exploit-db-mirror

Author	SHA1	Message	Date
Offensive Security	cf92ea269e	DB: 2020-02-25 22 changes to exploits/shellcodes Quick N Easy Web Server 3.3.8 - Denial of Service (PoC) Go SSH servers 0.0.2 - Denial of Service (PoC) Android Binder - Use-After-Free (Metasploit) Diamorphine Rootkit - Signal Privilege Escalation (Metasploit) Apache James Server 2.3.2 - Insecure User Creation Arbitrary File Write (Metasploit) Avaya IP Office Application Server 11.0.0.0 - Reflective Cross-Site Scripting ESCAM QD-900 WIFI HD Camera - Remote Configuration Disclosure Real Web Pentesting Tutorial Step by Step - [Persian] AMSS++ v 4.31 - 'id' SQL Injection SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure CandidATS 2.1.0 - Cross-Site Request Forgery (Add Admin) AMSS++ 4.7 - Backdoor Admin Account SecuSTATION SC-831 HD Camera - Remote Configuration Disclosure ATutor 2.2.4 - 'id' SQL Injection I6032B-P POE 2.0MP Outdoor Camera - Remote Configuration Disclosure ManageEngine EventLog Analyzer 10.0 - Information Disclosure eLection 2.0 - 'id' SQL Injection DotNetNuke 9.5 - Persistent Cross-Site Scripting DotNetNuke 9.5 - File Upload Restrictions Bypass Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure Cacti 1.2.8 - Remote Code Execution Windows\x86 - Null-Free WinExec Calc.exe Shellcode (195 bytes)	2020-02-25 05:01:52 +00:00
Offensive Security	ea7a01d8fb	DB: 2020-02-12 18 changes to exploits/shellcodes Sudo 1.8.25p - 'pwfeedback' Buffer Overflow (PoC) Sudo 1.8.25p - Buffer Overflow Torrent iPod Video Converter 1.51 - Stack Overflow DVD Photo Slideshow Professional 8.07 - 'Key' Buffer Overflow freeFTPd v1.0.13 - 'freeFTPdService' Unquoted Service Path FreeSSHd 1.3.1 - 'FreeSSHDService' Unquoted Service Path Sync Breeze Enterprise 12.4.18 - 'Sync Breeze Enterprise' Unquoted Service Path DVD Photo Slideshow Professional 8.07 - 'Name' Buffer Overflow Disk Sorter Enterprise 12.4.16 - 'Disk Sorter Enterprise' Unquoted Service Path Disk Savvy Enterprise 12.3.18 - Unquoted Service Path Wedding Slideshow Studio 1.36 - 'Name' Buffer Overflow Sudo 1.8.25p - 'pwfeedback' Buffer Overflow OpenSMTPD 6.4.0 < 6.6.1 - Local Privilege Escalation + Remote Code Execution Microsoft SharePoint - Deserialization Remote Code Execution CHIYU BF430 TCP IP Converter - Stored Cross-Site Scripting Vanilla Forums 2.6.3 - Persistent Cross-Site Scripting WordPress InfiniteWP - Client Authentication Bypass (Metasploit)	2020-02-12 05:01:58 +00:00
Offensive Security	7d757326b8	DB: 2020-02-06 8 changes to exploits/shellcodes Socat 1.7.3.4 - Heap-Based Overflow (PoC) xglance-bin 11.00 - Privilege Escalation HiSilicon DVR/NVR hi3520d firmware - Remote Backdoor Account AVideo Platform 8.1 - Information Disclosure (User Enumeration) Wago PFC200 - Authenticated Remote Code Execution (Metasploit) Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation Verodin Director Web Console 3.5.4.0 - Remote Authenticated Password Disclosure (PoC) AVideo Platform 8.1 - Cross Site Request Forgery (Password Reset)	2020-02-06 05:02:08 +00:00
Offensive Security	9a3ddbdd3a	DB: 2020-02-05 5 changes to exploits/shellcodes Sudo 1.8.25p - Buffer Overflow Centreon 19.10.5 - 'Pollers' Remote Command Execution (Metasploit) F-Secure Internet Gatekeeper 5.40 - Heap Overflow (PoC)	2020-02-05 05:02:01 +00:00
Offensive Security	a7338bf2c6	DB: 2020-01-24 4 changes to exploits/shellcodes BOOTP Turbo 2.0 - Denial of Service (SEH)(PoC) Reliable Datagram Sockets (RDS) - rds_atomic_free_op NULL pointer dereference Privilege Escalation (Metasploit) Pachev FTP Server 1.0 - Path Traversal qdPM 9.1 - Remote Code Execution	2020-01-24 05:02:04 +00:00
Offensive Security	cd36764b57	DB: 2019-12-31 28 changes to exploits/shellcodes OpenBSD - Dynamic Loader chpass Privilege Escalation (Metasploit) Reptile Rootkit - reptile_cmd Privilege Escalation (Metasploit) Microsoft UPnP - Local Privilege Elevation (Metasploit) AVS Audio Converter 9.1.2.600 - Stack Overflow (PoC) FTP Navigator 8.03 - Stack Overflow (SEH) Wing FTP Server 6.0.7 - Unquoted Service Path Domain Quester Pro 6.02 - Stack Overflow (SEH) FreeBSD-SA-19:02.fd - Privilege Escalation FreeBSD-SA-19:15.mqueuefs - Privilege Escalation HomeAutomation 3.3.2 - Persistent Cross-Site Scripting HomeAutomation 3.3.2 - Authentication Bypass HomeAutomation 3.3.2 - Cross-Site Request Forgery (Add Admin) HomeAutomation 3.3.2 - Remote Code Execution elearning-script 1.0 - Authentication Bypass XEROX WorkCentre 6655 Printer - Cross-Site Request Forgery (Add Admin) Thrive Smart Home 1.1 - Authentication Bypass XEROX WorkCentre 7855 Printer - Cross-Site Request Forgery (Add Admin) XEROX WorkCentre 7830 Printer - Cross-Site Request Forgery (Add Admin) WEMS BEMS 21.3.1 - Undocumented Backdoor Account AVE DOMINAplus 1.10.x - Credential Disclosure AVE DOMINAplus 1.10.x - Unauthenticated Remote Reboot AVE DOMINAplus 1.10.x - Cross-Site Request Forgery (enable/disable alarm) AVE DOMINAplus 1.10.x - Authentication Bypass Heatmiser Netmonitor 3.03 - Hardcoded Credentials MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Information Disclosure RICOH SP 4510SF Printer - HTML Injection RICOH Web Image Monitor 1.09 - HTML Injection Heatmiser Netmonitor 3.03 - HTML Injection	2019-12-31 05:02:03 +00:00
