MDaemon 9.6.4 IMAPD FETCH Buffer Overflow
Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow
MailEnable IMAPD W3C Logging Buffer Overflow
MailEnable IMAPD (1.54) STATUS Request Buffer Overflow
MailEnable IMAPD (2.34/2.35) Login Request Buffer Overflow
Ipswitch IMail IMAP SEARCH Buffer Overflow
IMail IMAP4D Delete Overflow
Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow
MS99-025 Microsoft IIS MDAC msadcs.dll RDS Arbitrary Remote Command Execution
MS03-007 Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow
MS02-065 Microsoft IIS MDAC msadcs.dll RDS DataStub Content-Type Overflow
MS02-018 Microsoft IIS 4.0 .HTR Path Overflow
MS01-033 Microsoft IIS 5.0 IDQ Path Overflow
MS01-026 Microsoft IIS/PWS CGI Filename Double Decode Command Execution
MS01-023 Microsoft IIS 5.0 Printer Host Header Overflow
Microsoft IIS WebDAV Write Access Code Execution
Novell ZENworks Asset Management Remote Execution
Xitami 2.5c2 Web Server If-Modified-Since Overflow
XAMPP WebDAV PHP Upload
Webster HTTP Server GET Buffer Overflow
VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload
Umbraco CMS Remote Command Execution
Ultra Mini HTTPD Stack Buffer Overflow
Trend Micro OfficeScan Remote Stack Buffer Overflow
TrackerCam PHP Argument Buffer Overflow
Sysax Multi Server 5.64 Create Folder Buffer Overflow
Sybase EAServer 5.2 Remote Stack Buffer Overflow
Simple Web Server Connection Header Buffer Overflow
Streamcast HTTP User-Agent Buffer Overflow
Dell SonicWALL (Plixer) Scrutinizer 9 SQL Injection
Solarwinds Storage Manager 5.1.0 SQL Injection
SHTTPD URI-Encoded POST Request Overflow
SHOUTcast DNAS/win32 1.9.4 File Request Format String Overflow
Rhinosoft Serv-U Session Cookie Buffer Overflow
Savant 3.1 Web Server Overflow
SAP DB 7.4 WebTools Buffer Overflow
Page 60
Sheet1 (2)
SAP NetWeaver HostControl Command Injection
Sambar 6 Search Results Buffer Overflow
RabidHamster R4 Log Entry sprintf() Buffer Overflow
PSO Proxy v0.91 Stack Buffer Overflow
Private Wire Gateway Buffer Overflow
PHP apache_request_headers Function Buffer Overflow
PeerCast URL Handling Buffer Overflow
Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability
Oracle 9i XDB HTTP PASS Overflow (win32)
Oracle Endeca Server Remote Command Execution
Oracle Business Transaction Management FlashTunnelService Remote Code Execution
Now SMS/MMS Gateway Buffer Overflow
Novell Messenger Server 2.0 Accept-Language Overflow
Novell Zenworks Mobile Managment MDM.php Local File Inclusion Vulnerability
Novell iManager getMultiPartParameters Arbitrary File Upload
NetDecision 4.5.1 HTTP Server Buffer Overflow
NaviCOPA 2.0.1 URL Handling Buffer Overflow
MiniWeb (Build 300) Arbitrary File Upload
Minishare 1.4.1 Buffer Overflow
MDaemon WorldClient form2raw.cgi Stack Buffer Overflow
McAfee ePolicy Orchestrator / ProtectionPilot Overflow
MaxDB WebDBM Database Parameter Overflow
ManageEngine Applications Manager Authenticated Code Execution
MailEnable Authorization Header Buffer Overflow
LANDesk Lenovo ThinkManagement Console Remote Command Execution
Kolibri HTTP Server HEAD Buffer Overflow
Kaseya uploadImage Arbitrary File Upload
Ipswitch WhatsUp Gold 8.03 Buffer Overflow
Intrasrv 1.0 Buffer Overflow
InterSystems Cache UtilConfigHome.csp Argument Buffer Overflow
Race River Integard Home/Pro LoginAdmin Password Stack Buffer Overflow
Icecast Header Overwrite
IBM Tivoli Storage Manager Express CAD Service Buffer Overflow
IBM TPM for OS Deployment 5.1.0.x rembo.exe Buffer Overflow
IBM Tivoli Endpoint Manager POST Query Buffer Overflow
IA WebMail 3.x Buffer Overflow
HTTPDX tolog() Function Format String Vulnerability
HTTPDX h_handlepeer() Function Buffer Overflow
Hewlett-Packard Power Manager Administration Buffer Overflow
HP Power Manager 'formExportDataLogs' Buffer Overflow
HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload
HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload
HP OpenView Performance Insight Server Backdoor Account Code Execution
HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow
HP OpenView Network Node Manager execvp_nc Buffer Overflow
HP OpenView Network Node Manager Toolbar.exe CGI Cookie Handling Buffer Overflow
HP OpenView Network Node Manager Toolbar.exe CGI Buffer Overflow
HP OpenView Network Node Manager snmpviewer.exe Buffer Overflow
HP OpenView Network Node Manager Snmp.exe CGI Buffer Overflow
HP OpenView Network Node Manager ovwebsnmpsrv.exe Unrecognized Option Buffer Overflow
HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil Buffer Overflow
HP OpenView Network Node Manager ovwebsnmpsrv.exe main Buffer Overflow
Page 61
Sheet1 (2)
HP OpenView Network Node Manager OvWebHelp.exe CGI Buffer Overflow
HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow
HP OpenView NNM 7.53, 7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow
HP OpenView Network Node Manager ovalarm.exe CGI Buffer Overflow
HP OpenView Network Node Manager OpenView5.exe CGI Buffer Overflow
HP OpenView NNM nnmRptConfig.exe schdParams Buffer Overflow
HP OpenView NNM nnmRptConfig nameParams Buffer Overflow
HP OpenView Network Node Manager getnnmdata.exe (MaxAge) CGI Buffer Overflow
HP OpenView Network Node Manager getnnmdata.exe (ICount) CGI Buffer Overflow
HP OpenView Network Node Manager getnnmdata.exe (Hostname) CGI Buffer Overflow
HP Managed Printing Administration jobAcct Remote Command Execution
HP LoadRunner EmulationAdmin Web Service Directory Traversal
HP Intelligent Management Center Arbitrary File Upload
HP Intelligent Management Center BIMS UploadServlet Directory Traversal
Free Download Manager Remote Control Server Buffer Overflow
EZHomeTech EzServer Stack Buffer Overflow Vulnerability
Ektron 8.02 XSLT Transform Remote Code Execution
EFS Easy Chat Server Authentication Request Handling Buffer Overflow
eDirectory 8.7.3 iMonitor Remote Stack Buffer Overflow
Novell eDirectory NDS Server Host Header Overflow
EasyFTP Server list.html path Stack Buffer Overflow
ManageEngine Desktop Central AgentLogUpload Arbitrary File Upload
Cyclope Employee Surveillance Solution v6 SQL Injection
ColdFusion 8.0.1 Arbitrary File Upload and Execute
Cogent DataHub HTTP Server Buffer Overflow
CA Total Defense Suite reGenerateReports Stored Procedure SQL Injection
CA iTechnology iGateway Debug Mode Buffer Overflow
CA Arcserve D2D GWT RPC Credential Information Disclosure
Belkin Bulldog Plus Web Service Buffer Overflow
BEA Weblogic Transfer-Encoding Buffer Overflow
Oracle Weblogic Apache Connector POST Request Buffer Overflow
BEA WebLogic JSESSIONID Cookie Value Overflow
BadBlue 2.72b PassThru Buffer Overflow
BadBlue 2.5 EXT.dll Buffer Overflow
Avaya IP Office Customer Call Reporter ImageUpload.ashx Remote Command Execution
Apache Module mod_rewrite LDAP Protocol Buffer Overflow
Apache Win32 Chunked Encoding
Amlibweb NetOpacs webquery.dll Stack Buffer Overflow
Alt-N WebAdmin USER Buffer Overflow
Alt-N SecurityGateway username Buffer Overflow
Adobe RoboHelp Server 8 Arbitrary File Upload and Execute
Unreal Tournament 2004 "secure" Overflow (Win32)
Racer v0.5.3 Beta 5 Buffer Overflow
Medal of Honor Allied Assault getinfo Stack Buffer Overflow
Xlink FTP Server Buffer Overflow
Xlink FTP Client Buffer Overflow
Xftp FTP Client 3.0 PWD Remote Buffer Overflow
Ipswitch WS_FTP Server 5.05 XMD5 Overflow
Texas Imperial Software WFTPD 3.23 SIZE Overflow
War-FTPD 1.65 Username Overflow
War-FTPD 1.65 Password Overflow
Vermillion FTP Daemon PORT Command Memory Corruption
Turbo FTP Server 1.30.823 PORT Overflow
Page 62
Sheet1 (2)
Trellian FTP Client 3.01 PASV Remote Buffer Overflow
SlimFTPd LIST Concatenation Overflow
Serv-U FTPD MDTM Overflow
Serv-U FTP Server Buffer Overflow
Seagull FTP v3.3 Build 409 Stack Buffer Overflow
ScriptFTP LIST Remote Buffer Overflow
Sasser Worm avserve FTP PORT Buffer Overflow
KarjaSoft Sami FTP Server v2.02 USER Overflow
Sami FTP Server LIST Command Buffer Overflow
Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow
QuickShare File Server 1.2.1 Directory Traversal Vulnerability
ProFTP 2.9 Banner Remote Buffer Overflow
PCMAN FTP Server Post-Authentication STOR Command Stack Buffer Overflow
Oracle 9i XDB FTP UNLOCK Overflow (win32)
Oracle 9i XDB FTP PASS Overflow (win32)
Open-FTPD 1.2 Arbitrary File Upload
Odin Secure FTP 4.1 Stack Buffer Overflow (LIST)
NetTerm NetFTPD USER Buffer Overflow
MS09-053 Microsoft IIS FTP Server NLST Response Overflow
LeapWare LeapFTP v2.7.3.600 PASV Reply Client Overflow
LeapFTP 3.0.1 Stack Buffer Overflow
HTTPDX tolog() Function Format String Vulnerability
GoldenFTP PASS Stack Buffer Overflow
GlobalSCAPE Secure FTP Server Input Overflow
Gekko Manager FTP Client Stack Buffer Overflow
FTP Synchronizer Professional 4.0.73.274 Stack Buffer Overflow
FTPShell 5.1 Stack Buffer Overflow
FTPPad 1.2.0 Stack Buffer Overflow
FTPGetter Standard v3.55.0.05 Stack Buffer Overflow (PWD)
freeFTPd 1.0 Username Overflow
freeFTPd PASS Command Buffer Overflow
FreeFloat FTP Server Arbitrary File Upload
Free Float FTP Server USER Command Buffer Overflow
FileWrangler 5.30 Stack Buffer Overflow
FileCopa FTP Server Pre 18 Jul Version
EasyFTP Server MKD Command Stack Buffer Overflow
EasyFTP Server LIST Command Stack Buffer Overflow
EasyFTP Server CWD Command Stack Buffer Overflow
Easy File Sharing FTP Server 2.0 PASS Overflow
BolinTech Dream FTP Server 1.02 Format String
ComSndFTP v1.3.7 Beta USER Format String (Write4) Vulnerability
Cesar FTP 0.99g MKD Command Buffer Overflow
AbsoluteFTP 1.9.6 - 2.2.10 LIST Command Remote Buffer Overflow
Ability Server 2.34 STOR Command Stack Buffer Overflow
AASync v2.2.1.0 (Win32) Stack Buffer Overflow (LIST)
3Com 3CDaemon 2.0 FTP Username Overflow
32bit FTP Client Stack Buffer Overflow
Kerio Firewall 2.1.4 Authentication Packet Overflow
ISS PAM.dll ICQ Parser Buffer Overflow
Zinf Audio Player 2.2.1 (PLS File) Stack Buffer Overflow
xRadio 0.95b Buffer Overflow
Xion Audio Player 1.0.126 Unicode Stack Buffer Overflow
Xenorate 2.50 (.xpl) Universal Local Buffer Overflow (SEH)
WM Downloader 3.1.2.2 Buffer Overflow
Wireshark packet-dect.c Stack Buffer Overflow (local)
Page 63
Sheet1 (2)
WinRAR Filename Spoofing
Winamp MAKI Buffer Overflow
VUPlayer M3U Buffer Overflow
VUPlayer CUE Buffer Overflow
VideoLAN VLC MKV Memory Corruption
VideoLAN Client (VLC) Win32 smb:// URI Buffer Overflow
VLC Media Player RealText Subtitle Overflow
VideoLAN VLC ModPlug ReadS3M Stack Buffer Overflow
VisiWave VWR File Parsing Vulnerability
Microsoft Office Visio VISIODWG.DLL DXF File Handling Vulnerability
VeryTools Video Spirit Pro
VideoLAN VLC TiVo Buffer Overflow
VariCAD 2010-2.05 EN (DWB File) Stack Buffer Overflow
URSoft W32Dasm Disassembler Function Buffer Overflow
UltraISO CUE File Parsing Buffer Overflow
UltraISO CCD File Parsing Buffer Overflow
TugZip 3.5 Zip File Parsing Buffer Overflow Vulnerability
Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow
TFM MMPlayer (m3u/ppl File) Buffer Overflow
Subtitle Processor 7.7.1 .M3U SEH Unicode Buffer Overflow
S.O.M.P.L 1.0 Player Buffer Overflow
Shadow Stream Recorder 3.0.1.7 Buffer Overflow
ScadaTEC ScadaPhone Stack Buffer Overflow
SasCam Webcam Server v.2.6.5 Get() Method Buffer Overflow
SafeNet SoftRemote GROUPNAME Buffer Overflow
RealNetworks RealPlayer Version Attribute Buffer Overflow
RealPlayer RealMedia File Handling Buffer Overflow
Real Networks Netzip Classic 7.5.1 86 File Parsing Buffer Overflow Vulnerability
Photodex ProShow Producer 5.0.3256 load File Handling Buffer Overflow
ProShow Gold v4.0.2549 (PSH File) Stack Buffer Overflow
Orbital Viewer ORB File Parsing Buffer Overflow
Orbit Downloader URL Unicode Conversion Overflow
OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
Nuance PDF Reader v6.0 Launch Stack Buffer Overflow
NetOp Remote Control Client 9.5 Buffer Overflow
Microsoft Works 7 WkImgSrv.dll WKsPictureInterface() ActiveX Code Execution
MS13-096 Microsoft Tagged Image File Format (TIFF) Integer Overflow
MS13-071 Microsoft Windows Theme File Handling Arbitrary Code Execution
MS12-027 MSCOMCTL ActiveX Buffer Overflow
MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability
MS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow
MS11-006 Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow
MS10-087 Microsoft Word RTF pFragments Stack Buffer Overflow (File Format)
MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow
MS10-004 Microsoft PowerPoint Viewer TextBytesAtom Stack Buffer Overflow
MS09-067 Microsoft Excel Malformed FEATHEADER Record Vulnerability
MPlayer SAMI Subtitle File Buffer Overflow
MPlayer Lite M3U Buffer Overflow
MOXA MediaDBPlayback ActiveX Control Buffer Overflow
MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 .s3m Stack Buffer Overflow
MJM Core Player 2011 .s3m Stack Buffer Overflow
Mini-Stream RM-MP3 Converter v3.1.2.1 PLS File Stack Buffer Overflow
Page 64
Sheet1 (2)
Millenium MP3 Studio 2.0 (PLS File) Stack Buffer Overflow
MicroP 0.1.1.1600 (MPPL File) Stack Buffer Overflow
Media Jukebox 8.0.400 Buffer Overflow (SEH)
MediaCoder .M3U Buffer Overflow
McAfee SaaS MyCioScan ShowReport Remote Command Execution
McAfee Remediation Client ActiveX Control Buffer Overflow
Magix Musik Maker 16 .mmm Stack Buffer Overflow
Lotus Notes 8.0.x - 8.5.2 FP2 - Autonomy Keyview (.lzh Attachment)
Lattice Semiconductor PAC-Designer 6.21 Symbol Value Buffer Overflow
KingView Log File Parsing Buffer Overflow
Lattice Semiconductor ispVM System XCF File Handling Overflow
Irfanview JPEG2000 jp2 Stack Buffer Overflow
PointDev IDEAL Migration Buffer Overflow
IcoFX Stack Buffer Overflow
IBM Personal Communications iSeries Access WorkStation 5.9 Profile
IBM Forms Viewer Unicode Buffer Overflow
HT-MP3Player 1.0 HT3 File Parsing Buffer Overflow
GTA SA-MP server.cfg Buffer Overflow
GSM SIM Editor 5.15 Buffer Overflow
gAlan 0.2.1 Buffer Overflow
Free MP3 CD Ripper 1.1 WAV File Stack Buffer Overflow
Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow
Foxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow
Foxit PDF Reader 4.2 Javascript File Write
FeedDemon Stack Buffer Overflow
Free Download Manager Torrent Parsing Buffer Overflow
Fat Player Media Player 0.6b0 Buffer Overflow
eZip Wizard 3.0 Stack Buffer Overflow
CA eTrust PestPatrol ActiveX Control Buffer Overflow
eSignal and eSignal Pro File Parsing Buffer Overflow in QUO
EMC ApplicationXtender (KeyWorks) ActiveX Control Buffer Overflow
Easy CD-DA Recorder PLS Buffer Overflow
DVD X Player 5.5 .plf PlayList Buffer Overflow
DjVu DjVu_ActiveX_MSOffice.dll ActiveX ComponentBuffer Overflow
DJ Studio Pro 5.1 .pls Stack Buffer Overflow
Digital Music Pad Version 8.2.3.3.4 Stack Buffer Overflow
