Exploit-DB
d46ab98863
DB: 2023-04-06
...
32 changes to exploits/shellcodes/ghdb
Answerdev 1.0.3 - Account Takeover
D-Link DIR-846 - Remote Command Execution (RCE) vulnerability
Dell EMC Networking PC5500 firmware versions 4.1.0.22 and Cisco Sx / SMB - Information Disclosure
SOUND4 LinkAndShare Transmitter 1.1.2 - Format String Stack Buffer Overflow
ERPNext 12.29 - Cross-Site Scripting (XSS)
Liferay Portal 6.2.5 - Insecure Permissions
GNU screen v4.9.0 - Privilege Escalation
Apache Tomcat 10.1 - Denial Of Service
PostgreSQL 9.6.1 - Remote Code Execution (RCE) (Authenticated)
BTCPay Server v1.7.4 - HTML Injection.
Provide Server v.14.4 XSS - CSRF & Remote Code Execution (RCE)
Secure Web Gateway 10.2.11 - Cross-Site Scripting (XSS)
ImageMagick 7.1.0-49 - DoS
bgERP v22.31 (Orlovets) - Cookie Session vulnerability & Cross-Site Scripting (XSS)
Bus Pass Management System 1.0 - Stored Cross-Site Scripting (XSS)
Calendar Event Multi View 1.4.07 - Unauthenticated Arbitrary Event Creation to Cross-Site Scripting (XSS)
CKEditor 5 35.4.0 - Cross-Site Scripting (XSS)
Control Web Panel 7 (CWP7) v0.9.8.1147 - Remote Code Execution (RCE)
Froxlor 2.0.3 Stable - Remote Code Execution (RCE)
ImageMagick 7.1.0-49 - Arbitrary File Read
itech TrainSmart r1044 - SQL injection
Online Eyewear Shop 1.0 - SQL Injection (Unauthenticated)
PhotoShow 3.0 - Remote Code Execution
projectSend r1605 - Remote Code Exectution RCE
Responsive FileManager 9.9.5 - Remote Code Execution (RCE)
zstore 6.6.0 - Cross-Site Scripting (XSS)
Binwalk v2.3.2 - Remote Command Execution (RCE)
XWorm Trojan 2.1 - Null Pointer Derefernce DoS
Kardex Mlog MCC 5.7.12 - RCE (Remote Code Execution)
Linux/x86_64 - bash Shellcode with xor encoding
2023-04-06 00:16:31 +00:00
Offensive Security
d63de06c7a
DB: 2022-11-10
...
2776 changes to exploits/shellcodes/ghdb
2022-11-10 16:39:50 +00:00
Offensive Security
de260aeac6
DB: 2021-10-30
...
95 changes to exploits/shellcodes
Product Key Explorer 4.2.7 - 'multiple' Denial of Service (PoC)
Managed Switch Port Mapping Tool 2.85.2 - Denial of Service (PoC)
AgataSoft PingMaster Pro 2.1 - Denial of Service (PoC)
Nsauditor 3.2.2.0 - 'Event Description' Denial of Service (PoC)
WordPress Plugin WPGraphQL 1.3.5 - Denial of Service
Sandboxie 5.49.7 - Denial of Service (PoC)
WebSSH for iOS 14.16.10 - 'mashREPL' Denial of Service (PoC)
iDailyDiary 4.30 - Denial of Service (PoC)
RarmaRadio 2.72.8 - Denial of Service (PoC)
DupTerminator 1.4.5639.37199 - Denial of Service (PoC)
Color Notes 1.4 - Denial of Service (PoC)
Macaron Notes great notebook 5.5 - Denial of Service (PoC)
My Notes Safe 5.3 - Denial of Service (PoC)
n+otes 1.6.2 - Denial of Service (PoC)
Telegram Desktop 2.9.2 - Denial of Service (PoC)
Mini-XML 3.2 - Heap Overflow
Solaris 10 (Intel) - 'dtprintinfo' Local Privilege Escalation (2)
Solaris 10 (Intel) - 'dtprintinfo' Local Privilege Escalation (3)
Solaris 10 (SPARC) - 'dtprintinfo' Local Privilege Escalation (1)
Solaris 10 (SPARC) - 'dtprintinfo' Local Privilege Escalation (2)
MariaDB 10.2 - 'wsrep_provider' OS Command Execution
Microsoft Internet Explorer 11 and WPAD service 'Jscript.dll' - Use-After-Free
Visual Studio Code 1.47.1 - Denial of Service (PoC)
DELL dbutil_2_3.sys 2.3 - Arbitrary Write to Local Privilege Escalation (LPE)
MySQL User-Defined (Linux) x32 / x86_64 - 'sys_exec' Local Privilege Escalation (2)
Cmder Console Emulator 1.3.18 - 'Cmder.exe' Denial of Service (PoC)
GNU Wget < 1.18 - Arbitrary File Upload (2)
WebCTRL OEM 6.5 - 'locale' Reflected Cross-Site Scripting (XSS)
E-Learning System 1.0 - Authentication Bypass
PEEL Shopping 9.3.0 - 'Comments' Persistent Cross-Site Scripting
GetSimple CMS 3.3.16 - Persistent Cross-Site Scripting
EgavilanMedia User Registration & Login System with Admin Panel 1.0 - Persistent Cross-Site Scripting
Selea Targa 512 IP OCR-ANPR Camera - Stream Disclosure (Unauthenticated)
Library System 1.0 - Authentication Bypass
Web Based Quiz System 1.0 - 'name' Persistent Cross-Site Scripting
Dolibarr ERP 11.0.4 - File Upload Restrictions Bypass (Authenticated RCE)
GetSimple CMS My SMTP Contact Plugin 1.1.1 - Cross-Site Request Forgery
GravCMS 1.10.7 - Unauthenticated Arbitrary File Write (Metasploit)
Umbraco v8.14.1 - 'baseUrl' SSRF
Cacti 1.2.12 - 'filter' SQL Injection
GetSimple CMS Custom JS 0.1 - Cross-Site Request Forgery
Internship Portal Management System 1.0 - Remote Code Execution(Unauthenticated)
Markdown Explorer 0.1.1 - Persistent Cross-Site Scripting
Xmind 2020 - Persistent Cross-Site Scripting
Tagstoo 2.0.1 - Persistent Cross-Site Scripting
SnipCommand 0.1.0 - Persistent Cross-Site Scripting
Moeditor 0.2.0 - Persistent Cross-Site Scripting
Marky 0.0.1 - Persistent Cross-Site Scripting
StudyMD 0.3.2 - Persistent Cross-Site Scripting
Freeter 1.2.1 - Persistent Cross-Site Scripting
Markright 1.0 - Persistent Cross-Site Scripting
Markdownify 1.2.0 - Persistent Cross-Site Scripting
Anote 1.0 - Persistent Cross-Site Scripting
Subrion CMS 4.2.1 - Arbitrary File Upload
Printable Staff ID Card Creator System 1.0 - 'email' SQL Injection
Schlix CMS 2.2.6-6 - Arbitary File Upload (Authenticated)
Selenium 3.141.59 - Remote Code Execution (Firefox/geckodriver)
CHIYU IoT Devices - Denial of Service (DoS)
Zenario CMS 8.8.52729 - 'cID' SQL injection (Authenticated)
TextPattern CMS 4.8.7 - Remote Command Execution (Authenticated)
WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 - Directory Traversal
Atlassian Jira Server Data Center 8.16.0 - Reflected Cross-Site Scripting (XSS)
Scratch Desktop 3.17 - Remote Code Execution
Church Management System 1.0 - Arbitrary File Upload (Authenticated)
Phone Shop Sales Managements System 1.0 - Arbitrary File Upload
Zoo Management System 1.0 - 'Multiple' Persistent Cross-Site-Scripting (XSS)
WordPress Plugin Current Book 1.0.1 - 'Book Title' Persistent Cross-Site Scripting
ForgeRock Access Manager 14.6.3 - Remote Code Execution (RCE) (Unauthenticated)
KevinLAB BEMS 1.0 - Authentication Bypass
Event Registration System with QR Code 1.0 - Authentication Bypass
CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF)
Panasonic Sanyo CCTV Network Camera 2.03-0x - Cross-Site Request Forgery (Change Password)
qdPM 9.2 - Password Exposure (Unauthenticated)
ApacheOfBiz 17.12.01 - Remote Command Execution (RCE)
Movable Type 7 r.5002 - XMLRPC API OS Command Injection (Metasploit)
GeoVision Geowebserver 5.3.3 - Local FIle Inclusion
Simple Phone Book 1.0 - 'Username' SQL Injection (Unauthenticated)
Umbraco CMS 8.9.1 - Directory Traversal
Traffic Offense Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)
Dolibarr ERP 14.0.1 - Privilege Escalation
Compro Technology IP Camera - 'killps.cgi' Denial of Service (DoS)
Drupal Module MiniorangeSAML 8.x-2.22 - Privilege escalation
Phpwcms 1.9.30 - Arbitrary File Upload
Windows/x86 - Download File (http://10.10.10.5:8080/2NWyfQ9T.hta ) Via mshta + Execute + Stager Shellcode (143 bytes)
Linux/x64 - Bind_tcp (0.0.0.0:4444) + Password (12345678) + Shell (/bin/sh) Shellcode (142 bytes)
Linux/x64 - execve _cat /etc/shadow_ Shellcode (66 bytes)
Windows/x86 - Add User Alfred to Administrators/Remote Desktop Users Group Shellcode (240 bytes)
Windows/x64 - Dynamic Null-Free WinExec PopCalc Shellcode (205 Bytes)
Windows/x64 - Dynamic NoNull Add RDP Admin (BOKU:SP3C1ALM0V3) Shellcode (387 Bytes)
Linux/x86 - setreuid(0) + execve(_/bin/sh_) Shellcode (29 bytes)
Linux/x86 - Bind (User Specified Port) Shell (/bin/sh) Shellcode (102 bytes)
Linux/x86 - Reverse (dynamic IP and port/TCP) Shell (/bin/sh) Shellcode (86 bytes)
Linux/x86 - Egghunter Reverse TCP Shell dynamic IP and port Shellcode
Windows/x86 - WinExec PopCalc PEB & Export Directory Table NullFree Dynamic Shellcode (178 bytes)
Windows/x86 - MessageBoxA PEB & Export Address Table NullFree/Dynamic Shellcode (230 bytes)
2021-10-30 05:02:09 +00:00
Offensive Security
a250e82458
DB: 2021-10-12
...