Offensive Security	b1b4d70ced	DB: 2019-12-17 3 changes to exploits/shellcodes Linux 5.3 - Privilege Escalation via io_uring Offload of sendmsg() onto Kernel Thread with Kernel Creds OpenBSD 6.x - Dynamic Loader Privilege Escalation D-Link DIR-615 - Privilege Escalation	2019-12-17 05:01:50 +00:00
Offensive Security	ecbca9d505	DB: 2019-12-04 6 changes to exploits/shellcodes Microsoft Windows Media Center 2002 - XML External Entity MotW Bypass Online Invoicing System 2.6 - 'description' Persistent Cross-Site Scripting Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery Revive Adserver 4.2 - Remote Code Execution	2019-12-04 05:01:42 +00:00
Offensive Security	8ae8522082	DB: 2019-11-30 8 changes to exploits/shellcodes SpotAuditor 5.3.2 - 'Key' Denial of Service SpotAuditor 5.3.2 - 'Name' Denial of Service TexasSoft CyberPlanet 6.4.131 - 'CCSrvProxy' Unquoted Service Path Bash 5.0 Patch 11 - SUID Priv Drop Exploit Mersive Solstice 2.8.0 - Remote Code Execution Online Inventory Manager 3.2 - Persistent Cross-Site Scripting	2019-11-30 05:01:42 +00:00
Offensive Security	8162754975	DB: 2019-11-26 9 changes to exploits/shellcodes SMPlayer 19.5.0 - Denial of Service (PoC) InTouch Machine Edition 8.1 SP1 - 'Atributos' Denial of Service (PoC) ClamAV < 0.102.0 - 'bytecode_vm' Code Execution Waves MaxxAudio Drivers 1.1.6.0 - 'WavesSysSvc64' Unquoted Service Path Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path Microsoft Windows AppXsvc Deployment Extension - Privilege Escalation VMware WorkStation 12.5.5 - Virtual Machine Escape VMware WorkStation 12.5.3 - Virtual Machine Escape	2019-11-26 05:01:44 +00:00
Offensive Security	58127b1f7c	DB: 2019-11-22 3 changes to exploits/shellcodes GNU Mailutils 3.7 - Privilege Escalation TestLink 1.9.19 - Persistent Cross-Site Scripting Network Management Card 6.2.0 - Host Header Injection	2019-11-22 05:01:53 +00:00
Offensive Security	4ec7754462	DB: 2019-11-08 2 changes to exploits/shellcodes Adaware Web Companion version 4.8.2078.3950 - 'WCAssistantService' Unquoted Service Path	2019-11-08 05:01:40 +00:00
Offensive Security	577557762c	DB: 2019-11-05 6 changes to exploits/shellcodes Apple macOS 10.15.1 - Denial of Service (PoC) Aida64 6.10.5200 - Buffer Overflow (SEH) OpenVPN Connect 3.0.0.272 - 'agent_ovpnconnect' Unquoted Service Path Launch Manager 6.1.7600.16385 - 'DsiWMIService' Unquoted Service Path Micro Focus (HPE) Data Protector - SUID Privilege Escalation (Metasploit) Ayukov NFTP client 1.71 - 'SYST' Buffer Overflow	2019-11-05 05:01:42 +00:00
Offensive Security	52e6461f47	DB: 2019-10-25 4 changes to exploits/shellcodes Linux Polkit - pkexec helper PTRACE_TRACEME local root (Metasploit) Wordpress Sliced Invoices 3.8.2 - 'post' SQL Injection AUO SunVeillance Monitoring System 1.1.9e - Incorrect Access Control AUO SunVeillance Monitoring System 1.1.9e - 'MailAdd' SQL Injection	2019-10-25 05:01:41 +00:00
Offensive Security	588067072a	DB: 2019-10-17 15 changes to exploits/shellcodes sudo 1.8.28 - Security Bypass sudo 1.2.27 - Security Bypass Lavasoft 2.3.4.7 - 'LavasoftTcpService' Unquoted Service Path Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path X.Org X Server 1.20.4 - Local Stack Overflow LiteManager 4.5.0 - 'romservice' Unquoted Serive Path Solaris xscreensaver 11.4 - Privilege Escalation Mikogo 5.2.2.150317 - 'Mikogo-Service' Unquoted Serive Path Whatsapp 2.19.216 - Remote Code Execution Accounts Accounting 7.02 - Persistent Cross-Site Scripting CyberArk Password Vault 10.6 - Authentication Bypass Linux/x86 - Add User to /etc/passwd Shellcode (59 bytes) Linux/x86 - adduser (User) to /etc/passwd Shellcode (74 bytes) Linux/x86 - execve /bin/sh Shellcode (25 bytes) Linux/x86 - Reverse Shell NULL free 127.0.0.1:4444 Shellcode (91 bytes)	2019-10-17 05:01:44 +00:00
Offensive Security	bae704d681	DB: 2019-10-16 4 changes to exploits/shellcodes sudo 1.8.28 - Security Bypass ActiveFax Server 6.92 Build 0316 - 'ActiveFaxServiceNT' Unquoted Service Path Podman & Varlink 1.5.1 - Remote Code Execution Bolt CMS 3.6.10 - Cross-Site Request Forgery	2019-10-16 05:01:45 +00:00
