bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
994 commits 1 branch 0 tags 351 MiB
Commit graph

171 commits

Author SHA1 Message Date
Offensive Security
751e61a6bf DB: 2016-09-16 
3 new exploits

Avaya IP Office Phone Manager - Local Password Disclosure

BT Voyager 2091 (Wireless ADSL) - Multiple Vulnerabilities

PA168 Chipset IP Phones - Weak Session Management Exploit

CUPS 1.3.7 - Cross-Site Request Forgery (add rss subscription) Remote Crash

phpMyAdmin - '/scripts/setup.php' PHP Code Injection

NScan 0.9.1 - (Target) Buffer Overflow
NScan 0.9.1 - 'Target' Buffer Overflow

Xerox WorkCentre - Multiple Models Denial of Service
Xerox WorkCentre  (Multiple Models) - Denial of Service
Cisco EPC 3925 - Multiple Vulnerabilities

httpdx 1.4 - h_handlepeer Buffer Overflow (Metasploit)

Novell eDirectory 8.8sp5 - Buffer Overflow

Uebimiau Webmail 3.2.0-2.0 - Email Disclosure

ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x32/x64) - LZH archive parsing (PoC)

Integard Home and Pro 2 - Remote HTTP Buffer Overflow

Multiple D-Link Router Models - Authentication Bypass
D-Link Router (Multiple Models) - Authentication Bypass

iSO Air Files 2.6 - Directory Traversal
iOS FtpDisc 1.0 - Directory Traversal
iOS SideBooks 1.0 - Directory Traversal
iOS FtpDisc 1.0 - Directory Traversal
iOS SideBooks 1.0 - Directory Traversal
iSO Filer Lite 2.1.0 - Directory Traversal
iOS iDocManager 1.0.0 - Directory Traversal
iOS myDBLite 1.1.10 - Directory Traversal
iSO Filer Lite 2.1.0 - Directory Traversal
iOS iDocManager 1.0.0 - Directory Traversal
iOS myDBLite 1.1.10 - Directory Traversal

iOS Share 1.0 - Directory Traversal

iOS TIOD 1.3.3 - Directory Traversal

Zapya Desktop 1.803 - (ZapyaService.exe) Privilege Escalation
Zapya Desktop 1.803 - 'ZapyaService.exe' Privilege Escalation

Dansie Shopping Cart - Server Error Message Installation Full Path Disclosure

Apache/mod_ssl 2.0.x - Remote Denial of Service

SPIP - CMS < 3.0.9 / 2.1.22 / 2.0.23 - Privilege Escalation

Airlive IP Cameras - Multiple Vulnerabilities

Monkey CMS - Multiple Vulnerabilities

NetBSD mail.local - Privilege Escalation (Metasploit)

Apache Mina 2.0.13 - Remote Command Execution

Apache Mina 2.0.13 - Remote Command Execution

DeepOfix SMTP Server 3.3 - Authentication Bypass

xEpan 1.0.4 - Multiple Vulnerabilities
Humhub 0.10.0-rc.1 - SQL Injection
Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities
Humhub 0.10.0-rc.1 - SQL Injection
Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities

Dell iDRAC IPMI 1.5 - Insufficient Session ID Randomness
Koha 3.20.1 - Multiple SQL Injections
Koha 3.20.1 - Directory Traversal
Koha 3.20.1 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities
Koha 3.20.1 - Multiple SQL Injections
Koha 3.20.1 - Directory Traversal
Koha 3.20.1 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities

8 TOTOLINK Router Models - Backdoor and Remote Code Execution
8 TOTOLINK Router Models - Backdoor / Remote Code Execution

Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow

TestLink 1.9.14 - Cross-Site Request Forgery

PaKnPost Pro 1.14 - Multiple Vulnerabilities

zFTP Client 20061220 - (Connection Name) Local Buffer Overflow
zFTP Client 20061220 - 'Connection Name' Local Buffer Overflow

NUUO NVRmini 2 3.0.8 - (strong_user.php) Backdoor Remote Shell Access
NUUO NVRmini 2 3.0.8 - 'strong_user.php' Backdoor Remote Shell Access

