bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1197 commits 1 branch 0 tags 351 MiB
Commit graph

16 commits

Author SHA1 Message Date
Offensive Security
3ad96f313d DB: 2017-03-24 
39 new exploits

Android 4.2 Browser and WebView - 'addJavascriptInterface' Code Execution (Metasploit)
Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit)
Mozilla Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution (Metasploit)
Mozilla Firefox < 17.0.1 - Flash Privileged Code Injection (Metasploit)
Sun Java Web Start Plugin - Command Line Argument Injection (Metasploit)
Malwarebytes Anti-Malware < 2.0.3 / Anti-Exploit < 1.03.1.1220 - Update Remote Code Execution (Metasploit)
Microsoft Silverlight - ScriptObject Unsafe Memory Access (MS13-022/MS13-087) (Metasploit)
EMC Replication Manager < 5.3 - Command Execution (Metasploit)
MOXA MediaDBPlayback - ActiveX Control Buffer Overflow (Metasploit)
Microsoft Office - OLE Multiple DLL Side Loading Vulnerabilities (MS15-132/MS16-014/MS16-025/MS16-041/MS16-070) (Metasploit)
CA Arcserve D2D - GWT RPC Credential Information Disclosure (Metasploit)
Lenovo System Update - Privilege Escalation (Metasploit)
Firebird - Relational Database CNCT Group Number Buffer Overflow (Metasploit)
HP Intelligent Management Center < 5.0 E0102 - UAM Buffer Overflow (Metasploit)
VMware Host Guest Client Redirector - DLL Side Loading (Metasploit)
CADA 3S CoDeSys Gateway Server - Directory Traversal (Metasploit)
MOXA Device Manager Tool 2.1 - Buffer Overflow (Metasploit)

SysGauge 1.5.18 - SMTP Validation Buffer Overflow (Metasploit)
Ceragon FibeAir IP-10 - SSH Private Key Exposure (Metasploit)
ExaGrid - Known SSH Key and Default Password (Metasploit)
GIT 1.8.5.6 / 1.9.5 / 2.0.5 / 2.1.4/ 2.2.1 & Mercurial < 3.2.3 - Multiple Vulnerabilities (Metasploit)
Ruby on Rails 4.0.x / 4.1.x / 4.2.x (Web Console v2) - Whitelist Bypass Code Execution (Metasploit)
Apache Struts < 1.3.10 / < 2.3.16.2 - ClassLoader Manipulation Remote Code Execution (Metasploit)
Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit)
SSH - User Code Execution (Metasploit)
Redmine SCM Repository - Arbitrary Command Execution (Metasploit)

Linux/x86 - Bind Shell Shellcode (42 bytes)
Linux/x86 - Bind Shell Shellcode (44 bytes)
Joomla! Component Modern Booking 1.0 - 'coupon' Parameter SQL Injection
Flippa Clone - SQL Injection
Centreon < 2.5.1 / Centreon Enterprise Server < 2.2 - SQL Injection / Command Injection (Metasploit)
D-Link/TRENDnet - NCC Service Command Injection (Metasploit)
Seagate Business NAS - Unauthenticated Remote Command Execution (Metasploit)
MantisBT 1.2.0a3 < 1.2.17 - XmlImportExport Plugin PHP Code Injection (Metasploit)
OP5 5.3.5 / 5.4.0 / 5.4.2 / 5.5.0 / 5.5.1 - 'license.php' Remote Command Execution (Metasploit)
OP5 5.3.5 / 5.4.0 / 5.4.2 / 5.5.0 / 5.5.1 - 'welcome' Remote Command Execution (Metasploit)
PHPMailer < 5.2.19 - Sendmail Argument Injection (Metasploit)
SysAid Help Desk Administrator Portal < 14.4 - Arbitrary File Upload (Metasploit)
WordPress Plugin Ninja Forms 2.9.36 < 2.9.42 - Unauthenticated File Upload (Metasploit)
SixApart MovableType < 5.2.12 - Storable Perl Code Execution (Metasploit)
WordPress Theme Holding Pattern - Arbitrary File Upload (Metasploit)
Distinct TFTP 3.10 - Writable Directory Traversal Execution (Metasploit)
 2017-03-24 05:01:16 +00:00
Offensive Security
893d590404 DB: 2017-02-02 
12 new exploits

PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow
PHP 5.2.0 (Windows x86) - 'PHP_win32sti' Local Buffer Overflow

Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
Apple Safari 4.0.3 (Windows x86) - 'CSS' Remote Denial of Service (1)

PHP 5.3.0 - getopt() Denial of Service
PHP 5.3.0 - 'getopt()' Denial of Service

Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
Apple Safari 4.0.3 (Windows x86) - 'CSS' Remote Denial of Service (2)

PHP 4.3.x/5.0 - openlog() Buffer Overflow
PHP 4.3.x/5.0 - 'openlog()' Buffer Overflow
Google Android - 'cfp_ropp_new_key_reenc' and 'cfp_ropp_new_key' RKP Memory Corruption
Google Android -  Unprotected MSRs in EL1 RKP Privilege Escalation
Apple WebKit - 'HTMLFormElement::reset()' Use-After Free
Google Chrome - 'HTMLKeygenElement::shadowSelect()' Type Confusion
Apple WebKit - 'HTMLKeygenElement' Type Confusion
Apple WebKit - Type Confusion in RenderBox with Accessibility Enabled
Google Android - RKP Information Disclosure via s2-remapping Physical Ranges
QNAP NVR/NAS - Buffer Overflow

Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - UDEV < 1.4.1 Privilege Escalation (1)
Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) UDEV < 1.4.1 - Privilege Escalation (1)

Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) - UDEV < 141 Privilege Escalation (2)
Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) UDEV < 1.4.1 - Privilege Escalation (2)

PHP 5.2.9 (Windows x86) - Local Safemod Bypass Exploit
PHP 5.2.9 (Windows x86) - Local Safemod Bypass

Linux udev - Netlink Privilege Escalation (Metasploit)
Linux Kernel UDEV < 1.4.1 - Netlink Privilege Escalation (Metasploit)

Google Android - RKP EL1 Code Loading Bypass

Linux/CRISv32 - Axis Communication Connect Back Shellcode (189 bytes)

Syntax Desktop 2.7 - (synTarget) Local File Inclusion
Syntax Desktop 2.7 - 'synTarget' Parameter Local File Inclusion
Joomla! Component JTAG Calendar 6.2.4 - 'search' Parameter SQL Injection
LogoStore - 'query' Parameter SQL Injection
 2017-02-02 05:01:18 +00:00
Offensive Security
1441edc4aa DB: 2017-01-20 
13 new exploits

Google Android TSP sysfs - 'cmd_store' Multiple Overflows

Linux/x86_64 - Bind 5600 TCP Port - Shellcode (87 bytes)

Tenda ADSL2/2+ Modem D820R - Unauthenticated DNS Change
Pirelli DRG A115 v3 ADSL Router - Unauthenticated DNS Change
Viral Image & Video Sharing GagZone Script - SQL Injection
Image and Video Script - SQL Injection
Social News and Bookmarking Script - SQL Injection
Viral Image Sharing Script - SQL Injection
Vine VideoSite Creator Script - SQL Injection
Job Vacancy Script - SQL Injection
Home of Viral Images_ Videos and Articles Script - SQL Injection
Video Site Creator Script - SQL Injection
Classifieds Script - SQL Injection
 2017-01-20 05:01:18 +00:00
Offensive Security
9f1fdff37d DB: 2016-12-30 
6 new exploits

VicFTPS < 5.0 - (CWD) Remote Buffer Overflow (PoC)
VicFTPS < 5.0 - 'CWD' Remote Buffer Overflow (PoC)