Offensive Security	c4b3e48aea	DB: 2019-10-11 10 changes to exploits/shellcodes Windows Kernel - win32k.sys TTF Font Processing Pool Corruption in win32k!ulClearTypeFilter Windows Kernel - NULL Pointer Dereference in nt!MiOffsetToProtos While Parsing Malformed PE File Windows Kernel - Out-of-Bounds Read in CI!CipFixImageType While Parsing Malformed PE File Windows Kernel - Out-of-Bounds Read in nt!MiParseImageLoadConfig While Parsing Malformed PE File Windows Kernel - Out-of-Bounds Read in CI!HashKComputeFirstPageHash While Parsing Malformed PE File Windows Kernel - Out-of-Bounds Read in nt!MiRelocateImage While Parsing Malformed PE File ASX to MP3 converter 3.1.3.7 - '.asx' Local Stack Overflow (Metasploit_ DEP Bypass) freeFTP 1.0.8 - Remote Buffer Overflow freeFTP 1.0.8 - 'PASS' Remote Buffer Overflow SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery TP-Link TL-WR1043ND 2 - Authentication Bypass Linux/x86 - Add User to /etc/passwd Shellcode (59 bytes)	2019-10-11 05:01:46 +00:00
Offensive Security	bfcf0daec9	DB: 2019-10-08 8 changes to exploits/shellcodes logrotten 3.15.1 - Privilege Escalation ASX to MP3 converter 3.1.3.7 - '.asx' Local Stack Overflow (DEP) CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation freeFTP 1.0.8 - Remote Buffer Overflow Joomla 3.4.6 - 'configuration.php' Remote Code Execution Zabbix 4.2 - Authentication Bypass Subrion 4.2.1 - 'Email' Persistant Cross-Site Scripting IBM Bigfix Platform 9.5.9.62 - Arbitrary File Upload	2019-10-08 05:01:48 +00:00
Offensive Security	ba928141e7	DB: 2019-09-26 10 changes to exploits/shellcodes SpotIE Internet Explorer Password Recovery 2.9.5 - 'Key' Denial of Service Easy File Sharing Web Server 7.2 - 'New User' Local SEH Overflow ABRT - sosreport Privilege Escalation (Metasploit) Pfsense 2.3.4 / 2.4.4-p3 - Remote Code Injection Microsoft SharePoint 2013 SP1 - 'DestinationFolder' Persistant Cross-Site Scripting WP Server Log Viewer 1.0 - 'logfile' Persistent Cross-Site Scripting NPMJS gitlabhook 0.0.17 - 'repository' Remote Command Execution YzmCMS 5.3 - 'Host' Header Injection	2019-09-26 05:01:47 +00:00
Offensive Security	a26ef1328e	DB: 2019-09-04 6 changes to exploits/shellcodes ktsuss 1.4 - suid Privilege Escalation (Metasploit) ptrace - Sudo Token Privilege Escalation (Metasploit) Cisco UCS Director - default scpuser password (Metasploit) Cisco Data Center Network Manager - Unauthenticated Remote Code Execution (Metasploit) Cisco RV110W/RV130(W)/RV215W Routers Management Interface - Remote Command Execution (Metasploit) FileThingie 2.5.7 - Arbitrary File Upload	2019-09-04 05:02:30 +00:00
Offensive Security	6adaedca69	DB: 2019-08-27 6 changes to exploits/shellcodes Exim 4.87 / 4.91 - Local Privilege Escalation (Metasploit) LSoft ListServ < 16.5-2018a - Cross-Site Scripting WordPress Plugin Import Export WordPress Users 1.3.1 - CSV Injection WordPress Plugin UserPro 4.9.32 - Cross-Site Scripting openITCOCKPIT 3.6.1-2 - Cross-Site Request Forgery	2019-08-27 05:02:18 +00:00
Offensive Security	a32e028b88	DB: 2019-08-13 17 changes to exploits/shellcodes VxWorks 6.8 - TCP Urgent Pointer = 0 Integer Underflow Linux - Use-After-Free Reads in show_numa_stats() WebKit - UXSS via XSLT and Nested Document Replacements Ghidra (Linux) 9.0.4 - .gar Arbitrary Code Execution ManageEngine OpManager 12.4x - Privilege Escalation / Remote Command Execution (Metasploit) ManageEngine Application Manager 14.2 - Privilege Escalation / Remote Command Execution (Metasploit) ManageEngine OpManager 12.4x - Unauthenticated Remote Command Execution (Metasploit) Webmin 1.920 - Unauthenticated Remote Code Execution (Metasploit) BSI Advance Hotel Booking System 2.0 - 'booking_details.php Persistent Cross-Site Scripting Cisco Adaptive Security Appliance - Path Traversal (Metasploit) UNA 10.0.0 RC1 - 'polyglot.php' Persistent Cross-Site Scripting Joomla! Component JS Support Ticket (com_jssupportticket) 1.1.6 - 'ticketreply.php' SQL Injection Joomla! Component JS Support Ticket (com_jssupportticket) 1.1.6 - 'ticket.php' Arbitrary File Deletion osTicket 1.12 - Persistent Cross-Site Scripting via File Upload osTicket 1.12 - Formula Injection osTicket 1.12 - Persistent Cross-Site Scripting Joomla! Component JS Jobs (com_jsjobs) 1.2.5 - 'cities.php' SQL Injection Linux/x64 - Bind (4444/TCP) Shell (/bin/sh) + Password (hack) + Null-Free Shellcode (162 bytes) Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (hack) + Null-Free Shellcode (151 bytes) Linux/x64 - Egghunter (0x50905090) Shellcode (18 bytes) Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (hack) + Null-Free Shellcode (151 bytes) Linux/x64 - Egghunter (0x50905090) Shellcode (18 bytes) Linux/x64 - execve() + XOR/NOT/DIV Encoded Shellcode (54 bytes) Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (hack) + Polymorphic Shellcode (122 bytes) Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell + Password (hack) + Polymorphic Shellcode (135 bytes) Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (hack) + Polymorphic Shellcode (122 bytes) Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell + Password (hack) + Polymorphic Shellcode (135 bytes) Linux/x64 - execve() Stack + Polymorphic Shellcode (47 bytes)	2019-08-13 05:02:31 +00:00