176 changes to exploits/shellcodes
Yenkee Hornet Gaming Mouse - 'GM312Fltr.sys' Denial-Of-Service (PoC)
Product Key Explorer 4.2.7 - 'multiple' Denial of Service (PoC)
jQuery UI 1.12.1 - Denial of Service (DoS)
AgataSoft PingMaster Pro 2.1 - Denial of Service (PoC)
Nsauditor 3.2.2.0 - 'Event Description' Denial of Service (PoC)
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Device Reboot (Unauthenticated)
ProFTPD 1.3.7a - Remote Denial of Service
glFTPd 2.11a - Remote Denial of Service
Hasura GraphQL 1.3.3 - Denial of Service
WordPress Plugin WPGraphQL 1.3.5 - Denial of Service
Telegram Desktop 2.9.2 - Denial of Service (PoC)
SmartFTP Client 10.0.2909.0 - 'Multiple' Denial of Service
Redragon Gaming Mouse - 'REDRAGON_MOUSE.sys' Denial-Of-Service (PoC)
GeoGebra Graphing Calculator 6.0.631.0 - Denial Of Service (PoC)
GeoGebra Classic 5.0.631.0-d - Denial of Service (PoC)
GeoGebra CAS Calculator 6.0.631.0 - Denial of Service (PoC)
Microsoft Internet Explorer 8/11 and WPAD service 'Jscript.dll' - Use-After-Free
MySQL User-Defined (Linux) x32 / x86_64 - 'sys_exec' Local Privilege Escalation (2)
Cyberfox Web Browser 52.9.1 - Denial-of-Service (PoC)
Cmder Console Emulator 1.3.18 - 'Cmder.exe' Denial-of-Service (PoC)
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Hard coded Credentials Shell Access
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Weak Default WiFi Password Algorithm
vsftpd 3.0.3 - Remote Denial of Service
GNU Wget < 1.18 - Arbitrary File Upload / Remote Code Execution (2)
PEEL Shopping 9.3.0 - 'Comments/Special Instructions' Stored Cross-Site Scripting
Arteco Web Client DVR/NVR - 'SessionId' Brute Force
Resumes Management and Job Application Website 1.0 - Multiple Stored XSS
Library System 1.0 - Authentication Bypass Via SQL Injection
MyBB Timeline Plugin 1.0 - Cross-Site Scripting / CSRF
SonicWall SSL-VPN 8.0.0.0 - 'shellshock/visualdoor' Remote Code Execution (Unauthenticated)
Web Based Quiz System 1.0 - 'MCQ options' Persistent/Stored Cross-Site Scripting
Web Based Quiz System 1.0 - 'name' Persistent/Stored Cross-Site Scripting
Online Ordering System 1.0 - Arbitrary File Upload to Remote Code Execution
MagpieRSS 0.72 - 'url' Command Injection and Server Side Request Forgery
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Command Injection (Authenticated)
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Authentication Bypass
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Remote Code Execution
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Factory Reset (Unauthenticated)
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Config Download (Unauthenticated)
GetSimple CMS Custom JS Plugin 0.1 - CSRF to Persistent XSS
Regis Inventory And Monitoring System 1.0 - 'Item List' Stored XSS
rConfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) (1)
Mini Mouse 9.3.0 - Local File inclusion / Path Traversal
GetSimple CMS My SMTP Contact Plugin 1.1.1 - CSRF to RCE
Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass
rconfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) (2)
GravCMS 1.10.7 - Unauthenticated Arbitrary YAML Write/Update (Metasploit)
GetSimple CMS My SMTP Contact Plugin 1.1.2 - CSRF to Stored XSS to RCE
Sipwise C5 NGCP CSC - 'Multiple' Stored/Reflected Cross-Site Scripting (XSS)
Cacti 1.2.12 - 'filter' SQL Injection / Remote Code Execution
Zenario CMS 8.8.52729 - 'cID' Blind & Error based SQL injection (Authenticated)
OpenEMR 5.0.1.3 - '/portal/account/register.php' Authentication Bypass
VMware vCenter Server RCE 6.5 / 6.7 / 7.0 - Remote Code Execution (RCE) (Unauthenticated)
Scratch Desktop 3.17 - Cross-Site Scripting/Remote Code Execution (XSS/RCE)
Church Management System 1.0 - Unrestricted File Upload to Remote Code Execution (Authenticated)
Zoo Management System 1.0 - 'Multiple' Stored Cross-Site-Scripting (XSS)
WordPress Plugin Current Book 1.0.1 - 'Book Title and Author field' Stored Cross-Site Scripting (XSS)
KevinLAB BEMS 1.0 - Unauthenticated SQL Injection / Authentication Bypass
Event Registration System with QR Code 1.0 - Authentication Bypass & RCE
CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF) to Remote Code Execution (RCE)
Panasonic Sanyo CCTV Network Camera 2.03-0x - 'Disable Authentication / Change Password' CSRF
ApacheOfBiz 17.12.01 - Remote Command Execution (RCE) via Unsafe Deserialization of XMLRPC arguments
WordPress Plugin LifterLMS 4.21.1 - Access Other Student Grades/Answers via IDOR
GeoVision Geowebserver 5.3.3 - LFI / XSS / HHI / RCE
Umbraco CMS 8.9.1 - Path traversal and Arbitrary File Write (Authenticated)
Traffic Offense Management System 1.0 - SQLi to Remote Code Execution (RCE) (Unauthenticated)
Compro Technology IP Camera - 'killps.cgi' Denial-of-Service (DoS)
OpenSIS 8.0 'modname' - Directory/Path Traversal
Patient Appointment Scheduler System 1.0 - Persistent/Stored XSS
Apartment Visitor Management System (AVMS) 1.0 - SQLi to RCE
FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - 'Add Admin' Cross-Site Request Forgery (CSRF)
Wordpress Plugin JS Jobs Manager 1.1.7 - Unauthenticated Plugin Install/Activation
PlaceOS 1.2109.1 - Open Redirection
Blood Bank System 1.0 - SQL Injection / Authentication Bypass
Lodging Reservation Management System 1.0 - SQL Injection / Authentication Bypass
Atlassian Jira Server/Data Center 8.16.0 - Arbitrary File Read
Linux/x64 - Reverse (127.1.1.1:4444/TCP) Shell (/bin/sh) Shellcode (123 Bytes)
Linux/x86 - Bind Socat (0.0.0.0:1000/TCP) Shell (Bash) Shellcode (113 bytes)
Linux/x86 - Bind (0.0.0.0:13377/TCP) Shell (/bin/sh) Shellcode (65 bytes)
Windows/x86 - Download File (http://10.10.10.5:8080/2NWyfQ9T.hta ) Via mshta + Execute + Stager Shellcode (143 bytes)
Linux/x64 - Bind_tcp (0.0.0.0:4444) + Password (12345678) + Shell (/bin/sh) Shellcode (142 bytes)
Linux/x64 - execve _cat /etc/shadow_ Shellcode (66 bytes)
Windows/x86 - Add User Alfred to Administrators/Remote Desktop Users Group Shellcode (240 bytes)
Windows/x64 - Dynamic Null-Free WinExec PopCalc Shellcode (205 Bytes)
Windows/x64 - Dynamic NoNull Add RDP Admin (BOKU:SP3C1ALM0V3) Shellcode (387 Bytes)
Linux/x86 - execve /bin/sh Shellcode (fstenv eip GetPC technique) (70 bytes_ xor encoded)
Windows/x86 - WinExec PopCalc PEB & Export Directory Table NullFree Dynamic Shellcode (178 bytes)
Windows/x86 - Bind TCP shellcode / Dynamic PEB & EDT method null-free Shellcode (415 bytes)
2021-10-12 05:02:16 +00:00
Offensive Security
b4c96a5864
DB: 2021-09-03
...
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00
Offensive Security
6cbe6ebbb6
DB: 2021-09-03
...