SilverSHielD 1.0.2.34 - (opendir) Denial of Service
SilverSHielD 1.0.2.34 - Denial of Service

Android - get_user/put_user Exploit (Metasploit)

LoudBlog 0.4 - (path) Arbitrary Remote File Inclusion
LoudBlog 0.4 - Arbitrary Remote File Inclusion

MyEvent 1.3 - (myevent_path) Remote File Inclusion
MyEvent 1.3 - 'event.php' Remote File Inclusion

LoudBlog 0.5 - (id) SQL Injection / Admin Credentials Disclosure
LoudBlog 0.5 - SQL Injection / Admin Credentials Disclosure

yappa-ng 2.3.1 - (admin_modules) Remote File Inclusion
Yappa-ng 2.3.1 - (admin_modules) Remote File Inclusion

PHP Easy Downloader 1.5 - (save.php) Remote Code Execution
PHP Easy Downloader 1.5 - 'save.php' Remote Code Execution

Ip Reg 0.3 - Multiple SQL Injections
IP Reg 0.3 - Multiple SQL Injections

AstroSPACES - 'id' SQL Injection
AstroSPACES 1.1.1 - 'id' Parameter SQL Injection

myEvent 1.6 - (viewevent.php) SQL Injection
myEvent 1.6 - 'eventdate' Parameter SQL Injection

Mosaic Commerce - 'category.php cid' SQL Injection
Mosaic Commerce - 'cid' Parameter SQL Injection
PokerMax Poker League - Insecure Cookie Handling
Kure 0.6.3 - (index.php post & doc) Local File Inclusion
PokerMax Poker League 0.13 - Insecure Cookie Handling
Kure 0.6.3 - 'index.php' Local File Inclusion

PHP Easy Downloader 1.5 - (file) File Disclosure
PHP Easy Downloader 1.5 - 'file' Parameter File Disclosure

Post Affiliate Pro 2.0 - (index.php md) Local File Inclusion
Post Affiliate Pro 2.0 - 'md' Parameter Local File Inclusion

XOOPS Module GesGaleri - (kategorino) SQL Injection
XOOPS Module GesGaleri - SQL Injection

zeeproperty - 'adid' SQL Injection
zeeproperty - 'adid' Parameter SQL Injection
Fast Click SQL 1.1.7 Lite - (init.php) Remote File Inclusion
yappa-ng 2.3.3-beta0 - (album) Local File Inclusion
Fast Click SQL 1.1.7 Lite - 'init.php' Remote File Inclusion
Yappa-ng 2.3.3-beta0 - 'album' Parameter Local File Inclusion
WBB Plugin rGallery 1.09 - 'itemID' Blind SQL Injection
e107 <= 0.7.13 - (usersettings.php) Blind SQL Injection
Joomla! Component ds-syndicate - (feed_id) SQL Injection
XOOPS Module makale - SQL Injection
WBB Plugin rGallery 1.09 - 'itemID' Parameter Blind SQL Injection
e107 <= 0.7.13 - 'usersettings.php' Blind SQL Injection
Joomla! Component ds-syndicate - 'feed_id' Parameter SQL Injection
XOOPS Module makale 0.26 - SQL Injection
ShopMaker 1.0 - (product.php id) SQL Injection
Joomla! Component Daily Message 1.0.3 - 'id' SQL Injection
ShopMaker CMS 1.0 - 'id' Parameter SQL Injection
Joomla! Component Daily Message 1.0.3 - 'id' Parameter SQL Injection
phpcrs 2.06 - (importFunction) Local File Inclusion
LoudBlog 0.8.0a - Authenticated (ajax.php) SQL Injection
phpcrs 2.06 - 'importFunction' Parameter Local File Inclusion
LoudBlog 0.8.0a - 'ajax.php' SQL Injection

YDC - 'kdlist.php cat' SQL Injection
YDC - 'cat' Parameter SQL Injection

txtshop 1.0b (Windows) - 'Language' Local File Inclusion
txtshop 1.0b (Windows) - 'Language' Parameter Local File Inclusion