Destiny Media Player 1.61 PLS M3U Buffer Overflow
AstonSoft DeepBurner (DBR File) Path Buffer Overflow
Cytel Studio 9.0 (CY3 File) Stack Buffer Overflow
CyberLink Power2Go name Attribute (p2g) Stack Buffer Overflow Exploit
GlobalSCAPE CuteZIP Stack Buffer Overflow
Csound hetro File Handling Stack Buffer Overflow
Corel PDF Fusion Stack Buffer Overflow
Cool PDF Image Stream Buffer Overflow
Chasys Draw IES Buffer Overflow
CCMPlayer 1.5 m3u Playlist Stack Based Buffer Overflow
CA Antivirus Engine CAB Buffer Overflow
BS.Player 2.57 Buffer Overflow (Unicode SEH)
BlazeDVD 6.1 PLF Buffer Overflow
Page 65
Sheet1 (2)
BlazeVideo HDTV Player Pro v6.6 Filename Handling Vulnerability
Beetel Connection Manager NetConfig.ini Buffer Overflow
BACnet OPC Client Buffer Overflow
Aviosoft Digital TV Player Professional 1.0 Stack Buffer Overflow
Audiotran 1.4.1 (PLS File) Stack Buffer Overflow
Audio Workstation 6.4.2.4.3 pls Buffer Overflow
AudioCoder .M3U Buffer Overflow
Apple QuickTime TeXML Style Element Stack Buffer Overflow
AOL 9.5 Phobos.Playlist Import() Stack-based Buffer Overflow
AOL Desktop 9.6 RTX Buffer Overflow
Altap Salamander 2.5 PE Viewer Buffer Overflow
ALLPlayer M3U Buffer Overflow
Adobe Reader U3D Memory Corruption Vulnerability
Adobe PDF Escape EXE Social Engineering (No JavaScript)
Adobe PDF Embedded EXE Social Engineering
Adobe Acrobat Bundled LibTIFF Integer Overflow
Adobe Flash Player "newfunction" Invalid Pointer Use
Adobe Flash Player "Button" Remote Code Execution
activePDF WebGrabber ActiveX Control Buffer Overflow
ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow
ACDSee XPM File Section Buffer Overflow
ACDSee FotoSlate PLP File id Parameter Overflow
ABBS Audio Media Player .LST Buffer Overflow
A-PDF WAV to MP3 v1.0.0 Buffer Overflow
EMC Replication Manager Command Execution
EMC Networker Format String
EMC AlphaStor Device Manager Opcode 0x75 Command Injection
EMC AlphaStor Agent Buffer Overflow
Outlook ATTACH_BY_REF_RESOLVE File Execution
Outlook ATTACH_BY_REF_ONLY File Execution
Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP)
MS07-065 Microsoft Message Queueing Service DNS Name Path Overflow
MS07-029 Microsoft DNS RPC Service extractQuotedChar() Overflow (TCP)
MS05-017 Microsoft Message Queueing Service Path Overflow
MS03-026 Microsoft RPC DCOM Interface Overflow
AdminStudio LaunchHelp.dll ActiveX Arbitrary Code Execution
Zenturi ProgramChecker ActiveX Control Arbitrary File Download
Yahoo! Messenger 8.1.0.249 ActiveX Control Buffer Overflow
Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow
XMPlay 3.3.0.4 (ASX Filename) Buffer Overflow
Microsoft WMI Administration Tools ActiveX Buffer Overflow
WinZip FileView (WZFILEVIEW.FileViewCtrl.61) ActiveX Buffer Overflow
Page 66
Sheet1 (2)
WinDVD7 IASystemInfo.DLL ActiveX Control Buffer Overflow
Winamp Ultravox Streaming Metadata (in_mp3.dll) Buffer Overflow
Winamp Playlist UNC Path Computer Name Overflow
WebEx UCF atucfobj.dll ActiveX NewObject Method Buffer Overflow
WebDAV Application DLL Hijacker
VLC MMS Stream Handling Buffer Overflow
VLC AMV Dangling Pointer Vulnerability
Viscom Software Movie Player Pro SDK ActiveX 6.8
VeryPDF PDFView OCX ActiveX OpenPDF Heap Overflow
Ultra Shareware Office Control ActiveX HttpUpload Buffer Overflow
TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow
Ubisoft uplay 2.0.3 ActiveX Control Arbitrary Code Execution
Tumbleweed FileTransfer vcst_eu.dll ActiveX Control Buffer Overflow
Trend Micro OfficeScan Client ActiveX Control Buffer Overflow
Trend Micro Internet Security Pro 2010 ActiveX extSetOwner() Remote Code Execution
Tom Sawyer Software GET Extension Factory Remote Code Execution
TeeChart Professional ActiveX Control Trusted Integer Dereference
Husdawg, LLC. System Requirements Lab ActiveX Unsafe Method
Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow
Symantec BackupExec Calendar Control Buffer Overflow
Symantec AppStream LaunchObj ActiveX Control Arbitrary File Download and Execute
Symantec Altiris Deployment Solution ActiveX Control Buffer Overflow
SonicWall SSL-VPN NetExtender ActiveX Control Buffer Overflow
SoftArtisans XFile FileManager ActiveX Control Buffer Overflow
Siemens Solid Edge ST4 SEListCtrlX ActiveX Remote Code Execution
SAP AG SAPgui EAI WebViewer3D Buffer Overflow
Samsung NET-i Viewer Multiple ActiveX BackupToAvi() Remote Overflow
Apple Safari Webkit libxslt Arbitrary File Creation
Roxio CinePlayer ActiveX Control Buffer Overflow
RealNetworks RealPlayer SMIL Buffer Overflow
RealNetworks Realplayer QCP Parsing Heap Overflow
RealPlayer ierpplug.dll ActiveX Control Playlist Name Buffer Overflow
RealPlayer rmoc3260.dll ActiveX Control Heap Corruption
RealNetworks RealPlayer CDDA URI Initialization Vulnerability
Real Networks Arcade Games StubbyUtil.ProcessMgr ActiveX Arbitrary Code Execution
IBM Lotus QuickR qp2 ActiveX Buffer Overflow
Persits XUpload ActiveX MakeHttpRequest Directory Traversal
PcVue 10.0 SV.UIGrdCtrl.1 'LoadObject()/SaveObject()' Trusted DWORD Vulnerability
Orbit Downloader Connecting Log Creation Buffer Overflow
Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution
Oracle Document Capture 10g ActiveX Control Buffer Overflow
Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow
NTR ActiveX Control StopModule() Remote Code Execution
NTR ActiveX Control Check() Method Buffer Overflow
Novell iPrint Client ActiveX Control target-frame Buffer Overflow
Novell iPrint Client ActiveX Control ExecuteRequest debug Buffer Overflow
Novell iPrint Client ActiveX Control ExecuteRequest Buffer Overflow
Novell iPrint Client ActiveX Control Date/Time Buffer Overflow
Novell iPrint Client ActiveX Control call-back-url Buffer Overflow
Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution
IBM Lotus Notes Client URL Handler Command Injection
Symantec Norton Internet Security 2004 ActiveX Control Buffer Overflow
Page 67
Sheet1 (2)
Norton AntiSpam 2004 SymSpamHelper ActiveX Control Buffer Overflow
NCTAudioFile2 v2.x ActiveX Control SetFormatLikeSample() Buffer Overflow
MS12-043 Microsoft XML Core Services MSXML Uninitialized Memory Corruption
Microsoft Whale Intelligent Application Gateway ActiveX Control Buffer Overflow
Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption
MS13-090 CardSpaceClaimCollection ActiveX Integer Underflow
MS13-080 Microsoft Internet Explorer CDisplayPointer Use-After-Free
MS13-069 Microsoft Internet Explorer CCaret Use-After-Free
MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free
MS13-055 Microsoft Internet Explorer CAnchorElement Use-After-Free
MS13-037 Microsoft Internet Explorer COALineDashStyleArray Integer Overflow
MS12-022 Microsoft Silverlight ScriptObject Unsafe Memory Access
MS13-009 Microsoft Internet Explorer SLayoutRun Use-After-Free
MS12-037 Microsoft Internet Explorer Same ID Property Deleted Object Handling Memory Corruption
MS12-037 Microsoft Internet Explorer Fixed Table Col Span Heap Overflow
MS12-004 midiOutPlayNextPolyEvent Heap Overflow
MS11-093 Microsoft Windows OLE Object File Handling Remote Code Execution
MS11-081 Microsoft Internet Explorer Option Element Use-After-Free
MS11-050 IE mshtml!CObjectElement Use After Free
MS11-003 Microsoft Internet Explorer CSS Recursive Import Use After Free
MS10-090 Microsoft Internet Explorer CSS SetUserClip Memory Corruption
Microsoft Windows Shell LNK Code Execution
Microsoft Help Center XSS and Command Execution
MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow
MS10-022 Microsoft Internet Explorer Winhlp32.exe MsgBox Code Execution
MS10-018 Microsoft Internet Explorer Tabular Data Control ActiveX Memory Corruption
MS10-018 Microsoft Internet Explorer DHTML Behaviors Use After Free
MS10-002 Microsoft Internet Explorer Object Memory Use-After-Free
MS10-002 Microsoft Internet Explorer "Aurora" Memory Corruption
MS09-072 Microsoft Internet Explorer Style getElementsByTagName Memory Corruption
Microsoft OWC Spreadsheet msDataSourceObject Memory Corruption
Microsoft OWC Spreadsheet HTMLURL Buffer Overflow
MS09-002 Microsoft Internet Explorer 7 CFunctionPointer Uninitialized Memory Corruption
MS08-078 Microsoft Internet Explorer Data Binding Memory Corruption
Microsoft Visual Studio Mdmask32.ocx ActiveX Buffer Overflow
Windows Media Encoder 9 wmex.dll ActiveX Buffer Overflow
Snapshot Viewer for Microsoft Access ActiveX Control Arbitrary File Download
Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP)
MS06-071 Microsoft Internet Explorer XML Core Services HTTP Request Handling
MS06-067 Microsoft Internet Explorer Daxctle.OCX KeyFrame Method Heap Buffer Overflow Vulnerability
MS06-057 Microsoft Internet Explorer WebViewFolderIcon setSlice() Overflow
MS06-055 Microsoft Internet Explorer VML Fill Method Code Execution
MS06-013 Microsoft Internet Explorer createTextRange() Code Execution
Windows XP/2003/Vista Metafile Escape() SetAbortProc Code Execution
MS05-054 Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution
MS03-020 Microsoft Internet Explorer Object Type
Mozilla Firefox Array.reduceRight() Integer Overflow
Mozilla Firefox "nsTreeRange" Dangling Pointer Vulnerability
Firefox nsSVGValue Out-of-Bounds Access Vulnerability
Mozilla Firefox 3.6.16 mChannel Use-After-Free Vulnerability
Mozilla Firefox Interleaved document.write/appendChild Memory Corruption
Firefox XMLSerializer Use After Free
Firefox onreadystatechange Event DocumentViewerImpl Use After Free
Firefox 8/9 AttributeChildRemoved() Use-After-Free
mIRC IRC URL Buffer Overflow
Page 68
Sheet1 (2)
McAfee Visual Trace ActiveX Control Buffer Overflow
McAfee Virtual Technician MVTControl 6.3.0.1911 GetObject Vulnerability
McAfee Subscription Manager Stack Buffer Overflow
Maxthon3 about:history XCS Trusted Zone Code Execution
Macrovision InstallShield Update Service ActiveX Unsafe Method
Macrovision InstallShield Update Service Buffer Overflow
iseemedia / Roxio / MGI Software LPViewer ActiveX Control Buffer Overflow
Logitech VideoCall ActiveX Control Buffer Overflow
KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability
Kazaa Altnet Download Manager ActiveX Control Buffer Overflow
Juniper SSL-VPN IVE JuniperSetupDLL.dll ActiveX Control Buffer Overflow
Sun Java Web Start Double Quote Injection
Java MixerSequencer Object GM_Song Structure Handling Vulnerability
Sun Java Runtime New Plugin docbase Buffer Overflow
Sun Java Applet2ClassLoader Remote Code Execution
Java CMM Remote Code Execution
Sun Java Web Start BasicServiceImpl Code Execution
Quest InTrust Annotation Objects Uninitialized Pointer
IBM Lotus iNotes dwa85W ActiveX Buffer Overflow
InduSoft Web Studio ISSymbol.ocx InternationalSeparator() Heap Overflow
Viscom Image Viewer CP Pro 8.0/Gold 6.0 ActiveX Control
Microsoft Internet Explorer Unsafe Scripting Misconfiguration
MS13-080 Microsoft Internet Explorer SetMouseCapture Use-After-Free
Microsoft Internet Explorer isComponentInstalled Overflow
MS12-063 Microsoft Internet Explorer execCommand Use-After-Free Vulnerability
MS06-014 Microsoft Internet Explorer COM CreateObject Code Execution
MS13-038 Microsoft Internet Explorer CGenericElement Object Use-After-Free Vulnerability
MS13-008 Microsoft Internet Explorer CButton Object Use-After-Free Vulnerability
IBM Lotus Domino Web Access Upload Module Buffer Overflow
IBM Access Support ActiveX Control Buffer Overflow
IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 ActiveX RunAndUploadFile() Method Overflow
IBM SPSS SamplePower C1Tab ActiveX Heap Overflow
Hyleos ChemView ActiveX Control Stack Buffer Overflow
HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow
HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution
HP LoadRunner lrFileIOService ActiveX Remote Code Execution
HP LoadRunner 9.0 ActiveX AddFolder Buffer Overflow
Persits XUpload ActiveX AddFile Buffer Overflow
HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution
HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution
HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType() Remote Code Execution
Honeywell Tema Remote Installer ActiveX Remote Code Execution
Honeywell HSC Remote Deployer ActiveX Remote Code Execution
Green Dam URL Processing Buffer Overflow
GOM Player ActiveX Control Buffer Overflow
Foxit Reader Plugin URL Processing Buffer Overflow
Facebook Photo Uploader 4 ActiveX Control Buffer Overflow
EnjoySAP SAP GUI ActiveX Control Buffer Overflow
EnjoySAP SAP GUI ActiveX Control Arbitrary File Download
FlipViewer FViewerLoading ActiveX Control Buffer Overflow
Electronic Arts SnoopyCtrl ActiveX Control Buffer Overflow
Worldweaver DX Studio Player shell.execute() Command Execution
Dell Webcam CrazyTalk ActiveX BackImage Vulnerability
Page 69
Sheet1 (2)
Crystal Reports CrystalPrintControl ActiveX ServerResourceVersion Property Overflow
Creative Software AutoUpdate Engine ActiveX Control Buffer Overflow
CommuniCrypt Mail 1.16 SMTP ActiveX Stack Buffer Overflow
IBM Rational ClearQuest CQOle Remote Code Execution
Citrix Gateway ActiveX Control Stack Based Buffer Overflow Vulnerability
Cisco Linksys PlayerPT ActiveX Control SetSource sURL Argument Buffer Overflow
Cisco Linksys PlayerPT ActiveX Control Buffer Overflow
Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute
Chilkat Crypt ActiveX WriteFile Unsafe Method
CA BrightStor ARCserve Backup AddColumn() ActiveX Buffer Overflow
Icona SpA C6 Messenger DownloaderActiveX Control Arbitrary File Download and Execute
Black Ice Cover Page ActiveX Control Arbitrary File Download
RKD Software BarCodeAx.dll v4.9 ActiveX Remote Stack Buffer Overflow
BaoFeng Storm mps.dll ActiveX OnBeforeVideoDownload Buffer Overflow
AwingSoft Winds3D Player 3.5 SceneURL Download and Execute
AwingSoft Winds3D Player SceneURL Buffer Overflow
SonicWALL Aventail epi.dll AuthCredential Format String
Autodesk IDrop ActiveX Control Heap Memory Corruption
AtHocGov IWSAlerts ActiveX Control Buffer Overflow
ASUS Net4Switch ipswcom.dll ActiveX Stack Buffer Overflow
Ask.com Toolbar askBar.dll ActiveX Control Buffer Overflow
Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow
Apple QuickTime 7.6.6 Invalid SMIL URI Buffer Overflow
Apple QuickTime 7.1.3 RTSP URI Buffer Overflow
Apple QuickTime 7.7.2 MIME Type Buffer Overflow
Apple QuickTime 7.6.7 _Marshaled_pUnk Code Execution
Apple ITunes 4.7 Playlist Buffer Overflow
America Online ICQ ActiveX Control Arbitrary File Download and Execute
AOL Radio AmpX ActiveX Control ConvertFile() Buffer Overflow
Amaya Browser v11.0 'bdo' Tag Overflow
Aladdin Knowledge System Ltd ChooseFilePath Buffer Overflow
AOL Instant Messenger goaway Overflow
Adobe Shockwave rcsL Memory Corruption