Offensive Security	6f49190671	DB: 2019-07-27 19 changes to exploits/shellcodes pdfresurrect 0.15 - Buffer Overflow Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Privilege Escalation Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Local Privilege Escalation Serv-U FTP Server < 15.1.7 - Local Privilege Escalation Serv-U FTP Server < 15.1.7 - Local Privilege Escalation (1) Linux Kernel 4.10 < 5.1.17 - 'PTRACE_TRACEME' pkexec Local Privilege Escalation Linux Kernel 4.15.x < 4.19.2 - 'map_write() CAP_SYS_ADMIN' Local Privilege Escalation (cron Method) Linux Kernel 4.15.x < 4.19.2 - 'map_write() CAP_SYS_ADMIN' Local Privilege Escalation (dbus Method) Linux Kernel 4.15.x < 4.19.2 - 'map_write() CAP_SYS_ADMIN' Local Privilege Escalation (ldpreload Method) Linux Kernel 4.15.x < 4.19.2 - 'map_write() CAP_SYS_ADMIN' Local Privilege Escalation (polkit Method) Linux Kernel 4.8.0-34 < 4.8.0-45 (Ubuntu / Linux Mint) - Packet Socket Local Privilege Escalation Linux Kernel < 4.4.0/ < 4.8.0 (Ubuntu 14.04/16.04 / Linux Mint 17/18 / Zorin) - Local Privilege Escalation (KASLR / SMEP) Linux Kernel 4.4.0-21 < 4.4.0-51 (Ubuntu 14.04/16.04 x86-64) - 'AF_PACKET' Race Condition Privilege Escalation VMware Workstation/Player < 12.5.5 - Local Privilege Escalation S-nail < 14.8.16 - Local Privilege Escalation Deepin Linux 15 - 'lastore-daemon' Local Privilege Escalation Serv-U FTP Server < 15.1.7 - Local Privilege Escalation (2) ASAN/SUID - Local Privilege Escalation Microsoft Windows 7 build 7601 (x86) - Local Privilege Escalation Ovidentia 8.4.3 - SQL Injection Moodle Filepicker 3.5.2 - Server Side Request Forgery Ahsay Backup 7.x - 8.1.1.50 - Authenticated Arbitrary File Upload / Remote Code Execution Ahsay Backup 7.x - 8.1.1.50 - Authenticated Arbitrary File Upload / Remote Code Execution (Metasploit) Ahsay Backup 7.x - 8.1.1.50 - XML External Entity Injection	2019-07-27 05:02:19 +00:00
Offensive Security	a8a07cdedf	DB: 2019-07-23 4 changes to exploits/shellcodes BACnet Stack 0.8.6 - Denial of Service Docker - Container Escape Comtrend-AR-5310 - Restricted Shell Escape Axway SecureTransport 5 - Unauthenticated XML Injection	2019-07-23 05:02:15 +00:00
Offensive Security	40febc17ca	DB: 2019-07-18 5 changes to exploits/shellcodes WinMPG iPod Convert 3.0 - 'Register' Denial of Service Linux - Broken Permission and Object Lifetime Handling for PTRACE_TRACEME Windows - NtUserSetWindowFNID Win32k User Callback Privilege Escalation (Metasploit) MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow Oracle Siebel CRM 19.0 - Persistent Cross-Site Scripting	2019-07-18 05:02:15 +00:00
Offensive Security	3f8a751f28	DB: 2019-07-07 1 changes to exploits/shellcodes	2019-07-07 05:01:58 +00:00
Offensive Security	1a13989f12	DB: 2019-07-04 5 changes to exploits/shellcodes Serv-U FTP Server - prepareinstallation Privilege Escalation (Metasploit) Apache Tomcat - CGIServlet enableCmdLineArguments Remote Code Execution (Metasploit) AZADMIN CMS 1.0 - SQL Injection WordPress Plugin iLive 1.0.4 - Cross-Site Scripting WordPress Plugin Live Chat Unlimited 2.8.3 - Cross-Site Scripting WordPress Plugin iLive 1.0.4 - Cross-Site Scripting WordPress Plugin Live Chat Unlimited 2.8.3 - Cross-Site Scripting WorkSuite PRM 2.4 - 'password' SQL Injection CiuisCRM 1.6 - 'eventType' SQL Injection Varient 1.6.1 - SQL Injection WorkSuite PRM 2.4 - 'password' SQL Injection CiuisCRM 1.6 - 'eventType' SQL Injection Varient 1.6.1 - SQL Injection Symantec DLP 15.5 MP1 - Cross-Site Scripting Linux/x86 - execve(/bin/sh) using JMP-CALL-POP Shellcode (21 bytes)	2019-07-04 05:01:54 +00:00
Offensive Security	3ef90f18d0	DB: 2019-06-21 6 changes to exploits/shellcodes Linux - Use-After-Free via race Between modify_ldt() and #BR Exception Tuneclone 2.20 - Local SEH Buffer Overflow Cisco Prime Infrastructure - Runrshell Privilege Escalation (Metasploit) Cisco Prime Infrastructure Health Monitor - TarArchive Directory Traversal (Metasploit) WebERP 4.15 - SQL injection BlogEngine.NET 3.3.6/3.3.7 - XML External Entity Injection	2019-06-21 05:01:58 +00:00
Offensive Security	745971e212	DB: 2019-06-19 5 changes to exploits/shellcodes Serv-U FTP Server < 15.1.7 - Local Privilege Escalation Sahi pro 7.x/8.x - Directory Traversal Sahi pro 8.x - SQL Injection Sahi pro 8.x - Cross-Site Scripting Linux/x86_64 - execve(/bin/sh) Shellcode (22 bytes)	2019-06-19 05:01:55 +00:00