Cisco ASA 8.x - Authentication Bypass (EXTRABACON)
Cisco ASA 8.x - 'EXTRABACON' Authentication Bypass
Watchguard Firewalls - ifconfig Privilege Escalation (ESCALATEPLOWMAN)
Cisco ASA / PIX - Privilege Escalation (EPICBANANA)
TOPSEC Firewalls - Remote Code Execution (ELIGIBLECONTESTANT)
TOPSEC Firewalls - Remote Code Execution (ELIGIBLECANDIDATE)
TOPSEC Firewalls - Remote Code Execution (ELIGIBLEBOMBSHELL)
TOPSEC Firewalls - Remote Exploit (ELIGIBLEBACHELOR)
Fortigate Firewalls - Remote Code Execution (EGREGIOUSBLUNDER)
Watchguard Firewalls - 'ESCALATEPLOWMAN' ifconfig Privilege Escalation
Cisco ASA / PIX - 'EPICBANANA' Privilege Escalation
TOPSEC Firewalls - 'ELIGIBLECONTESTANT' Remote Code Execution
TOPSEC Firewalls - 'ELIGIBLECANDIDATE' Remote Code Execution
TOPSEC Firewalls - 'ELIGIBLEBOMBSHELL' Remote Code Execution
TOPSEC Firewalls - 'ELIGIBLEBACHELOR' Remote Exploit
Fortigate Firewalls - 'EGREGIOUSBLUNDER' Remote Code Execution

tcPbX - (tcpbx_lang) Local File Inclusion
tcPbX - 'tcpbx_lang' Local File Inclusion
 2016-09-16 05:08:37 +00:00
Offensive Security
5e2fc10125 DB: 2016-09-03 2016-09-03 13:13:25 +00:00
Offensive Security
31a21bb68d DB: 2016-09-03 
14 new exploits

Too many to list!
 2016-09-03 05:08:42 +00:00
Offensive Security
4011b4f053 DB: 2016-08-27 2016-08-27 05:08:40 +00:00
Offensive Security
0d018828aa DB: 2016-07-15 2016-07-15 06:29:45 +00:00
Offensive Security
858079a4fe DB: 2016-06-08 
5 new exploits

Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Local Root
Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Local Root (2)
Windows x86 WinExec(_cmd.exe__0) Shellcode
Linux x86 /bin/nc -le /bin/sh -vp13337 Shellcode (56 bytes)
League of Legends Screensaver - Unquoted Service Path Privilege Escalation
League of Legends Screensaver - Insecure File Permissions Privilege Escalation
Cisco EPC 3928 - Multiple Vulnerabilities
 2016-06-08 05:05:38 +00:00
Offensive Security
62962d90b0 DB: 2016-06-07 
16 new exploits

Linux Kernel < 2.6.34 (Ubuntu 11.10 x86 & x64) - CAP_SYS_ADMIN Local Privilege Escalation Exploit (2)
Linux Kernel < 2.6.34 (Ubuntu 11.10 x86/x64) - CAP_SYS_ADMIN Local Privilege Escalation Exploit (2)

Linux Kernel  2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - Sendpage Local Privilege Escalation (Metasploit)
Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - Sendpage Local Privilege Escalation (Metasploit)

Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings
Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Local Root

WordPress Simple Backup Plugin 2.7.11 - Multiple Vulnerabilities
Dream Gallery 1.0 - CSRF Add Admin Exploit
Apache Continuum 1.4.2 - Multiple Vulnerabilities
Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - ShellShock Exploit
Valve Steam 3.42.16.13 - Local Privilege Escalation
ArticleSetup 1.00 - CSRF Change Admin Password
Electroweb Online Examination System 1.0 - SQL Injection
WordPress WP Mobile Detector Plugin 3.5 - Arbitrary File Upload
WordPress Creative Multi-Purpose Theme 9.1.3 - Stored XSS
WordPress WP PRO Advertising System Plugin 4.6.18 - SQL Injection
WordPress Newspaper Theme 6.7.1 - Privilege Escalation
WordPress Uncode Theme 1.3.1 - Arbitrary File Upload
WordPress Double Opt-In for Download Plugin 2.0.9 - SQL Injection
Notilus Travel Solution Software 2012 R3 - SQL Injection
rConfig 3.1.1 - Local File Inclusion
Nagios XI 5.2.7 - Multiple Vulnerabilities
 2016-06-07 05:07:41 +00:00
Offensive Security
b189e25266 DB: 2016-05-25 
1 new exploits

