bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DB: 2018-01-23

Browse source
This commit is contained in:
Offensive Security 2018-01-23 05:01:44 +00:00
parent 995a8906f1
commit ae615f0abc
1 changed files with 17 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
files_exploits.csv
View file

@ -5094,7 +5094,7 @@ id,file,description,date,author,type,platform,port
39638,exploits/linux/dos/39638.txt,"Kamailio 4.3.4 - Heap Buffer Overflow",2016-03-30,"Stelios Tsampas",dos,linux,
39644,exploits/multiple/dos/39644.txt,"Wireshark - dissect_pktc_rekey Heap Out-of-Bounds Read",2016-03-31,"Google Security Research",dos,multiple,
39647,exploits/windows/dos/39647.txt,"Microsoft Windows Kernel - Bitmap Use-After-Free",2016-04-01,"Nils Sommer",dos,windows,
39648,exploits/windows/dos/39648.txt,"Microsoft Windows Kernel - 'NtGdiGetTextExtentExW'' Out-of-Bounds Memory Read",2016-04-01,"Nils Sommer",dos,windows,
39648,exploits/windows/dos/39648.txt,"Microsoft Windows Kernel - 'NtGdiGetTextExtentExW' Out-of-Bounds Memory Read",2016-04-01,"Nils Sommer",dos,windows,
39649,exploits/multiple/dos/39649.txt,"Adobe Flash - URLStream.readObject Use-After-Free",2016-04-01,"Google Security Research",dos,multiple,
39650,exploits/multiple/dos/39650.txt,"Adobe Flash - textfield.maxChars Use-After-Free",2016-04-01,"Google Security Research",dos,multiple,
39651,exploits/android/dos/39651.txt,"Google Android - 'ih264d_process_intra_mb' Memory Corruption",2016-04-01,"Google Security Research",dos,android,
@ -9233,7 +9233,7 @@ id,file,description,date,author,type,platform,port
40921,exploits/linux/local/40921.sh,"Nagios < 4.2.4 - Local Privilege Escalation",2016-12-15,"Dawid Golunski",local,linux,
40931,exploits/multiple/local/40931.txt,"Apple macOS 10.12 16A323 XNU Kernel / iOS 10.1.1 - 'set_dp_control_port' Lack of Locking Use-After-Free",2016-12-16,"Google Security Research",local,multiple,
40937,exploits/linux/local/40937.txt,"Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution",2016-12-14,"Donncha OCearbhaill",local,linux,
40938,exploits/linux/local/40938.py,"RedStar 3.0 Server - 'BEAM' / 'RSSMON' Command Injection (Shellshock)",2016-12-18,"Hacker Fantastic",local,linux,
40938,exploits/linux/local/40938.py,"RedStar 3.0 Server - 'Shellshock' 'BEAM' / 'RSSMON' Command Injection",2016-12-18,"Hacker Fantastic",local,linux,
40943,exploits/linux/local/40943.txt,"Google Chrome + Fedora 25 / Ubuntu 16.04 - 'tracker-extract' / 'gnome-video-thumbnailer' + 'totem' Drive-By Download",2016-12-13,"Chris Evans",local,linux,
40950,exploits/aix/local/40950.sh,"IBM AIX 6.1/7.1/7.2 - 'Bellmail' Local Privilege Escalation",2016-12-22,"Hector X. Monsegur",local,aix,
40953,exploits/linux/local/40953.sh,"Vesta Control Panel 0.9.8-16 - Local Privilege Escalation",2016-12-22,"Luka Pusic",local,linux,
@ -14791,7 +14791,7 @@ id,file,description,date,author,type,platform,port
32725,exploits/windows/remote/32725.rb,"JIRA Issues Collector - Directory Traversal (Metasploit)",2014-04-07,Metasploit,remote,windows,8080
