bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2831 commits 1 branch 0 tags 258 MiB
Commit graph

25 commits

Author SHA1 Message Date
Exploit-DB
9e36596021 DB: 2023-05-27 
3 changes to exploits/shellcodes/ghdb

Bludit CMS v3.14.1 - Stored Cross-Site Scripting (XSS) (Authenticated)

GetSimple CMS v3.3.16 - Remote Code Execution (RCE)

SitemagicCMS 4.4.3 - Remote Code Execution (RCE)

Camaleon CMS v2.7.0 - Server-Side Template Injection (SSTI)
 2023-05-27 00:16:29 +00:00
Exploit-DB
0a7adaa3fc DB: 2023-05-24 
40 changes to exploits/shellcodes/ghdb

Optoma 1080PSTX Firmware C02 - Authentication Bypass
Screen SFT DAB 600/C - Authentication Bypass Account Creation
Screen SFT DAB 600/C - Authentication Bypass Admin Password Change
Screen SFT DAB 600/C - Authentication Bypass Erase Account
Screen SFT DAB 600/C - Authentication Bypass Password Change
Screen SFT DAB 600/C - Authentication Bypass Reset Board Config
Screen SFT DAB 600/C - Unauthenticated Information Disclosure (userManager.cgx)

PnPSCADA v2.x - Unauthenticated PostgreSQL Injection

Gin Markdown Editor v0.7.4 (Electron) - Arbitrary Code Execution

Yank Note v3.52.1 (Electron) - Arbitrary Code Execution

Apache Superset 2.0.0 - Authentication Bypass

FusionInvoice 2023-1.0 - Stored XSS (Cross-Site Scripting)

PaperCut NG/MG 22.0.4 - Remote Code Execution (RCE)

Affiliate Me Version 5.0.1 - SQL Injection

Best POS Management System v1.0 - Unauthenticated Remote Code Execution

Bludit CMS v3.14.1 - Stored Cross-Site Scripting (XSS) (Authenticated)

ChurchCRM v4.5.4 - Reflected XSS via Image (Authenticated)

CiviCRM 5.59.alpha1 - Stored XSS (Cross-Site Scripting)

e107 v2.3.2 - Reflected XSS

File Thingie 2.5.7 - Remote Code Execution (RCE)

GetSimple CMS v3.3.16 - Remote Code Execution (RCE)

LeadPro CRM v1.0 - SQL Injection

PodcastGenerator 3.2.9 - Multiple Stored Cross-Site Scripting (XSS)

Prestashop 8.0.4 - CSV injection

Quicklancer v1.0 - SQL Injection

SitemagicCMS 4.4.3 - Remote Code Execution (RCE)

Smart School v1.0 - SQL Injection

Stackposts Social Marketing Tool v1.0 - SQL Injection

thrsrossi Millhouse-Project 1.414 - Remote Code Execution

TinyWebGallery v2.5 - Remote Code Execution (RCE)

WBiz Desk 1.2 - SQL Injection

Webkul Qloapps 1.5.2 - Cross-Site Scripting (XSS)

WordPress Plugin Backup Migration 1.2.8 - Unauthenticated Database Backup

Cameleon CMS 2.7.4 - Persistent Stored XSS in Post Title

Hubstaff 1.6.14-61e5e22e - 'wow64log' DLL Search Order Hijacking

MobileTrans  4.0.11 - Weak Service Privilege Escalation

Trend Micro OfficeScan Client 10.0 - ACL Service LPE
eScan Management Console 14.0.1400.2281 - Cross Site Scripting
eScan Management Console 14.0.1400.2281 - SQL Injection (Authenticated)
 2023-05-24 00:16:34 +00:00
Exploit-DB
3de26153c8 DB: 2023-04-02 
23 changes to exploits/shellcodes/ghdb

ELSI Smart Floor V3.3.3 - Stored Cross-Site Scripting (XSS)

