bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1438 commits 1 branch 0 tags 264 MiB
Commit graph

8 commits

Author SHA1 Message Date
Offensive Security
f93f05e46f DB: 2017-12-20 
12 changes to exploits/shellcodes

Microsoft Windows - 'jscript!NameTbl::GetValDef' Use-After-Free
Microsoft Internet Explorer 11 - 'jscript!JSONStringifyObject' Use-After-Free
Microsoft Windows - 'jscript!RegExpComp::Compile' Heap Overflow Through IE or Local Network via WPAD
Microsoft Windows - jscript.dll 'Array.sort' Heap Overflow
Microsoft Windows - 'jscript!JsArraySlice' Uninitialized Variable
Microsoft Windows - 'jscript!RegExpFncObj::LastParen' Out-of-Bounds Read
Intel Content Protection HECI Service - Type Confusion Privilege Escalation

TeamViewer 11 < 13 (Windows 10 x86) - Inline Hooking / Direct Memory Modification Permission Change (PoC)
Tuleap 9.6 - Second-Order PHP Object Injection (Metasploit)
Jenkins - XStream Groovy classpath Deserialization (Metasploit)
BrightSign Digital Signage - Multiple Vulnerablities
Joomla! Component NextGen Editor 2.1.0 - 'plname' SQL Injection
 2017-12-20 05:02:22 +00:00
Offensive Security
f76fbb1072 DB: 2017-12-19 
19 changes to exploits/shellcodes

CDex 1.96 - Buffer Overflow
Zoom Linux Client 2.0.106600.0904 - Command Injection
Zoom Linux Client 2.0.106600.0904 - Stack-Based Buffer Overflow

Firejail - Local Privilege Escalation

Firejail < 0.9.44.4 / < 0.9.38.8 LTS - Local Sandbox Escape

Linux kernel < 4.10.15 - Race Condition Privilege Escalation
Outlook for Android - Attachment Download Directory Traversal
Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit)
GoAhead httpd 2.5 < 3.6.5 - 'LD_PRELOAD' Remote Code Execution

Joomla! Component Guru Pro - SQL Injection
Joomla! Component Guru Pro - 'Itemid' SQL Injection
Joomla! Component User Bench 1.0 - 'userid' SQL Injection
Joomla! Component My Projects 2.0 - SQL Injection
vBulletin 5 - 'routestring' Unauthenticated Remote Code Execution
vBulletin 5 - 'cacheTemplates' Unauthenticated Remote Arbitrary File Deletion
Linksys WVBR0 - 'User-Agent' Remote Command Injection
Joomla! Component JB Visa 1.0 - 'visatype' SQL Injection
Joomla! Component Guru Pro - 'promocode' SQL Injection

Monstra CMS 3.0.4 - Arbitrary File Upload / Remote Code Execution
 2017-12-19 05:02:17 +00:00
Offensive Security
cfef56c321 DB: 2017-12-16 
5 changes to exploits/shellcodes

MikroTik RouterBoard 6.39.2 / 6.40.5 DNS - Denial of Service

Sync Breeze 10.2.12 - Denial of Service
ITGuard-Manager 0.0.0.1 - Remote Code Execution
Movie Guide 2.0 - SQL Injection
 2017-12-16 05:02:18 +00:00
Offensive Security
ed1c4edf3e DB: 2017-12-15 
13 changes to exploits/shellcodes

Dup Scout Enterprise 10.0.18 - 'Input Directory' Local Buffer Overflow (SEH)
Microsoft Office - DDE Payload Delivery (Metasploit)
Dup Scout Enterprise - Login Buffer Overflow (Metasploit)
pfSense 2.4.1 - CSRF Error Page Clickjacking (Metasploit)
Palo Alto Networks Firewalls - Remote root Code Execution
Joomla! Component JEXTN Question And Answer 3.1.0 - SQL Injection
Joomla! Component JEXTN Video Gallery 3.0.5 - 'id' SQL Injection
Readymade Video Sharing Script 3.2 - HTML Injection
Paid To Read Script 2.0.5 - 'uid' / 'fnum' / 'fn' SQL Injection
FS Lynda Clone 1.0 - SQL Injection
Bus Booking Script 1.0 - 'txtname' SQL Injection
Piwigo 2.9.1 - 'cat_true' / 'cat_false' SQL Injection
Advantech WebAccess 8.2-2017.03.31 - Webvrpcs Service Opcode 80061 Stack Buffer Overflow (Metasploit)
 2017-12-15 05:02:23 +00:00
Offensive Security
9cea53a35b DB: 2017-12-12 
35 changes to exploits/shellcodes