32738,exploits/ios/remote/32738.txt,"Bluetooth Text Chat 1.0 iOS - Code Execution",2014-04-08,Vulnerability-Lab,remote,ios,
32743,exploits/hardware/remote/32743.txt,"Halon Security Router (SR) 3.2-winter-r1 - Multiple Vulnerabilities",2014-04-08,"Juan Manuel Garcia",remote,hardware,
32745,exploits/multiple/remote/32745.py,"OpenSSL TLS Heartbeat Extension - ''Heartbleed' Memory Disclosure",2014-04-08,"Jared Stafford",remote,multiple,443
32745,exploits/multiple/remote/32745.py,"OpenSSL TLS Heartbeat Extension - 'Heartbleed' Memory Disclosure",2014-04-08,"Jared Stafford",remote,multiple,443
32753,exploits/hardware/remote/32753.rb,"Fritz!Box Webcm - Unauthenticated Command Injection (Metasploit)",2014-04-08,Metasploit,remote,hardware,
32762,exploits/multiple/remote/32762.pl,"Sun Java System Access Manager 7.1 - 'Username' Enumeration",2009-01-27,"Marco Mella",remote,multiple,
32764,exploits/multiple/remote/32764.py,"OpenSSL 1.0.1f TLS Heartbeat Extension - 'Heartbleed' Memory Disclosure (Multiple SSL/TLS Versions)",2014-04-09,"Fitzl Csaba",remote,multiple,443
@ -15134,8 +15134,8 @@ id,file,description,date,author,type,platform,port
34823,exploits/windows/remote/34823.c,"Dupehunter Professional 9.0.0.3911 - 'Fwpuclnt.dll' DLL Loading Arbitrary Code Execution",2010-10-08,anT!-Tr0J4n,remote,windows,
34756,exploits/windows/remote/34756.rb,"EMC AlphaStor Device Manager Opcode 0x75 - Command Injection (Metasploit)",2014-09-24,Metasploit,remote,windows,3000
34757,exploits/windows/remote/34757.rb,"Advantech Webaccess - dvs.ocx GetColor Buffer Overflow (Metasploit)",2014-09-24,Metasploit,remote,windows,
34765,exploits/linux/remote/34765.txt,"GNU Bash - Environment Variable Command Injection (Shellshock)",2014-09-25,"Stephane Chazelas",remote,linux,
34766,exploits/linux/remote/34766.php,"Bash - Environment Variables Command Injection (Shellshock)",2014-09-25,"Prakhar Prasad & Subho Halder",remote,linux,80
34765,exploits/linux/remote/34765.txt,"GNU Bash - 'Shellshock' Environment Variable Command Injection",2014-09-25,"Stephane Chazelas",remote,linux,
34766,exploits/linux/remote/34766.php,"Bash - 'Shellshock' Environment Variables Command Injection",2014-09-25,"Prakhar Prasad & Subho Halder",remote,linux,80
34768,exploits/windows/remote/34768.c,"VirIT eXplorer 6.7.43 - 'tg-scan.dll' DLL Loading Arbitrary Code Execution",2010-09-27,anT!-Tr0J4n,remote,windows,
34777,exploits/cgi/remote/34777.rb,"GNU Bash - Environment Variable Command Injection (Metasploit)",2014-09-25,"Shaun Colley",remote,cgi,
34796,exploits/multiple/remote/34796.txt,"Oracle MySQL < 5.1.50 - Privilege Escalation",2010-08-03,"Libing Song",remote,multiple,
@ -15160,10 +15160,10 @@ id,file,description,date,author,type,platform,port
34868,exploits/windows/remote/34868.c,"Phoenix Project Manager 2.1.0.8 - DLL Loading Arbitrary Code Execution",2010-10-19,anT!-Tr0J4n,remote,windows,
34869,exploits/windows/remote/34869.c,"Cool iPhone Ringtone Maker 2.2.3 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2010-10-19,anT!-Tr0J4n,remote,windows,
34870,exploits/windows/remote/34870.html,"VideoLAN VLC Media Player 1.1.4 Mozilla MultiMedia Plugin - Remote Code Execution",2010-10-19,shinnai,remote,windows,