Adobe Flash Player "newfunction" Invalid Pointer Use
Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability
Adobe Flash Player AVM Bytecode Verification Vulnerability
Adobe Flash Player AVM Verification Logic Array Indexing Code Execution
Adobe Flash Player MP4 SequenceParameterSetNALUnit Buffer Overflow
Adobe Flash Player Object Type Confusion
Adobe Flash Player Regular Expression Heap Overflow
Adobe Flash Player 11.3 Kern Table Parsing Integer Overflow
Adobe Flash Player MP4 'cprt' Overflow
Adobe Flash Player Type Confusion Remote Code Execution
CA BrightStor Universal Agent Overflow
CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow
CA BrightStor ARCserve Tape Engine Buffer Overflow
CA BrightStor Agent for Microsoft SQL Overflow
Page 70
Sheet1 (2)
CA BrightStor ARCserve Message Engine Heap Overflow
CA BrightStor ARCserve Message Engine 0x72 Buffer Overflow
CA BrightStor ARCserve Message Engine Buffer Overflow
CA BrightStor ArcServe Media Service Stack Buffer Overflow
CA BrightStor ARCserve License Service GCR NETWORK Buffer Overflow
CA BrightStor ARCserve for Laptops and Desktops LGServer Multiple Commands Buffer Overflow
CA BrightStor HSM Buffer Overflow
Computer Associates Alert Notification Buffer Overflow
CA BrightStor Discovery Service Stack Buffer Overflow
CA BrightStor Discovery Service TCP Overflow
Computer Associates ARCserve REPORTREMOTEEXECUTECML Buffer Overflow
Veritas Backup Exec Windows Remote Agent Overflow
Veritas Backup Exec Name Service Overflow
Energizer DUO Trojan Code Execution
Arkeia Backup Client Type 77 Overflow (Win32)
Trend Micro ServerProtect 5.58 EarthAgent.EXE Buffer Overflow
Trend Micro ServerProtect 5.58 CreateBinding() Buffer Overflow
Symantec Remote Management Buffer Overflow
Symantec Alert Management System Intel Alert Originator Service Buffer Overflow
Symantec System Center Alert Management System (xfr.exe) Arbitrary Command Execution
Symantec System Center Alert Management System (hndlrsvc.exe) Arbitrary Command Execution
ZPanel 10.0.0.2 htpasswd Module Username Command Execution
ZoneMinder Video Server packageControl Command Execution
Zimbra Collaboration Server LFI
ZeroShell Remote Code Execution
XODA 0.4.5 Arbitrary PHP File Upload Vulnerability
WordPress WP-Property PHP File Upload Vulnerability
WordPress Plugin Google Document Embedder Arbitrary File Disclosure
WordPress Asset-Manager PHP File Upload Vulnerability
WordPress Plugin Advanced Custom Fields Remote File Inclusion
WebTester 5.x Command Execution
Webmin /file/show.cgi Remote Command Execution
VICIdial Manager Send OS Command Injection
vBulletin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection
TWiki Search Function Arbitrary Command Execution
TWiki MAKETEXT Remote Command Execution
TWiki History TWikiUsers rev Parameter Command Execution
Trixbox langChoice PHP Local File Inclusion
Tiki Wiki unserialize() PHP Code Execution
TikiWiki jhot Remote Command Execution
TikiWiki tiki-graph_formula Remote PHP Code Execution
SugarCRM unserialize() PHP Code Execution
SquirrelMail PGP Plugin Command Execution (SMTP)
Squash YAML Code Execution
SPIP connect Parameter PHP Injection
Simple PHP Blog Remote Command Execution
Redmine SCM Repository Arbitrary Command Execution
QuickTime Streaming Server parse_xml.cgi Remote Execution
Project Pier Arbitrary File Upload Vulnerability
PhpMyAdmin Config File Code Injection
phpBB viewtopic.php Arbitrary Code Execution
Page 71
Sheet1 (2)
PHP XML-RPC Arbitrary Code Execution
Wordpress W3 Total Cache PHP Code Execution
WordPress OptimizePress Theme File Upload Vulnerability
WordPress cache_lastpostdate Arbitrary Code Execution
WordPress Plugin Foxypress uploadify.php Arbitrary Code Execution
vBulletin misc.php Template Name Arbitrary Code Execution
PHP Remote File Include Generic Code Execution
Generic PHP Code Evaluation
PHP-Charts v1.0 PHP Code Execution Vulnerability
PAJAX Remote Command Execution
osCommerce 2.2 Arbitrary PHP Code Execution
Oracle VM Server Virtual Server Agent Command Injection
OpenX banner-edit.php File Upload PHP Code Execution
HP Openview connectedNodes.ovpl Remote Command Execution
OpenSIS 'modname' PHP Code Execution
OpenEMR PHP File Upload Vulnerability
OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution
Narcissus Image Configuration Passthru Vulnerability
Nagios3 statuswml.cgi Ping Command Execution
Nagios3 history.cgi Host Command Execution
Nagios XI Network Monitor Graph Explorer Component Command Injection
myBB 1.6.4 Backdoor Arbitrary Command Execution
MoinMoin twikidraw Action Traversal File Upload
Mitel Audio and Web Conferencing Command Injection
Mambo Cache_Lite Class mosConfig_absolute_path Remote File Include
LibrettoCMS File Manager Arbitary File Upload Vulnerability
Kimai v0.9.2 'db_restore.php' SQL Injection
Joomla 1.5.12 TinyBrowser File Upload Code Execution
Joomla Media Manager File Upload Vulnerability
Joomla Component JCE File Upload Remote Code Execution
Invision IP.Board unserialize() PHP Code Execution
InstantCMS 1.6 Remote PHP Code Execution
Horde Framework Unserialize PHP Code Execution
Havalite CMS Arbitary File Upload Vulnerability
Hastymail 2.1.1 RC1 Command Injection
Matt Wright guestbook.pl Arbitrary Command Execution
Graphite Web Unsafe Pickle Handling
Google Appliance ProxyStyleSheet Command Execution
Generic Web Application Unix Command Execution
Foswiki MAKETEXT Remote Command Execution
FlashChat Arbitrary File Upload
EGallery PHP File Upload Vulnerability
Dogfood CRM spell.php Remote Command Execution
DataLife Engine preview.php PHP Code Injection
Coppermine Photo Gallery picEditor.php Command Execution
ClipBucket Remote Code Execution
Citrix Access Gateway Command Execution
Carberp Web Panel C2 Backdoor Remote PHP Code Execution
CakePHP Cache Corruption Code Execution
Cacti graph_view.php Remote Command Execution
Basilic 1.5.14 diff.php Arbitrary Command Execution
BASE base_qry_common Remote File Include
Barracuda IMG.PL Remote Command Execution
AWStats Totals multisort Remote Command Execution
Page 72
Sheet1 (2)
AWStats migrate Remote Command Execution
AWStats configdir Remote Command Execution
Western Digital Arkeia Remote Code Execution
Tectia SSH USERAUTH Change Request Password Reset Vulnerability
Exim4 string_format Function Heap Buffer Overflow
ClamAV Milter Blackhole-Mode Remote Code Execution
Zabbix Agent net.tcp.listen Command Injection
SpamAssassin spamd Remote Command Execution
QNX QCONN Remote Command Execution Vulnerability
DistCC Daemon Command Execution
Setuid Nmap Exploit
UnrealIRCD 3.2.8.1 Backdoor Command Execution
LifeSize Room Command Injection
FreePBX 2.10.0 / 2.9.0 callmenum Remote Code Execution
CTEK SkyRouter 4200 and 4300 Command Execution
ContentKeeper Web Remote Command Execution
VSFTPD v2.3.4 Backdoor Command Execution
ProFTPD-1.3.3c Backdoor Command Execution
Solaris in.telnetd TTYPROMPT Buffer Overflow
Sun Solaris Telnet Remote Authentication Bypass Vulnerability
Solaris ypupdated Command Execution
Solaris sadmind Command Execution
Sun Solaris sadmind adm_build_path() Buffer Overflow
Samba trans2open Overflow (Solaris SPARC)
Solaris LPD Command Execution
Solaris dtspcd Heap Overflow
Samba trans2open Overflow (Mac OS X PPC)
MacOS X QuickTime RTSP Content-Type Overflow
UFO: Alien Invasion IRC Client Buffer Overflow
Mac OS X mDNSResponder UPnP Location Overflow
Mac OS X Sudo Password Bypass
Viscosity setuid-set ViscosityHelper Privilege Escalation
Setuid Tunnelblick Privilege Escalation
Mac OS X Persistent Payload Installer
MacOS X EvoCam HTTP GET Buffer Overflow
WebSTAR FTP Server USER Overflow
Mail.app Image Attachment Command Execution
Apple OS X Software Update Command Execution
Safari Archive Metadata Command Execution
Apple Safari file:// Arbitrary Code Execution
Mozilla Firefox 3.6.16 mChannel Use-After-Free
Arkeia Backup Client Type 77 Overflow (Mac OS X)
AppleFileServer LoginExt PathName Overflow
NetWare 6.5 SunRPC Portmapper CALLIT Stack Buffer Overflow
Novell NetWare LSASS CIFS.NLM Driver Stack Buffer Overflow
Wyse Rapport Hagent Fake Hserver Command Execution
Portable UPnP SDK unique_service_name() Remote Code Execution
Subversion Date Svnserve
SSH User Code Execution
Script Web Delivery
SAP SOAP RFC SXPG_COMMAND_EXECUTE Remote Command Execution
SAP SOAP RFC SXPG_CALL_SYSTEM Remote Command Execution
SAP Management Console OSExecute Payload Execution
Page 73
Sheet1 (2)
Samba "username map script" Command Execution
Samba 2.2.2 - 2.2.6 nttrans Buffer Overflow
RealServer Describe Buffer Overflow
PHP 4 unserialize() ZVAL Reference Counter Overflow (Cookie)
NTP Daemon readvar Buffer Overflow
Zend Server Java Bridge Arbitrary Java Code Execution
Wireshark LWRES Dissector getaddrsbyname_request Buffer Overflow (loop)
Wireshark LWRES Dissector getaddrsbyname_request Buffer Overflow
VERITAS NetBackup Remote Command Execution
Ra1NX PHP Bot PubCall Authentication Bypass Remote Code Execution
PHP IRC Bot pbot eval() Remote Code Execution
HP OpenView OmniBack II Command Execution
Java RMI Server Insecure Default Configuration Java Code Execution
Java Debug Wire Protocol Remote Code Execution
Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution
HP StorageWorks P4000 Virtual SAN Appliance Command Execution
Squiggle 1.7 SVG Browser Java Code Execution
Snort 2 DCE/RPC Preprocessor Buffer Overflow
Zabbix Authenticated Remote Command Execution
WikkaWiki 1.3.2 Spam Logging PHP Injection
WebPageTest Arbitrary PHP File Upload
vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload
vTigerCRM v5.4.0/v5.3.0 Authenticated Remote Code Execution
vBSEO proc_deutf() Remote PHP Code Injection
v0pCr3w Web Shell Remote Code Execution
Up.Time Monitoring Station post2file.php Arbitrary File Upload
Traq admincp/common.php Remote Code Execution
Apache Tomcat Manager Authenticated Upload Code Execution
Apache Tomcat Manager Application Deployer Authenticated Code Execution
TestLink v1.9.3 Arbitrary File Upload Vulnerability
Sun Java System Web Server WebDAV OPTIONS Buffer Overflow
STUNSHELL Web Shell Remote Code Execution
STUNSHELL Web Shell Remote PHP Code Execution
Apache Struts includeParams Remote Code Execution
Apache Struts 2 Developer Mode OGNL Execution
Apache Struts 2 DefaultActionMapper Prefixes OGNL Code Execution
Apache Struts ParametersInterceptor Remote Code Execution
Spreecommerce Arbitrary Command Execution
Spreecommerce 0.60.1 Arbitrary Command Execution
Splunk 5.0 Custom App Remote Code Execution
Splunk Search Remote Code Execution
SonicWALL GMS 6 Arbitrary File Upload
Snortreport nmap.php/nbtscan.php Remote Command Execution
Support Incident Tracker Remote Command Execution
Sflog! CMS 1.0 Arbitrary File Upload Vulnerability
Rocket Servergraph Admin Center fileRequestor Remote Code Execution
Ruby on Rails XML Processor YAML Deserialization Code Execution
Ruby on Rails Known Secret Session Cookie Remote Code Execution
Ruby on Rails JSON Processor YAML Deserialization Code Execution
qdPM v7 Arbitrary PHP File Upload Vulnerability
ProcessMaker Open Source Authenticated PHP Code Execution
PolarBear CMS PHP File Upload Vulnerability
Page 74
Sheet1 (2)
PmWiki pagelist.php Remote PHP Code Injection Exploit
Plone and Zope XMLTools Remote Command Execution
PhpTax pfilez Parameter Exec Remote Code Injection
phpScheduleIt PHP reserve.php start_date Parameter Arbitrary Code Injection
phpMyAdmin Authenticated Remote Code Execution via preg_replace()
phpMyAdmin 3.5.2.2 server_sync.php Backdoor
phpLDAPadmin query_engine Remote PHP Code Injection
PHP Volunteer Management System v1.0.2 Arbitrary File Upload Vulnerability
PHP CGI Argument Injection
OpenX Backdoor PHP Code Execution
OpenMediaVault Cron Remote Command Execution
Openfire Admin Console Authentication Bypass
OP5 welcome Remote Command Execution
OP5 license.php Remote Command Execution
Netwin SurgeFTP Remote Command Execution
NAS4Free Arbitrary Remote Code Execution
Mutiny Remote Command Execution
Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution
Moodle Remote Command Execution
MobileCartly 1.0 Arbitrary File Creation Vulnerability
ManageEngine Security Manager Plus 5.5 Build 5505 SQL Injection
Log1 CMS writeInfo() PHP Code Injection
LotusCMS 3.0 eval() Remote Command Execution
Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload Vulnerability
Jenkins Script-Console Java Execution
JBoss JMX Console Deployer Upload and Execute
JBoss DeploymentFileRepository WAR Deployment (via JMXInvokerServlet)
JBoss Java Class DeploymentFileRepository WAR Deployment
JBoss JMX Console Beanshell Deployer WAR Upload and Deployment
ISPConfig Authenticated Arbitrary PHP Code Execution
VMware Hyperic HQ Groovy Script-Console Java Execution
HP System Management Homepage JustGetSNMPQueue Command Injection
HP SiteScope issueSiebelCmd Remote Code Execution
Horde 3.3.12 Backdoor Arbitrary PHP Code Execution
GLPI install.php Remote Command Execution
Glossword v1.8.8 - 1.8.12 Arbitrary File Upload Vulnerability
Sun/Oracle GlassFish Server Authenticated Code Execution
Gitorious Arbitrary Command Execution
Gitlab-shell Code Execution
GestioIP Remote Command Execution
FreeNAS exec_raw.php Arbitrary Command Execution
Family Connections less.php Remote Command Execution
eXtplorer v2.1 Arbitrary File Upload Vulnerability
Network Shutdown Module (sort_values) Remote PHP Code Injection
CuteFlow v2.11.2 Arbitrary File Upload Vulnerability
Adobe ColdFusion 9 Administrative Login Bypass
Cisco Prime Data Center Network Manager Arbitrary File Upload
Axis2 / SAP BusinessObjects Authenticated Code Execution (via SOAP)
Auxilium RateMyPet Arbitrary File Upload Vulnerability
appRain CMF Arbitrary PHP File Upload Vulnerability
Apache Roller OGNL Injection
AjaXplorer checkInstall.php Remote Command Execution
Active Collab "chat module" Remote PHP Code Injection Exploit
Generic Payload Handler
Page 75
Sheet1 (2)
WU-FTPD SITE EXEC/INDEX Format String Vulnerability
PeaZip Zip Processing Command Injection
Nodejs js-yaml load() Code Execution
Maple Maplet File Creation and Command Execution
ElasticSearch Dynamic Script Arbitrary Java Execution
Apple QTJava toQTPointer() Arbitrary Memory Access
Opera historysearch XSS
Opera 9 Configuration Overwrite
Mozilla Suite/Firefox Navigator Object Code Execution
Mozilla Suite/Firefox compareTo() Code Execution
Java Applet Field Bytecode Verifier Cache Remote Code Execution
Java Statement.invoke() Trusted Method Chain Privilege Escalation
Java storeImageArray() Invalid Array Indexing Vulnerability
Java Signed Applet Social Engineering Code Execution
Sun Java JRE AWT setDiffICM Buffer Overflow
Java RMIConnectionImpl Deserialization Privilege Escalation
