bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1442 commits 1 branch 0 tags 351 MiB
Commit graph

6 commits

Author SHA1 Message Date
Offensive Security
f0d075a5de DB: 2017-12-22 
6 changes to exploits/shellcodes

Ruby < 2.2.8 / < 2.3.5 / < 2.4.2 / < 2.5.0-preview1 - 'NET::Ftp' Command Injection

Zabbix Agent 3.0.1 - mysql.size Shell Command Injection
Zabbix Agent 3.0.1 - 'mysql.size' Shell Command Injection
Cisco IOS 12.2 < 12.4 /  15.0 < 15.6 - Security Association Negotiation Request Device Memory
Technicolor DPC3928SL - SNMP Authentication Bypass
Fortinet FortiGate 4.x < 5.0.7 - SSH Backdoor
Netcore / Netis Routers - UDP Backdoor

NETGEAR R7000 - Command Injection
NETGEAR R7000 - Command Injection (PoC)

Conarc iChannel - Improper Access Restrictions
 2017-12-22 05:02:19 +00:00
Offensive Security
307f5f46af DB: 2017-12-21 
4 changes to exploits/shellcodes

Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)' Double-Write Ring-0 Address Leak

Samsung Internet Browser - SOP Bypass (Metasploit)
Ability Mail Server 3.3.2 - Cross-Site Scripting
BEIMS ContractorWeb 5.18.0.0 - SQL Injection
 2017-12-21 05:02:15 +00:00
Offensive Security
f76fbb1072 DB: 2017-12-19 
19 changes to exploits/shellcodes

CDex 1.96 - Buffer Overflow
Zoom Linux Client 2.0.106600.0904 - Command Injection
Zoom Linux Client 2.0.106600.0904 - Stack-Based Buffer Overflow

Firejail - Local Privilege Escalation

Firejail < 0.9.44.4 / < 0.9.38.8 LTS - Local Sandbox Escape

Linux kernel < 4.10.15 - Race Condition Privilege Escalation
Outlook for Android - Attachment Download Directory Traversal
Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit)
GoAhead httpd 2.5 < 3.6.5 - 'LD_PRELOAD' Remote Code Execution

Joomla! Component Guru Pro - SQL Injection
Joomla! Component Guru Pro - 'Itemid' SQL Injection
Joomla! Component User Bench 1.0 - 'userid' SQL Injection
Joomla! Component My Projects 2.0 - SQL Injection
vBulletin 5 - 'routestring' Unauthenticated Remote Code Execution
vBulletin 5 - 'cacheTemplates' Unauthenticated Remote Arbitrary File Deletion
Linksys WVBR0 - 'User-Agent' Remote Command Injection
Joomla! Component JB Visa 1.0 - 'visatype' SQL Injection
Joomla! Component Guru Pro - 'promocode' SQL Injection

Monstra CMS 3.0.4 - Arbitrary File Upload / Remote Code Execution
 2017-12-19 05:02:17 +00:00
Offensive Security
bb8b231f69 DB: 2017-12-02 
8 changes to exploits/shellcodes

6 new exploits/shellcodes

Abyss Web Server < 2.11.6 - Heap Memory Corruption

HP iMC Plat 7.2 - Remote Code Execution

HP iMC Plat 7.2 - Remote Code Execution (2)

Kodi 15 - Web Interface Arbitrary File Access (
Kodi 15 - Web Interface Arbitrary File Access
Jobs2Careers / Coroflot Clone - SQL Injection
MistServer 2.12 - Cross-Site Scripting
Artica Web Proxy 3.06 - Remote Code Execution
 2017-12-02 05:02:32 +00:00
Offensive Security
f52bbcb598 DB: 2017-11-28 
15 new exploits
 2017-11-28 19:14:29 +00:00
Offensive Security
d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
 2017-11-24 20:56:23 +00:00