34879,exploits/linux/remote/34879.txt,"OpenVPN 2.2.29 - Remote Command Injection (Shellshock)",2014-10-04,"hobbily plunt",remote,linux,
34879,exploits/linux/remote/34879.txt,"OpenVPN 2.2.29 - 'Shellshock' Remote Command Injection",2014-10-04,"hobbily plunt",remote,linux,
34881,exploits/linux/remote/34881.html,"Mozilla Firefox SeaMonkey 3.6.10 / Thunderbird 3.1.4 - 'document.write' Memory Corruption",2010-10-19,"Alexander Miller",remote,linux,
34896,exploits/linux/remote/34896.py,"Postfix SMTP 4.2.x < 4.2.48 - Remote Command Injection (Shellshock)",2014-10-06,"Phil Blank",remote,linux,
34900,exploits/linux/remote/34900.py,"Apache mod_cgi - Remote Command Injection (Shellshock)",2014-10-06,"Federico Galatolo",remote,linux,
34896,exploits/linux/remote/34896.py,"Postfix SMTP 4.2.x < 4.2.48 - 'Shellshock' Remote Command Injection",2014-10-06,"Phil Blank",remote,linux,
34900,exploits/linux/remote/34900.py,"Apache mod_cgi - 'Shellshock' Remote Command Injection",2014-10-06,"Federico Galatolo",remote,linux,
34925,exploits/php/remote/34925.rb,"WordPress Plugin InfusionSoft - Arbitrary File Upload (Metasploit)",2014-10-09,Metasploit,remote,php,80
34926,exploits/windows/remote/34926.rb,"Rejetto HTTP File Server (HFS) - Remote Command Execution (Metasploit)",2014-10-09,Metasploit,remote,windows,80
34927,exploits/unix/remote/34927.rb,"F5 iControl - Remote Command Execution (Metasploit)",2014-10-09,Metasploit,remote,unix,443
@ -15393,7 +15393,7 @@ id,file,description,date,author,type,platform,port
36412,exploits/windows/remote/36412.rb,"IPass Control Pipe - Remote Command Execution (Metasploit)",2015-03-16,Metasploit,remote,windows,
36415,exploits/java/remote/36415.rb,"ElasticSearch - Search Groovy Sandbox Bypass (Metasploit)",2015-03-16,Metasploit,remote,java,9200
36420,exploits/windows/remote/36420.rb,"Adobe Flash Player - PCRE Regex (Metasploit)",2015-03-17,Metasploit,remote,windows,
36421,exploits/linux/remote/36421.rb,"Exim GHOST - glibc gethostbyname Buffer Overflow (Metasploit)",2015-03-18,"Qualys Corporation",remote,linux,25
36421,exploits/linux/remote/36421.rb,"Exim - 'GHOST' glibc gethostbyname Buffer Overflow (Metasploit)",2015-03-18,"Qualys Corporation",remote,linux,25
36480,exploits/multiple/remote/36480.rb,"Mozilla Firefox - Proxy Prototype Privileged JavaScript Injection (Metasploit)",2015-03-24,Metasploit,remote,multiple,
36426,exploits/multiple/remote/36426.txt,"Apache Struts 2.0.9/2.1.8 - Session Tampering Security Bypass",2011-12-07,"Hisato Killing",remote,multiple,
36428,exploits/hardware/remote/36428.txt,"Axis M10 Series Network Cameras - Cross-Site Scripting",2011-12-07,"Matt Metzger",remote,hardware,
@ -15675,7 +15675,7 @@ id,file,description,date,author,type,platform,port
36025,exploits/windows/remote/36025.py,"Achat 0.150 beta7 - Remote Buffer Overflow",2015-02-08,"KAhara MAnhara",remote,windows,
38845,exploits/multiple/remote/38845.txt,"SKIDATA Freemotion.Gate - Unauthenticated Web Services Multiple Command Execution Vulnerabilities",2013-11-19,"Dennis Kelly",remote,multiple,