AfterLogic WebMail Pro ASP.NET 6.2.6 - Administrator Account Disclosure via XXE Injection
 2016-05-25 05:01:52 +00:00
Offensive Security
5e229672a0 DB: 2016-05-14 
3 new exploits

Ethereal / tcpdump (rsvp_print) Infinite Loop Denial of Service Exploit
Ethereal 0.10.10 / tcpdump 3.9.1 (rsvp_print) Infinite Loop Denial of Service Exploit

Mozilla Firefox - Install Method Remote Arbitrary Code Execution Exploit
Mozilla Firefox 1.0.3 - Install Method Remote Arbitrary Code Execution Exploit

Active Price Comparison 4 - (ProductID) Blind SQL Injection Vulnerability

Absolute Form Processor XE-V 1.5 - (auth Bypass) SQL Injection Vulnerability

ipsec-tools racoon frag-isakmp Denial of Service PoC
IPsec-Tools < 0.7.2 (racoon frag-isakmp) - Multiple Remote Denial of Service PoC
PaoBacheca Guestbook 2.1 (login_ok) Auth Bypass Vulnerability
PaoLiber 1.1 (login_ok) Authentication Bypass Vulnerability
PaoBacheca Guestbook 2.1 - (login_ok) Auth Bypass Vulnerability
PaoLiber 1.1 - (login_ok) Authentication Bypass Vulnerability
IPsec-Tools < 0.7.2 - Multiple Remote Denial of Service Vulnerabilities
ISC DHCP 'dhclient' 'script_write_params()' - Stack Buffer Overflow Vulnerability

I-net Multi User Email Script SQLi Vulnerability

linux/x86 - break chroot execve /bin/sh 80 bytes
linux/x86 - break chroot execve /bin/sh (80 bytes)

Sysax Multi Server 5.64 - Create Folder Buffer Overflow

TikiWiki Project 1.8 tiki-read_article.php articleId Parameter XSS
TikiWiki Project 1.8 - tiki-read_article.php articleId Parameter XSS

TikiWiki Project 1.8 tiki-print_article.php articleId Parameter XSS
TikiWiki Project 1.8 - tiki-print_article.php articleId Parameter XSS
TikiWiki Project 1.8 tiki-list_faqs.php sort_mode Parameter SQL Injection
TikiWiki Project 1.8 tiki-list_trackers.php sort_mode Parameter SQL Injection
TikiWiki Project 1.8 - tiki-list_faqs.php sort_mode Parameter SQL Injection
TikiWiki Project 1.8 - tiki-list_trackers.php sort_mode Parameter SQL Injection
UBBCentral UBB.threads 6.2.3/6.5 login.php Cat Parameter XSS
UBBCentral UBB.threads 6.2.3/6.5 online.php Cat Parameter XSS
UBBCentral UBB.threads 6.2.3/6.5 - login.php Cat Parameter XSS
UBBCentral UBB.threads 6.2.3/6.5 - online.php Cat Parameter XSS

CityPost PHP Image Editor M1 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M2 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M3 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor Imgsrc URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M4 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M1/M2/M3/Imgsrc/M4 - URI Parameter Cross-Site Scripting Vulnerability
osCommerce 2.2 admin/countries.php page Parameter XSS
osCommerce 2.2 admin/currencies.php page Parameter XSS
osCommerce 2.2 - admin/countries.php page Parameter XSS
osCommerce 2.2 - admin/currencies.php page Parameter XSS
Microsoft Internet Explorer 6.0 Unspecified Code Execution Vulnerability (1)
Microsoft Internet Explorer 6.0 Unspecified Code Execution Vulnerability (2)
Microsoft Internet Explorer 6.0 - Unspecified Code Execution Vulnerability (1)
Microsoft Internet Explorer 6.0 - Unspecified Code Execution Vulnerability (2)