395 changes to exploits/shellcodes
EO Video 1.36 - Local Heap Overflow Denial of Service / (PoC)
Electronics Workbench - '.ewb' Local Stack Overflow (PoC)
BulletProof FTP Client 2.63 - Local Heap Overflow (PoC)
Easy Web Password 1.2 - Local Heap Memory Consumption (PoC)
Compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)
eEye Retina WiFi Security Scanner 1.0 - '.rws Parsing' Buffer Overflow (PoC)
Zortam MP3 Media Studio 9.40 - Multiple Memory Corruption Vulnerabilities
ImTOO MPEG Encoder 3.1.53 - '.cue' / '.m3u' Local Buffer Overflow (PoC)
ZoIPer 2.22 - Call-Info Remote Denial of Service
PHP < 5.3.1 - 'MultiPart/form-data' Denial of Service
PHP - MultiPart Form-Data Denial of Service (PoC)
PHP < 5.3.1 - 'MultiPart/form-data' Denial of Service
PHP - MultiPart Form-Data Denial of Service (PoC)
Nuked KLan 1.7.7 & SP4 - Denial of Service
AIC Audio Player 1.4.1.587 - Local Crash (PoC)
Xerox 4595 - Denial of Service
WinMerge 2.12.4 - Project File Handling Stack Overflow
Acoustica Mixcraft 1.00 - Local Crash
SopCast 3.4.7 - 'sop://' URI Handling Remote Stack Buffer Overflow (PoC)
Oreans WinLicense 2.1.8.0 - XML File Handling Memory Corruption
Spotify 0.8.2.610 - search func Memory Exhaustion
Apple iTunes 10.6.1.7 - '.m3u' Walking Heap Buffer Overflow (PoC)
WaveSurfer 1.8.8p4 - Memory Corruption (PoC)
DIMIN Viewer 5.4.0 - Crash (PoC)
FreeVimager 4.1.0 - Crash (PoC)
DIMIN Viewer 5.4.0 - Crash (PoC)
FreeVimager 4.1.0 - Crash (PoC)
CoolPlayer+ Portable 2.19.4 - Local Buffer Overflow
Light Audio Player 1.0.14 - Memory Corruption (PoC)
Image Transfer IOS - Remote Crash (PoC)
Larson VizEx Reader 9.7.5 - Local Buffer Overflow (SEH)
VUPlayer 2.49 - '.cue' Universal Buffer Overflow
Apple Mac OSX xnu 1228.x - 'hfs-fcntl' Kernel Privilege Escalation
IBM AIX 5.3 - 'libc' MALLOCDEBUG File Overwrite
Hex Workshop 4.23/5.1/6.0 - '.hex' Universal Local Buffer Overflow (SEH)
Soritong MP3 Player 1.0 - '.m3u' / UI.txt Universal Local Buffer Overflow
Adobe Acrobat/Reader < 7.1.1/8.1.3/9.1 - Collab getIcon Universal
Millenium MP3 Studio - '.pls' / '.mpf' / '.m3u' Universal Local Buffer Overflow (SEH)
Alleycode HTML Editor 2.2.1 - Local Buffer Overflow
GPG2/Kleopatra 2.0.11 - Malformed Certificate
Free WMA MP3 Converter 1.1 - '.wav' Local Buffer Overflow
OtsTurntables Free 1.00.047 - '.olf' Universal Buffer Overflow
Watermark Master 2.2.23 - '.wstyle' Local Buffer Overflow (SEH)
Dropbox < 3.3.x - OSX FinderLoadBundle Privilege Escalation
MySQL / MariaDB / PerconaDB 5.5.51/5.6.32/5.7.14 - Code Execution / Privilege Escalation
eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (1)
eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (2)
eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (1)
eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (2)
eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (3)
QK SMTP 3.01 - 'RCPT TO' Remote Buffer Overflow (2)
CA BrightStor ARCserve - 'msgeng.exe' Remote Stack Overflow
quickshare file share 1.2.1 - Directory Traversal (1)
SPlayer 3.7 (build 2055) - Remote Buffer Overflow
Acunetix 8 build 20120704 - Remote Stack Overflow
Omeka 2.2.1 - Remote Code Execution
D-Link DSL-2740R - Remote DNS Change
D-Link DSL-2730U/2750U/2750E ADSL Router - Remote File Disclosure
Netgear JNR1010 ADSL Router - (Authenticated) Remote File Disclosure
D-Link DSL-2730U/2750U/2750E ADSL Router - Remote File Disclosure
Netgear JNR1010 ADSL Router - (Authenticated) Remote File Disclosure
Websphere/JBoss/OpenNMS/Symantec Endpoint Protection Manager - Java Deserialization Remote Code Execution
TorrentTrader 1.0 RC2 - SQL Injection
WEBInsta CMS 0.3.1 - 'templates_dir' Remote File Inclusion
MiniPort@l 0.1.5 Beta - 'skiny' Remote File Inclusion
PHP DocWriter 0.3 - 'script' Remote File Inclusion
phpBB Journals System Mod 1.0.2 RC2 - Remote File Inclusion
phpBB SpamBlocker Mod 1.0.2 - Remote File Inclusion
RSSonate - 'xml2rss.php' Remote File Inclusion
CASTOR 1.1.1 - '/lib/rs.php' Remote File Inclusion
RSSonate - 'xml2rss.php' Remote File Inclusion
CASTOR 1.1.1 - '/lib/rs.php' Remote File Inclusion
QnECMS 2.5.6 - 'adminfolderpath' Remote File Inclusion
BrewBlogger 1.3.1 - 'printLog.php' SQL Injection
e-Ark 1.0 - '/src/ark_inc.php' Remote File Inclusion
awrate.com Message Board 1.0 - 'search.php' Remote File Inclusion
Tucows Client Code Suite (CSS) 1.2.1015 - Remote File Inclusion
Gizzar 03162002 - 'index.php' Remote File Inclusion
SH-News 0.93 - 'misc.php' Remote File Inclusion
JSBoard 2.0.10 - 'login.php?table' Local File Inclusion
XOOPS Module WF-Links 1.03 - 'cid' SQL Injection
Scorp Book 1.0 - 'smilies.php?config' Remote File Inclusion
WEBInsta FM 0.1.4 - 'login.php' absolute_path Remote File Inclusion
mxBB Module FAQ & RULES 2.0.0 - Remote File Inclusion
EQdkp 1.3.2 - 'listmembers.php' SQL Injection
FlashBB 1.1.8 - 'sendmsg.php' Remote File Inclusion
SimpleBlog 3.0 - 'comments_get.asp?id' SQL Injection
Pakupaku CMS 0.4 - Arbitrary File Upload / Local File Inclusion
CCMS 3.1 Demo - SQL Injection
MoinMoin 1.5.x - 'MOIND_ID' Cookie Login Bypass
BlogPHP 2 - 'id' Cross-Site Scripting / SQL Injection
AuraCMS 1.62 - Multiple SQL Injections
sCssBoard (Multiple Versions) - 'pwnpack' Remote s
EasyNews 40tr - SQL Injection / Cross-Site Scripting / Local File Inclusion
RevokeBB 1.0 RC11 - 'Search' SQL Injection
Galatolo Web Manager 1.0 - Cross-Site Scripting / Local File Inclusion
CaupoShop Classic 1.3 - 'saArticle[ID]' SQL Injection
PHPortal 1.2 - Multiple Remote File Inclusions
Libera CMS 1.12 - 'cookie' SQL Injection
Zanfi CMS lite 2.1 / Jaw Portal free - 'FCKeditor' Arbitrary File Upload
WCMS 1.0b - Arbitrary Add Admin
FOSS Gallery Admin 1.0 - Arbitrary File Upload
MemHT Portal 4.0.1 - SQL Injection / Code Execution
Mediatheka 4.2 - Blind SQL Injection
Pligg 9.9.5b - Arbitrary File Upload / SQL Injection
XOOPS 2.3.2 - 'mydirname' PHP Remote Code Execution
Joomla! Component Casino 0.3.1 - Multiple SQL Injections s
ZeusCart 2.3 - 'maincatid' SQL Injection
ASP Football Pool 2.3 - Remote Database Disclosure
LightNEasy sql/no-db 2.2.x - System Configuration Disclosure
Zen Cart 1.3.8 - Remote Code Execution
Joomla! Component com_pinboard - 'task' SQL Injection
Joomla! Component com_bookflip - 'book_id' SQL Injection
Messages Library 2.0 - Arbitrary Delete Message
Arab Portal 2.2 - Blind Cookie Authentication Bypass
Joomla! Plugin JD-WordPress 2.0 RC2 - Remote File Inclusion
REZERVI 3.0.2 - Remote Command Execution
Joomla! Component BF Quiz 1.0 - SQL Injection (2)
E-Xoopport Samsara 3.1 (eCal Module) - Blind SQL Injection
AJ Matrix DNA - SQL Injection
Joomla! Component JE Story Submit - Local File Inclusion
CF Image Hosting Script 1.3.82 - File Disclosure
hastymail2 webmail 1.1 rc2 - Persistent Cross-Site Scripting
CMSLogik 1.2.1 - Multiple Vulnerabilities
C.P.Sub 4.5 - Authentication Bypass
WordPress Plugin Slideshow Gallery 1.4.6 - Arbitrary File Upload
Joomla! Component com_hdflvplayer < 2.1.0.1 - SQL Injection
WordPress Plugin WP Symposium 14.11 - Arbitrary File Upload
PHPMailer < 5.2.20 - Remote Code Execution
phpIPAM 1.4 - SQL Injection
Joomla! 3.9.0 < 3.9.7 - CSV Injection
2021-09-03 14:58:20 +00:00
Offensive Security
36c084c351
DB: 2021-09-03
...