Java Applet Rhino Script Engine Remote Code Execution
Java Applet Reflection Type Confusion Remote Code Execution
Java Applet ProviderSkeleton Insecure Invoke Method
Java Applet Method Handle Remote Code Execution
Java Applet JAX-WS Remote Code Execution
Java 7 Applet Remote Code Execution
Java Applet Driver Manager Privileged toString() Remote Code Execution
Sun Java JRE getSoundbank file:// URI Buffer Overflow
Sun Java Calendar Deserialization Privilege Escalation
Java AtomicReferenceArray Type Violation Vulnerability
Apple OS X iTunes 8.1.1 ITMS Overflow
Mozilla Firefox Bootstrapped Addon Social Engineering Code Execution
Firefox toString console.time Privileged Javascript Injection
Firefox 17.0.1 Flash Privileged Code Injection
Firefox location.QueryInterface() Code Execution
Firefox 5.0 - 15.0.1 __exposedProps__ XCS Code Execution
Firefox 3.5 escape() Return Value Memory Corruption
MiniUPnPd 1.0 Stack Buffer Overflow Remote Code Execution
D-Link Unauthenticated UPnP M-SEARCH Multicast Command Injection
Linux BSD-derived Telnet Service Encryption Key ID Buffer Overflow
Symantec Messaging Gateway 9.5 Default SSH Password Vulnerability
F5 BIG-IP SSH Private Key Exposure
Exim and Dovecot Insecure Configuration Command Injection
Samba trans2open Overflow (Linux x86)
Samba SetInformationPolicy AuditEventsInfo Heap Overflow
Samba chain_reply Memory Corruption (Linux x86)
Squid NTLM Authenticate Overflow
Poptop Negative Read Overflow
PostgreSQL for Linux Payload Execution
Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
MySQL yaSSL CertDecoder::GetName Buffer Overflow
Zabbix Server Arbitrary Command Execution
SerComm Device Remote Code Execution
Novell eDirectory 8 Buffer Overflow
Page 76
Sheet1 (2)
NetSupport Manager Agent Remote Buffer Overflow
Nagios Remote Plugin Executor Arbitrary Command Execution
MongoDB nativeHelper.apply Remote Code Execution
LPRng use_syslog Remote Format String Vulnerability
Borland InterBase PWD_db_aliased() Buffer Overflow
Borland InterBase open_marker_file() Buffer Overflow
Borland InterBase jrd8_create_database() Buffer Overflow
Borland InterBase INET_connect() Buffer Overflow
HPLIP hpssd.py From Address Arbitrary Command Execution
HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow
HP Data Protector 6 EXEC_CMD Remote Code Execution
GLD (Greylisting Daemon) Postfix Buffer Overflow
Distributed Ruby Send instance_eval/syscall Code Execution
Accellion File Transfer Appliance MPIPE2 Command Execution
ZPanel zsudo Local Privilege Escalation Exploit
VMWare Setuid vmware-mount Unsafe popen(3)
Linux udev Netlink Local Privilege Escalation
Sophos Web Protection Appliance clear_keys.pl Local Privilege Escalation
Linux Kernel Sendpage Local Privilege Escalation
Linux PolicyKit Race Condition Privilege Escalation
Kloxo Local Privilege Escalation
HP System Management Homepage Local Privilege Escalation
UoW IMAP Server LSUB Buffer Overflow
Snort Back Orifice Pre-Preprocessor Buffer Overflow
Zenoss 3 showDaemonXMLConfig Command Execution
ZEN Load Balancer Filelog Command Execution
Zabbix 2.0.8 SQL Injection and Remote Code Execution
WeBid converter.php Remote PHP Code Injection
WebCalendar 1.2.4 Pre-Auth Remote Code Injection
WAN Emulator v2.3 Command Execution
V-CMS PHP File Upload and Execute
Synology DiskStation Manager SLICEUPLOAD Remote Command Execution
Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection
Symantec Web Gateway 5.0.2.8 relfile File Inclusion Vulnerability
Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload Vulnerability
Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection
Sophos Web Protection Appliance sblistpack Arbitrary Command Execution
Supermicro Onboard IPMI close_window.cgi Buffer Overflow
Raidsonic NAS Devices Unauthenticated Remote Command Execution
RedHat Piranha Virtual Server Package passwd.php3 Arbitrary Command Execution
PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution
PineApp Mail-SeCure livelog.html Arbitrary Command Execution
PineApp Mail-SeCure ldapsyncnow.php Arbitrary Command Execution
PeerCast URL Handling Buffer Overflow
Openfiler v2.x NetworkCard Command Execution
Nginx HTTP Server 1.3.9-1.4.0 Chunked Encoding Stack Buffer Overflow
NETGEAR ReadyNAS Perl Code Evaluation
Netgear DGN2200B pppoe.cgi Remote Command Execution
Netgear DGN1000B setup.cgi Remote Command Execution
Mutiny 5 Arbitrary File Upload
Linksys WRT54GL apply.cgi Command Execution
Linksys WRT160nv2 apply.cgi Remote Command Injection
Linksys Devices pingstr Remote Command Injection
Linksys E1500/E2500 apply.cgi Remote Command Injection
Linksys WRT54 Access Point apply.cgi Buffer Overflow
Page 77
Sheet1 (2)
HP System Management Anonymous Access Code Execution
GroundWork monarch_scan.cgi OS Command Injection
Berlios GPSD Format String Vulnerability
Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection
F5 iControl Remote Root Command Execution
E-Mail Security Virtual Appliance learn-msg.cgi Command Injection
OpenPLI Webif Arbitrary Command Execution
Dolibarr ERP/CRM Post-Auth OS Command Injection
D-Link Devices UPnP SOAP Command Execution
D-Link hedwig.cgi Buffer Overflow in Cookie Header
D-Link DIR615h OS Command Injection
D-Link DIR-605L Captcha Handling Buffer Overflow
D-Link Devices Unauthenticated Remote Command Execution
D-Link DIR-645 / DIR-815 diagnostic.php Command Execution
D-Link Devices Unauthenticated Remote Command Execution
D-Link authentication.cgi Buffer Overflow
DD-WRT HTTP Daemon Arbitrary Command Execution
Red Hat CloudForms Management Engine 5.1 agent/linuxpkgs Path Traversal
Astium Remote Code Execution
Alcatel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution
Unreal Tournament 2004 "secure" Overflow (Linux)
ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (Linux)
ProFTPD 1.2 - 1.3.0 sreplace Buffer Overflow (Linux)
Adobe Flash Player ActionScript Launch Command Execution Vulnerability
Irix LPD tagprinter Command Execution
HP-UX LPD Command Execution
FreeBSD Telnet Service Encryption Key ID Buffer Overflow
XTACACSD report() Buffer Overflow
Samba trans2open Overflow (*BSD x86)
FreeBSD 9 Address Space Manipulation Privilege Escalation
ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (FreeBSD)
System V Derived /bin/login Extraneous Arguments Buffer Overflow
Mercantec SoftCart CGI Overflow
Apple iOS Default SSH Password Vulnerability
Apple iOS MobileMail LibTIFF Buffer Overflow
Apple iOS MobileSafari LibTIFF Buffer Overflow
Android Browser and WebView addJavascriptInterface Code Execution
ToolTalk rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX)
AIX Calendar Manager Service Daemon (rpc.cmsd) Opcode 21 Buffer Overflow
ibstat $PATH Privilege Escalation
Description
------ ----AIX Command Shell, Bind TCP Inline
AIX Command Shell, Find Port Inline
AIX execve Shellfor inetd
AIX Command Shell, Reverse TCP Inline
Android Meterpreter, Dalvik Reverse HTTP Stager
Android Meterpreter, Dalvik Reverse HTTPS Stager
Android Meterpreter, Dalvik Reverse TCP Stager
Command Shell, Dalvik Reverse HTTP Stager
Page 78
Sheet1 (2)
Command Shell, Dalvik Reverse HTTPS Stager
Command Shell, Dalvik Reverse TCP Stager
BSD Command Shell, Bind TCP Inline
BSD Command Shell, Reverse TCP Inline
BSD Execute Command
FreeBSD Meterpreter Service, Bind TCP
FreeBSD Meterpreter Service, Reverse TCP Inline
BSD Command Shell, Bind TCP Stager (IPv6)
BSD Command Shell, Bind TCP Stager
BSD Command Shell, Find Tag Stager
BSD Command Shell, Reverse TCP Stager (IPv6)
BSD Command Shell, Reverse TCP Stager
BSD Command Shell, Bind TCP Inline
BSD Command Shell, Bind TCP Inline (IPv6)
BSD Command Shell, Find Port Inline
BSD Command Shell, Find Tag Inline
BSD Command Shell, Reverse TCP Inline
BSD Command Shell, Reverse TCP Inline (IPv6)
BSDi Command Shell, Bind TCP Stager
BSDi Command Shell, Reverse TCP Stager
BSDi Command Shell, Bind TCP Inline
BSDi Command Shell, Find Port Inline
BSDi Command Shell, Reverse TCP Inline
Unix Command Shell, Bind TCP (via AWK)
Unix Command Shell, Bind TCP (inetd)
Unix Command Shell, Bind TCP (via Lua)
Unix Command Shell, Bind TCP (via netcat)
Unix Command Shell, Bind TCP (via netcat -e)
Unix Command Shell, Bind TCP (via netcat -e) IPv6
Unix Command Shell, Bind TCP (via nodejs)
Unix Command Shell, Bind TCP (via Perl)
Unix Command Shell, Bind TCP (via perl) IPv6
Unix Command Shell, Bind TCP (via Ruby)
Unix Command Shell, Bind TCP (via Ruby) IPv6
Unix Command Shell, Bind TCP (via Zsh)
Unix Command, Generic Command Execution
Unix Command, Interact with Established Connection
Unix Command Shell, Double Reverse TCP (telnet)
Unix Command Shell, Reverse TCP (via AWK)
Unix Command Shell, Reverse TCP (/dev/tcp)
Unix Command Shell, Reverse TCP SSL (telnet)
Unix Command Shell, Reverse TCP (via Lua)
Unix Command Shell, Reverse TCP (via netcat)
Unix Command Shell, Reverse TCP (via netcat -e)
Unix Command Shell, Reverse TCP (via nodejs)
Unix Command Shell, Double Reverse TCP SSL (openssl)
Unix Command Shell, Reverse TCP (via Perl)
Unix Command Shell, Reverse TCP SSL (via perl)
Unix Command Shell, Reverse TCP SSL (via php)
Unix Command Shell, Reverse TCP (via Python)
Unix Command Shell, Reverse TCP SSL (via python)
Unix Command Shell, Reverse TCP (via Ruby)
Unix Command Shell, Reverse TCP SSL (via Ruby)
Unix Command Shell, Double Reverse TCP SSL (telnet)
Unix Command Shell, Reverse TCP (via Zsh)
Page 79
Sheet1 (2)
Windows Execute net user /ADD CMD
Windows Command Shell, Bind TCP (via Lua)
Windows Command Shell, Bind TCP (via Perl)
Windows Command Shell, Bind TCP (via perl) IPv6
Windows Command Shell, Bind TCP (via Ruby)
Windows Executable Download and Evaluate VBS
Windows Executable Download and Execute (via .vbs)
Windows Command,Generic Command Execution
Windows Command Shell, Reverse TCP (via Lua)
Windows Command,Double Reverse TCP Connection (via Perl)
Windows Command Shell, Reverse TCP (via Powershell)
Windows Command Shell, Reverse TCP (via Ruby)
Firefox XPCOM Execute Command
Command Shell, Bind TCP (via Firefox XPCOM script)
Command Shell, Reverse TCP (via Firefox XPCOM script)
CustomPayload
Generic x86 DebugTrap
Generic Command Shell, Bind TCP Inline
Generic Command Shell, Reverse TCP Inline
Generic x86 TightLoop
Java JSP CommandShell, Bind TCP Inline
Java JSP CommandShell, Reverse TCP Inline
Java Meterpreter,Java Bind TCP Stager
Java Meterpreter,Java Reverse HTTP Stager
Java Meterpreter,Java Reverse HTTPS Stager
Java Meterpreter,Java Reverse TCP Stager
Command Shell, Java Bind TCP Stager
Command Shell, Java Reverse TCP Stager
Java Command Shell, Reverse TCP Inline
LinuxAdd User
LinuxExecute Command
Linuxdup2 Command Shell, Bind TCP Stager
Linuxdup2 Command Shell, Reverse TCP Stager
LinuxCommand Shell, Reverse TCP Inline
LinuxReboot
LinuxCommand Shell, Reverse TCP Stager
LinuxCommand Shell, Bind TCP Inline
LinuxReboot
LinuxCommand Shell, Find Port Inline
LinuxCommand Shell, Bind TCP Stager
Page 80
Sheet1 (2)
LinuxCommand Shell, Bind TCP Random Port Inline
LinuxAdd User
LinuxChmod
LinuxMeterpreter, Bind TCP Stager (IPv6)
LinuxMeterpreter, Bind TCP Stager
LinuxMeterpreter, Bind TCP Stager
LinuxMeterpreter, Find Tag Stager
LinuxMeterpreter, Reverse TCP Stager (IPv6)
LinuxMeterpreter, Reverse TCP Stager
LinuxMeterpreter, Reverse TCP Stager
LinuxMeterpreterService, Bind TCP
LinuxMeterpreterService, Reverse TCP Inline
LinuxRead File
LinuxCommand Shell, Bind TCP Stager (IPv6)
LinuxCommand Shell, Find Tag Stager
LinuxCommand Shell, Reverse TCP Stager (IPv6)
LinuxCommand Shell, Bind TCP Inline (IPv6)
LinuxCommand Shell, Bind TCP Random Port Inline
LinuxCommand Shell, Find Tag Inline
LinuxCommand Shell, Reverse TCP Inline - Metasm Demo
NetWare Command Shell, Reverse TCP Stager
Command Shell, Bind TCP (via nodejs)
Command Shell, Reverse TCP (via nodejs)
Command Shell, Reverse TCP SSL (via nodejs)
OS X Write and Execute Binary, Bind TCP Stager
OS X Write and Execute Binary, Reverse TCP Stager
OS X Command Shell, Bind TCP Stager
OS X Command Shell, Reverse TCP Stager
AppleiOS CommandShell, Bind TCP Inline
AppleiOS CommandShell, Reverse TCP Inline
AppleiOS iPhoneVibrate
OS X Command Shell, Bind TCP Stager
OS X Command Shell, Find Tag Stager
OS X Command Shell, Reverse TCP Stager
OS X Command Shell, Bind TCP Inline
OS X Command Shell, Reverse TCP Inline
OS X dup2 CommandShell, Bind TCP Stager
OS X dup2 CommandShell, Reverse TCP Stager
OS X x64 ExecuteCommand
OS X x64 say Shellcode
OS X x64 Shell Bind TCP
OSX Command Shell, Find Tag Inline
OS X x64 Shell Reverse TCP
Mac OSX Inject Mach-O Bundle, Bind TCP Stager
Mac OSX Inject Mach-O Bundle, Reverse TCP Stager
Page 81
Sheet1 (2)
OS X Execute Command
Mac OSX x86 iSight Photo Capture, Bind TCP Stager
Mac OSX x86 iSight Photo Capture, Reverse TCP Stager
OS X Command Shell, Bind TCP Inline
OS X Command Shell, Find Port Inline
OS X Command Shell, Reverse TCP Inline
OS X (vfork) Command Shell, Bind TCP Stager
OS X (vfork) Command Shell, Reverse TCP Stager
OS X (vfork) Command Shell, Bind TCP Inline
OS X (vfork) Command Shell, Reverse TCP Inline
PHP Command Shell, Bind TCP (via Perl)
PHP Command Shell, Bind TCP (via perl) IPv6
PHP Command Shell, Bind TCP (via PHP)
PHP Command Shell, Bind TCP (via php) IPv6
PHP Executable Download and Execute
PHP Execute Command
PHP Meterpreter,Bind TCP Stager
PHP Meterpreter,Bind TCP Stager IPv6
PHP Meterpreter,PHP Reverse TCP Stager
PHP Meterpreter,Reverse TCP Inline
PHP Command, Double Reverse TCP Connection (via Perl)
PHP Command Shell, Reverse TCP (via PHP)
PHP Command Shell, Find Sock
PythonMeterpreter, Python Bind TCP Stager
PythonMeterpreter, Python Reverse TCP Stager
Command Shell, Reverse TCP (via python)
Command Shell, Reverse TCP SSL (via python)
Ruby Command Shell, Bind TCP
Ruby Command Shell, Bind TCP IPv6
Ruby Command Shell, Reverse TCP
Ruby Command Shell, Reverse TCP SSL
Solaris Command Shell, Bind TCP Inline
Solaris Command Shell, Find Port Inline
Solaris Command Shell, Reverse TCP Inline
Solaris Command Shell, Bind TCP Inline
Solaris Command Shell, Find Port Inline
Solaris Command Shell, Reverse TCP Inline
Unix TTY, Interact with Established Connection
Windows Execute net user /ADD
Reflective DLL Injection, Bind TCP Stager (IPv6)
Reflective DLL Injection, Bind TCP Stager (No NX or Win7)
Reflective DLL Injection, Bind TCP Stager
Reflective DLL Injection, Bind TCP Stager (RC4 Stage Encryption)
Reflective DLL Injection, Find Tag Ordinal Stager
Reflective DLL Injection, Reverse Hop HTTP Stager
Reflective DLL Injection, Reverse HTTP Stager
Reflective DLL Injection, Reverse TCP Stager (IPv6)
Reflective DLL Injection, Reverse TCP Stager (No NX or Win7)