Offensive Security	8cbfa5df7f	DB: 2019-06-18 13 changes to exploits/shellcodes HC10 HC.Server Service 10.14 - Remote Invalid Pointer Write Netperf 2.6.0 - Stack-Based Buffer Overflow Thunderbird ESR < 60.7.XXX - Type Confusion Thunderbird ESR < 60.7.XXX - 'icalmemorystrdupanddequote' Heap-Based Buffer Overflow Thunderbird ESR < 60.7.XXX - 'parser_get_next_char' Heap-Based Buffer Overflow Thunderbird ESR < 60.7.XXX - 'icalrecur_add_bydayrules' Stack-Based Buffer Overflow Exim 4.87 - 4.91 - Local Privilege Escalation Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (PowerShell) AROX School-ERP Pro - Unauthenticated Remote Command Execution (Metasploit) RedwoodHQ 2.5.5 - Authentication Bypass CleverDog Smart Camera DOG-2W / DOG-2W-V4 - Multiple Vulnerabilities Spring Security OAuth - Open Redirector Linux/x86 - Reposition + INC encoder with execve(/bin/sh) Shellcode (66 bytes)	2019-06-18 05:01:54 +00:00
Offensive Security	5e935da854	DB: 2019-06-15 3 changes to exploits/shellcodes CentOS 7.6 - 'ptrace_scope' Privilege Escalation Aida64 6.00.5100 - 'Log to CSV File' Local SEH Buffer Overflow	2019-06-15 05:01:55 +00:00
Offensive Security	51bf94ed48	DB: 2019-06-11 5 changes to exploits/shellcodes Ubuntu 18.04 - 'lxd' Privilege Escalation UliCMS 2019.1 'Spitting Lama' - Persistent Cross-Site Scripting Linux/x86_64 - Bind (4444/TCP) Shell (/bin/sh) Shellcode (104 bytes)	2019-06-11 05:01:53 +00:00
Offensive Security	85fbab2de4	DB: 2019-06-08 5 changes to exploits/shellcodes Nvidia GeForce Experience Web Helper - Command Injection Vim < 8.1.1365 / Neovim < 0.3.6 - Arbitrary Code Execution Microsoft Windows - AppX Deployment Service Local Privilege Escalation (3) Exim 4.87 < 4.91 - (Local / Remote) Command Execution Linux/x86_64 - Bind (4444/TCP) Shell (/bin/sh) Shellcode (131 bytes)	2019-06-08 05:01:56 +00:00
Offensive Security	5a28a97130	DB: 2019-05-11 12 changes to exploits/shellcodes jetCast Server 2.0 - Denial of Service (PoC) SpotIM 2.2 - Denial of Service (PoC) SpotPaltalk 1.1.5 - Denial of Service (PoC) ASPRunner.NET 10.1 - Denial of Service (PoC) PHPRunner 10.1 - Denial of Service (PoC) TheHive Project Cortex < 1.15.2 - Server-Side Request Forgery dotCMS 5.1.1 - HTML Injection RICOH SP 4510DN Printer - HTML Injection RICOH SP 4520DN Printer - HTML Injection CyberArk Enterprise Password Vault 10.7 - XML External Entity Injection	2019-05-11 05:02:00 +00:00
Offensive Security	5a4d21a1cf	DB: 2019-05-09 9 changes to exploits/shellcodes jetAudio 8.1.7.20702 Basic - 'Enter URL' Denial of Service (PoC) MiniFtp - 'parseconf_load_setting' Buffer Overflow Lotus Domino 8.5.3 - 'EXAMINE' Stack Buffer Overflow DEP/ASLR Bypass (NSA's EMPHASISMINE) Google Chrome 72.0.3626.119 - 'FileReader' Use-After-Free (Metasploit) PostgreSQL 9.3 - COPY FROM PROGRAM Command Execution (Metasploit) Oracle Weblogic Server - 'AsyncResponseService' Deserialization Remote Code Execution (Metasploit) NetNumber Titan ENUM/DNS/NP 7.9.1 - Path Traversal / Authorization Bypass Linux/x86 - execve /bin/sh Shellcode (20 bytes)	2019-05-09 05:02:02 +00:00
Offensive Security	aaf10d8566	DB: 2019-04-20 4 changes to exploits/shellcodes SystemTap 1.3 - MODPROBE_OPTIONS Privilege Escalation (Metasploit) Atlassian Confluence Widget Connector Macro - Velocity Template Injection (Metasploit) Oracle Business Intelligence 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - Directory Traversal Oracle Business Intelligence / XML Publisher 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - XML External Entity Injection	2019-04-20 05:01:59 +00:00
Offensive Security	23f668ca8d	DB: 2019-04-09 14 changes to exploits/shellcodes FlexHEX 2.71 - SEH Buffer Overflow (Unicode) AllPlayer 7.4 - SEH Buffer Overflow (Unicode) River Past Cam Do 3.7.6 - 'Activation Code' Local Buffer Overflow Download Accelerator Plus (DAP) 10.0.6.0 - SEH Buffer Overflow Apache 2.4.17 < 2.4.38 - 'apache2ctl graceful' 'logrotate' Local Privilege Escalation QNAP Netatalk < 3.1.12 - Authentication Bypass Jobgator - 'experience' SQL Injection Bolt CMS 3.6.6 - Cross-Site Request Forgery / Remote Code Execution ShoreTel Connect ONSITE < 19.49.1500.0 - Multiple Vulnerabilities SaLICru -SLC-20-cube3(5) - HTML Injection CentOS Web Panel 0.9.8.793 (Free) / 0.9.8.753 (Pro) - Cross-Site Scripting Tradebox CryptoCurrency - 'symbol' SQL Injection WordPress Plugin Limit Login Attempts Reloaded 2.7.4 - Login Limit Bypass ManageEngine ServiceDesk Plus 9.3 - User Enumeration	2019-04-09 05:02:03 +00:00
Offensive Security	d68f18cb8e	DB: 2019-03-30 6 changes to exploits/shellcodes Fat Free CRM 0.19.0 - HTML Injection CentOS Web Panel 0.9.8.789 - NameServer Field Persistent Cross-Site Scripting	2019-03-30 05:02:01 +00:00