Joomla Gallery WD - SQL Injection Vulnerability

Photoshop CC2014 and Bridge CC 2014 PNG Parsing Memory Corruption Vulnerabilities
Photoshop CC2014 and Bridge CC 2014 PDF Parsing Memory Corruption Vulnerabilities
Photoshop CC2014 and Bridge CC 2014 - .PNG Parsing Memory Corruption Vulnerabilities
NRSS Reader 0.3.9 - Local Stack-Based Overflow
runAV mod_security - Arbitrary Command Execution
Wireshark - AirPDcapDecryptWPABroadcastKey Heap-Based Out-of-Bounds Read
 2016-05-14 05:03:47 +00:00
Offensive Security
6fa97a6001 DB: 2016-05-07 
6 new exploits

RPCScan 2.03 - Hostname/IP Field Crash PoC
CIScan 1.00 - Hostname/IP Field Crash PoC
DotNetNuke 07.04.00 - Administration Authentication Bypass
Adobe Flash - Use-After-Free When Rendering Displays From Multiple Scripts
Adobe Flash - MovieClip.duplicateMovieClip Use-After-Free
ManageEngine Applications Manager Build 12700 - Multiple Vulnerabilities
 2016-05-07 05:03:58 +00:00
Offensive Security
477bcbdcc0 DB: 2016-03-17 
5 new exploits

phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerability Exploit
phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerabilities

My Book World Edition NAS Multiple Vulnerability
My Book World Edition NAS - Multiple Vulnerabilities

Katalog Stron Hurricane 1.3.5 - Multiple Vulnerability RFI / SQL
Katalog Stron Hurricane 1.3.5 - (RFI / SQL) Multiple Vulnerabilities

cmsfaethon-2.2.0-ultimate.7z Multiple Vulnerability
cmsfaethon-2.2.0-ultimate.7z - Multiple Vulnerabilities

DynPG CMS 4.1.0 - Multiple Vulnerability (popup.php and counter.php)
DynPG CMS 4.1.0 - (popup.php and counter.php) Multiple Vulnerabilities

Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerability
Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities

N/X - Web CMS (N/X WCMS 4.5) Multiple Vulnerability
N/X - Web CMS (N/X WCMS 4.5) - Multiple Vulnerabilities

New-CMS - Multiple Vulnerability
New-CMS - Multiple Vulnerabilities

Edgephp Clickbank Affiliate Marketplace Script Multiple Vulnerability
Edgephp Clickbank Affiliate Marketplace Script - Multiple Vulnerabilities

JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerability
JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerabilities

i-Gallery - Multiple Vulnerability
i-Gallery - Multiple Vulnerabilities

My Kazaam Notes Management System Multiple Vulnerability
My Kazaam Notes Management System - Multiple Vulnerabilities

Omnidocs - Multiple Vulnerability
Omnidocs - Multiple Vulnerabilities

Web Cookbook Multiple Vulnerability
Web Cookbook - Multiple Vulnerabilities

KikChat - (LFI/RCE) Multiple Vulnerability
KikChat - (LFI/RCE) Multiple Vulnerabilities

Webformatique Reservation Manager - 'index.php' Cross-Site Scripting Vulnerability
Webformatique Reservation Manager 2.4 - 'index.php' Cross-Site Scripting Vulnerability