38846,exploits/multiple/remote/38846.txt,"Nginx 1.1.17 - URI Processing SecURIty Bypass",2013-11-19,"Ivan Fratric",remote,multiple,
38849,exploits/cgi/remote/38849.rb,"Advantech Switch - Bash Environment Variable Command Injection (Shellshock) (Metasploit)",2015-12-02,Metasploit,remote,cgi,
38849,exploits/cgi/remote/38849.rb,"Advantech Switch - 'Shellshock' Bash Environment Variable Command Injection (Metasploit)",2015-12-02,Metasploit,remote,cgi,
38850,exploits/hardware/remote/38850.txt,"Thomson Reuters Velocity Analytics - Remote Code Injection",2013-11-22,"Eduardo Gonzalez",remote,hardware,
38851,exploits/hardware/remote/38851.html,"LevelOne WBR-3406TX Router - Cross-Site Request Forgery",2013-11-15,"Yakir Wizman",remote,hardware,
38859,exploits/windows/remote/38859.rb,"Oracle BeeHive 2 - 'voice-servlet processEvaluation()' Write File (Metasploit)",2015-12-03,Metasploit,remote,windows,7777
@ -15771,7 +15771,7 @@ id,file,description,date,author,type,platform,port
39874,exploits/windows/remote/39874.rb,"HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (Metasploit)",2016-05-31,"Ian Lovering",remote,windows,
39907,exploits/windows/remote/39907.rb,"Poison Ivy 2.1.x (C2 Server) - Remote Buffer Overflow (Metasploit)",2016-06-10,"Jos Wetzels",remote,windows,3460
39917,exploits/cgi/remote/39917.rb,"IPFire - 'proxy.cgi' Remote Code Execution (Metasploit)",2016-06-10,Metasploit,remote,cgi,444
39918,exploits/cgi/remote/39918.rb,"IPFire - Bash Environment Variable Command Injection (Shellshock) (Metasploit)",2016-06-10,Metasploit,remote,cgi,444
39918,exploits/cgi/remote/39918.rb,"IPFire - 'Shellshock' Bash Environment Variable Command Injection (Metasploit)",2016-06-10,Metasploit,remote,cgi,444
39919,exploits/multiple/remote/39919.rb,"Apache Struts - REST Plugin With Dynamic Method Invocation Remote Code Execution (Metasploit)",2016-06-10,Metasploit,remote,multiple,8080
40441,exploits/hardware/remote/40441.py,"Grandsteam GXV3611_HD - SQL Injection",2016-09-29,pizza1337,remote,hardware,
39945,exploits/linux/remote/39945.rb,"Apache Continuum - Arbitrary Command Execution (Metasploit)",2016-06-14,Metasploit,remote,linux,8080
@ -15834,7 +15834,7 @@ id,file,description,date,author,type,platform,port
40589,exploits/hardware/remote/40589.html,"MiCasaVerde VeraLite - Remote Code Execution",2016-10-20,"Jacob Baines",remote,hardware,
40609,exploits/linux/remote/40609.rb,"Hak5 WiFi Pineapple 2.4 - Preconfiguration Command Injection (Metasploit)",2016-10-20,Metasploit,remote,linux,1471
40610,exploits/linux/remote/40610.rb,"OpenNMS - Java Object Unserialization Remote Code Execution (Metasploit)",2016-10-20,Metasploit,remote,linux,1099
40619,exploits/hardware/remote/40619.py,"TrendMicro InterScan Web Security Virtual Appliance - Remote Command Injection (Shellshock)",2016-10-21,"Hacker Fantastic",remote,hardware,
40619,exploits/hardware/remote/40619.py,"TrendMicro InterScan Web Security Virtual Appliance - 'Shellshock' Remote Command Injection",2016-10-21,"Hacker Fantastic",remote,hardware,