MindDezign Photo Gallery 2.2 - (index.php id) SQL Injection
MindDezign Photo Gallery 2.2 - SQL Injection

websvn 2.0 - Cross-Site Scripting / File Handling / Code Execution
WebSVN 2.0 - Cross-Site Scripting / File Handling / Code Execution

Aj RSS Reader - 'EditUrl.php url' SQL Injection
Aj RSS Reader - 'url' Parameter SQL Injection
WordPress Plugin Media Holder - 'mediaHolder.php id' SQL Injection
SFS Ez Forum - 'forum.php id' SQL Injection
WordPress Plugin Media Holder - SQL Injection
SFS Ez Forum - SQL Injection

e107 Plugin EasyShop - (category_id) Blind SQL Injection
e107 Plugin EasyShop - 'category_id' Parameter Blind SQL Injection

Post Affiliate Pro 3 - (umprof_status) Blind SQL Injection
Post Affiliate Pro 3 - 'umprof_status' Parameter Blind SQL Injection

CafeEngine - 'index.php catid' SQL Injection
CafeEngine - 'catid' Parameter SQL Injection

shopmaker CMS 2.0 - Blind SQL Injection / Local File Inclusion
ShopMaker CMS 2.0 - Blind SQL Injection / Local File Inclusion

CafeEngine CMS 2.3 - SQL Injection
CafeEngine 2.3 - SQL Injection
Yappa-NG 1.x/2.x - Unspecified Remote File Inclusion
Yappa-NG 1.x/2.x - Unspecified Cross-Site Scripting
Yappa-ng 1.x/2.x - Unspecified Remote File Inclusion
Yappa-ng 1.x/2.x - Unspecified Cross-Site Scripting

LoudBlog 0.41 - podcast.php id Parameter SQL Injection
LoudBlog 0.41 - 'podcast.php' SQL Injection

LoudBlog 0.41 - backend_settings.php language Parameter Traversal Arbitrary File Access
LoudBlog 0.41 - 'backend_settings.php' Traversal Arbitrary File Access

Fast Click SQL Lite 1.1.2/1.1.3 - show.php Remote File Inclusion
Fast Click SQL Lite 1.1.2/1.1.3 - 'show.php' Remote File Inclusion

myEvent 1.2/1.3 - Myevent.php Remote File Inclusion
myEvent 1.2/1.3 - 'myevent.php' Remote File Inclusion
Meeting Room Booking System (MRBS) 1.2.6 - day.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - week.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - month.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - search.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - report.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - help.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - 'day.php' Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - 'week.php' Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - 'month.php' Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - 'search.php' Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - 'report.php' Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - 'help.php' Cross-Site Scripting
yappa-ng - 'index.php' album Parameter Cross-Site Scripting
yappa-ng - Query String Cross-Site Scripting
Yappa-ng - 'index.php' album Parameter Cross-Site Scripting
Yappa-ng - Query String Cross-Site Scripting

tinybrowser - /tiny_mce/plugins/tinybrowser/edit.php type Parameter Cross-Site Scripting
tinybrowser - /tiny_mce/plugins/tinybrowser/upload.php type Parameter Cross-Site Scripting
tinybrowser - /tiny_mce/plugins/tinybrowser/tinybrowser.php type Parameter Cross-Site Scripting
tinybrowser - /tiny_mce/plugins/tinybrowser/tinybrowser.php Empty type Parameter Directory Listing
tinybrowser - /tiny_mce/plugins/tinybrowser/edit.php Empty type Parameter Directory Listing
tinybrowser - 'type' Parameter Cross-Site Scripting
tinybrowser - 'tinybrowser.php' Directory Listing
tinybrowser - 'edit.php' Directory Listing
Joomla! Component aWeb Cart Watching System for Virtuemart 2.6.0 - SQL Injection
PHPMailer < 5.2.18 - Remote Code Execution (Python)
WordPress Plugin Slider Templatic Tevolution < 2.3.6 - Arbitrary File Upload
Dell SonicWALL Global Management System GMS 8.1 - Blind SQL Injection
Dell SonicWALL Secure Mobile Access SMA 8.1 - Cross-Site Scripting / Cross-Site Request Forgery
 2016-12-30 05:01:19 +00:00
Offensive Security
f8b17d14a1 DB: 2016-10-12 
12 new exploits