Hughes Satellite Router HX200 v8.3.1.14 -  Remote File Inclusion

Nexxt Router Firmware 42.103.1.5095 - Remote Code Execution (RCE) (Authenticated)

TP-Link TL-WR902AC firmware 210730 (V3) - Remote Code Execution (RCE) (Authenticated)

GeoVision Camera GV-ADR2701 - Authentication Bypass

AD Manager Plus 7122 - Remote Code Execution (RCE)

Enlightenment v0.25.3 - Privilege escalation

Centos Web Panel 7 v0.9.8.1147 - Unauthenticated Remote Code Execution (RCE)

Apache 2.4.x - Buffer Overflow

perfSONAR v4.4.5 - Partial Blind CSRF

SugarCRM 12.2.0 - Remote Code Execution (RCE)

XCMS v1.83 - Remote Command Execution (RCE)

Yahoo User Interface library (YUI2) TreeView v2.8.2 - Multiple Reflected Cross Site Scripting (XSS)

GitLab v15.3 - Remote Code Execution (RCE) (Authenticated)

AimOne Video Converter V2.04 Build 103 - Buffer Overflow (DoS)

NetIQ/Microfocus Performance Endpoint v5.1 - remote root/SYSTEM exploit

Splashtop 8.71.12001.0 - Unquoted Service Path

Reprise Software RLM v14.2BL4 - Cross-Site Scripting (XSS)

FlipRotation v1.0 decoder - Shellcode (146 bytes)

Linux/x86 - Polymorphic linux x86 Shellcode (92 Bytes)

macOS/x64 - Execve Caesar Cipher String Null-Free Shellcode
 2023-04-02 00:16:21 +00:00
Offensive Security
be24992411 DB: 2022-05-12 
42 changes to exploits/shellcodes

UDisk Monitor Z5 Phone - 'MonServiceUDisk.exe' Unquoted Service Path
TCQ - ITeCProteccioAppServer.exe - Unquoted Service Path
Wondershare Dr.Fone 11.4.10 - Insecure File Permissions
ExifTool 12.23 - Arbitrary Code Execution
Wondershare Dr.Fone 12.0.7 - Privilege Escalation (ElevationService)
Wondershare Dr.Fone 12.0.7 - Privilege Escalation (InstallAssistService)
Prime95 Version 30.7 build 9 - Remote Code Execution (RCE)
Akka HTTP 10.1.14 - Denial of Service
USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 - Remote Root Backdoor
Bookeen Notea - Directory Traversal
SAP BusinessObjects Intelligence 4.3 - XML External Entity (XXE)
ManageEngine ADSelfService Plus Build 6118 - NTLMv2 Hash Exposure
DLINK DIR850 - Insecure Access Control
DLINK DIR850 - Open Redirect
Apache CouchDB 3.2.1 - Remote Code Execution (RCE)
Tenda HG6 v3.3.0 - Remote Command Injection
Google Chrome 78.0.3904.70 - Remote Code Execution
PyScript - Read Remote Python Source Code
DLINK DAP-1620 A1 v1.01 - Directory Traversal
Ruijie Reyee Mesh Router - Remote Code Execution (RCE) (Authenticated)
ImpressCMS v1.4.4 - Unrestricted File Upload
Microfinance Management System 1.0 - 'customer_number' SQLi
WebTareas 2.4 - Blind SQLi (Authenticated)
WordPress Plugin Advanced Uploader 4.2 - Arbitrary File Upload (Authenticated)
Magento eCommerce CE v2.3.5-p2 - Blind SQLi
Bitrix24 - Remote Code Execution (RCE) (Authenticated)
CSZ CMS 1.3.0 - 'Multiple' Blind SQLi
Cyclos 4.14.7 - DOM Based Cross-Site Scripting (XSS)
Cyclos 4.14.7 - 'groupId' DOM Based Cross-Site Scripting (XSS)
e107 CMS v3.2.1 - Multiple Vulnerabilities
Anuko Time Tracker - SQLi (Authenticated)
TLR-2005KSH - Arbitrary File Upload
Explore CMS 1.0 - SQL Injection
Navigate CMS 2.9.4 - Server-Side Request Forgery (SSRF) (Authenticated)
PHProjekt PhpSimplyGest v1.3. - Stored Cross-Site Scripting (XSS)
Beehive Forum - Account Takeover
MyBB 1.8.29 - MyBB 1.8.29 - Remote Code Execution (RCE) (Authenticated)
WordPress Plugin Blue Admin 21.06.01 - Cross-Site Request Forgery (CSRF)
Joomla Plugin SexyPolling 2.1.7 - SQLi
WordPress Plugin stafflist 3.1.2 - SQLi (Authenticated)
 2022-05-12 05:01:39 +00:00
Offensive Security
004fdfd467 DB: 2022-04-27 
4 changes to exploits/shellcodes