Offensive Security	880bbe402e	DB: 2019-03-08 14991 changes to exploits/shellcodes HTC Touch - vCard over IP Denial of Service TeamSpeak 3.0.0-beta25 - Multiple Vulnerabilities PeerBlock 1.1 - Blue Screen of Death WS10 Data Server - SCADA Overflow (PoC) Symantec Endpoint Protection 12.1.4013 - Service Disabling Memcached 1.4.33 - 'Crash' (PoC) Memcached 1.4.33 - 'Add' (PoC) Memcached 1.4.33 - 'sasl' (PoC) Memcached 1.4.33 - 'Crash' (PoC) Memcached 1.4.33 - 'Add' (PoC) Memcached 1.4.33 - 'sasl' (PoC) Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow man-db 2.4.1 - 'open_cat_stream()' Local uid=man CDRecord's ReadCD - '$RSH exec()' SUID Shell Creation CDRecord's ReadCD - Local Privilege Escalation Anyburn 4.3 x86 - 'Copy disc to image file' Buffer Overflow (Unicode) (SEH) FreeBSD - Intel SYSRET Privilege Escalation (Metasploit) CCProxy 6.2 - 'ping' Remote Buffer Overflow Savant Web Server 3.1 - Remote Buffer Overflow (2) Litespeed Web Server 4.0.17 with PHP (FreeBSD) - Remote Overflow Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit) Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit) Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit) Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass) TeamCity < 9.0.2 - Disabled Registration Bypass OpenSSH SCP Client - Write Arbitrary Files Kados R10 GreenBee - Multiple SQL Injection WordPress Core 5.0 - Remote Code Execution phpBB 3.2.3 - Remote Code Execution Linux/x86 - Create File With Permission 7775 + exit() Shellcode (Generator) Linux/x86 - setreuid(0_0) + execve(/bin/ash_NULL_NULL) + XOR Encoded Shellcode (58 bytes) Linux/x86 - setreuid(0_0) + execve(_/bin/csh__ [/bin/csh_ NULL]) + XOR Encoded Shellcode (53 bytes) Linux/x86 - setreuid(0_0) + execve(_/bin/ksh__ [/bin/ksh_ NULL]) + XOR Encoded Shellcode (53 bytes) Linux/x86 - setreuid(0_0) + execve(_/bin/zsh__ [/bin/zsh_ NULL]) + XOR Encoded Shellcode (53 bytes) Linux/x86 - setreuid(0_0) + execve(/bin/ash_NULL_NULL) + XOR Encoded Shellcode (58 bytes) Linux/x86 - setreuid(0_0) + execve(_/bin/csh__ [/bin/csh_ NULL]) + XOR Encoded Shellcode (53 bytes) Linux/x86 - setreuid(0_0) + execve(_/bin/ksh__ [/bin/ksh_ NULL]) + XOR Encoded Shellcode (53 bytes) Linux/x86 - setreuid(0_0) + execve(_/bin/zsh__ [/bin/zsh_ NULL]) + XOR Encoded Shellcode (53 bytes)	2019-03-08 05:01:50 +00:00
Offensive Security	55fab34db7	DB: 2019-03-02 10 changes to exploits/shellcodes Linux Kernel 3.10.0 (CentOS7) - Denial of Service Linux Kernel 3.10.0 (CentOS 7) - Denial of Service Google Chrome < M72 - PaymentRequest Service Use-After-Free Google Chrome < M72 - RenderFrameHostImpl::CreateMediaStreamDispatcherHost Use-After-Free Google Chrome < M72 - Use-After-Free in RenderProcessHostImpl Binding for P2PSocketDispatcherHost Google Chrome < M72 - FileWriterImpl Use-After-Free tcpdump < 4.9.3 - Multiple Heap-Based Out-of-Bounds Reads Linux < 4.14.103 / < 4.19.25 - Out-of-Bounds Read and Write in SNMP NAT Module macOS XNU - Copy-on-Write Behavior Bypass via Mount of User-Owned Filesystem Image Cisco WebEx Meetings < 33.6.6 / < 33.9.1 - Privilege Escalation	2019-03-02 05:01:54 +00:00
Offensive Security	5f3f5c8f09	DB: 2019-02-15 18 changes to exploits/shellcodes Core FTP/SFTP Server 1.2 Build 589.42 - 'User domain' Denial of Service (PoC) MediaMonkey 4.1.23 - '.mp3' URL Denial of Service (PoC) ApowerManager 3.1.7 - Phone Manager Remote Denial of Service (DoS) runc < 1.0-rc6 (Docker < 18.09.2) - Host Command Execution runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout (1) exacqVision ESM 5.12.2 - Privilege Escalation runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout (2) Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Reflected Cross-Site Scripting Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Password Disclosure) Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Admin Token Disclosure) DomainMOD 4.11.01 - 'ssl-provider-name' Cross-Site Scripting DomainMOD 4.11.01 - 'ssl-accounts.php username' Cross-Site Scripting DomainMOD 4.11.01 - 'category.php CatagoryName_ StakeHolder' Cross-Site Scripting DomainMOD 4.11.01 - 'assets/add/dns.php' Cross-Site Scripting DomainMOD 4.11.01 - 'assets/edit/host.php?whid=5' Cross-Site Scripting WordPress Plugin Booking Calendar 8.4.3 - Authenticated SQL Injection LayerBB 1.1.2 - Cross-Site Request Forgery (Add Admin)	2019-02-15 05:01:54 +00:00
Offensive Security	a4b18dada5	DB: 2019-02-14 11 changes to exploits/shellcodes AirDroid 4.2.1.6 - Denial of Service NetworkSleuth 3.0 - 'Name' Denial of Service (PoC) runc< 1.0-rc6 (Docker < 18.09.2) - Host Command Execution Ubuntu snapd < 2.37.1 - Local Privilege Escalation runc < 1.0-rc6 (Docker < 18.09.2) - Host Command Execution snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (1) snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (2) Netatalk < 3.1.12 - Authentication Bypass Netatalk 3.1.12 - Authentication Bypass Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Reflected Cross-Site Scripting Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Password Disclosure) Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Admin Token Disclosure) Rukovoditel Project Management CRM 2.4.1 - Cross-Site Scripting PilusCart 1.4.1 - 'send' SQL Injection	2019-02-14 05:01:54 +00:00