45419 changes to exploits/shellcodes
2 new exploits/shellcodes
Too many to list!
2021-09-03 13:39:06 +00:00
Offensive Security
2dbd546dde
DB: 2021-04-28
...
3 changes to exploits/shellcodes
WordPress Plugin WPGraphQL 1.3.5 - Denial of Service
Kimai 1.14 - CSV Injection
Montiorr 1.7.6m - File Upload to XSS
2021-04-28 05:01:56 +00:00
Offensive Security
ccea007282
DB: 2020-05-01
...
81 changes to exploits/shellcodes
WordPress 2.9 - Denial of Service
WordPress Core 2.9 - Denial of Service
Qutecom SoftPhone 2.2.1 - Heap Overflow Crash (Denial of Service) PoC)
Qutecom SoftPhone 2.2.1 - Heap Overflow Crash (Denial of Service) (PoC)
IBM AIX 4.3.1 - 'adb' Denial of Service
Jzip - Buffer Overflow (PoC) (SEH Unicode)
Jzip - Buffer Overflow (PoC) (SEH Unicode)
WordPress 4.0 - Denial of Service
WordPress < 4.0.1 - Denial of Service
WordPress Core 4.0 - Denial of Service
WordPress Core < 4.0.1 - Denial of Service
Mediacoder 0.8.33 build 5680 - '.m3u' Buffer Overflow (PoC) (SEH Overwrite)
Mediacoder 0.8.33 build 5680 - '.lst' Buffer Overflow (PoC) (SEH Overwrite)
Mediacoder 0.8.33 build 5680 - '.m3u' Buffer Overflow (PoC) (SEH Overwrite)
Mediacoder 0.8.33 build 5680 - '.lst' Buffer Overflow (PoC) (SEH Overwrite)
Icinga - cgi/config.c process_cgivars Function Off-by-One Read Remote Denial of Service
PHPFreeChat 1.7 - Denial of Service
XenForo 2 - CSS Loader Denial of Service
MikroTik 6.41.4 - FTP daemon Denial of Service (PoC)
Brave Browser < 0.13.0 - 'long alert() argument' Denial of Service
Brave Browser < 0.13.0 - 'window.close(self)' Denial of Service
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Denial of Service
AgataSoft Auto PingMaster 1.5 - 'Host name' Denial of Service (PoC)
Wansview 1.0.2 - Denial of Service (PoC)
StyleWriter 4 1.0 - Denial of Service (PoC)
Any Sound Recorder 2.93 - Denial of Service (PoC)
Snes9K 0.0.9z - Denial of Service (PoC)
Virgin Media Hub 3.0 Router - Denial of Service (PoC)
Intelbras IWR 3000N - Denial of Service (Remote Reboot)
Opencart 3.0.3.2 - 'extension/feed/google_base' Denial of Service (PoC)
Windows PowerShell - Unsanitized Filename Command Execution
Microsoft Windows PowerShell - Unsanitized Filename Command Execution
QEMU - Denial of Service
Counter-Strike Global Offensive 1.37.1.1 - 'vphysics.dll' Denial of Service (PoC)
Windows Kernel - win32k.sys TTF Font Processing Pool Corruption in win32k!ulClearTypeFilter
Windows Kernel - NULL Pointer Dereference in nt!MiOffsetToProtos While Parsing Malformed PE File
Windows Kernel - Out-of-Bounds Read in CI!CipFixImageType While Parsing Malformed PE File
Windows Kernel - Out-of-Bounds Read in nt!MiParseImageLoadConfig While Parsing Malformed PE File
Windows Kernel - Out-of-Bounds Read in CI!HashKComputeFirstPageHash While Parsing Malformed PE File
Windows Kernel - Out-of-Bounds Read in nt!MiRelocateImage While Parsing Malformed PE File
Microsoft Windows Kernel - win32k.sys TTF Font Processing Pool Corruption in win32k!ulClearTypeFilter
Microsoft Windows Kernel - NULL Pointer Dereference in nt!MiOffsetToProtos While Parsing Malformed PE File
Microsoft Windows Kernel - Out-of-Bounds Read in CI!CipFixImageType While Parsing Malformed PE File
Microsoft Windows Kernel - Out-of-Bounds Read in nt!MiParseImageLoadConfig While Parsing Malformed PE File
Microsoft Windows Kernel - Out-of-Bounds Read in CI!HashKComputeFirstPageHash While Parsing Malformed PE File
Microsoft Windows Kernel - Out-of-Bounds Read in nt!MiRelocateImage While Parsing Malformed PE File
Bematech Printer MP-4200 - Denial of Service
Cisco WLC 2504 8.9 - Denial of Service (PoC)
FTP Navigator 8.03 - 'Custom Command' Denial of Service (SEH)
FTP Navigator 8.03 - 'Custom Command' Denial of Service (SEH)
WordPress Core < 5.3.x - 'xmlrpc.php' Denial of Service
FTPGetter Professional 5.97.0.223 - Denial of Service (PoC)
FTPGetter Professional 5.97.0.223 - Denial of Service (PoC)
Tautulli 2.1.9 - Denial of Service (Metasploit)
Microtik SSH Daemon 6.44.3 - Denial of Service (PoC)
TP-Link Archer C50 3 - Denial of Service (PoC)
Amcrest Dahua NVR Camera IP2M-841 - Denial of Service (PoC)
Cisco IP Phone 11.7 - Denial of service (PoC)
PHP 5.2.3 Win32std - 'win_shell_execute' Safe Mode / disable_functions Bypass
PHP 5.2.3 Win32std - 'win_shell_execute' Safe Mode / disable_functions Bypass
IBM AIX 4.3.1 - 'adb' Denial of Service
Systrace 1.x (Linux Kernel x64) - Aware Local Privilege Escalation
Systrace 1.x (Linux Kernel x64) - Aware Local Privilege Escalation
Vm86 - Syscall Task Switch Kernel Panic (Denial of Service) / Privilege Escalation
Vm86 - Syscall Task Switch Kernel Panic Denial of Service / Privilege Escalation
Ultra MiniHTTPd 1.2 - 'GET' Remote Stack Buffer Overflow PoC
Brave Browser < 0.13.0 - 'long alert() argument' Denial of Service
Brave Browser < 0.13.0 - 'window.close(self)' Denial of Service
Ultra MiniHTTPd 1.2 - 'GET' Remote Stack Buffer Overflow (PoC)
AgataSoft Auto PingMaster 1.5 - 'Host name' Denial of Service (PoC)
Wansview 1.0.2 - Denial of Service (PoC)
StyleWriter 4 1.0 - Denial of Service (PoC)
Any Sound Recorder 2.93 - Denial of Service (PoC)
Snes9K 0.0.9z - Denial of Service (PoC)
Pronestor Health Monitoring < 8.1.11.0 - Privilege Escalation
Pronestor Health Monitoring < 8.1.11.0 - Privilege Escalation
Windows - NtUserSetWindowFNID Win32k User Callback Privilege Escalation (Metasploit)
Microsoft Windows - NtUserSetWindowFNID Win32k User Callback Privilege Escalation (Metasploit)
Linux Kernel 4.8.0-34 < 4.8.0-45 (Ubuntu / Linux Mint) - Packet Socket Local Privilege Escalation
Linux Kernel 4.8.0-34 < 4.8.0-45 (Ubuntu / Linux Mint) - Packet Socket Local Privilege Escalation
Windows 10 - SET_REPARSE_POINT_EX Mount Point Security Feature Bypass
Microsoft Windows 10 - SET_REPARSE_POINT_EX Mount Point Security Feature Bypass
Windows NTFS - Privileged File Access Enumeration
Windows 10 - UAC Protection Bypass Via Windows Store (WSReset.exe) (Metasploit)
Windows 10 - UAC Protection Bypass Via Windows Store (WSReset.exe) and Registry (Metasploit)
Microsoft Windows NTFS - Privileged File Access Enumeration
Microsoft Windows 10 - UAC Protection Bypass Via Microsoft Windows Store (WSReset.exe) (Metasploit)
Microsoft Windows 10 - UAC Protection Bypass Via Microsoft Windows Store (WSReset.exe) and Registry (Metasploit)
Counter-Strike Global Offensive 1.37.1.1 - 'vphysics.dll' Denial of Service (PoC)
_GCafé 3.0 - 'gbClienService' Unquoted Service Path
_GCafé 3.0 - 'gbClienService' Unquoted Service Path
Wondershare Application Framework Service - _WsAppService_ Unquote Service Path
Wondershare Application Framework Service - _WsAppService_ Unquote Service Path
Windows - Escalate UAC Protection Bypass (Via dot net profiler) (Metasploit)
Windows - Escalate UAC Protection Bypass (Via Shell Open Registry Key) (Metasploit)
Microsoft Windows - Escalate UAC Protection Bypass (Via dot net profiler) (Metasploit)
Microsoft Windows - Escalate UAC Protection Bypass (Via Shell Open Registry Key) (Metasploit)
Bash 5.0 Patch 11 - SUID Priv Drop Exploit
Bash 5.0 Patch 11 - SUID Priv Drop Exploit
Windows - Shell COM Server Registrar Local Privilege Escalation
Microsoft Windows - Shell COM Server Registrar Local Privilege Escalation