7-zip - Code Execution / Local Privilege Escalation
Gitlab 14.9 - Authentication Bypass
GitLab 14.9 - Stored Cross-Site Scripting (XSS)
 2022-04-27 05:01:59 +00:00
Offensive Security
a4598bc3c4 DB: 2021-11-18 
5 changes to exploits/shellcodes

Bludit 3.13.1 - 'username' Cross Site Scripting (XSS)
Quick.CMS 6.7 - Cross Site Request Forgery (CSRF) to Cross Site Scripting (XSS) (Authenticated)
SuiteCRM 7.11.18 - Remote Code Execution (RCE) (Authenticated) (Metasploit)
GitLab 13.10.2 - Remote Code Execution (RCE) (Unauthenticated)
Wordpress Plugin Smart Product Review 1.0.4 - Arbitrary File Upload
 2021-11-18 05:02:10 +00:00
Offensive Security
b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
 2021-09-03 20:19:21 +00:00
Offensive Security
36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
 2021-09-03 13:39:06 +00:00
Offensive Security
4e7ab00187 DB: 2021-08-20 
204 changes to exploits/shellcodes

Charity Management System CMS 1.0 - Multiple Vulnerabilities
 2021-08-20 05:01:51 +00:00
Offensive Security
d6a44bd00b DB: 2021-06-08 
11 changes to exploits/shellcodes

Sticky Notes & Color Widgets 1.4.2 - Denial of Service (PoC)

IcoFX 2.6 - '.ico' Buffer Overflow SEH + DEP Bypass using JOP

GitLab Community Edition (CE) 13.10.3 - 'Sign_Up' User Enumeration
OptiLink ONT1GEW GPON 2.1.11_X101 Build 1127.190306 - Remote Code Execution (Authenticated)
WordPress Plugin Smart Slider-3 3.5.0.8 - 'name' Stored Cross-Site Scripting (XSS)
Rocket.Chat 3.12.1 - NoSQL Injection to RCE (Unauthenticated)
Grav CMS 1.7.10 - Server-Side Template Injection (SSTI) (Authenticated)
Wordpress Plugin wpDiscuz 7.0.4 - Arbitrary File Upload (Unauthenticated)
 2021-06-08 05:02:03 +00:00
Offensive Security
1dc98b3b8e DB: 2021-06-05 
6 changes to exploits/shellcodes

Inkpad Notepad & To do list 4.3.61 - Denial of Service (PoC)
Color Notes 1.4 - Denial of Service (PoC)
Macaron Notes great notebook 5.5 - Denial of Service (PoC)
My Notes Safe 5.3 - Denial of Service (PoC)
Monstra CMS 3.0.4 - Remote Code Execution (Authenticated)
Gitlab 13.10.2 - Remote Code Execution (Authenticated)
 2021-06-05 05:01:54 +00:00
Offensive Security
a9fa314bbf DB: 2021-06-04 
14 changes to exploits/shellcodes

BasicNote 1.1.9 - Denial of Service (PoC)
ColorNote 4.1.9 - Denial of Service (PoC)
Notepad notes 2.6.7 - Denial of Service (PoC)
Blacknote 2.2.1 - Denial of Service (PoC)