Offensive Security	1982f33252	DB: 2019-02-13 16 changes to exploits/shellcodes AirDroid 4.2.1.6 - Denial of Service River Past Video Cleaner 7.6.3 - Local Buffer Overflow (SEH) Android - binder Use-After-Free via fdget() Optimization Android - binder Use-After-Free of VMA via race Between reclaim and munmap Skyworth GPON HomeGateways and Optical Network Terminals - Stack Overflow River Past Video Cleaner 7.6.3 - Local Buffer Overflow (SEH) runc< 1.0-rc6 (Docker < 18.09.2) - Host Command Execution Ubuntu snapd < 2.37.1 - Local Privilege Escalation IPFire 2.21 - Cross-Site Scripting MyBB Bans List 1.0 - Cross-Site Scripting IPFire 2.21 - Cross-Site Scripting MyBB Bans List 1.0 - Cross-Site Scripting Webiness Inventory 2.3 - 'email' SQL Injection OPNsense < 19.1.1 - Cross-Site Scripting Jenkins 2.150.2 - Remote Command Execution (Metasploit) BlogEngine.NET 3.3.6 - Directory Traversal / Remote Code Execution LayerBB 1.1.2 - Cross-Site Scripting	2019-02-13 05:01:49 +00:00
Offensive Security	d622832ea0	DB: 2019-02-12 21 changes to exploits/shellcodes KnFTP 1.0.0 Server - Multiple Buffer Overflows (Denial of Service) (SEH) (PoC) KnFTP 1.0.0 Server - Multiple Buffer Overflows (PoC) (SEH) Jzip - Buffer Overflow (Denial of Service) (SEH Unicode) Jzip - Buffer Overflow (PoC) (SEH Unicode) Mediacoder 0.8.33 build 5680 - '.m3u' Buffer Overflow (Denial of Service) (SEH) (PoC) Mediacoder 0.8.33 build 5680 - '.lst' Buffer Overflow (Denial of Service) (SEH) (PoC) Mediacoder 0.8.33 build 5680 - '.m3u' Buffer Overflow (PoC) (SEH Overwrite) Mediacoder 0.8.33 build 5680 - '.lst' Buffer Overflow (PoC) (SEH Overwrite) STIMS Buffer 1.1.20 - Buffer Overflow (Denial of Service) (SEH) (PoC) STIMS Buffer 1.1.20 - Buffer Overflow (PoC) (SEH Overwrite) Zortam Mp3 Media Studio 20.15 - Overflow (SEH) (Denial of Service) Zortam Mp3 Media Studio 20.15 - Overflow (PoC) (SEH) Netatalk 3.1.12 - Authentication Bypass (PoC) IP-Tools 2.50 - Denial of Service SEH Overwrite (PoC) Necrosoft DIG 0.4 - Denial of Service SEH Overwrite (PoC) IP-Tools 2.50 - Local Buffer Overflow (PoC) Necrosoft DIG 0.4 - Buffer Overflow (PoC) (SEH Overwrite) FlexHEX 2.46 - Denial of Service SEH Overwrite (PoC) FlexHEX 2.46 - Buffer Overflow (PoC) (SEH Overwrite) Remote Process Explorer 1.0.0.16 - Denial of Service SEH Overwrite (PoC) Remote Process Explorer 1.0.0.16 - Buffer Overflow (PoC) (SEH Overwrite) AirDroid 4.2.1.6 - Denial of Service FutureDj Pro 1.7.2.0 - Denial of Service NordVPN 6.19.6 - Denial of Service (PoC) River Past Video Cleaner 7.6.3 - Local Buffer Overflow (SEH) IP-Tools 2.5 - Local Buffer Overflow (SEH) (Egghunter) River Past Cam Do 3.7.6 - Local Buffer Overflow (SEH) Evince - CBT File Command Injection (Metasploit) Avast Anti-Virus < 19.1.2360 - Local Credentials Disclosure Netatalk - Bypass Authentication Adobe Flash Player - DeleteRangeTimelineOperation Type Confusion (Metasploit) NUUO NVRmini - upgrade_handle.php Remote Command Execution (Metasploit) Indusoft Web Studio 8.1 SP2 - Remote Code Execution Smoothwall Express 3.1-SP4 - Cross-Site Scripting Coship Wireless Router 4.0.0.x/5.0.0.x - WiFi Password Reset IPFire 2.21 - Cross-Site Scripting MyBB Bans List 1.0 - Cross-Site Scripting VA MAX 8.3.4 - Authenticated Remote Code Execution CentOS Web Panel 0.9.8.763 - Persistent Cross-Site Scripting Webiness Inventory 2.3 - 'email' SQL Injection	2019-02-12 05:01:49 +00:00
Offensive Security	b68cbec24d	DB: 2019-01-29 26 changes to exploits/shellcodes Sricam gSOAP 2.8 - Denial of Service Smart VPN 1.1.3.0 - Denial of Service (PoC) MySQL User-Defined (Linux) x32 / x86_64 - sys_exec Function Local Privilege Escalation Easy Video to iPod Converter 1.6.20 - Buffer Overflow (SEH) R 3.4.4 XP SP3 - Buffer Overflow (Non SEH) BEWARD Intercom 2.3.1 - Credentials Disclosure Faleemi Desktop Software 1.8 - Local Buffer Overflow (SEH)(DEP Bypass) CloudMe Sync 1.11.2 Buffer Overflow - WoW64 - (DEP Bypass) Rundeck Community Edition < 3.0.13 - Persistent Cross-Site Scripting WordPress Plugin Ad Manager WD 1.0.11 - Arbitrary File Download AirTies Air5341 Modem 1.0.0.12 - Cross-Site Request Forgery LogonBox Limited / Hypersocket Nervepoint Access Manager - Unauthenticated Insecure Direct Object Reference CMSsite 1.0 - 'cat_id' SQL Injection CMSsite 1.0 - 'search' SQL Injection Cisco RV300 / RV320 - Information Disclosure Cisco Firepower Management Center 6.2.2.2 / 6.2.3 - Cross-Site Scripting Newsbull Haber Script 1.0.0 - 'search' SQL Injection Care2x 2.7 (HIS) Hospital Information System - Multiple SQL Injection Teameyo Project Management System 1.0 - SQL Injection Mess Management System 1.0 - SQL Injection MyBB IP History Logs Plugin 1.0.2 - Cross-Site Scripting ResourceSpace 8.6 - 'collection_edit.php' SQL Injection Linux/x86 - exit(0) Shellcode (5 bytes) Linux/x86 - Read /etc/passwd Shellcode (58 Bytes) (2) Linux/ARM - Reverse TCP (/bin/sh) - 192.168.1.124:4321 Shellcode (64 bytes) Linux/ARM - Bind TCP (/bin/sh)-0.0.0.0:4321 Null Free Shellcode (84 bytes)	2019-01-29 05:01:52 +00:00