40633,exploits/hardware/remote/40633.py,"Komfy Switch with Camera DKZ-201S/W - WiFi Password Disclosure",2016-10-26,"Jason Doyle",remote,hardware,
40643,exploits/hardware/remote/40643.txt,"InfraPower PPS-02-S Q213V1 - Hard-Coded Credentials",2016-10-28,LiquidWorm,remote,hardware,
40651,exploits/windows/remote/40651.py,"Rumba FTP Client 4.x - Remote Stack Buffer Overflow (SEH)",2016-10-31,"Umit Aksu",remote,windows,
@ -18608,7 +18608,7 @@ id,file,description,date,author,type,platform,port
4887,exploits/php/webapps/4887.html,"DigitalHive 2.0 RC2 - 'user_id' SQL Injection",2008-01-11,j0j0,webapps,php,
4888,exploits/php/webapps/4888.txt,"DomPHP 0.81 - 'cat' SQL Injection",2008-01-11,MhZ91,webapps,php,
4889,exploits/php/webapps/4889.txt,"vcart 3.3.2 - Multiple Remote File Inclusions",2008-01-11,k1n9k0ng,webapps,php,
4890,exploits/php/webapps/4890.txt,"AJchat 0.10 - 'unset''' bug SQL Injection",2008-01-11,"Eugene Minaev",webapps,php,
4890,exploits/php/webapps/4890.txt,"AJchat 0.10 - 'unse' SQL Injection",2008-01-11,"Eugene Minaev",webapps,php,
4891,exploits/php/webapps/4891.php,"Docebo 3.5.0.3 - '/lib.regset.php/non-blind' SQL Injection",2008-01-11,rgod,webapps,php,
4895,exploits/php/webapps/4895.txt,"ImageAlbum 2.0.0b2 - 'id' SQL Injection",2008-01-11,"Raw Security",webapps,php,
4896,exploits/php/webapps/4896.pl,"0DayDB 2.3 - 'id' Remote Authentication Bypass",2008-01-11,Pr0metheuS,webapps,php,
@ -27643,7 +27643,7 @@ id,file,description,date,author,type,platform,port
25119,exploits/php/webapps/25119.txt,"BibORB 1.3.2 - Add Database 'Description' Cross-Site Scripting",2005-02-17,"Patrick Hof",webapps,php,
25120,exploits/php/webapps/25120.txt,"BibORB 1.3.2 - 'index.php' Traversal Arbitrary File Manipulation",2005-02-17,"Patrick Hof",webapps,php,
25121,exploits/php/webapps/25121.txt,"BibORB 1.3.2 Login Module - Multiple SQL Injections",2005-02-17,"Patrick Hof",webapps,php,
25123,exploits/php/webapps/25123.txt,"TrackerCam 5.12 - ''ComGetLogFile.php3?fm' Traversal Arbitrary File Access",2005-02-18,"Luigi Auriemma",webapps,php,
25123,exploits/php/webapps/25123.txt,"TrackerCam 5.12 - 'ComGetLogFile.php3?fm' Traversal Arbitrary File Access",2005-02-18,"Luigi Auriemma",webapps,php,
25125,exploits/php/webapps/25125.txt,"ZeroBoard 4.1 - Multiple Cross-Site Scripting Vulnerabilities",2005-02-19,"albanian haxorz",webapps,php,
25126,exploits/php/webapps/25126.txt,"EggBlog 4.1.2 - Arbitrary File Upload",2013-05-01,Pokk3rs,webapps,php,
25127,exploits/php/webapps/25127.txt,"PMachine Pro 2.4 - Remote File Inclusion",2005-02-19,kc,webapps,php,
@ -34124,7 +34124,7 @@ id,file,description,date,author,type,platform,port
34892,exploits/php/webapps/34892.txt,"pecio CMS 2.0.5 - 'target' Cross-Site Scripting",2010-10-21,"Antu Sanadi",webapps,php,
34893,exploits/php/webapps/34893.txt,"PHP Scripts Now (Multiple Products) - 'bios.php?rank' Cross-Site Scripting",2009-07-20,"599eme Man",webapps,php,
34894,exploits/php/webapps/34894.txt,"PHP Scripts Now (Multiple Products) - 'bios.php?rank' SQL Injection",2009-07-20,"599eme Man",webapps,php,