CHIYU IoT Devices - 'Telnet' Authentication Bypass
PHP 8.1.0-dev - 'User-Agentt' Remote Code Execution
Seo Panel 4.8.0 - 'from_time' Reflected XSS
CHIYU IoT Devices - Denial of Service (DoS)
FUDForum 3.1.0 - 'srch' Reflected XSS
FUDForum 3.1.0 - 'author' Reflected XSS
Gitlab 13.9.3 - Remote Code Execution (Authenticated)
4Images 1.8 - 'redirect' Reflected XSS
 2021-06-04 05:01:54 +00:00
Offensive Security
dcd1229758 DB: 2021-05-04 
7 changes to exploits/shellcodes

GetSimple CMS Custom JS 0.1 - CSRF to XSS to RCE
Voting System 1.0 - Time based SQLI  (Unauthenticated SQL injection)
Piwigo 11.3.0 - 'language' SQL
GitLab Community Edition (CE) 13.10.3 - User Enumeration
GitLab Community Edition (CE) 13.10.3 - 'Sign_Up' User Enumeration

Windows/x64 - Dynamic Null-Free WinExec PopCalc Shellcode (205 Bytes)
Windows/x64 - Dynamic NoNull Add RDP Admin (BOKU:SP3C1ALM0V3) Shellcode (387 Bytes)
 2021-05-04 05:01:59 +00:00
Offensive Security
0ec0dacc0e DB: 2021-02-26 
3 changes to exploits/shellcodes

ASUS Remote Link 1.1.2.13 - Remote Code Execution

Vehicle Parking Management System 1.0 - 'catename' Persistent Cross-Site Scripting (XSS)
 2021-02-26 05:01:57 +00:00
Offensive Security
b96bdbcfa5 DB: 2021-02-12 
8 changes to exploits/shellcodes

Online Marriage Registration System 1.0 - Remote Code Execution
Online Marriage Registration System 1.0 - Remote Code Execution (1)

Gitlab 11.4.7 - Remote Code Execution
GitLab 11.4.7 - Remote Code Execution (Authenticated) (1)

Online Marriage Registration System (OMRS) 1.0 - Remote Code Execution (Authenticated)
Online Marriage Registration System (OMRS) 1.0 - Remote Code Execution (2)

GitLab 11.4.7 - Remote Code Execution (Authenticated)

GitLab 11.4.7 - RCE (Authenticated)
GitLab 11.4.7 - RCE (Authenticated) (2)

Openlitespeed Web Server 1.7.8 - Command Injection (Authenticated)
Openlitespeed Web Server 1.7.8 - Command Injection (Authenticated) (1)
PEEL Shopping 9.3.0 - 'address' Stored Cross-Site Scripting
b2evolution 6.11.6 - 'redirect_to' Open Redirect
b2evolution 6.11.6 - 'tab3' Reflected XSS
Openlitespeed WebServer 1.7.8 - Command Injection (Authenticated) (2)
Online Marriage Registration System (OMRS) 1.0 - Remote code execution (3)
 2021-02-12 05:01:57 +00:00
Offensive Security
f268b6f221 DB: 2021-01-28 
4 changes to exploits/shellcodes

Openlitespeed Web Server 1.7.8 - Command Injection (Authenticated)
STVS ProVision 5.9.10 - File Disclosure (Authenticated)
STVS ProVision 5.9.10 - Cross-Site Request Forgery (Add Admin)
 2021-01-28 05:01:55 +00:00
Offensive Security
4a75b60de1 DB: 2020-12-25 
4 changes to exploits/shellcodes

Apartment Visitors Management System 1.0 - Authentication Bypass
WordPress Plugin Adning Advertising 1.5.5 - Arbitrary File Upload
WordPress Plugin WP-PostRatings 1.86 - 'postratings_image' Cross-Site Scripting
GitLab 11.4.7 - RCE (Authenticated)
 2020-12-25 05:01:54 +00:00
Offensive Security
58ad270f64 DB: 2020-12-17 
6 changes to exploits/shellcodes