Reflective DLL Injection, Reverse Ordinal TCP Stager (No NX or Win7)
Reflective DLL Injection, Reverse TCP Stager
Reflective DLL Injection, Reverse All-Port TCP Stager
Reflective DLL Injection, Reverse TCP Stager (DNS)
Reflective DLL Injection, Reverse TCP Stager (RC4 Stage Encryption)
Reflective DLL Injection, Reverse TCP Stager (RC4 Stage Encryption DNS)
DNS TXT Record Payload Download and Execution
Page 82
Sheet1 (2)
Windows Executable Download (http,https,ftp) and Execute
Windows Execute Command
Windows LoadLibrary Path
Windows MessageBox
Windows Meterpreter (Reflective Injection), Bind TCP Stager (IPv6)
Windows Meterpreter (Reflective Injection), Bind TCP Stager (No NX or Win7)
Windows Meterpreter (Reflective Injection), Bind TCP Stager
Windows Meterpreter (Reflective Injection), Bind TCP Stager (RC4 Stage Encryption)
Windows Meterpreter (Reflective Injection), Find Tag Ordinal Stager
Windows Meterpreter (Reflective Injection), Reverse Hop HTTP Stager
Windows Meterpreter (Reflective Injection), Reverse HTTP Stager
Windows Meterpreter (Reflective Injection), Reverse HTTPS Stager
Windows Meterpreter (Reflective Injection), Reverse HTTPS Stager with Support for Custom Proxy
Windows Meterpreter (Reflective Injection), Reverse TCP Stager (IPv6)
Windows Meterpreter (Reflective Injection), Reverse TCP Stager (No NX or Win7)
Windows Meterpreter (Reflective Injection), Reverse Ordinal TCP Stager (No NX or Win7)
Windows Meterpreter (Reflective Injection), Reverse TCP Stager
Windows Meterpreter (Reflective Injection), Reverse All-Port TCP Stager
Windows Meterpreter (Reflective Injection), Reverse TCP Stager (DNS)
Windows Meterpreter (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption)
Windows Meterpreter (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption DNS)
Windows Meterpreter Service, Bind TCP
Windows Meterpreter Service, Reverse TCP Inline
Windows Inject DLL, Bind TCP Stager (IPv6)
Windows Inject DLL, Bind TCP Stager (No NX or Win7)
Windows Inject DLL, Bind TCP Stager
Windows Inject DLL, Bind TCP Stager (RC4 Stage Encryption)
Windows Inject DLL, Find Tag Ordinal Stager
Windows Inject DLL, Reverse TCP Stager (IPv6)
Windows Inject DLL, Reverse TCP Stager (No NX or Win7)
Windows Inject DLL, Reverse Ordinal TCP Stager (No NX or Win7)
Windows Inject DLL, Reverse TCP Stager
Windows Inject DLL, Reverse All-Port TCP Stager
Windows Inject DLL, Reverse TCP Stager (DNS)
Windows Inject DLL, Reverse TCP Stager (RC4 Stage Encryption)
Windows Inject DLL, Reverse TCP Stager (RC4 Stage Encryption DNS)
Windows Meterpreter (skape/jt Injection), Bind TCP Stager (IPv6)
Windows Meterpreter (skape/jt Injection), Bind TCP Stager (No NX or Win7)
Windows Meterpreter (skape/jt Injection), Bind TCP Stager
Windows Meterpreter (skape/jt Injection), Bind TCP Stager (RC4 Stage Encryption)
Windows Meterpreter (skape/jt Injection), Find Tag Ordinal Stager
Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (IPv6)
Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (No NX or Win7)
Windows Meterpreter (skape/jt Injection), Reverse Ordinal TCP Stager (No NX or Win7)
Windows Meterpreter (skape/jt Injection), Reverse TCP Stager
Windows Meterpreter (skape/jt Injection), Reverse All-Port TCP Stager
Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (DNS)
Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (RC4 Stage Encryption)
Windows Meterpreter (skape/jt Injection), Reverse TCP Stager (RC4 Stage Encryption DNS)
Windows Command Shell, Bind TCP Stager (IPv6)
Windows Command Shell, Bind TCP Stager (No NX or Win7)
Windows Command Shell, Bind TCP Stager
Windows Command Shell, Bind TCP Stager (RC4 Stage Encryption)
Windows Command Shell, Find Tag Ordinal Stager
Windows Command Shell, Reverse Hop HTTP Stager
Page 83
Sheet1 (2)
Windows Command Shell, Reverse HTTP Stager
Windows Command Shell, Reverse TCP Stager (IPv6)
Windows Command Shell, Reverse TCP Stager (No NX or Win7)
Windows Command Shell, Reverse Ordinal TCP Stager (No NX or Win7)
Windows Command Shell, Reverse TCP Stager
Windows Command Shell, Reverse All-Port TCP Stager
Windows Command Shell, Reverse TCP Stager (DNS)
Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption)
Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption DNS)
Windows Command Shell, Bind TCP Inline
Windows Disable Windows ICF, Command Shell, Bind TCP Inline
Windows Command Shell, Hidden Bind TCP Inline
Windows Command Shell, Reverse TCP Inline
Windows Speech API - Say "You Got Pwned!"
Windows Upload/Execute, Bind TCP Stager (IPv6)
Windows Upload/Execute, Bind TCP Stager (No NX or Win7)
Windows Upload/Execute, Bind TCP Stager
Windows Upload/Execute, Bind TCP Stager (RC4 Stage Encryption)
Windows Upload/Execute, Find Tag Ordinal Stager
Windows Upload/Execute, Reverse Hop HTTP Stager
Windows Upload/Execute, Reverse HTTP Stager
Windows Upload/Execute, Reverse TCP Stager (IPv6)
Windows Upload/Execute, Reverse TCP Stager (No NX or Win7)
Windows Upload/Execute, Reverse Ordinal TCP Stager (No NX or Win7)
Windows Upload/Execute, Reverse TCP Stager
Windows Upload/Execute, Reverse All-Port TCP Stager
Windows Upload/Execute, Reverse TCP Stager (DNS)
Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Encryption)
Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Encryption DNS)
VNC Server (Reflective Injection), Bind TCP Stager (IPv6)
VNC Server (Reflective Injection), Bind TCP Stager (No NX or Win7)
VNC Server (Reflective Injection), Bind TCP Stager
VNC Server (Reflective Injection), Bind TCP Stager (RC4 Stage Encryption)
VNC Server (Reflective Injection), Find Tag Ordinal Stager
VNC Server (Reflective Injection), Reverse Hop HTTP Stager
VNC Server (Reflective Injection), Reverse HTTP Stager
VNC Server (Reflective Injection), Reverse TCP Stager (IPv6)
VNC Server (Reflective Injection), Reverse TCP Stager (No NX or Win7)
VNC Server (Reflective Injection), Reverse Ordinal TCP Stager (No NX or Win7)
VNC Server (Reflective Injection), Reverse TCP Stager
VNC Server (Reflective Injection), Reverse All-Port TCP Stager
VNC Server (Reflective Injection), Reverse TCP Stager (DNS)
VNC Server (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption)
VNC Server (Reflective Injection), Reverse TCP Stager (RC4 Stage Encryption DNS)
Windows x64 Execute Command
Windows x64 LoadLibrary Path
Windows x64 Meterpreter, Windows x64 Bind TCP Stager
Windows x64 Meterpreter, Windows x64 Reverse HTTPS Stager
Windows x64 Meterpreter, Windows x64 Reverse TCP Stager
Windows x64 Command Shell, Windows x64 Bind TCP Stager
Windows x64 Command Shell, Windows x64 Reverse HTTPS Stager
Windows x64 Command Shell, Windows x64 Reverse TCP Stager
Windows x64 Command Shell, Bind TCP Inline
Windows x64 Command Shell, Reverse TCP Inline
Windows x64 VNC Server (Reflective Injection), Windows x64 Bind TCP Stager
Page 84
Sheet1 (2)
Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse HTTPS Stager
Windows x64 VNC Server (Reflective Injection), Windows x64 Reverse TCP Stager
Rankcription
Des
DateRank Description
---- ---------- --------- ----------2WireCross-SiteRequestForgeryPasswordResetVulnerability
AppleTVImageRemoteControl
AppleTVVideoRemoteControl
VeritasBackupExecWindowsRemoteFileAccess
VeritasBackupExecServerRegistryAccess
ChromecastFactoryResetDoS
ChromecastYouTubeRemoteControl
CiscoSecureACSUnauthorizedPasswordChange
CiscoVPNConcentrator3000FTPUnauthorizedAdministrativeAccess
IBMDB2db2rcmd.exeCommandExecutionVulnerability
NovelleDirectoryDHOSTPredictableSessionCookie
NovelleDirectoryeMBoxUnauthenticatedFileAccess
EMCAlphaStorDeviceManagerArbitraryCommandExecution
EMCAlphaStorLibraryManagerArbitraryCommandExecution
HPDataProtector6.1EXEC_CMDCommandExecution
HPIntelligentManagementSOMAccountCreation
AxigenArbitraryFileReadandDelete
RedHatCloudFormsManagementEngine5.1miq_policy/explorerSQLInjection
ContentKeeperWebAppliancemimencodeFileAccess
D-LinkDIR-600/DIR-300UnauthenticatedRemoteCommandExecution
D-LinkDIR645PasswordExtractor
D-LinkDSL320BPasswordExtractor
Foreman(RedHatOpenStack/Satellite)users/createMassAssignment
HPWebJetAdmin6.5ServerArbitraryCommandExecution
MS10-065MicrosoftIIS5NTFSStreamAuthenticationBypass
Intersil(Boa)HTTPdBasicAuthenticationPasswordReset
IomegaStorCenterProNASWebAuthenticationBypass
JBossJMXConsoleBeanshellDeployerWARUploadandDeployment
JBossSeam2RemoteCommandExecution
Katello(RedHatSatellite)users/update_rolesMissingAuthorization
LinksysE1500/E2500RemoteCommandExecution
LinksysWRT120NtmUnblockStackBufferOverflow
LinksysWRT54GLRemoteCommandExecution
Mutiny5ArbitraryFileReadandDelete
NexposeXXEArbitraryFileRead
NovellFileReporterAgentArbitraryFileDelete
OpenbravoERPXXEArbitraryFileRead
RubyonRailsDeviseAuthenticationPasswordReset
PlixerScrutinizerNetFlowandsFlowAnalyzerHTTPAuthenticationBypass
SophosWebProtectionAppliancepatience.cgiDirectoryTraversal
TomcatAdministrationToolDefaultAccess
TomcatUTF-8DirectoryTraversalVulnerability
TrendMicroDataLossPrevention5.5DirectoryTraversal
TYPO3sa-2009-001WeakEncryptionKeyFileDisclosure
Typo3sa-2009-002FileDisclosure
TYPO3sa-2010-020RemoteFileDisclosure
Page 85
Sheet1 (2)
TYPO3WinstallerDefaultEncryptionKeys
vBulletinAdministratorAccountCreation
WordPresscustom-contact-formsPluginSQLUpload
ZyXELGS1510-16PasswordExtractor
SAPMaxDBcons.exeRemoteCommandInjection
SerCommDeviceConfigurationDump
UDPWake-On-Lan(WOL)
MotorolaWR850Gv4.03Credentials
MicrosoftHostIntegrationServer2006CommandExecutionVulnerability
MicrosoftSQLServerConfigurationEnumerator
MicrosoftSQLServer-EscalateDb_Owner
MicrosoftSQLServer-SQLiEscalateDb_Owner
MicrosoftSQLServerxp_cmdshellCommandExecution
MicrosoftSQLServer-FindandSampleData
MicrosoftSQLServer-InterestingDataFinder
MicrosoftSQLServerNTLMStealer
MicrosoftSQLServerNTLMStealer-SQLi
MicrosoftSQLServerGenericQuery
MicrosoftSQLServerGenericQueryfromFile
MySQLEnumerationModule
MySQLSQLGenericQuery
NAT
TrendMicroOfficeScanNTListenerTraversalArbitraryFileAccess
OracleSMBRelayCodeExecution
OracleAccountDiscovery
OracleSQLGenericQuery
OracleDatabaseEnumeration
OracleSecureBackupexec_qr()CommandInjectionVulnerability
OracleSecureBackupAuthenticationBypass/CommandInjectionVulnerability
OracleSecureBackupAuthenticationBypass/CommandInjectionVulnerability
OracleJavaexecCommand(Win32)
OracleURLDownload
OracleTNSListenerSIDBruteForcer
OracleTNSListenerCommandIssuer
UoWpop2dRemoteFileRetrievalVulnerability
PostgreSQLServerGenericQuery
PostgreSQLServerGenericQuery
SAPConfigServletOSCommandExecution
SAPManagementConsoleOSExecute
AdvantechWebAccessSQLInjection
GEProficyCimplicityWebViewsubstitute.bclDirectoryTraversal
SchneiderModiconRemoteSTART/STOPCommand
SchneiderModiconQuantumPasswordRecovery
SchneiderModiconLadderLogicUpload/Download
Allen-Bradley/RockwellAutomationEtherNet/IPCIPCommands
YokogawaBKBCopyD.exeClient
TrendMicroServerProtectFileAccess
SMBScannerCheckFile/DirectoryUtility
SMBFileDeleteUtility
SMBFileDownloadUtility
SMBDirectoryListingUtility
MicrosoftWindowsAuthenticatedAdministrationUtility
PsExecNTDS.ditAndSYSTEMHiveDownloadUtility
SambaSymlinkDirectoryTraversal
SMBFileUploadUtility
Page 86
Sheet1 (2)
SolarisKCMS+TTDBArbitraryFileRead
TFTPFileTransferUtility
TikiWikiInformationDisclosure
VMWarePowerOffVirtualMachine
VMWarePowerOnVirtualMachine
VMWareTagVirtualMachine
VMWareTerminateESXLoginSessions
RealVNCNULLAuthenticationModeBypass
AppleAirportExtremePasswordExtraction(WDBRPC)
D-Linki2eyeVideoConferenceAutoAnswer(WDBRPC)
VxWorksWDBAgentRemoteMemoryDump
VxWorksWDBAgentRemoteReboot
Webminedit_html.cgifileParameterTraversalArbitraryFileAccess
WebminFileDisclosure
ZendServerJavaBridgeDesignFlawRemoteCodeExecution
JohntheRipperAIXPasswordCracker
JohntheRipperPasswordCracker(FastMode)
JohntheRipperLinuxPasswordCracker
JohntheRipperMSSQLPasswordCracker(FastMode)
JohntheRipperMySQLPasswordCracker(FastMode)
JohntheRipperOraclePasswordCracker(FastMode)
JohntheRipperPostgresSQLPasswordCracker
BNATRouter
BNATScanner
GenericEmailer(SMTP)
MetasploitWebCrawler
MicrosoftWordUNCPathInjector
CiscoIOSHTTPGET/%%RequestDenialofService
ISCDHCPZeroLengthClientIDDenialofServiceModule
FreeBSDRemoteNFSRPCRequestDenialofService
HPDataProtectorManagerRDSDOS
3ComSuperStackSwitchDenialofService
ApacheCommonsFileUploadandApacheTomcatDoS
Apachemod_isapiDanglingPointer
ApacheRangeHeaderDoS(ApacheKiller)
ApacheTomcatTransfer-EncodingInformationDisclosureandDoS
CanonWirelessPrinterDenialOfService
DellOpenManagePOSTRequestHeapOverflow(win32)
GzipMemoryBombDenialOfService
HashtableCollisions
MonkeyHTTPDHeaderParsingDenialofService(DoS)
Node.jsHTTPPipeliningDenialofService
NFRAgentHeapOverflowVulnerability
RubyonRailsActionViewMIMEMemoryExhaustion
RubyonRailsJSONProcessorFloatingPointHeapOverflowDoS
SonicWALLSSL-VPNFormatStringVulnerability
RubyWEBrick::HTTP::DefaultFileHandlerDoS
WordpressXMLRPCDoS
AvahiSourcePort0DoS
DopewarsDenialofService
IBMLotusSametimeWebPlayerDoS
MemcachedRemoteDenialofService
NTP.orgntpdReservedModeDenialofService
MS02-063PPTPMalformedControlDataKernelDenialofService
Sambalsa_io_privilege_setHeapOverflow
Page 87
Sheet1 (2)
Sambalsa_io_trans_namesHeapOverflow
Sambaread_nttrans_ea_listIntegerOverflow
SAPSOAPEPS_DELETE_FILEFileDeletion
BeckhoffTwinCATSCADAPLC2.11.0.2004DoS
GeneralElectricD20METFTPServerBufferOverflowDoS
7-TechnologiesIGSS9IGSSdataServer.exeDoS
YokogawaCENTUMCS3000BKCLogSvr.exeHeapBufferOverflow
SendmailSMTPAddressprescanMemoryCorruption
SolarisLPDArbitraryFileDelete
OpenSSLDTLSChangeCipherSpecRemoteDoS
OpenSSLDTLSFragmentBufferOverflowDoS
OpenSSLTLS1.1and1.2AES-NIDoS
rsyslogLongTagOff-By-TwoDoS
JuniperJunOSMalformedTCPOption
TCPSYNFlooder
MiniUPnPd1.4DenialofService(DoS)Exploit
AppianEnterpriseBusinessSuite5.6SP1DoS
MicrosoftWindowsEOTFontTableDirectoryIntegerOverflow
FileZillaFTPServerAdminInterfaceDenialofService
FileZillaFTPServerMalformedPORTDenialofService
GuildFTPd0.999.8.11/0.999.14HeapCorruption
MicrosoftIISFTPServerEncodedResponseOverflowTrigger
MicrosoftIISFTPServerLISTStackExhaustion
SolarFTPServerMalformedUSERDenialofService
TitanFTPServer6.26.630SITEWHODoS
VictoryFTPServer5.0LISTDoS
WinFTP2.3.0NLSTDenialofService
XMEasyPersonalFTPServer5.6.0NLSTDoS
XMEasyPersonalFTPServer5.7.0NLSTDoS
Kaillera0.86ServerDenialofService
MicrosoftIIS6.0ASPStackExhaustionDenialofService
Pi3WebISAPIDoS
MicrosoftWindowsDNSAPI.dllLLMNRBufferUnderrunDoS
MicrosoftWindowsNATHelperDenialofService
MS12-020MicrosoftRemoteDesktopUse-After-FreeDoS
MicrosoftPlugandPlayServiceRegistryOverflow
MicrosoftSRV.SYSMailslotWriteCorruption
MicrosoftSRV.SYSPipeTransactionNoNull
MicrosoftSRV.SYSWriteAndXInvalidDataOffset
MicrosoftSRV2.SYSSMBNegotiateProcessIDFunctionTableDereference