Linux Kernel 4.6.2 (Ubuntu 16.04.1) - IP6T_SO_SET_REPLACE Privilege Escalation
Linux Kernel 4.6.2 (Ubuntu 16.04.1) - 'IP6T_SO_SET_REPLACE' Privilege Escalation
Spacemarc News - Cross-Site Request Forgery (Add New Post)
Minecraft Launcher - Insecure File Permissions Privilege Escalation
BirdBlog 1.4.0 - (Add New Post) Cross-Site Request Forgery
phpEnter 4.2.7 - (Add New Post) Cross-Site Request Forgery
sheed AntiVirus - Unquoted Service Path Privilege Escalation
AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities
RSA Enterprise Compromise Assessment Tool 4.1.0.1 - XML External Entity Injection
Android - 'gpsOneXtra' Data Files Denial of Service
Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit)
Allwinner 3.4 Legacy Kernel - Local Privilege Escalation (Metasploit)
ApPHP MicroBlog 1.0.2 - Stored Cross Site Scripting
ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)
 2016-10-12 05:01:17 +00:00
Offensive Security
52cf6a3185 DB: 2016-07-07 
9 new exploits

CIMA DocuClass ECM - Multiple Vulnerabilities
24online SMS_2500i 8.3.6 build 9.0 - SQL Injection
Linux 64bit Ncat Shellcode (SSL_ MultiChannel_ Persistant_ Fork_ IPv4/6_ Password) - 176 bytes
Advanced Webhost Billing System (AWBS) 2.9.6 - Multiple Vulnerabilities
PaKnPost Pro 1.14 - Multiple Vulnerabilities
GNU Wget < 1.18 - Arbitrary File Upload/Remote Code Execution
OpenFire 3.10.2 - 4.0.1 - Multiple Vulnerabilities
Samsung Android JACK - Privilege Escalation
Nagios XI Chained Remote Code Execution
 2016-07-07 05:06:28 +00:00
Offensive Security
28f57d0dba DB: 2016-05-03 
5 new exploits

WordPress Ghost Plugin 0.5.5 - Unrestricted Export Download
.Net Framework Execute Native x86 Shellcode
Acunetix WVS 10 - Remote Command Execution (System)
Apache Struts Dynamic Method Invocation Remote Code Execution
QSEE - PRDiag* Commands Privilege Escalation Exploit
 2016-05-03 05:04:01 +00:00
Offensive Security
95bca4864b DB: 2016-03-19 2016-03-19 05:03:36 +00:00
Offensive Security
a5b96c2067 DB: 2016-01-28 
11 new exploits
 2016-01-28 05:02:01 +00:00
Offensive Security
ed1f034a74 DB: 2015-12-21 
4 new exploits
 2015-12-21 05:03:40 +00:00
Offensive Security
15dae7c288 DB: 2015-06-24 
12 new exploits
 2015-06-24 05:02:37 +00:00
Offensive Security
b3321b3426 DB: 2015-05-15 
17 new exploits
 2015-05-15 05:02:32 +00:00
Offensive Security
5924dde297 DB: 2015-03-19 
2 new exploits
 2015-03-19 09:39:10 +00:00
Offensive Security
77291f0ca3 Update: 2015-01-19 
16 new exploits
 2015-01-19 08:35:52 +00:00
Offensive Security
46dd79985b Updated 04_18_2014 2014-04-18 04:35:42 +00:00
Offensive Security
637e59de55 Updated 04_09_2014 2014-04-09 04:32:27 +00:00