Tibco ObfuscationEngine 5.11 - Fixed Key Password Decryption

Adobe (Multiple Products) - XML Injection File Content Disclosure
GitLab 11.4.7 - Remote Code Execution (Authenticated)
Grav CMS 1.6.30 Admin Plugin 1.9.18 - 'Page Title' Persistent Cross-Site Scripting
Raysync 3.3.3.8 - RCE
Magic Home Pro 1.5.1 - Authentication Bypass
PrestaShop ProductComments 4.2.0 - 'id_products' Time Based Blind SQL Injection
Seotoaster 3.2.0 - Stored XSS on Edit page properties
 2020-12-17 05:01:57 +00:00
Offensive Security
d7c025fc8d DB: 2020-12-15 
13 changes to exploits/shellcodes

System Explorer 7.0.0 - 'SystemExplorerHelpService' Unquoted Service Path
Rukovoditel 2.6.1 - Cross-Site Request Forgery (Change password)
LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection
MiniWeb HTTP Server 0.8.19 - Buffer Overflow (PoC)
Seacms 11.1 - 'ip and weburl' Remote Command Execution
Seacms 11.1 - 'file' Local File Inclusion
Seacms 11.1 - 'checkuser' Stored XSS
WordPress Plugin Total Upkeep 1.14.9 - Database and Files Backup Download
Rumble Mail Server 0.51.3135 - 'servername' Stored XSS
Rumble Mail Server 0.51.3135 - 'domain and path' Stored XSS
Rumble Mail Server 0.51.3135 - 'username' Stored XSS
Macally WIFISD2-2A82 2.000.010 - Guest to Root Privilege Escalation
Gitlab 11.4.7 - Remote Code Execution
 2020-12-15 05:02:04 +00:00
Offensive Security
21fa83f241 DB: 2020-11-20 
12 changes to exploits/shellcodes

Internet Download Manager 6.38.12 - Scheduler Downloads Scheduler Buffer Overflow (PoC)

Genexis Platinum 4410 Router 2.1 - UPnP Credential Exposure
Joomla! Component com_memorix - SQL Injection
Joomla! Component com_informations - SQL Injection
Joomla! Component com_memorix - SQL Injection
Joomla! Component com_informations - SQL Injection
PESCMS TEAM 2.3.2 - Multiple Reflected XSS
Fortinet FortiOS 6.0.4 - Unauthenticated SSL VPN User Password Modification
xuucms 3 - 'keywords' SQL Injection
Gitlab 12.9.0 - Arbitrary File Read (Authenticated)
TestBox CFML Test Framework 4.1.0 - Arbitrary File Write and Remote Code Execution
TestBox CFML Test Framework 4.1.0 - Directory Traversal
Gemtek WVRTM-127ACN 01.01.02.141 - Authenticated Arbitrary Command Injection
M/Monit 3.7.4 - Privilege Escalation
M/Monit 3.7.4 - Password Disclosure
Nagios Log Server 2.1.7 - Persistent Cross-Site Scripting
 2020-11-20 05:02:04 +00:00
Offensive Security
e46d9f65ff DB: 2020-07-27 
32 changes to exploits/shellcodes