MicrosoftSRV2.SYSSMB2LogoffRemoteKernelNULLPointerDereference
MicrosoftWindows7/Server2008R2SMBClientInfiniteLoop
MicrosoftWindowsSRV.SYSSrvSmbQueryFsInformationPoolOverflowDoS
MicrosoftWindowsBrowserPoolDoS
MicrosoftRRASInterfaceAdjustVLSPointersNULLDereference
MicrosoftVistaSP0SMBNegotiateProtocolDoS
MS06-019ExchangeMODPROPHeapOverflow
SysaxMulti-Server6.10SSHDKeyExchangeDenialofService
PacketTrapTFTPServer2.2.5459.0DoS
SolarWindsTFTPServer10.4.0.10DenialofService
WiresharkCAPWAPDissectorDoS
Wiresharkchunked_encoding_dissectorFunctionDOS
WiresharkCLDAPDissectorDOS
WiresharkLDAPDissectorDOS
DNSandDNSSECFuzzer
Page 88
Sheet1 (2)
SimpleFTPClientFuzzer
SimpleFTPFuzzer
HTTPFormFieldFuzzer
HTTPGETRequestURIFuzzer(IncrementingLengths)
HTTPGETRequestURIFuzzer(FuzzerStrings)
NTPProtocolFuzzer
SMBNegotiateSMB2DialectCorruption
SMBCreatePipeRequestFuzzer
SMBCreatePipeRequestCorruption
SMBNegotiateDialectCorruption
SMBNTLMv1LoginRequestCorruption
SMBTreeConnectRequestFuzzer
SMBTreeConnectRequestCorruption
SMTPSimpleFuzzer
SSHKeyExchangeInitCorruption
SSH1.5VersionFuzzer
SSH2.0VersionFuzzer
SSHVersionCorruption
TDSProtocolLoginRequestCorruptionFuzzer
TDSProtocolLoginRequestUsernameFuzzer
AlienVaultAuthenticatedSQLInjectionArbitraryFileRead
AlienVaultAuthenticatedSQLInjectionArbitraryFileRead
AndroidContentProviderFileDisclosure
AndroidOpenSourcePlatform(AOSP)BrowserUXSS
ApacheRaveUserInformationDisclosure
AppleSafari.webarchiveFileFormatUXSS
CheckPointFirewall-1SecuRemoteTopologyServiceHostnameDisclosure
ChromecastWifiEnumeration
CitrixMetaFrameICAPublishedApplicationsScanner
CitrixMetaFrameICAPublishedApplicationsBruteforcer
ColdFusion'password.properties'HashExtraction
CorpWatchCompanyIDInformationSearch
CorpWatchCompanyNameInformationSearch
GeneralElectricD20PasswordRecovery
DNSBrutefoceEnumeration
DNSNon-RecursiveRecordScraper
DNSBasicInformationEnumeration
DNSReverseLookupEnumeration
DNSCommonServiceRecordEnumeration
DoliWamp'jqueryFileTree.php'TraversalGatherCredentials
DrupalOpenIDExternalEntityInjection
NetworkShutdownModulesort_valuesCredentialDumper
EMCCTAv10.0UnauthenticatedXXEArbitraryFileRead
DNSRecordScannerandEnumerator
DiscoverExternalIPviaIfconfig.me
F5BigIPBackendCookieDisclosure
FlashRosettaJSONPGET/POSTResponseDisclosure
HPOperationsManagerPerfdEnvironmentScanner
HPProCurveSNACDomainControllerCredentialDumper
IBMLotusNotesSametimeUserEnumeration
IBMLotusNotesSametimeRoomNameBruteforce
IBMLotusSametimeVersionEnumeration
HTTPSSLCertificateImpersonation
Joomlaweblinks-categoriesUnauthenticatedSQLInjectionArbitraryFileRead
MantisBTAdminSQLInjectionArbitraryFileRead
Page 89
Sheet1 (2)
MongoDBNoSQLCollectionEnumerationViaInjection
MyBBDatabaseFingerprint
SearchEngineDomainEmailAddressCollector
ShodanSearch
BMC/NumaraTrack-It!DomainAdministratorandSQLServerUserPasswordDisclosure
vBulletinPasswordCollectorvianodeidSQLInjection
MicrosoftWindowsDeploymentServicesUnattendGatherer
W3-Total-CacheWordpress-plugin0.9.2.4(orbefore)UsernameandHashExtract
XBMCWebServerDirectoryTraversal
SegmentationandFirewallTesting
AuxilliaryParserWindowsUnattendPasswords
FoxitReaderAuthorizationBypass
AppleFilingProtocolLoginUtility
AppleFilingProtocolInfoEnumerator
EnergizerDUOTrojanScanner
ChargenProbeUtility
CouchDBEnumUtility
CouchDBLoginUtility
DB2AuthenticationBruteForceUtility
DB2ProbeUtility
DB2DiscoveryServiceDetection
EndpointMapperServiceDiscovery
HiddenDCERPCServiceDiscovery
RemoteManagementInterfaceDiscovery
DCERPCTCPServiceAuditor
MicrosoftWindowsDeploymentServicesUnattendRetrieval
DECTCallScanner
DECTBaseStationScanner
ARPSweepLocalNetworkDiscovery
UDPEmptyProber
IPv6LinkLocal/NodeLocalPingDiscovery
IPv6LocalNeighborDiscovery
IPv6LocalNeighborDiscoveryUsingRouterAdvertisement
UDPServiceProber
UDPServiceSweeper
DNSAmplificationScanner
ElasticSearchIndicesEnumerationUtility
EMCAlphaStorDeviceManagerService
EMCAlphaStorLibraryManagerService
FingerServiceUserEnumerator
AnonymousFTPAccessDetection
FTPAuthenticationScanner
FTPVersionScanner
TitanFTPXCRCDirectoryTraversalInformationDisclosure
H.323VersionScanner
A10NetworksAXLoadbalancerDirectoryTraversal
AdobeXMLExternalEntityInjection
ApacheActiveMQJSPFilesSourceDisclosure
ApacheActiveMQDirectoryTraversal
Apachemod_cgiBashEnvironmentVariableRCEScanner
Apachemod_userdirUserEnumeration
AppleTVAirPlayLoginUtility
AtlassianCrowdXMLEntityExpansionRemoteFileAccess
ApacheAxis2v1.4.1LocalFileInclusion
Page 90
Sheet1 (2)
ApacheAxis2BruteForceUtility
HTTPBackupFileScanner
BarracudaMultipleProductlocaleDirectoryTraversal
Bitweaveroverlay_typeDirectoryTraversal
HTTPBlindSQLInjectionScanner
HTTPDirectoryBruteForceScanner
CanonPrinterWirelessConfigurationDisclosure
HTTPSSLCertificateChecker
CiscoASAASDMBruteforceLoginUtility
CiscoDeviceHTTPDeviceManagerAccess
CiscoIOSHTTPUnauthorizedAdministrativeAccess
CiscoIronportBruteforceLoginUtility
CiscoNetworkAccessManagerDirectoryTraversalVulnerability
CiscoSSLVPNBruteforceLoginUtility
ClanSphere2011.3LocalFileInclusionVulnerability
ColdFusionVersionScanner
ColdFusionServerCheck
Concrete5MemberListEnumeration
HTTPCopyFileScanner
WebSiteCrawler
DelliDRACDefaultLogin
HTTPDirectoryListingScanner
HTTPDirectoryScanner
MS09-020IIS6WebDAVUnicodeAuthBypassDirectoryScanner
D-LinkDIR-300A/DIR-320/DIR-615DHTTPLoginUtility
D-LinkDIR-615HHTTPLoginUtility
D-LinkDIR-300B/DIR-600B/DIR-815/DIR-645HTTPLoginUtility
DLinkUser-AgentBackdoorScanner
DolibarrERP/CRMLoginUtility
DrupalViewsModuleUsersEnumeration
EktronCMS400.NETDefaultPasswordScanner
Archive.orgStoredDomainURLs
HTTPErrorBasedSQLInjectionScanner
EtherPADDuoLoginBruteforceUtility
HTTPFileSameNameDirectoryScanner
HTTPInterestingFileScanner
FrontPageServerExtensionsAnonymousLoginScanner
GlassFishBruteForceUtility
NovellGroupwiseAgentsHTTPDirectoryTraversal
HPIntelligentManagementBIMSDownloadServletDirectoryTraversal
HPIntelligentManagementFaultDownloadServletDirectoryTraversal
HPIntelligentManagementIctDownloadServletDirectoryTraversal
HPIntelligentManagementReportImgServltDirectoryTraversal
HPIntelligentManagementSOMFileDownloadServletArbitraryDownload
HPSiteScopeSOAPCallgetFileInternalRemoteFileAccess
HPSiteScopeSOAPCallgetSiteScopeConfigurationConfigurationAccess
HPSiteScopeSOAPCallloadFileContentRemoteFileAccess
HPSystemManagementHomepageLoginUtility
HTTPHeaderDetection
HTTPStrictTransportSecurity(HSTS)Detection
HTTPLoginUtility
HTTPWritablePathPUT/DELETEFileAccess
GenericHTTPDirectoryTraversalUtility
HTTPVersionDetection
Http:BLLookup
Page 91
Sheet1 (2)
MicrosoftIISHTTPInternalIPDisclosure
InfoVistaVistaPortalApplicationBruteforceLoginUtility
IPBoardLoginAuxiliaryModule
JBossStatusServletInformationGathering
JBossVulnerabilityScanner
JenkinsEnumeration
Jenkins-CILoginUtility
JoomlaBruteforceLoginUtility
JoomlaPageScanner
JoomlaPluginsScanner
JoomlaVersionScanner
LinksysE1500DirectoryTraversalVulnerability
LiteSpeedSourceCodeDisclosure/Download
HTTPMicrosoftSQLInjectionTableXSSInfection
Majordomo2_list_file_get()DirectoryTraversal
ManageEngineDeviceExpert5.6ScheduleResultViewerFileNameTraversal
ManageEngineDeviceExpertUserCredentials
ManageEngineSecurityManagerPlus5.5DirectoryTraversal
MediaWikiSVGXMLEntityExpansionRemoteFileAccess
ApacheHTTPDmod_negotiationFilenameBruter
ApacheHTTPDmod_negotiationScanner
MS09-020IIS6WebDAVUnicodeAuthenticationBypass
WesternDigitalMyBookLiveLoginUtility
NetDecisionNOCVisionServerDirectoryTraversal
NetgearSPH200DDirectoryTraversalVulnerability
NginxSourceCodeDisclosure/Download
NFRAgentFSFUIRecordArbitraryRemoteFileAccess
NFRAgentSRSRecordArbitraryRemoteFileAccess
NovellZenworksMobileDeviceManagmentAdminCredentials
HostInformationEnumerationviaNTLMAuthentication
HTTPOpenProxyDetection
OpenMindMessage-OSPortalLoginBruteForceUtility
HTTPOptionsDetection
OracleDemantraDatabaseCredentialsLeak
OracleDemantraArbitraryFileRetrievalwithAuthenticationBypass
OracleILOManagerLoginBruteForceUtility
OutlookWebApp(OWA)BruteForceUtility
PocketPADLoginBruteforceForceUtility
HTTPPreviousDirectoryFileScanner
RadwareAppDirectorBruteforceLoginUtility
RubyonRailsJSONProcessorYAMLDeserializationScanner
RubyOnRailsAttributesMassAssignmentScanner
RubyonRailsXMLProcessorYAMLDeserializationScanner
HTTPFileExtensionScanner
ApacheReverseProxyBypassVulnerabilityScanner
RFCodeReaderWebInterfaceLogin/BruteforceUtility
HTTPRobots.txtContentScanner
S400.4.2CMSDirectoryTraversalVulnerability
SAPBusinessObjectsUserBruteforcer
SAPBusinessObjectsWebUserBruteforcer
SAPBusinessObjectsUserEnumeration
SAPBusinessObjectsVersionDetection
HTTPPageScraper
SentrySwitchedCDUBruteforceLoginUtility
SevOneNetworkPerformanceManagementApplicationBruteForceLoginUtility
Page 92
Sheet1 (2)
SimpleWebServer2.3-RC1DirectoryTraversal
SupermicroOnboardIPMIPort49152SensitiveFileExposure
SupermicroOnboardIPMICGIVulnerabilityScanner
SupermicroOnboardIPMIStaticSSLCertificateScanner
SupermicroOnboardIPMIurl_redirect.cgiAuthenticatedDirectoryTraversal
HTTPSOAPVerb/NounBruteForceScanner
SocksoMusicHostServer1.5DirectoryTraversal
SplunkWebInterfaceLoginUtility
SquidProxyPortScanner
SquizMatrixUserEnumerationScanner
HTTPSSLCertificateInformation
HTTPSSL/TLSVersionDetection(POODLEscanner)
ManageEngineSupportCenterPlusDirectoryTraversal
HTTPSubversionScanner
SVNwc.dbScanner
SybaseEaserver6.3DirectoryTraversal
SymantecMessagingGateway9.5LogFileDownloadVulnerability
TitanFTPAdministrativePasswordDisclosure
ApacheTomcatUserEnumeration
TomcatApplicationManagerLoginUtility
TP-LinkWirelessLiteNAccessPointDirectoryTraversalVulnerability
HTTPTRACEDetection
HTTPtrace.axdContentScanner
Typo3LoginBruteforcer
V-CMSLoginUtility
HTTPVerbAuthenticationBypassScanner
HTTPVirtualHostBruteForceScanner
VMwareServerDirectoryTraversalVulnerability
VMWareUpdateManager4DirectoryTraversal
WANGKONGBAOCNS-1000and1100UTMDirectoryTraversal
HTTPVulnScanner
HTTPWebDAVInternalIPScanner
HTTPWebDAVScanner
HTTPWebDAVWebsiteContentScanner
WebPageTestDirectoryTraversal
WordPressBruteForceandUserEnumerationUtility
WordpressPingbackLocator
WordpressScanner
WordpressXML-RPCUsername/PasswordLoginScanner
HTTPBlindXPATH1.0Injector
YawsWebServerDirectoryTraversal
NovellZENworksAssetManagement7.5RemoteFileAccess
NovellZENworksAssetManagement7.5ConfigurationAccess
IMAP4BannerGrabber
IPIDSequenceScanner
IPMI2.0CipherZeroAuthenticationBypassScanner
IPMI2.0RAKPRemoteSHA1PasswordHashRetreival
IPMIInformationDiscovery
LotusDominoPasswordHashCollector
LotusDominoBruteForceUtility
LotusDominoVersion
CCTVDVRLoginScanningUtility
MultipleDVRManufacturersConfigurationDisclosure
BorlandInterBaseServicesManagerInformation
JavaRMIServerInsecureEndpointCodeExecutionScanner
Page 93
Sheet1 (2)
OKIPrinterDefaultLoginCredentialScanner
PoisonIvyCommandandControlScanner
RaySharpDVRPasswordRetriever
Redis-serverScanner
RosewillRXS-3211IPCameraPasswordRetriever
SerCommNetworkDeviceBackdoorDetection
SunRPCPortmapProgramEnumerator
NovellZENworksConfigurationManagementPrebootServiceRemoteFileAccess
MongoDBLoginUtility
MotorolaTimbuktuServiceDetection
MetasploitRPCInterfaceLoginUtility
MetasploitWebInterfaceLoginUtility
MSSQLPasswordHashdump
MSSQLLoginUtility
MSSQLPingUtility
MSSQLSchemaDump
MySQLAuthenticationBypassPasswordDump
MYSQLFile/DirectoryEnumerator
MYSQLPasswordHashdump
MySQLLoginUtility
MYSQLSchemaDump
MySQLServerVersionEnumeration
NAT
NessusNTPLoginUtility
NessusXMLRPCInterfaceLoginUtility
NessusXMLRPCInterfacePingUtility
NetBIOSInformationDiscovery
NetBIOSInformationDiscoveryProber
NeXposeAPIInterfaceLoginUtility
NFSMountScanner
NTPMonitorListScanner
NTPMode7PEER_LISTDoSScanner
NTPMode7PEER_LIST_SUMDoSScanner
NTPClockVariablesDisclosure
NTPMode6REQ_NONCEDRDoSScanner
NTPMode7GET_RESTRICTDRDoSScanner
NTPMode6UNSETTRAPDRDoSScanner
OpenVASgsadWebInterfaceLoginUtility
OpenVASOMPLoginUtility
OpenVASOTPLoginUtility
OracleEnterpriseManagerControlSIDDiscovery
OracleiSQL*PlusLoginUtility
OracleiSQLPlusSIDCheck
OraclePasswordHashdump
OracleRDBMSLoginUtility
OracleTNSListenerSIDBruteforce
OracleTNSListenerSIDEnumeration
OracleApplicationServerSpyServletSIDEnumeration
OracleTNSListenerServiceVersionQuery
OracleXMLDBSIDDiscovery
OracleXMLDBSIDDiscoveryviaBruteForce
PcAnywhereLoginScanner
PcAnywhereTCPServiceDiscovery
PcAnywhereUDPServiceDiscovery
POP3LoginUtility
Page 94
Sheet1 (2)
POP3BannerGrabber
TCPACKFirewallScanner
FTPBouncePortScanner
TCPSYNPortScanner
TCPPortScanner
TCP"XMas"PortScanner
PostgreSQLDatabaseNameCommandLineFlagInjection
PostgresPasswordHashdump
PostgreSQLLoginUtility
PostgresSchemaDump
PostgreSQLVersionProbe
PrinterFileDownloadScanner
PrinterEnvironmentVariablesScanner
PrinterDirectoryListingScanner
PrinterVolumeListingScanner
PrinterReadyMessageScanner
PrinterVersionInformationScanner
MS12-020MicrosoftRemoteDesktopChecker
RogueGatewayDetection:Receiver
RogueGatewayDetection:Sender
rexecAuthenticationScanner
rloginAuthenticationScanner
rshAuthenticationScanner
RsyncUnauthenticatedListCommand
SAPCTCServiceVerbTamperingUserManagement
SAPHostAgentInformationDisclosure
SAPICF/sap/public/infoServiceSensitiveInformationGathering
SAPURLScanner
SAPManagementConsoleABAPSyslogDisclosure
SAPManagementConsoleBruteForce
SAPManagementConsoleExtractUsers
SAPManagementConsoleGetAccessPoints
SAPManagementConsolegetEnvironment
SAPManagementConsoleGetLogfile
SAPManagementConsoleGetProcessList
SAPManagementConsoleGetProcessParameters
SAPManagementConsoleInstanceProperties
SAPManagementConsoleListLogfiles
SAPManagementConsolegetStartProfile
SAPManagementConsoleVersionDetection
SAPRouterAdminRequest
SAPRouterPortScanner
SAPServiceDiscovery
SAPSMBRelayAbuse
SAP/sap/bc/soap/rfcSOAPServiceBAPI_USER_CREATE1FunctionUserCreation
SAPSOAPServiceRFC_PINGLoginBruteForcer
SAP/sap/bc/soap/rfcSOAPServiceSXPG_CALL_SYSTEMFunctionCommandInjection
SAP/sap/bc/soap/rfcSOAPServiceSXPG_COMMAND_EXECFunctionCommandInjection
SAPSOAPRFCEPS_GET_DIRECTORY_LISTINGDirectoriesInformationDisclosure
SAPSOAPRFCPFL_CHECK_OS_FILE_EXISTENCEFileExistenceCheck
SAP/sap/bc/soap/rfcSOAPServiceRFC_PINGFunctionServiceDiscovery
SAP/sap/bc/soap/rfcSOAPServiceRFC_READ_TABLEFunctionDumpData
SAPSOAPRFCRZL_READ_DIR_LOCALDirectoryContentsListing
SAP/sap/bc/soap/rfcSOAPServiceSUSR_RFC_USER_INTERFACEFunctionUserCreation
SAP/sap/bc/soap/rfcSOAPServiceSXPG_CALL_SYSTEMFunctionCommandExecution
Page 95
Sheet1 (2)
SAPSOAPRFCSXPG_COMMAND_EXECUTE
SAP/sap/bc/soap/rfcSOAPServiceRFC_SYSTEM_INFOFunctionSensitiveInformationGathering
SAP/sap/bc/soap/rfcSOAPServiceTH_SAPRELFunctionInformationDisclosure
SAPWebGUILoginBruteForcer
DigiADDPRemoteRebootInitiator
DigiADDPInformationDiscovery
DigiRealPortSerialServerPortScanner
DigiRealPortSerialServerVersion