Offensive Security	6e7548ed0d	DB: 2019-01-25 10 changes to exploits/shellcodes Microsoft Remote Desktop 10.2.4(134) - Denial of Service (PoC) AddressSanitizer (ASan) - SUID Executable Privilege Escalation (Metasploit) Ghostscript 9.26 - Pseudo-Operator Remote Code Execution Joomla! Component J-CruisePortal 6.0.4 - SQL Injection Joomla! Component JHotelReservation 6.0.7 - SQL Injection SimplePress CMS 1.0.7 - SQL Injection SirsiDynix e-Library 3.5.x - Cross-Site Scripting Splunk Enterprise 7.2.3 - Authenticated Custom App RCE ImpressCMS 1.3.11 - 'bid' SQL Injection Zyxel NBG-418N v2 Modem 1.00(AAXM.6)C0 - Cross-Site Request Forgery	2019-01-25 05:01:41 +00:00
Offensive Security	fa261f0558	DB: 2019-01-17 18 changes to exploits/shellcodes Spotify 1.0.96.181 - 'Proxy configuration' Denial of Service (PoC) NTPsec 1.1.2 - 'ctl_getitem' Out-of-Bounds Read (PoC) NTPsec 1.1.2 - 'ntp_control' Out-of-Bounds Read (PoC) NTPsec 1.1.2 - 'ntp_control' Authenticated NULL Pointer Dereference (PoC) NTPsec 1.1.2 - 'config' Authenticated Out-of-Bounds Write Denial of Service (PoC) Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory in Invalid Array Length WebKit JSC JIT - GetIndexedPropertyStorage Use-After-Free Microsoft Windows 10 - 'RestrictedErrorInfo' Unmarshal Section Handle Use-After-Free Microsoft Windows 10 - XmlDocument Insecure Sharing Privilege Escalation blueman - set_dhcp_handler D-Bus Privilege Escalation (Metasploit) FortiGate FortiOS < 6.0.3 - LDAP Credential Disclosure Roxy Fileman 1.4.5 - Arbitrary File Download doorGets CMS 7.0 - Arbitrary File Download ShoreTel / Mitel Connect ONSITE 19.49.5200.0 - Remote Code Execution GL-AR300M-Lite 2.27 - Authenticated Command Injection / Arbitrary File Download / Directory Traversal Coship Wireless Router 4.0.0.48 / 4.0.0.40 / 5.0.0.54 / 5.0.0.55 / 10.0.0.49 - Unauthenticated Admin Password Reset Blueimp's jQuery File Upload 9.22.0 - Arbitrary File Upload Exploit	2019-01-17 05:01:45 +00:00
Offensive Security	1b31850a46	DB: 2018-12-25 15 changes to exploits/shellcodes Angry IP Scanner for Linux 3.5.3 - Denial of Service (PoC) Google Chrome 70 - SQLite Magellan Crash (PoC) Microsoft Windows - 'MsiAdvertiseProduct' Arbitrary File Copy/Read Keybase keybase-redirector - '$PATH' Local Privilege Escalation Adobe Flash ActiveX Plugin 28.0.0.137 - Remote Code Execution (PoC) Netatalk - Bypass Authentication Kubernetes - (Unauthenticated) Arbitrary Requests Kubernetes - (Authenticated) Arbitrary Requests WSTMart 2.0.8 - Cross-Site Scripting WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin) FrontAccounting 2.4.5 - 'SubmitUser' SQL Injection phpMyAdmin 4.8.4 - 'AllowArbitraryServer' Arbitrary File Read PhpSpreadsheet < 1.5.0 - XML External Entity (XXE) Linux/x86 - Kill All Processes Shellcode (14 bytes)	2018-12-25 05:01:44 +00:00
Offensive Security	aedf107ce9	DB: 2018-12-20 12 changes to exploits/shellcodes MiniShare Server 1.3.2 - Remote Denial of Service MiniShare 1.3.2 - Remote Denial of Service MiniShare 1.5.5 - Local Buffer Overflow (SEH) MiniShare 1.5.5 - 'users.txt' Local Buffer Overflow (SEH) Linux Kernel 4.4 - 'rtnetlink' Stack Memory Disclosure PassFab RAR 9.3.2 - Buffer Overflow (SEH) LanSpy 2.0.1.159 - Local Buffer Overflow PDF Explorer 1.5.66.2 - Buffer Overflow (SEH) MiniShare HTTP 1.5.5 - Remote Buffer Overflow MiniShare 1.5.5 - Remote Buffer Overflow MiniShare 1.4.1 - Remote Buffer Overflow HEAD and POST Method MiniShare 1.4.1 - 'HEAD/POST' Remote Buffer Overflow Hotel Booking Script 3.4 - Cross-Site Request Forgery (Change Admin Password) Rukovoditel Project Management CRM 2.3.1 - Remote Code Execution (Metasploit) Integria IMS 5.0.83 - 'search_string' Cross-Site Scripting Integria IMS 5.0.83 - Cross-Site Request Forgery Bolt CMS < 3.6.2 - Cross-Site Scripting Yeswiki Cercopitheque - 'id' SQL Injection IBM Operational Decision Manager 8.x - XML External Entity Injection Linux/x64 - Disable ASLR Security Shellcode (93 Bytes)	2018-12-20 05:01:43 +00:00
Offensive Security	62445895aa	DB: 2018-11-30 8 changes to exploits/shellcodes WebKit JSC JIT - 'JSPropertyNameEnumerator' Type Confusion WebKit JIT - 'ByteCodeParser::handleIntrinsicCall' Type Confusion WebKit JSC - BytecodeGenerator::hoistSloppyModeFunctionIfNecessary Does not Invalidate the 'ForInContext' Object Unitrends Enterprise Backup - bpserverd Privilege Escalation (Metasploit) Linux - Nested User Namespace idmap Limit Local Privilege Escalation (Metasploit) Mac OS X - libxpc MITM Privilege Escalation (Metasploit) PHP imap_open - Remote Code Execution (Metasploit) TeamCity Agent - XML-RPC Command Execution (Metasploit)	2018-11-30 05:01:41 +00:00

1 2 3

118 commits