Calavera UpLoader 3.5 - 'FTP Logi' Denial of Service (PoC + SEH Overwrite)
Nidesoft DVD Ripper 5.2.18 - Local Buffer Overflow (SEH)
Frigate Professional 3.36.0.9 - 'Pack File' Buffer Overflow (SEH Egghunter)
DiskBoss 7.7.14 - 'Reports and Data Directory' Buffer Overflow (SEH Egghunter)
Socusoft Photo to Video Converter Professional 8.07 - 'Output Folder' Buffer Overflow (SEH Egghunter)
Port Forwarding Wizard 4.8.0 - Buffer Overflow (SEH)
Free MP3 CD Ripper 2.8 - Stack Buffer Overflow (SEH + Egghunter)
docPrint Pro 8.0 - 'Add URL' Buffer Overflow (SEH Egghunter)
GOautodial 4.0 - Persistent Cross-Site Scripting (Authenticated)
ManageEngine Applications Manager 13 - 'MenuHandlerServlet' SQL Injection
INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution
UBICOD Medivision Digital Signage 1.5.1 - Cross-Site Request Forgery (Add Admin)
WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download
WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection (Unauthenticated)
Bludit 3.9.2 - Directory Traversal
LibreHealth 2.0.0 - Authenticated Remote Code Execution
Online Course Registration 1.0 - Unauthenticated Remote Code Execution
elaniin CMS - Authentication Bypass
Koken CMS 0.22.24 - Arbitrary File Upload (Authenticated)
PandoraFMS 7.0 NG 746 - Persistent Cross-Site Scripting
Bio Star 2.8.2 - Local File Inclusion
Webtareas 2.1p - Arbitrary File Upload (Authenticated)
F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion
Sickbeard 0.1 - Cross-Site Request Forgery (Disable Authentication)
Socket.io-file 2.0.31 - Arbitrary File Upload
pfSense 2.4.4-p3 - Cross-Site Request Forgery
Virtual Airlines Manager 2.6.2 - Persistent Cross-Site Scripting
Rails 5.0.1 - Remote Code Execution

Linux/x86 - ASLR deactivation polymorphic Shellcode (124 bytes)
Linux/x86 - Egghunter(0x50905090) + sigaction + execve(/bin/sh) Shellcode (35 bytes)
Windows/x86 - Download using mshta.exe Shellcode (100 bytes)
 2020-07-27 05:02:04 +00:00
Offensive Security
81205fc37a DB: 2020-05-07 
8 changes to exploits/shellcodes

Online Clothing Store 1.0 - Persistent Cross-Site Scripting
i-doit Open Source CMDB 1.14.1 - Arbitrary File Deletion
Booked Scheduler 2.7.7 - Authenticated Directory Traversal
Online Clothing Store 1.0 - 'username' SQL Injection
webTareas 2.0.p8 - Arbitrary File Deletion
GitLab 12.9.0 - Arbitrary File Read
YesWiki cercopitheque 2020.04.18.1 - 'id' SQL Injection
MPC Sharj 3.11.1 - Arbitrary File Download
 2020-05-07 05:01:48 +00:00
Offensive Security
d68f18cb8e DB: 2019-03-30 
6 changes to exploits/shellcodes

Fat Free CRM 0.19.0 - HTML Injection

CentOS Web Panel 0.9.8.789 - NameServer Field Persistent Cross-Site Scripting
 2019-03-30 05:02:01 +00:00
Offensive Security
731dd0f423 DB: 2018-10-16 
22 changes to exploits/shellcodes

Snes9K 0.0.9z - Buffer Overflow (SEH)

NoMachine < 5.3.27 - Remote Code Execution

MaxOn ERP Software 8.x-9.x - 'nomor' SQL Injection
FLIR Brickstream 3D+ - RTSP Stream Disclosure
FLIR AX8 Thermal Camera 1.32.16 - RTSP Stream Disclosure

CAMALEON CMS 2.4 - Cross-Site Scripting
Academic Timetable Final Build 7.0a-7.0b - 'id' SQL Injection
FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure
FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure
Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin)
AlchemyCMS 4.1 - Cross-Site Scripting
FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution
College Notes Management System 1.0 - 'user' SQL Injection
Advanced HRM 1.6 - Remote Code Execution
Centos Web Panel 0.9.8.480 - Multiple Vulnerabilities
Academic Timetable Final Build 7.0 - Information Disclosure
KORA 2.7.0 - 'cid' SQL Injection
 2018-10-16 05:01:45 +00:00
Offensive Security
d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
 2017-11-24 20:56:23 +00:00