Windows Kernel - Information Disclosure
Microsoft Windows Kernel - Information Disclosure
NVIDIA Update Service Daemon 1.0.21 - 'nvUpdatusService' Unquoted Service Path
Andrea ST Filters Service 1.0.64.7 - 'Andrea ST Filters Service ' Unquoted Service Path
NVIDIA Update Service Daemon 1.0.21 - 'nvUpdatusService' Unquoted Service Path
Andrea ST Filters Service 1.0.64.7 - 'Andrea ST Filters Service ' Unquoted Service Path
Chilkat IMAP ActiveX 7.9 - File Execution / IE Denial of Service
Chilkat IMAP ActiveX 7.9 - File Execution / Denial of Service
Apache Tomcat 4.0.3 - Denial of Service 'Device Name' / Cross-Site Scripting
WordPress PHPMailer 4.6 - Host Header Command Injection (Metasploit)
WordPress Plugin PHPMailer 4.6 - Host Header Command Injection (Metasploit)
WordPress 5.0.0 - Crop-image Shell Upload (Metasploit)
WordPress Core 5.0.0 - Crop-image Shell Upload (Metasploit)
Windows PowerShell ISE - Remote Code Execution
Microsoft Windows PowerShell ISE - Remote Code Execution
QEMU - Denial of Service
Microtik SSH Daemon 6.44.3 - Denial of Service (PoC)
WordPress 1.2 - HTTP Splitting
WordPress Core 1.2 - HTTP Splitting
WordPress 1.5.1.1 - SQL Injection
WordPress Core 1.5.1.1 - SQL Injection
WordPress 1.5.1.1 - 'add new admin' SQL Injection
WordPress Core 1.5.1.1 - 'add new admin' SQL Injection
WordPress 1.5.1.2 - 'xmlrpc' Interface SQL Injection
WordPress Core 1.5.1.2 - 'xmlrpc' Interface SQL Injection
WordPress 1.5.1.3 - Remote Code Execution
WordPress 1.5.1.3 - Remote Code Execution (Metasploit)
WordPress Core 1.5.1.3 - Remote Code Execution
WordPress Core 1.5.1.3 - Remote Code Execution (Metasploit)
WordPress 2.0.5 - Trackback UTF-7 SQL Injection
WordPress Core 2.0.5 - Trackback UTF-7 SQL Injection
WordPress 2.0.6 - 'wp-trackback.php' SQL Injection
WordPress Core 2.0.6 - 'wp-trackback.php' SQL Injection
WordPress 2.1.2 - 'xmlrpc' SQL Injection
WordPress Core 2.1.2 - 'xmlrpc' SQL Injection
WordPress 2.1.3 - 'admin-ajax.php' SQL Injection Blind Fishing
WordPress Core 2.1.3 - 'admin-ajax.php' SQL Injection Blind Fishing
WordPress 2.2 - 'xmlrpc.php' SQL Injection
WordPress Core 2.2 - 'xmlrpc.php' SQL Injection
WordPress 2.2 - 'wp-app.php' Arbitrary File Upload
WordPress Core 2.2 - 'wp-app.php' Arbitrary File Upload
WordPress 1.5.1.1 < 2.2.2 - Multiple Vulnerabilities
WordPress Core 1.5.1.1 < 2.2.2 - Multiple Vulnerabilities
WordPress 2.3.1 - Charset SQL Injection
WordPress Core 2.3.1 - Charset SQL Injection
Joomla! Component iJoomla News Portal 1.0 - 'itemID' SQL Injection
Joomla! Component iJoomla! News Portal 1.0 - 'itemID' SQL Injection
WordPress 2.6.1 - SQL Column Truncation
WordPress Core 2.6.1 - SQL Column Truncation
WordPress 2.6.1 - Admin Takeover (SQL Column Truncation)
WordPress Core 2.6.1 - Admin Takeover (SQL Column Truncation)
WordPress 2.8.1 - 'url' Cross-Site Scripting
WordPress Core 2.8.1 - 'url' Cross-Site Scripting
WordPress 2.8.3 - Remote Admin Reset Password
WordPress Core 2.8.3 - Remote Admin Reset Password
WordPress 2.0 < 2.7.1 - 'admin.php' Module Configuration Security Bypass
WordPress < 2.8.5 - Unrestricted Arbitrary File Upload / Arbitrary PHP Code Execution
WordPress Core 2.0 < 2.7.1 - 'admin.php' Module Configuration Security Bypass
WordPress Core < 2.8.5 - Unrestricted Arbitrary File Upload / Arbitrary PHP Code Execution
WordPress 2.9 - Failure to Restrict URL Access
WordPress Core 2.9 - Failure to Restrict URL Access
Joomla! Component Joomla Flickr 1.0 - Local File Inclusion
Joomla! Component Joomla! Flickr 1.0 - Local File Inclusion
Joomla! Component Wap4Joomla - 'wapmain.php' SQL Injection
Joomla! Component Wap4Joomla! - 'wapmain.php' SQL Injection
Joomla! Component Minify4Joomla - Arbitrary File Upload / Persistent Cross-Site Scripting
Joomla! Component Minify4Joomla! - Arbitrary File Upload / Persistent Cross-Site Scripting
Joomla! Component iJoomla Magazine 3.0.1 - Remote File Inclusion
Joomla! Component iJoomla! Magazine 3.0.1 - Remote File Inclusion
WordPress 3.0.1 - 'do_trackbacks()' SQL Injection
WordPress Core 3.0.1 - 'do_trackbacks()' SQL Injection
WordPress 3.0.3 - Persistent Cross-Site Scripting (Internet Explorer 6/7 / NS8.1)
WordPress Core 3.0.3 - Persistent Cross-Site Scripting (Internet Explorer 6/7 / NS8.1)
WordPress 1.5.1.3 - 'cache_lastpostdate' Arbitrary Code Execution (Metasploit)
WordPress Core 1.5.1.3 - 'cache_lastpostdate' Arbitrary Code Execution (Metasploit)
WordPress 3.1.3 - SQL Injection
WordPress Core 3.1.3 - SQL Injection
WordPress 3.3.1 - Multiple Vulnerabilities
WordPress Core 3.3.1 - Multiple Vulnerabilities
WordPress 3.3.1 - Multiple Cross-Site Request Forgery Vulnerabilities
WordPress Core 3.3.1 - Multiple Cross-Site Request Forgery Vulnerabilities
Apache Tomcat 4.0.3 - Denial of Service 'Device Name' / Cross-Site Scripting
WordPress 0.6/0.7 - 'Blog.header.php' SQL Injection
WordPress Core 0.6/0.7 - 'Blog.header.php' SQL Injection
WordPress 1.2 - 'wp-login.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress 1.2 - 'admin-header.php?redirect_url' Cross-Site Scripting
WordPress 1.2 - 'bookmarklet.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress 1.2 - 'categories.php?cat_ID' Cross-Site Scripting
WordPress 1.2 - 'edit.php?s' Cross-Site Scripting
WordPress 1.2 - 'edit-comments.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress Core 1.2 - 'wp-login.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress Core 1.2 - 'admin-header.php?redirect_url' Cross-Site Scripting
WordPress Core 1.2 - 'bookmarklet.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress Core 1.2 - 'categories.php?cat_ID' Cross-Site Scripting
WordPress Core 1.2 - 'edit.php?s' Cross-Site Scripting
WordPress Core 1.2 - 'edit-comments.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress 1.2 - 'wp-login.php' HTTP Response Splitting
WordPress Core 1.2 - 'wp-login.php' HTTP Response Splitting
WordPress 1.2.1/1.2.2 - '/wp-admin/post.php?content' Cross-Site Scripting
WordPress 1.2.1/1.2.2 - '/wp-admin/templates.php?file' Cross-Site Scripting
WordPress 1.2.1/1.2.2 - 'link-add.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress 1.2.1/1.2.2 - 'link-categories.php?cat_id' Cross-Site Scripting
WordPress 1.2.1/1.2.2 - 'link-manager.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress 1.2.1/1.2.2 - 'moderation.php?item_approved' Cross-Site Scripting
WordPress Core 1.2.1/1.2.2 - '/wp-admin/post.php?content' Cross-Site Scripting
WordPress Core 1.2.1/1.2.2 - '/wp-admin/templates.php?file' Cross-Site Scripting
WordPress Core 1.2.1/1.2.2 - 'link-add.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress Core 1.2.1/1.2.2 - 'link-categories.php?cat_id' Cross-Site Scripting
WordPress Core 1.2.1/1.2.2 - 'link-manager.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress Core 1.2.1/1.2.2 - 'moderation.php?item_approved' Cross-Site Scripting
WordPress 1.5 - 'post.php' Cross-Site Scripting
WordPress Core 1.5 - 'post.php' Cross-Site Scripting
WordPress 2.0 - Comment Post HTML Injection
WordPress Core 2.0 - Comment Post HTML Injection
WordPress 2.0.5 - 'functions.php' Remote File Inclusion
WordPress Core 2.0.5 - 'functions.php' Remote File Inclusion
