D2 Elliot Update 20150225 02.25.15
Changelog: Exploits - Added: E-404 - ManageEngine OpManager MigrateCentralData Servlet File Upload E-405 - Pandora FMS 5.0 SP2 SQL Injection E-406 - ManageEngine OpManager MigrateLEEData Servlet File Upload E-407 - ManageEngine OpManager FileCollector Servlet File Upload E-408 - phpMyRecipes 1.2.2 dosearch.php SQL Injection E-409 - WordPress Creative Contact Form 0.9.7 File Upload E-410 - ManageEngine OpManager FileCollector Servlet File Upload E-411 - PBBoard 2.1.4 email SQL Injection E-412 - Cart Engine 3.0 SQL Injection E-413 - PBBoard 2.1.4 username SQL Injection E-414 - Visual Mining NetCharts Server 7.0 File Upload E-415 - Linksys Information Disclosure E-416 - Linksys Information Disclosure E-417 - Netgear Information Disclosure E-418 - Netgear Information Disclosure E-419 - Netgear Information Disclosure E-420 - Netgear Information Disclosure E-421 - Nisuta Information Disclosure E-422 - Belink Router Information Disclosure E-423 - Huawei Information Disclosure E-424 - D-LINK Router Information Disclosure E-425 - D-LINK Router Information Disclosure E-426 - D-LINK Security Restriction Bypass E-427 - D-LINK Unauthenticated Remote Access E-428 - D-LINK Authentication Bypass E-429 - D-LINK Remote Command Execution E-430 - D-LINK Router Information Disclosure E-431 - Alpha Networks Router Information Disclosure E-432 - D-LINK Remote Command Execution E-433 - Asmax Router Information Disclosure E-434 - Compal Broadband Networks Router Information Disclosure E-435 - Apache Axis2 FD E-436 - DomPHP <= 0.83 SQL Injection E-437 - OpenEMR 4.1.1 new_comprehensive_save.php SQL Injection E-438 - OpenEMR 4.1.1 logview.php SQL Injection E-439 - OpenEMR 4.1.2 forms_admin.php SQL Injection E-440 - Wordpress WP Symposium File Upload E-441 - Lexmark MarkVision Enterprise 2.0 File Upload E-442 - Piwigo rate parameter SQL Injection Workflows - Added: W-39 - Axis2 information gathering Payloads - Added: P-64 - WAR Upload Gate