IndusoftWebStudioNTWebServerRemoteFileAccess
KoyoDirectLogicPLCPasswordBruteForceUtility
ModbusUnitIDandStationIDEnumerator
ModbusClientUtility
ModbusVersionScanner
SielcoSistemiWinlogRemoteFileAccess
SIPUsernameEnumerator(UDP)
SIPUsernameEnumerator(TCP)
SIPEndpointScanner(UDP)
SIPEndpointScanner(TCP)
SIPDroidExtensionGrabber
SMBSessionPipeAuditor
SMBSessionPipeDCERPCAuditor
MicrosoftWindowsAuthenticatedLoggedInUsersEnumeration
SMB2.0ProtocolDetection
SMBShareEnumeration
SMBUserEnumeration(SAMEnumUsers)
SMBDomainUserEnumeration
SMBLoginCheckScanner
SMBSIDUserEnumeration(LookupSid)
SMBVersionDetection
SMTPUserEnumerationUtility
SMTPOpenRelayDetection
SMTPBannerGrabber
AIXSNMPScannerAuxiliaryModule
ArrisDG950ACableModemWifiEnumeration
BrocadePasswordHashEnumeration
CiscoIOSSNMPConfigurationGrabber(TFTP)
CiscoIOSSNMPFileUpload(TFTP)
Netopia3347CableModemWifiEnumeration
ARRIS/MotorolaSBG6580CableModemSNMPEnumerationModule
SNMPEnumerationModule
HPLaserJetPrinterSNMPEnumeration
SNMPWindowsSMBShareEnumeration
SNMPWindowsUsernameEnumeration
SNMPCommunityScanner
SNMPSetModule
UbeeDDW3611bCableModemWifiEnumeration
XeroxWorkCentreUserEnumeration(SNMP)
CerberusFTPServerSFTPUsernameEnumeration
SSHUsernameEnumeration
SSHPublicKeyAcceptanceScanner
SSHLoginCheckScanner
SSHPublicKeyLoginScanner
SSHVersionScanner
OpenSSLServer-SideChangeCipherSpecInjectionScanner
OpenSSLHeartbeat(Heartbleed)InformationLeak
Page 96
Sheet1 (2)
Wardialer
LantronixTelnetPasswordRecovery
LantronixTelnetServiceBannerDetection
TelnetServiceEncyptionKeyIDOverflowDetection
TelnetLoginCheckScanner
RuggedComTelnetPasswordGenerator
TelnetServiceBannerDetection
IpSwitchWhatsUpGoldTFTPDirectoryTraversal
NetDecision4.2TFTPDirectoryTraversal
TFTPBruteForcer
SSDPssdp:allM-SEARCHAmplificationScanner
UPnPSSDPM-SEARCHInformationDiscovery
VMWareESX/ESXiFingerprintScanner
VMWareAuthenticationDaemonLoginScanner
VMWareAuthenticationDaemonVersionScanner
VMWareEnumeratePermissions
VMWareEnumerateActiveSessions
VMWareEnumerateUserAccounts
VMWareEnumerateVirtualMachines
VMWareEnumerateHostDetails
VMWareWebLoginScanner
VMWareScreenshotStealer
VNCAuthenticationScanner
VNCAuthenticationNoneDetection
TelephoneLineVoiceScanner
VxWorksWDBAgentBootParameterScanner
VxWorksWDBAgentVersionScanner
WinRMAuthenticationMethodDetection
WinRMCommandRunner
WinRMLoginUtility
WinRMWQLQueryRunner
X11No-AuthScanner
HTTPClientAutomaticExploiter
AuthenticationCapture:DRDA(DB2,Informix,Derby)
AuthenticationCapture:FTP
AuthenticationCapture:HTTP
HTTPClientBasicAuthenticationCredentialCollector
Capture:HTTPJavaScriptKeylogger
HTTPClientMSCredentialCatcher
AuthenticationCapture:IMAP
AuthenticationCapture:MSSQL
AuthenticationCapture:MySQL
AuthenticationCapture:POP3
AuthenticationCapture:PostgreSQL
PrintjobCaptureService
AuthenticationCapture:SIP
AuthenticationCapture:SMB
AuthenticationCapture:SMTP
AuthenticationCapture:Telnet
AuthenticationCapture:VNC
DHCPClientBashEnvironmentVariableCodeInjection
DHCPServer
DNSSpoofingHelperService
FakeDNSService
FTPFileServer
Page 97
Sheet1 (2)
HTTPClientMSCredentialRelayer
ICMPExfiltrationService
OpenSSLHeartbeat(Heartbleed)ClientMemoryExposure
PXEBootExploitServer
Socks4aProxyServer
SOCKSProxyUNCPathRedirection
TFTPFileServer
CrossPlatformWebkitFileDropper
WPAD.datFileServer
pSnufflePacketSniffer
ARPSpoof
ForgeCiscoDTPPackets
DNSBailiWickedDomainAttack
DNSBailiWickedHostAttack
DNSLookupResultComparison
LLMNRSpoofer
NetBIOSNameServiceSpoofer
PcapReplayUtility
OracleDBSQLInjectionviaSYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE
OracleDBSQLInjectionviaSYS.DBMS_CDC_PUBLISH.ALTER_AUTOLOG_CHANGE_SOURCE
OracleDBSQLInjectionviaSYS.DBMS_CDC_PUBLISH.DROP_CHANGE_SOURCE
OracleDBSQLInjectionviaSYS.DBMS_CDC_PUBLISH.CREATE_CHANGE_SET
OracleDBSQLInjectionviaSYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION
OracleDBSQLInjectionviaDBMS_EXPORT_EXTENSION
OracleDBSQLInjectionviaSYS.DBMS_METADATA.GET_GRANTED_XML
OracleDBSQLInjectionviaSYS.DBMS_METADATA.GET_XML
OracleDBSQLInjectionviaSYS.DBMS_METADATA.OPEN
OracleDBSQLInjectioninMDSYS.SDO_TOPO_DROP_FTBLTrigger
OracleDB10gR2,11gR1/R2DBMS_JVM_EXP_PERMSOSCommandExecution
OracleDB11gR1/R2DBMS_JVM_EXP_PERMSOSCodeExecution
OracleDBSQLInjectionviaSYS.LT.COMPRESSWORKSPACE
OracleDBSQLInjectionviaSYS.LT.FINDRICSETEvilCursorMethod
OracleDBSQLInjectionviaSYS.LT.MERGEWORKSPACE
OracleDBSQLInjectionviaSYS.LT.REMOVEWORKSPACE
OracleDBSQLInjectionviaSYS.LT.ROLLBACKWORKSPACE
AsteriskManagerLoginUtility
SIPDeregisterExtension
SIPInviteSpoof
VSploitMariposaDNSQueryModule
VSploitDNSBeaconingEmulation
VSploitZeusDNSQueryModule
VSploitEmailPII
VSploitWebPII
Descri
ption
Description
------ --------------AIX Gather Dump Password Hashes
CiscoGather Device General Information
Firefox Gather Cookies from Privileged Javascript Shell
Firefox Gather History from Privileged Javascript Shell
Firefox Gather Passwords from Privileged Javascript Shell
Page 98
Sheet1 (2)
Firefox XSS
Firefox Webcam Chat on Privileged Javascript Shell
LinuxGather Virtual Environment Detection
GathereCryptfs Metadata
LinuxGather Configurations
LinuxGather Network Information
LinuxGather Protection Enumeration
LinuxGather 802-11-Wireless-Security Credentials
LinuxGather System and User Information
LinuxGather UserHistory
LinuxGather XChat Enumeration
LinuxGather Gnome-Commander Creds
LinuxGather DumpPassword Hashes for Linux Systems
LinuxGather Saved mount.cifs/mount.smbfs Credentials
LinuxGather PPTPVPN chap-secrets Credentials
LinuxManage Download and Execute
CUPS 1.6.1 Root File Read
MultiEscalate Metasploit pcap_log Local Privilege Escalation
Windows Gather Apple iOS MobileSync Backup File Collection
MultiGather Malware Verifier
MultiGather DbVisualizer Connections Settings
MultiGather DNSForward Lookup Bruteforce
MultiGather DNSReverse Lookup Scan
MultiGather DNSService Record Lookup Scan
MultiGather VirtualBox VM Enumeration
MultiGather Generic Operating System Environment Settings
UNIX Gather .fetchmailrc Credentials
MultiGather FileZilla FTP Client Credential Collection
MultiGather VMWare VM Identification
MultiGather Firefox Signon Credential Collection
MultiGather GnuPG Credentials Collection
LastPass Master Password Extractor
MultiGather RunShell Command Resource File
UNIX Gather .netrc Credentials
MultiGather pgpass Credentials
MultiGather Pidgin Instant Messenger Credential Collection
MultiGather PingSweep
MultiGather Resolve Hosts
MultiGather RunConsole Resource File
MultiGather Skype User Data Enumeration
MultiGather OpenSSH PKI Credentials Collection
MultiGather Mozilla Thunderbird Signon Credential Collection
Multiplatform WLAN Enumeration and Geolocation
MultiGeneric Operating System Session Close
MultiGeneric Operating System Session Command Execution
MultiManage DbVisualizer Add Db Admin
MultiManage DbVisualizer Query
MultiManage PostModule Macro Execution
MultiManage YouTube Broadcast
MultiManage Record Microphone
Shellto Meterpreter Upgrade
Multiple Linux /Unix Post Sudo Upgrade Shell
MultiManage System Remote TCP Shell Session
OS X Text to Speech Utility
OSX Capture Userspace Keylogger
Page 99
Sheet1 (2)
OSX Screen Capture
OSX Gather Autologin Password as Root
OS X Gather AdiumEnumeration
OS X Gather Airport Wireless Preferences
OS X Gather Chicken of the VNC Profile
OS X Gather Colloquy Enumeration
OS X Gather Keychain Enumeration
OS X Gather Mac OS X System Information Enumeration
OS X Gather Mac OS X Password Hash Collector
OSX Password Prompt Spoof
OSX Gather SafariLastSession.plist
OSX Network ShareMounter
OSX Manage RecordMicrophone
OSX VPN Manager
OSX Manage Webcam
Solaris Gather Virtual Environment Detection
Solaris Gather Installed Packages
Solaris Gather Configured Services
Solaris Gather Dump Password Hashes for Solaris Systems
Windows Capture Keystroke Recorder
Windows Capture Winlogon Lockout Credential Keylogger
Windows EscalateSMB Icon LNK Dropper
Windows EscalateGet System via Administrator
Windows EscalateNtUserLoadKeyboardLayoutEx Privilege Escalation
Windows EscalateMicrosoft .NET Runtime Optimization Service Privilege Escalation
Windows EscalateLocked Desktop Unlocker
Windows Gather ARP Scanner
Windows Gather Bitcoin Wallet
Windows Gather Credential Cache Dump
Windows Gather Virtual Environment Detection
Windows Gather BulletProof FTP Client Saved Password Extraction
Windows Gather CoreFTP Saved Password Extraction
Windows Gather Credential Collector
Windows Gather DynDNS Client Password Extractor
Windows Gather Credential Store Enumeration and Decryption Module
Windows Gather Google Picasa Password Extractor
Windows Gather McAfee ePO 4.6 Config SQL Credentials
Windows Gather FileZilla FTP Server Credential Collection
Windows Gather FlashFXP Saved Password Extraction
Windows Gather FTP Navigator Saved Password Extraction
Windows Gather FTP Explorer (FTPX) Credential Extraction
Windows Gather Group Policy Preference Saved Passwords
Windows Gather Internet Download Manager (IDM) Password Extractor
Windows Gather IPSwitch iMail User Data Enumeration
Windows Gather Credentials IMVU Game Client
Windows Gather Meebo Password Extractor
Windows Gather mRemote Saved Password Extraction
Windows Gather Nimbuzz Instant Messenger Password Extractor
Windows Gather Microsoft Outlook Saved Password Extraction
Windows Gather Razer Synapse Password Extraction
Windows Gather RazorSQL Credentials
Windows Gather Remote Desktop Connection Manager Saved Password Extraction
Windows Gather Skype Saved Password Hash Extraction
Windows Gather SmarterMail Password Extraction
Windows Gather SmartFTP Saved Password Extraction
Page 100
Sheet1 (2)
Windows Gather Spark IM Password Extraction
Windows Single Sign On Credential Collector (Mimikatz)
Windows Gather Steam Client Session Collector.
Windows Gather TortoiseSVN Saved Password Extraction
Windows Gather Total Commander Saved Password Extraction
Windows Gather Trillian Password Extractor
Windows Gather VNC Password Extraction
Windows Gather AutoLogin User Credential Extractor
Windows Gather WinSCP Saved Password Extraction
Windows Gather WS_FTP Saved Password Extraction
Windows Gather DNS Cache
Windows Gather Dump Recent Files lnk Info
Windows Gather Active Directory Computers
Windows Gather Active Directory Service Principal Names
Windows Gather Active Directory User Comments
Windows Gather Installed Application Enumeration
Windows Gather File and Registry Artifacts Enumeration
Windows Gather Google Chrome User Data Enumeration
Windows Gather Enumerate Computers
Windows Gather Database Instance Enumeration
Windows Gather Hardware Enumeration
Windows Gather Directory Permissions Enumeration
Windows Gather Enumerate Domain
Windows Gather Enumerate Domain Group
Windows Gather Enumerate Domain Tokens
Windows Gather Enumerate Active Domain Users
Windows Gather Domain Enumeration
Windows Gather Generic File Collection
Windows Gather Windows Host File Enumeration
Windows Gather Internet Explorer User Data Enumeration
Windows Gather Logged On User Enumeration (Registry)
Windows Gather Product Key
Windows Gather Enum User MUICache
Windows Gather Applied Patches
Windows Gather Powershell Environment Setting Enumeration
Windows Gather Prefetch File Information
Windows Gather Proxy Setting
Windows Gather Service Info Enumeration
Windows Gather SMB Share Enumeration via Registry
Windows Gather SNMP Settings Enumeration (Registry)
Windows Gather Terminal Server Client Connection Information Dumper
Windows Gather Enumerate Domain Admin Tokens (Token Hunter)
Windows Gather Apache Tomcat Enumeration
Windows Gather Unattended Answer File Enumeration
Windows Gather Skype, Firefox, and Chrome Artifacts
Windows Gather Forensics Duqu Registry Check
Windows Gather Physical Drives and Logical Volumes
Windows Gather Forensic Imaging
Windows Gather Local NBD Server
Windows Gather Deleted Files Enumeration and Recovering
Windows Gather Local User Account Password Hashes (Registry)
Windows Gather Local Admin Search
Windows EnumerateLSA Secrets
Windows Gather Process Memory Grep
Windows NetLM Downgrade Attack
Page 101
Sheet1 (2)
Windows Gather Local User Account SID Lookup
Windows Gather IPRange Reverse Lookup
Windows Gather Screen Spy
Windows Gather Local and Domain Controller Account Password Hashes
Windows Gather TCP Netstat
Windows Gather USB Drive History
Windows Gather Privileges Enumeration
Windows Gather Run Specified WMIC Command
Windows Gather Microsoft Office Word UNC Path Injector
Windows Manage Add User to the Domain and/or to a Domain Group
Windows Manage Network Route via Meterpreter Session
Windows Manage Change Password
Windows Manage Proxy Setting Cloner
Windows Manage Local User Account Deletion
Windows Manage Download and/or Execute
Windows Manage Driver Loader
Windows Manage Enable Remote Desktop
Windows Manage Trojanize Support Account
Windows Manage Proxy PAC File
Windows Manage Certificate Authority Injection
Windows Manage Hosts File Injection
Windows Manage Process Migration
Windows Manage Local Microsoft SQL Server Authorization Bypass
Windows Manage Inject in Memory Multiple Payloads
Windows Manage Local NBD Server for Remote Disks
Windows Manage Memory Payload Injection Module
Windows Manage Set Port Forwarding With PortProxy
Windows Manage PowerShell Download and/or Execute
Windows Manage Remote Point-to-Point Tunneling Protocol
Windows Manage PXE Exploit Server
Windows Manage Reflective DLL Injection Module
Windows Manage Certificate Authority Removal
Windows Manage Host File Entry Removal
Windows Manage Remote Packet Capture Service Starter
Windows Manage Run Command As User
Windows Manage Safe Delete
Windows Manage Smart Process Migration
Windows Manage Create Shadow Copy
Windows Manage List Shadow Copies
Windows Manage Mount Shadow Copy
Windows Manage Set Shadow Copy Storage Space
Windows Manage Get Shadow Copy Storage Info
Windows Manage Webcam
Windows Recon Computer Browser Discovery
Windows Recon Resolve IP
Windows Gather Wireless BSS Info
Windows Gather Wireless Current Connection Info
Windows Disconnect Wireless Connection
Windows Gather Wireless Profile
Page 102
Sheet1 (2)
Page 103
Sheet1 (2)
Page 104
Sheet1 (2)
wthScheduleAndFilter Buffer Overflow
Page 105
Sheet1 (2)
Page 106
Sheet1 (2)
Page 107
Sheet1 (2)
Page 108
Sheet1 (2)
Page 109
Sheet1 (2)
Page 110
Sheet1 (2)
Page 111
Sheet1 (2)
Page 112
Sheet1 (2)
Page 113
Sheet1 (2)
Page 114
Sheet1 (2)
Page 115
Sheet1 (2)
Page 116
Sheet1 (2)
Page 117
Sheet1 (2)
Page 118
Sheet1 (2)
dling Memory Corruption
Buffer Overflow Vulnerability
Page 119
Sheet1 (2)
1 ActiveX RunAndUploadFile() Method Overflow
() Remote Code Execution
Page 120