WordPress 1.x/2.0.x - 'template.php' HTML Injection
WordPress Core 1.x/2.0.x - 'template.php' HTML Injection
WordPress 1.x/2.0.x - Pingback SourceURI Denial of Service / Information Disclosure
WordPress Core 1.x/2.0.x - Pingback SourceURI Denial of Service / Information Disclosure
WordPress 2.1.1 - 'post.php' Cross-Site Scripting
WordPress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities
WordPress Core 2.1.1 - 'post.php' Cross-Site Scripting
WordPress Core 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities
WordPress 1.x/2.0.x - 'Templates.php' Cross-Site Scripting
WordPress Core 1.x/2.0.x - 'Templates.php' Cross-Site Scripting
WordPress 2.1.1 - Arbitrary Command Execution
WordPress 2.1.1 - '/wp-includes/theme.php?iz' Arbitrary Command Execution
WordPress Core 2.1.1 - Arbitrary Command Execution
WordPress Core 2.1.1 - '/wp-includes/theme.php?iz' Arbitrary Command Execution
WordPress < 2.1.2 - 'PHP_Self' Cross-Site Scripting
WordPress Core < 2.1.2 - 'PHP_Self' Cross-Site Scripting
WordPress 2.2 - 'Request_URI' Cross-Site Scripting
WordPress Core 2.2 - 'Request_URI' Cross-Site Scripting
WordPress 2.2.3 - '/wp-admin/page-new.php?popuptitle' Cross-Site Scripting
WordPress Core 2.2.3 - '/wp-admin/page-new.php?popuptitle' Cross-Site Scripting
WordPress 1.0.7 - 'Pool index.php' Cross-Site Scripting
WordPress Core 1.0.7 - 'Pool index.php' Cross-Site Scripting
WordPress 2.0 - 'wp-register.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress Core 2.0 - 'wp-register.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress 2.3 - 'Edit-Post-Rows.php' Cross-Site Scripting
WordPress Core 2.3 - 'Edit-Post-Rows.php' Cross-Site Scripting
WordPress 2.2.3 - '/wp-admin/post.php?popuptitle' Cross-Site Scripting
WordPress Core 2.2.3 - '/wp-admin/post.php?popuptitle' Cross-Site Scripting
WordPress 2.3.1 - Unauthorized Post Access
WordPress Core 2.3.1 - Unauthorized Post Access
WordPress 2.2.3 - '/wp-admin/edit.php?backup' Cross-Site Scripting
WordPress Core 2.2.3 - '/wp-admin/edit.php?backup' Cross-Site Scripting
WordPress 2.3.2 - '/wp-admin/users.php?inviteemail' Cross-Site Scripting
WordPress 2.3.2 - '/wp-admin/invites.php?to' Cross-Site Scripting
WordPress Core 2.3.2 - '/wp-admin/users.php?inviteemail' Cross-Site Scripting
WordPress Core 2.3.2 - '/wp-admin/invites.php?to' Cross-Site Scripting
WordPress 2.3.3 - 'cat' Directory Traversal
WordPress Core 2.3.3 - 'cat' Directory Traversal
WordPress 2.5.1 - 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress Core 2.5.1 - 'press-this.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress 4.2 - Persistent Cross-Site Scripting
WordPress Core 4.2 - Persistent Cross-Site Scripting
WordPress Plugin ]Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress Plugin Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities
WordPress 3.4.2 - Multiple Path Disclosure Vulnerabilities
WordPress Core 3.4.2 - Multiple Path Disclosure Vulnerabilities
WordPress 3.4.2 - Cross-Site Request Forgery
WordPress Core 3.4.2 - Cross-Site Request Forgery
Icinga - cgi/config.c process_cgivars Function Off-by-One Read Remote Denial of Service
WordPress 2.0.11 - '/wp-admin/options-discussion.php' Script Cross-Site Request Forgery
WordPress Core 2.0.11 - '/wp-admin/options-discussion.php' Script Cross-Site Request Forgery
WordPress 4.5.3 - Directory Traversal / Denial of Service
WordPress Core 4.5.3 - Directory Traversal / Denial of Service
PHPFreeChat 1.7 - Denial of Service
WordPress 4.7.0/4.7.1 - Content Injection (Python)
WordPress 4.7.0/4.7.1 - Content Injection (Ruby)
WordPress Core 4.7.0/4.7.1 - Content Injection (Python)
WordPress Core 4.7.0/4.7.1 - Content Injection (Ruby)
WordPress < 4.7.1 - Username Enumeration
WordPress Core < 4.7.1 - Username Enumeration
WordPress Multiple Plugins - Arbitrary File Upload
Multiple WordPress Plugins - Arbitrary File Upload
Wordpress Plugin Membership Simplified 1.58 - Arbitrary File Download
WordPress Plugin Membership Simplified 1.58 - Arbitrary File Download
Joomla! Component Picture Calendar for Joomla 3.1.4 - Directory Traversal
Joomla! Component Picture Calendar for Joomla! 3.1.4 - Directory Traversal
Joomla! Component Timetable Responsive Schedule For Joomla 1.5 - 'alias' SQL Injection
Joomla! Component Timetable Responsive Schedule For Joomla! 1.5 - 'alias' SQL Injection
Joomla Component ccNewsletter 2.x.x 'id' - SQL Injection
Joomla! Component ccNewsletter 2.x.x 'id' - SQL Injection
WordPress 4.6 - Remote Code Execution
WordPress < 4.7.4 - Unauthorized Password Reset
WordPress Core 4.6 - Remote Code Execution
WordPress Core < 4.7.4 - Unauthorized Password Reset
XenForo 2 - CSS Loader Denial of Service
Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion
WordPress Plugin Site Editor 1.1.1 - Local File Inclusion
Joomla Component Fields - SQLi Remote Code Execution (Metasploit)
Joomla! Component Fields - SQLi Remote Code Execution (Metasploit)
Wordpress Plugin Activity Log 2.4.0 - Stored Cross-Site Scripting
WordPress Plugin Activity Log 2.4.0 - Stored Cross-Site Scripting
Joomla Convert Forms version 2.0.3 - Formula Injection (CSV Injection)
Joomla! Convert Forms version 2.0.3 - Formula Injection (CSV Injection)
MikroTik 6.41.4 - FTP daemon Denial of Service PoC
Wordpress Plugin Booking Calendar 3.0.0 - SQL Injection / Cross-Site Scripting
WordPress Plugin Booking Calendar 3.0.0 - SQL Injection / Cross-Site Scripting
Joomla Component Ek Rishta 2.10 - SQL Injection
Joomla! Component Ek Rishta 2.10 - SQL Injection
Raisecom XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 - Remote Code Execution
Raisecom XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 - Remote Code Execution
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Denial of Service
Wordpress Plugin Ninja Forms 3.3.13 - CSV Injection
WordPress Plugin Ninja Forms 3.3.13 - CSV Injection
Wordpress Plugin Survey & Poll 1.5.7.3 - 'sss_params' SQL Injection
WordPress Plugin Survey & Poll 1.5.7.3 - 'sss_params' SQL Injection
Joomla Component JCK Editor 6.4.4 - 'parent' SQL Injection
Joomla! Component JCK Editor 6.4.4 - 'parent' SQL Injection
Joomla Component eXtroForms 2.1.5 - 'filter_type_id' SQL Injection
Joomla! Component eXtroForms 2.1.5 - 'filter_type_id' SQL Injection
Virgin Media Hub 3.0 Router - Denial of Service (PoC)
Wordpress Plugin Media File Manager 1.4.2 - Directory Traversal / Cross-Site Scripting
WordPress Plugin Media File Manager 1.4.2 - Directory Traversal / Cross-Site Scripting
WordPress CherryFramework Themes 3.1.4 - Backup File Download
WordPress Theme CherryFramework 3.1.4 - Backup File Download
WordPress Plugins Easy Testimonials 3.2 - Cross-Site Scripting
WordPress Plugin Easy Testimonials 3.2 - Cross-Site Scripting
Wordpress Plugin UserPro < 4.9.21 - User Registration Privilege Escalation
WordPress Plugin UserPro < 4.9.21 - User Registration Privilege Escalation
Wordpress Plugin Wisechat 2.6.3 - Reverse Tabnabbing
WordPress Plugin Wisechat 2.6.3 - Reverse Tabnabbing
Jenkins 2.150.2 - Remote Command Execution (Metasploit)
Jenkins 2.150.2 - Remote Command Execution (Metasploit)
Simple Online Hotel Reservation System - SQL Injection