34895,exploits/cgi/webapps/34895.rb,"Bash CGI - Remote Command Injection (Shellshock) (Metasploit)",2014-10-06,"Fady Mohammed Osman",webapps,cgi,
34895,exploits/cgi/webapps/34895.rb,"Bash CGI - 'Shellshock' Remote Command Injection (Metasploit)",2014-10-06,"Fady Mohammed Osman",webapps,cgi,
34922,exploits/php/webapps/34922.txt,"WordPress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload",2014-10-08,"Gianni Angelozzi",webapps,php,
35023,exploits/php/webapps/35023.txt,"Wernhart Guestbook 2001.03.28 - Multiple SQL Injections",2010-11-29,"Aliaksandr Hartsuyeu",webapps,php,
35024,exploits/php/webapps/35024.txt,"Joomla! Component Catalogue - SQL Injection / Local File Inclusion",2010-11-30,XroGuE,webapps,php,
@ -34284,7 +34284,7 @@ id,file,description,date,author,type,platform,port
35142,exploits/php/webapps/35142.txt,"Social Share - 'search' Cross-Site Scripting",2010-12-23,"Aliaksandr Hartsuyeu",webapps,php,
35143,exploits/php/webapps/35143.txt,"HotWeb Scripts HotWeb Rentals - 'PageId' SQL Injection",2010-12-28,"non customers",webapps,php,
35145,exploits/php/webapps/35145.txt,"Pligg CMS 1.1.3 - 'range' SQL Injection",2010-12-27,Dr.NeT,webapps,php,
35146,exploits/php/webapps/35146.txt,"PHP < 5.6.2 - 'disable_functions()' Bypass Command Injection (Shellshock)",2014-11-03,"Ryan King (Starfall)",webapps,php,
35146,exploits/php/webapps/35146.txt,"PHP < 5.6.2 - 'Shellshock' 'disable_functions()' Bypass Command Injection",2014-11-03,"Ryan King (Starfall)",webapps,php,
35149,exploits/php/webapps/35149.txt,"LiveZilla 3.2.0.2 - 'Track' Module 'server.php' Cross-Site Scripting",2010-12-27,"Ulisses Castro",webapps,php,
35150,exploits/php/webapps/35150.php,"Drupal < 7.32 - Unauthenticated SQL Injection",2014-11-03,"Stefan Horst",webapps,php,443
35155,exploits/php/webapps/35155.txt,"CruxCMS 3.0 - Multiple Input Validation Vulnerabilities",2010-12-26,ToXiC,webapps,php,
@ -35762,7 +35762,7 @@ id,file,description,date,author,type,platform,port
37453,exploits/php/webapps/37453.php,"Drupal Module Drag & Drop Gallery 6.x-1.5 - 'upload.php' Arbitrary File Upload",2012-06-25,"Sammy FORGIT",webapps,php,
37454,exploits/hardware/webapps/37454.txt,"D-Link DSP-W w110 v1.05b01 - Multiple Vulnerabilities",2015-07-01,DNO,webapps,hardware,
37499,exploits/php/webapps/37499.txt,"Phonalisa - Multiple HTML Injection / Cross-Site Scripting Vulnerabilities",2012-07-12,"Benjamin Kunz Mejri",webapps,php,
37457,exploits/php/webapps/37457.html,"FCKEditor Core - 'Editor 'spellchecker.php'' Cross-Site Scripting",2012-06-25,"Emilio Pinna",webapps,php,
37457,exploits/php/webapps/37457.html,"FCKEditor Core - 'Editor 'spellchecker.php' Cross-Site Scripting",2012-06-25,"Emilio Pinna",webapps,php,
37459,exploits/php/webapps/37459.txt,"Umapresence - Local File Inclusion / Arbitrary File Deletion",2012-06-25,"Sammy FORGIT",webapps,php,
37460,exploits/php/webapps/37460.txt,"Schoolhos CMS - HTML Injection",2012-06-27,the_cyber_nuxbie,webapps,php,
37461,exploits/php/webapps/37461.txt,"DigPHP - 'dig.php' Script Remote File Disclosure",2012-06-26,"Ryuzaki Lawlet",webapps,php,

Can't render this file because it is too large.