bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2835 commits 1 branch 0 tags 264 MiB
Commit graph

4 commits

Author SHA1 Message Date
Offensive Security
b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
 2021-09-03 20:19:21 +00:00
Offensive Security
36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
 2021-09-03 13:39:06 +00:00
Offensive Security
25e5c32779 DB: 2018-12-13 
2 changes to exploits/shellcodes

Xlight FTP Server 1.25/1.41 - 'PASS'  Remote Buffer Overflow
Xlight FTP Server 1.25/1.41 - 'PASS' Remote Buffer Overflow

HP Printer FTP Print Server 2.4.5 - 'LIST'  Buffer Overflow
HP Printer FTP Print Server 2.4.5 - 'LIST' Buffer Overflow

Qbik WinGate 6.2.2 - 'LIST'  Remote Denial of Service
Qbik WinGate 6.2.2 - 'LIST' Remote Denial of Service

Quick 'n Easy FTP Server 3.9.1 - 'USER'  Remote Buffer Overflow
Quick 'n Easy FTP Server 3.9.1 - 'USER' Remote Buffer Overflow

Linux Kernel - 'AF_PACKET' Use-After-Free
Linux Kernel - 'AF_PACKET' Use-After-Free (2)

Linux Kernel - 'AF_PACKET' Use-After-Free
Linux Kernel - 'AF_PACKET' Use-After-Free (1)

WebRTC - VP9 Frame Processing  Out-of-Bounds Memory Access
WebRTC - VP9 Frame Processing Out-of-Bounds Memory Access

Oracle VirtualBox Manager 5.2.18 r124319  - 'Name Attribute' Denial of Service (PoC)
Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service (PoC)

Systrace 1.x (x64) - Aware Linux Kernel Privilege Escalation
Systrace 1.x (Linux Kernel  x64) - Aware Local Privilege Escalation

PonyOS 3.0 - TTY 'ioctl()' Local Kernel
PonyOS 3.0 - TTY 'ioctl()' Kernel Local Privilege Escalation

Microsoft Windows 10  (Build 1703  Creators Update) (x86) - 'WARBIRD' 'NtQuerySystemInformation ' Kernel Local Privilege Escalation
Microsoft Windows 10 (Build 1703 Creators Update) (x86) - 'WARBIRD' 'NtQuerySystemInformation ' Kernel Local Privilege Escalation

Linux Kernel <  4.13.9 (Ubuntu 16.04 / Fedora 27) - Local Privilege Escalation
Linux Kernel < 4.13.9 (Ubuntu 16.04 / Fedora 27) - Local Privilege Escalation

Linux Kernel  4.14.7 (Ubuntu 16.04 / CentOS 7) - (KASLR & SMEP Bypass) Arbitrary File Read
Linux Kernel 4.14.7 (Ubuntu 16.04 / CentOS 7) - (KASLR & SMEP Bypass) Arbitrary File Read

Microsoft Windows - JPEG GDI+ All-in-One Bind/Reverse/Admin/FileDownload
Microsoft Windows - JPEG GDI+ Bind/Reverse/Admin/File Download

Golden FTP Server 4.70 - 'PASS'  Buffer Overflow
Golden FTP Server 4.70 - 'PASS' Buffer Overflow

EasyFTP Server 1.7.0.11 - 'LIST'  Stack Buffer Overflow (Metasploit)
EasyFTP Server 1.7.0.11 - 'LIST' Stack Buffer Overflow (Metasploit)

Actfax FTP Server 4.27 - 'USER'  Stack Buffer Overflow (Metasploit)
Actfax FTP Server 4.27 - 'USER' Stack Buffer Overflow (Metasploit)

Sami FTP Server 2.0.1 - 'LIST'  Buffer Overflow
Sami FTP Server 2.0.1 - 'LIST' Buffer Overflow

Sami FTP Server - 'LIST'  Buffer Overflow (Metasploit)
Sami FTP Server - 'LIST' Buffer Overflow (Metasploit)
Apache Struts 2.3 < 2.3.34 /  2.5 < 2.5.16 - Remote Code Execution (1)
Apache Struts 2.3 < 2.3.34 /  2.5 < 2.5.16 - Remote Code Execution (2)
Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (1)
Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (2)

IGSuite 3.2.4 - Reverse Shell Blind SQL Injection
IGSuite 3.2.4 - Reverse Shell / Blind SQL Injection

Sitemakin SLAC 1.0 -  'my_item_search' SQL Injection
Sitemakin SLAC 1.0 - 'my_item_search' SQL Injection

Dolibarr ERP/CRM  < 7.0.3 - PHP Code Injection
Dolibarr ERP/CRM < 7.0.3 - PHP Code Injection

MTGAS  MOGG Web Simulator Script - SQL Injection
MTGAS MOGG Web Simulator Script - SQL Injection

Tourism Website Blog - Remote Code Execution / SQL Injection
Alumni Tracer SMS Notification - SQL Injection / Cross-Site Request Forgery
PrestaShop 1.6.x/1.7.x - Remote Code Execution
DomainMOD 4.11.01 - Cross-Site Scripting
Alumni Tracer SMS Notification - SQL Injection / Cross-Site Request Forgery
PrestaShop 1.6.x/1.7.x - Remote Code Execution
DomainMOD 4.11.01 - Cross-Site Scripting
TP-Link wireless router Archer C1200 - Cross-Site Scripting
Huawei B315s-22 - Information Leak
TP-Link wireless router Archer C1200 - Cross-Site Scripting
Huawei B315s-22 - Information Leak
HotelDruid 2.3.0 - 'id_utente_mod' SQL Injection
WordPress Plugin AutoSuggest 0.24 - 'wpas_keys' SQL Injection
ThinkPHP 5.0.23/5.1.31 - Remote Code Execution
HotelDruid 2.3.0 - 'id_utente_mod' SQL Injection
WordPress Plugin AutoSuggest 0.24 - 'wpas_keys' SQL Injection
ThinkPHP 5.0.23/5.1.31 - Remote Code Execution

Linux/x86 - execve(/usr/bin/ncat -lvp 1337 -e /bin/bash)+Null-Free Shellcode (95 bytes)
Linux/x86 - Bind (1337/TCP) Ncat (/usr/bin/ncat) Shell (/bin/bash) + Null-Free Shellcode (95 bytes)
 2018-12-13 05:01:45 +00:00
Offensive Security
d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
 2017-11-24 20:56:23 +00:00
Renamed from platforms/windows/local/951.py (Browse further)