Simple Online Hotel Reservation System - Cross-Site Request Forgery (Add Admin)
Simple Online Hotel Reservation System - Cross-Site Request Forgery (Delete Admin)
Simple Online Hotel Reservation System - SQL Injection
Simple Online Hotel Reservation System - Cross-Site Request Forgery (Add Admin)
Simple Online Hotel Reservation System - Cross-Site Request Forgery (Delete Admin)
phpBB 3.2.3 - Remote Code Execution
phpBB 3.2.3 - Remote Code Execution
60CycleCMS - 'news.php' SQL Injection
60CycleCMS - 'news.php' SQL Injection
Joomla Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion
Joomla! Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion
Intelbras IWR 3000N - Denial of Service (Remote Reboot)
Wordpress Plugin Social Warfare < 3.5.3 - Remote Code Execution
WordPress Plugin Social Warfare < 3.5.3 - Remote Code Execution
Opencart 3.0.3.2 - 'extension/feed/google_base' Denial of Service PoC
WordPress Plugin Live Chat Unlimited 2.8.3 - Cross-Site Scripting
WordPress Plugin Live Chat Unlimited 2.8.3 - Cross-Site Scripting
Centreon 19.04 - Remote Code Execution
Centreon 19.04 - Remote Code Execution
WordPress Add Mime Types Plugin 2.2.1 - Cross-Site Request Forgery
WordPress Plugin Add Mime Types 2.2.1 - Cross-Site Request Forgery
Wordpress Plugin Event Tickets 4.10.7.1 - CSV Injection
WordPress Plugin Event Tickets 4.10.7.1 - CSV Injection
WordPress 5.2.3 - Cross-Site Host Modification
WordPress Core 5.2.3 - Cross-Site Host Modification
Joomla 3.4.6 - 'configuration.php' Remote Code Execution
Joomla! 3.4.6 - 'configuration.php' Remote Code Execution
WordPress Arforms 3.7.1 - Directory Traversal
WordPress Plugin Arforms 3.7.1 - Directory Traversal
WordPress Plugin FooGallery 1.8.12 - Persistent Cross-Site Scripting
WordPress Plugin Soliloquy Lite 2.5.6 - Persistent Cross-Site Scripting
WordPress Plugin Popup Builder 3.49 - Persistent Cross-Site Scripting
Restaurant Management System 1.0 - Remote Code Execution
WordPress Plugin FooGallery 1.8.12 - Persistent Cross-Site Scripting
WordPress Plugin Soliloquy Lite 2.5.6 - Persistent Cross-Site Scripting
WordPress Plugin Popup Builder 3.49 - Persistent Cross-Site Scripting
Restaurant Management System 1.0 - Remote Code Execution
Joomla 3.9.13 - 'Host' Header Injection
Joomla! 3.9.13 - 'Host' Header Injection
Bematech Printer MP-4200 - Denial of Service
Cisco WLC 2504 8.9 - Denial of Service (PoC)
NopCommerce 4.2.0 - Privilege Escalation
NopCommerce 4.2.0 - Privilege Escalation
WordPress Core < 5.3.x - 'xmlrpc.php' Denial of Service
Wordpress Ultimate Addons for Beaver Builder 1.2.4.1 - Authentication Bypass
WordPress Plugin Ultimate Addons for Beaver Builder 1.2.4.1 - Authentication Bypass
Online Book Store 1.0 - 'bookisbn' SQL Injection
Huawei HG255 - Directory Traversal ( Metasploit )
Online Book Store 1.0 - 'bookisbn' SQL Injection
Huawei HG255 - Directory Traversal (Metasploit)
Tautulli 2.1.9 - Denial of Service ( Metasploit )
Wordpress Plugin InfiniteWP Client 1.9.4.5 - Authentication Bypass
Wordpress Time Capsule Plugin 1.21.16 - Authentication Bypass
WordPress Plugin InfiniteWP Client 1.9.4.5 - Authentication Bypass
WordPress Plugin Time Capsule 1.21.16 - Authentication Bypass
LearnDash WordPress LMS Plugin 3.1.2 - Reflective Cross-Site Scripting
WordPress Plugin LearnDash LMS 3.1.2 - Reflective Cross-Site Scripting
WordPress InfiniteWP - Client Authentication Bypass (Metasploit)
WordPress Plugin InfiniteWP - Client Authentication Bypass (Metasploit)
Wordpress Plugin Strong Testimonials 2.40.1 - Persistent Cross-Site Scripting
WordPress Plugin Strong Testimonials 2.40.1 - Persistent Cross-Site Scripting
Cacti 1.2.8 - Authenticated Remote Code Execution
Cacti 1.2.8 - Authenticated Remote Code Execution
Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery (Add User)
WordPress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery (Add User)
Wordpress Plugin Search Meter 2.13.2 - CSV injection
WordPress Plugin Search Meter 2.13.2 - CSV injection
Wordpress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection
WordPress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection
Wordpress Plugin WPForms 1.5.8.2 - Persistent Cross-Site Scripting
WordPress Plugin WPForms 1.5.8.2 - Persistent Cross-Site Scripting
TP-Link Archer C50 3 - Denial of Service (PoC)
Amcrest Dahua NVR Camera IP2M-841 - Denial of Service (PoC)
Wordpress Plugin Media Library Assistant 2.81 - Local File Inclusion
WordPress Plugin Media Library Assistant 2.81 - Local File Inclusion
Oracle WebLogic Server 12.2.1.4.0 - Remote Code Execution
Oracle WebLogic Server 12.2.1.4.0 - Remote Code Execution
Cisco IP Phone 11.7 - Denial of service (PoC)
Linux/ARM - Bind TCP (0.0.0.0:4321) Shell (/bin/sh) + Null-Free Shellcode (84 bytes)
Linux/ARM - Bind TCP (0.0.0.0:4321) Shell (/bin/sh) + Null-Free Shellcode (84 bytes)
Linux/x86 - Rabbit Encoder Shellcode (200 bytes)
Linux/x86 - Rabbit Encoder Shellcode (200 bytes)
2020-05-01 05:02:03 +00:00
Offensive Security
880bbe402e
DB: 2019-03-08
...
14991 changes to exploits/shellcodes
HTC Touch - vCard over IP Denial of Service
TeamSpeak 3.0.0-beta25 - Multiple Vulnerabilities
PeerBlock 1.1 - Blue Screen of Death
WS10 Data Server - SCADA Overflow (PoC)
Symantec Endpoint Protection 12.1.4013 - Service Disabling
Memcached 1.4.33 - 'Crash' (PoC)
Memcached 1.4.33 - 'Add' (PoC)
Memcached 1.4.33 - 'sasl' (PoC)
Memcached 1.4.33 - 'Crash' (PoC)
Memcached 1.4.33 - 'Add' (PoC)
Memcached 1.4.33 - 'sasl' (PoC)
Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow
man-db 2.4.1 - 'open_cat_stream()' Local uid=man
CDRecord's ReadCD - '$RSH exec()' SUID Shell Creation
CDRecord's ReadCD - Local Privilege Escalation
Anyburn 4.3 x86 - 'Copy disc to image file' Buffer Overflow (Unicode) (SEH)
FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)
CCProxy 6.2 - 'ping' Remote Buffer Overflow
Savant Web Server 3.1 - Remote Buffer Overflow (2)
Litespeed Web Server 4.0.17 with PHP (FreeBSD) - Remote Overflow
Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)
Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit)
Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit)
Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass)
TeamCity < 9.0.2 - Disabled Registration Bypass
OpenSSH SCP Client - Write Arbitrary Files
Kados R10 GreenBee - Multiple SQL Injection
WordPress Core 5.0 - Remote Code Execution
phpBB 3.2.3 - Remote Code Execution
Linux/x86 - Create File With Permission 7775 + exit() Shellcode (Generator)
Linux/x86 - setreuid(0_0) + execve(/bin/ash_NULL_NULL) + XOR Encoded Shellcode (58 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/csh__ [/bin/csh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/ksh__ [/bin/ksh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/zsh__ [/bin/zsh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(/bin/ash_NULL_NULL) + XOR Encoded Shellcode (58 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/csh__ [/bin/csh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/ksh__ [/bin/ksh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/zsh__ [/bin/zsh_ NULL]) + XOR Encoded Shellcode (53 bytes)
2019-03-08 05:01:50 +00:00
Offensive Security
ed0e1e4d44
DB: 2018-09-25
...
