bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2255 commits 1 branch 0 tags 267 MiB
Commit graph

6 commits

Author SHA1 Message Date
Offensive Security
21fa83f241 DB: 2020-11-20 
12 changes to exploits/shellcodes

Internet Download Manager 6.38.12 - Scheduler Downloads Scheduler Buffer Overflow (PoC)

Genexis Platinum 4410 Router 2.1 - UPnP Credential Exposure
Joomla! Component com_memorix - SQL Injection
Joomla! Component com_informations - SQL Injection
Joomla! Component com_memorix - SQL Injection
Joomla! Component com_informations - SQL Injection
PESCMS TEAM 2.3.2 - Multiple Reflected XSS
Fortinet FortiOS 6.0.4 - Unauthenticated SSL VPN User Password Modification
xuucms 3 - 'keywords' SQL Injection
Gitlab 12.9.0 - Arbitrary File Read (Authenticated)
TestBox CFML Test Framework 4.1.0 - Arbitrary File Write and Remote Code Execution
TestBox CFML Test Framework 4.1.0 - Directory Traversal
Gemtek WVRTM-127ACN 01.01.02.141 - Authenticated Arbitrary Command Injection
M/Monit 3.7.4 - Privilege Escalation
M/Monit 3.7.4 - Password Disclosure
Nagios Log Server 2.1.7 - Persistent Cross-Site Scripting
 2020-11-20 05:02:04 +00:00
Offensive Security
e46d9f65ff DB: 2020-07-27 
32 changes to exploits/shellcodes

Calavera UpLoader 3.5 - 'FTP Logi' Denial of Service (PoC + SEH Overwrite)
Nidesoft DVD Ripper 5.2.18 - Local Buffer Overflow (SEH)
Frigate Professional 3.36.0.9 - 'Pack File' Buffer Overflow (SEH Egghunter)
DiskBoss 7.7.14 - 'Reports and Data Directory' Buffer Overflow (SEH Egghunter)
Socusoft Photo to Video Converter Professional 8.07 - 'Output Folder' Buffer Overflow (SEH Egghunter)
Port Forwarding Wizard 4.8.0 - Buffer Overflow (SEH)
Free MP3 CD Ripper 2.8 - Stack Buffer Overflow (SEH + Egghunter)
docPrint Pro 8.0 - 'Add URL' Buffer Overflow (SEH Egghunter)
GOautodial 4.0 - Persistent Cross-Site Scripting (Authenticated)
ManageEngine Applications Manager 13 - 'MenuHandlerServlet' SQL Injection
INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution
UBICOD Medivision Digital Signage 1.5.1 - Cross-Site Request Forgery (Add Admin)
WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download
WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection (Unauthenticated)
Bludit 3.9.2 - Directory Traversal
LibreHealth 2.0.0 - Authenticated Remote Code Execution
Online Course Registration 1.0 - Unauthenticated Remote Code Execution
elaniin CMS - Authentication Bypass
Koken CMS 0.22.24 - Arbitrary File Upload (Authenticated)
PandoraFMS 7.0 NG 746 - Persistent Cross-Site Scripting
Bio Star 2.8.2 - Local File Inclusion
Webtareas 2.1p - Arbitrary File Upload (Authenticated)
F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion
Sickbeard 0.1 - Cross-Site Request Forgery (Disable Authentication)
Socket.io-file 2.0.31 - Arbitrary File Upload
pfSense 2.4.4-p3 - Cross-Site Request Forgery
Virtual Airlines Manager 2.6.2 - Persistent Cross-Site Scripting
Rails 5.0.1 - Remote Code Execution

Linux/x86 - ASLR deactivation polymorphic Shellcode (124 bytes)
Linux/x86 - Egghunter(0x50905090) + sigaction + execve(/bin/sh) Shellcode (35 bytes)
Windows/x86 - Download using mshta.exe Shellcode (100 bytes)
 2020-07-27 05:02:04 +00:00
Offensive Security
81205fc37a DB: 2020-05-07 
8 changes to exploits/shellcodes

Online Clothing Store 1.0 - Persistent Cross-Site Scripting
i-doit Open Source CMDB 1.14.1 - Arbitrary File Deletion
Booked Scheduler 2.7.7 - Authenticated Directory Traversal
Online Clothing Store 1.0 - 'username' SQL Injection
webTareas 2.0.p8 - Arbitrary File Deletion
GitLab 12.9.0 - Arbitrary File Read
YesWiki cercopitheque 2020.04.18.1 - 'id' SQL Injection
MPC Sharj 3.11.1 - Arbitrary File Download
 2020-05-07 05:01:48 +00:00
Offensive Security
d68f18cb8e DB: 2019-03-30 
6 changes to exploits/shellcodes

Fat Free CRM 0.19.0 - HTML Injection

CentOS Web Panel 0.9.8.789 - NameServer Field Persistent Cross-Site Scripting
 2019-03-30 05:02:01 +00:00
Offensive Security
731dd0f423 DB: 2018-10-16 
22 changes to exploits/shellcodes

Snes9K 0.0.9z - Buffer Overflow (SEH)

NoMachine < 5.3.27 - Remote Code Execution

MaxOn ERP Software 8.x-9.x - 'nomor' SQL Injection
FLIR Brickstream 3D+ - RTSP Stream Disclosure
FLIR AX8 Thermal Camera 1.32.16 - RTSP Stream Disclosure

CAMALEON CMS 2.4 - Cross-Site Scripting
Academic Timetable Final Build 7.0a-7.0b - 'id' SQL Injection
FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure
FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure
Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin)
AlchemyCMS 4.1 - Cross-Site Scripting
FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution
College Notes Management System 1.0 - 'user' SQL Injection
Advanced HRM 1.6 - Remote Code Execution
Centos Web Panel 0.9.8.480 - Multiple Vulnerabilities
Academic Timetable Final Build 7.0 - Information Disclosure
KORA 2.7.0 - 'cid' SQL Injection
 2018-10-16 05:01:45 +00:00
Offensive Security
d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
 2017-11-24 20:56:23 +00:00