Metasploi Sploit

Transféré par

Informations du document

Description originale:

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Metasploi Sploit

Transféré par

Droits d'auteur :

Formats disponibles

Sheet1

Disclosure Date Rank

normal Command Shell, Dalvik Reverse HTTPS Stager

normal Windows Execute net user /ADD CMD

normal Linux Command Shell, Bind TCP Random Port Inline

normal OS X Execute Command

normal Windows Command Shell, Reverse HTTP Stager

normal Windows x64 VNC Server (Reflective Injection), Windows x64 R

normal Simple FTP Client Fuzzer

normal OKI Printer Default Login Credential Scanner

Disclosure Date Rank Description

normal Firefox XSS

normal Windows Gather Spark IM Password Extraction

normal Windows Gather Local User Account SID Lookup

uilt in the background, this can take 2-5 minutes...

Utility Command Encoder

ATH Privilege Escalation

alendar Manager Service Daemon (rpc.cmsd) Opcode 21 Buffer Overflow

inksys WRT54GL apply.cgi Command Execution

Supermicro Onboard IPMI close_window.cgi Buffer Overflow

NetSupport Manager Agent Remote Buffer Overflow

asticSearch Dynamic Script Arbitrary Java Execution

Collab "chat module" Remote PHP Code Injection Exploit

us Arbitrary Command Execution

ense.php Remote Command Execution

ix Authenticated Remote Command Execution

ortable UPnP SDK unique_service_name() Remote Code Execution

a trans2open Overflow (Solaris SPARC)

Daemon Command Execution

ent Joomla Component JCE File Upload Remote Code Execution

ebTester 5.x Command Execution

l Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability

al MS06-013 Microsoft Internet Explorer createTextRange() Code Execution

NTR ActiveX Control Check() Method Buffer Overflow

MS03-026 Microsoft RPC DCOM Interface Overflow

Corel PDF Fusion Stack Buffer Overflow

MS10-004 Microsoft PowerPoint Viewer TextBytesAtom Stack Buffer Overflow

Radio 0.95b Buffer Overflow

Imperial Software WFTPD 3.23 SIZE Overflow

HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow

Race River Integard Home/Pro LoginAdmin Password Stack Buffer Overflow

abidHamster R4 Log Entry sprintf() Buffer Overflow

rosoft IIS ISAPI w3who.dll Query String Overflow

ndows Manage User Level Persistent Payload Installer

PLPD 6.28 Buffer Overflow

Asus Dpcproxy Buffer Overflow

-Stream 3.0.1.1 Buffer Overflow

ek Media Player Playlist Buffer Overflow

racle 8i TNS Listener SERVICE_NAME Buffer Overflow

MS10-061 Microsoft Print Spooler Service Impersonation Vulnerability

cureCRT SSH1 Buffer Overflow

er, Dalvik Reverse HTTP Stager

ik Reverse HTTPS Stager

er Service, Reverse TCP Inline

ell, Reverse TCP Stager (IPv6)

ll, Bind TCP Inline (IPv6)

ell, Reverse TCP Inline (IPv6)

, Reverse TCP Stager

ell, Bind TCP (via netcat -e)

, Bind TCP (via Ruby) IPv6

with Established Connection

Shell, Bind TCP (via Lua)