1979 changes to exploits/shellcodes
Couchdb 1.5.0 - 'uuids' Denial of Service
Apache CouchDB 1.5.0 - 'uuids' Denial of Service
Beyond Remote 2.2.5.3 - Denial of Service (PoC)
udisks2 2.8.0 - Denial of Service (PoC)
Termite 3.4 - Denial of Service (PoC)
SoftX FTP Client 3.3 - Denial of Service (PoC)
Silverstripe 2.3.5 - Cross-Site Request Forgery / Open redirection
SilverStripe CMS 2.3.5 - Cross-Site Request Forgery / Open Redirection
Silverstripe CMS 3.0.2 - Multiple Vulnerabilities
SilverStripe CMS 3.0.2 - Multiple Vulnerabilities
Silverstripe CMS 2.4 - File Renaming Security Bypass
SilverStripe CMS 2.4 - File Renaming Security Bypass
Silverstripe CMS 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities
SilverStripe CMS 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities
Silverstripe CMS 2.4.7 - 'install.php' PHP Code Injection
SilverStripe CMS 2.4.7 - 'install.php' PHP Code Injection
Silverstripe Pixlr Image Editor - 'upload.php' Arbitrary File Upload
SilverStripe CMS Pixlr Image Editor - 'upload.php' Arbitrary File Upload
Silverstripe CMS 2.4.x - 'BackURL' Open Redirection
SilverStripe CMS 2.4.x - 'BackURL' Open Redirection
Silverstripe CMS - 'MemberLoginForm.php' Information Disclosure
SilverStripe CMS - 'MemberLoginForm.php' Information Disclosure
Silverstripe CMS - Multiple HTML Injection Vulnerabilities
SilverStripe CMS - Multiple HTML Injection Vulnerabilities
Apache CouchDB 1.7.0 and 2.x before 2.1.1 - Remote Privilege Escalation
Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation
Monstra CMS before 3.0.4 - Cross-Site Scripting
Monstra CMS < 3.0.4 - Cross-Site Scripting (2)
Monstra CMS < 3.0.4 - Cross-Site Scripting
Monstra CMS < 3.0.4 - Cross-Site Scripting (1)
Navigate CMS 2.8 - Cross-Site Scripting
Collectric CMU 1.0 - 'lang' SQL injection
Joomla! Component CW Article Attachments 1.0.6 - 'id' SQL Injection
LG SuperSign EZ CMS 2.5 - Remote Code Execution
MyBB Visual Editor 1.8.18 - Cross-Site Scripting
Joomla! Component AMGallery 1.2.3 - 'filter_category_id' SQL Injection
Joomla! Component Micro Deal Factory 2.4.0 - 'id' SQL Injection
RICOH Aficio MP 301 Printer - Cross-Site Scripting
Joomla! Component Auction Factory 4.5.5 - 'filter_order' SQL Injection
RICOH MP C6003 Printer - Cross-Site Scripting
Linux/ARM - Egghunter (PWN!) + execve(_/bin/sh__ NULL_ NULL) Shellcode (28 Bytes)
Linux/ARM - sigaction() Based Egghunter (PWN!) + execve(_/bin/sh__ NULL_ NULL) Shellcode (52 Bytes)
2018-09-25 05:01:51 +00:00
Offensive Security
4f92fdbdd2
DB: 2018-06-23
...
6 changes to exploits/shellcodes
QEMU Guest Agent 2.12.50 - Denial of Service
Opencart < 3.0.2.0 - Denial of Service
GreenCMS 2.3.0603 - Information Disclosure
phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion
phpLDAPadmin 1.2.2 - 'server_id' LDAP Injection (Username)
phpMyAdmin 4.8.1 - Local File Inclusion
2018-06-23 05:01:48 +00:00
Offensive Security
0909e63d9e
DB: 2018-06-07
...
6 changes to exploits/shellcodes
PHP 7.2.2 - 'php_stream_url_wrap_http_ex' Buffer Overflow
macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver
macOS/iOS Kernel - Heap Overflow Due to Lack of Lower Size Check in getvolattrlist
XNU Kernel - Heap Overflow Due to Bad Bounds Checking in MPTCP
Canon LBP6650/LBP3370/LBP3460/LBP7750C - Authenticaton Bypass
Canon MF210/MF220 - Authenticaton Bypass
2018-06-07 05:01:47 +00:00
Offensive Security
6ba5b68c67
DB: 2018-05-27
...
8 changes to exploits/shellcodes
Symfony 2.7.0 < 4.0.10 - Denial of Service
Employee Work Schedule 5.9 - 'cal_id' SQL Injection
Ajax Full Featured Calendar 2.0 - 'search' SQL Injection
EasyService Billing 1.0 - Cross-Site Request Forgery
EasyService Billing 1.0 - Cross-Site Scripting
EasyService Billing 1.0 - 'q' SQL Injection
mySurvey 1.0 - 'id' SQL Injection
easyLetters 1.0 - 'id' SQL Injection
2018-05-27 05:01:47 +00:00
Offensive Security
e630f8c249
DB: 2018-02-16
...
45 changes to exploits/shellcodes
Cisco ASA - Crash PoC
Cisco ASA - Crash (PoC)
GNU binutils 2.26.1 - Integer Overflow (POC)
GNU binutils 2.26.1 - Integer Overflow (PoC)
K7 Total Security 15.1.0.305 - Device Driver Arbitrary Memory Read
Linux Kernel - 'AF_PACKET' Use-After-Free
Oracle Java JDK/JRE < 1.8.0.131 / Apache Xerces 2.11.0 - 'PDF/Docx' Server Side Denial of Service
Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly (2)
Microsoft Edge Chakra JIT - Memory Corruption
Microsoft Edge Chakra JIT - ImplicitCallFlags Checks Bypass
Microsoft Edge Chakra JIT - Array Type Confusion via InitProto Instructions
Microsoft Edge Chakra JIT - 'Array.prototype.reverse' Array Type Confusion
Microsoft Edge Chakra JIT - 'NewScObjectNoCtor' Array Type Confusion
Microsoft Edge Chakra JIT - 'LdThis' Type Confusion
Pdfium - Pattern Shading Integer Overflows
Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace
Chrome V8 - 'Runtime_RegExpReplace' Integer Overflow
Hotspot Shield - Information Disclosure
Linux Kernel (Ubuntu 17.04) - 'XFRM' Local Privilege Escalation
Nitro Pro PDF - Multiple Vulnerabilities
Odoo CRM 10.0 - Code Execution
Dashlane - DLL Hijacking
LightDM (Ubuntu 16.04/16.10) - Guest Account Local Privilege Escalation
LightDM (Ubuntu 16.04/16.10) - 'Guest Account' Local Privilege Escalation
Trustwave SWG 11.8.0.27 - SSH Unauthorized Access
Ichano AtHome IP Cameras - Multiple Vulnerabilities
Cisco UCS Platform Emulator 3.1(2ePE1) - Remote Code Execution
Ikraus Anti Virus 2.16.7 - Remote Code Execution
McAfee Security Scan Plus - Remote Command Execution
OrientDB - Code Execution
360 Total Security - Local Privilege Escalation
HPE Intelligent Management Center (iMC) 7.2 (E0403P10) - Code Execution
Oracle Knowledge Management 12.1.1 < 12.2.5 - XML External Entity Leading To Remote Code Execution
iBall WRA150N - Multiple Vulnerabilities
GitStack - Unauthenticated Remote Code Execution
Monstra CMS - Remote Code Execution
Ametys CMS 4.0.2 - Unauthenticated Password Reset
DblTek - Multiple Vulnerabilities
FiberHome - Directory Traversal
PHP Melody 2.7.3 - Multiple Vulnerabilities
Tiandy IP Cameras 5.56.17.120 - Sensitive Information Disclosure
Horde Groupware 5.2.21 - Unauthorized File Download
QNAP HelpDesk < 1.1.12 - SQL Injection
Hanbanggaoke IP Camera - Arbitrary Password Change
McAfee LiveSafe 16.0.3 - Man In The Middle Registry Modification Leading to Remote Command Execution
Sophos XG Firewall 16.05.4 MR-4 - Path Traversal
Cisco DPC3928 Router - Arbitrary File Disclosure
IDERA Uptime Monitor 7.8 - Multiple Vulnerabilities
Geneko Routers - Unauthenticated Path Traversal
Dasan Networks GPON ONT WiFi Router H640X versions 12.02-01121 / 2.77p1-1124 / 3.03p2-1146 - Unauthenticated Remote Code Execution
2018-02-16 05:01:50 +00:00
Offensive Security
efd633079a
DB: 2018-02-06
...
19 changes to exploits/shellcodes
WordPress Core - 'load-scripts.php' Denial of Service
Sync Breeze Enterprise 10.0.28 - Remote Buffer Overflow (PoC)
Claymore Dual GPU Miner 10.5 - Format String
Apport/ABRT - 'chroot' Local Privilege Escalation (Metasploit)
MalwareFox AntiMalware 2.74.0.150 - Privilege Escalation
BOCHS 2.6-5 - Buffer Overflow
Windows - 'EternalRomance'/'EternalSynergy'/'EternalChampion' SMB Remote Code Execution (Metasploit) (MS17-010)
Wonder CMS 2.3.1 - Unrestricted File Upload
Wonder CMS 2.3.1 - 'Host' Header Injection
Matrimonial Website Script 2.1.6 - 'uid' SQL Injection
NixCMS 1.0 - 'category_id' SQL Injection
Online Voting System - Authentication Bypass
Joomla! Component Zh BaiduMap 3.0.0.1 - SQL Injection
Joomla! Component Zh YandexMap 6.2.1.0 - 'id' SQL Injection
Joomla! Component Zh GoogleMap 8.4.0.0 - SQL Injection
Joomla! Component jLike 1.0 - Information Leak
Joomla! Component JSP Tickets 1.1 - SQL Injection
Student Profile Management System Script 2.0.6 - Authentication Bypass
Netis WF2419 Router - Cross-Site Scripting
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (136 bytes)
2018-02-06 05:01:50 +00:00
Offensive Security
d304cc3d3e
DB: 2017-11-24
...
116602 new exploits
Too many to list!
2017-11-24 20:56:23 +00:00
Exploit-DB