MikroTik RouterBoard 6.39.2 / 6.40.5 DNS - Denial of Service
MikroTik 6.40.5 ICMP - Denial of Service
iOS/macOS - Kernel Double Free due to IOSurfaceRootUserClient not Respecting MIG Ownership Rules
macOS XNU Kernel - Memory Disclosure due to bug in Kernel API for Detecting Kernel Memory Disclosures
macOS - 'getrusage' Stack Leak Through struct Padding
macOS - 'necp_get_socket_attributes' so_pcb Type Confusion
LibTIFF pal2rgb 4.0.9 - Heap Buffer Overflow

Entrepreneur Dating Script 2.0.1 - 'marital' / 'gender' / 'country' / 'profileid' SQL Injection
Secure E-commerce Script 2.0.1 - 'searchcat' / 'searchmain' SQL Injection
Laundry Booking Script 1.0 - 'list?city' SQL Injection
Lawyer Search Script 1.1 - 'lawyer-list?city' SQL Injection
Multivendor Penny Auction Clone Script 1.0 - SQL Injection
Online Exam Test Application Script 1.6 - 'exams.php?sort' SQL Injection
Opensource Classified Ads Script 3.2 - SQL Injection
PHP Multivendor Ecommerce 1.0 - 'sid' / 'searchcat' / 'chid1' SQL Injection
Professional Service Script 1.0 - 'service-list?city' SQL Injection
Readymade PHP Classified Script 3.3 - 'subctid' / 'mctid' SQL Injection
Readymade Video Sharing Script 3.2 - SQL Injection
Responsive Realestate Script 3.2 - 'property-list?tbud' SQL Injection
Multireligion Responsive Matrimonial 4.7.2 - 'succid' SQL Injection
Responsive Events & Movie Ticket Booking Script 3.2.1 - 'findcity.php?q' SQL Injection
Multiplex Movie Theater Booking Script 3.1.5 - 'moid' / 'eid' SQL Injection
Single Theater Booking Script 3.2.1 - 'findcity.php?q' SQL Injection
Advanced Real Estate Script 4.0.7 - SQL Injection
Entrepreneur Bus Booking Script 3.0.4 - 'sourcebus' SQL Injection
MLM Forex Market Plan Script 2.0.4 - 'newid' / 'eventid' SQL Injection
MLM Forced Matrix 2.0.9 - 'newid' SQL Injection
Car Rental Script 2.0.4 - 'val' SQL Injection
Groupon Clone Script 3.01 - 'state_id' / 'search' SQL Injection
Muslim Matrimonial Script 3.02 - 'succid' SQL Injection
Advanced World Database 2.0.5 - SQL Injection
Resume Clone Script 2.0.5 - SQL Injection
Basic Job Site Script 2.0.5 - SQL Injection
Vanguard 1.4 - Arbitrary File Upload
Vanguard 1.4 - SQL Injection
 2017-12-12 05:02:17 +00:00
Offensive Security
cc349de5d3 DB: 2017-11-29 
4 changes to exploits/shellcodes

Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download

Linux Kernel 2.6.22 < 3.9 - 'Dirty COW PTRACE_POKEDATA' Race Condition Privilege Escalation (/etc/passwd Method)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation (/etc/passwd Method)

YaBB 1 Gold - SP 1 YaBB.pl Cross-Site Scripting
YaBB 1 Gold SP 1 - 'YaBB.pl' Cross-Site Scripting

NetPilot/Soho Blue Router 6.1.15 - Privilege Escalation

Synology StorageManager 5.2 - Remote Root Command Execution
 2017-11-29 10:22:56 +00:00
Offensive Security
f52bbcb598 DB: 2017-11-28 
15 new exploits
 2017-11-28 19:14:29 +00:00
Offensive Security
d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
 2017-11-24 20:56:23 +00:00