xEpan 1.0.4 - Multiple Vulnerability
xEpan 1.0.4 - Multiple Vulnerabilities
AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection
Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow
Cisco UCS Manager 2.1(1b) - Shellshock Exploit
OpenSSH <= 7.2p1 - xauth Injection
FreeBSD 10.2 amd64 Kernel - amd64_set_ldt Heap Overflow
 2016-03-17 07:07:56 +00:00
Offensive Security
f7b6199767 DB: 2016-02-23 
7 new exploits
 2016-02-23 05:02:07 +00:00
Offensive Security
477deae72e DB: 2016-01-14 
6 new exploits
 2016-01-14 05:02:54 +00:00
Offensive Security
97940c47e2 DB: 2016-01-08 
10 new exploits
 2016-01-08 05:03:43 +00:00
Offensive Security
415f43407d DB: 2015-12-27 
9 new exploits
 2015-12-27 05:02:11 +00:00
Offensive Security
855936a0eb DB: 2015-12-13 
23 new exploits
 2015-12-13 05:02:04 +00:00
Offensive Security
cc3cd3f120 DB: 2015-12-08 
10 new exploits
 2015-12-08 05:03:12 +00:00
Offensive Security
04598bf305 DB: 2015-12-07 
10 new exploits
 2015-12-07 05:03:07 +00:00
Offensive Security
043724668f DB: 2015-11-19 
8 new exploits
 2015-11-19 05:03:31 +00:00
Offensive Security
41bf68ffcd DB: 2015-11-16 
9 new exploits
 2015-11-16 05:02:02 +00:00
Offensive Security
8a3d4b8a4b DB: 2015-11-10 
9 new exploits
 2015-11-10 05:03:39 +00:00
Offensive Security
cf23aa54a7 DB: 2015-10-19 
10 new exploits
 2015-10-19 05:03:35 +00:00
Offensive Security
0f12501e2c DB: 2015-10-08 
6 new exploits
 2015-10-08 05:02:23 +00:00
Offensive Security
99aa045746 DB: 2015-09-30 
5 new exploits
 2015-09-30 05:03:36 +00:00
Offensive Security
c14ed0e3ce DB: 2015-09-26 
11 new exploits
 2015-09-26 05:01:39 +00:00
Offensive Security
d891c95c0e DB: 2015-08-29 
11 new exploits
 2015-08-29 05:01:51 +00:00
Offensive Security
6dccd55e18 DB: 2015-08-21 
6 new exploits
 2015-08-21 05:02:09 +00:00
Offensive Security
9569f264ec DB: 2015-08-14 
191 new exploits
 2015-08-14 05:02:47 +00:00
Offensive Security
a732415255 DB: 2015-08-13 
1 new exploits
 2015-08-13 05:06:40 +00:00
Offensive Security
95ce541193 DB: 2015-07-30 
4 new exploits
 2015-07-30 05:02:27 +00:00
Offensive Security
05f61b57bd DB: 2015-07-28 
13 new exploits
 2015-07-28 05:02:23 +00:00
Offensive Security
c22dc8c9d4 DB: 2015-07-25 
16 new exploits
 2015-07-25 05:02:16 +00:00
Offensive Security
d6eaf56290 DB: 2015-07-24 
7 new exploits
 2015-07-24 05:02:14 +00:00
Offensive Security
5d9a8808ca DB: 2015-07-14 
30 new exploits
 2015-07-14 05:03:24 +00:00
Offensive Security
148cfc0504 DB: 2015-07-09 
18 new exploits
 2015-07-09 05:03:32 +00:00
Offensive Security
cd8d6cadcf DB: 2015-07-05 
14 new exploits
 2015-07-05 05:02:37 +00:00
Offensive Security
7e7d4b0244 DB: 2015-07-01 
22 new exploits
 2015-07-01 05:02:13 +00:00
Offensive Security
15dae7c288 DB: 2015-06-24 
12 new exploits
 2015-06-24 05:02:37 +00:00
Offensive Security
5cd9f850c3 DB: 2015-06-07 
11 new exploits
 2015-06-07 05:02:18 +00:00
Offensive Security
8a28155962 DB: 2015-05-27 
15 new exploits
 2015-05-27 05:02:00 +00:00
Offensive Security
b3321b3426 DB: 2015-05-15 
17 new exploits
 2015-05-15 05:02:32 +00:00
Offensive Security
01ba689949 DB: 2015-05-08 
19 new exploits
 2015-05-08 05:02:43 +00:00
Offensive Security
029eaafec5 DB: 2015-04-27 
2 new exploits
 2015-04-27 05:02:03 +00:00
Offensive Security
cc553d1147 DB: 2015-04-20 
11 new exploits
 2015-04-20 12:44:13 +00:00
Offensive Security
a083492e7b DB: 2015-04-03 
21 new exploits
 2015-04-03 08:37:03 +00:00
Offensive Security
c7e7174540 DB: 2015-04-02 
11 new exploits
 2015-04-02 08:35:59 +00:00
Offensive Security
1f826038cf DB: 2015-03-31 
25 new exploits
 2015-03-31 08:35:36 +00:00
Offensive Security
6fecd1c862 DB: 2015-03-28 
26 new exploits
 2015-03-28 08:36:03 +00:00
Offensive Security
5924dde297 DB: 2015-03-19 
2 new exploits
 2015-03-19 09:39:10 +00:00
Offensive Security
51e5e42e74 Update: 2015-03-17 
49 new exploits
 2015-03-17 08:36:10 +00:00