bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1451 commits 1 branch 0 tags 338 MiB
Commit graph

8 commits

Author SHA1 Message Date
Offensive Security
3d73ec60b6 DB: 2018-01-06 
23 changes to exploits/shellcodes

Emulive Server4 7560 - Remote Denial of Service
Emulive Server4 Build 7560 - Remote Denial of Service

ShareCenter D-Link DNS-320 - Remote reboot/shutdown/reset (Denial of Service)
D-Link DNS-320 ShareCenter - Remote Reboot/Shutdown/Reset (Denial of Service)

DNS4Me 3.0 - Denial of Service / Cross-Site Scripting

EmuLive Server4 - Authentication Bypass / Denial of Service
GetGo Download Manager 5.3.0.2712 - 'Proxy' Buffer Overflow
Microsoft Windows win32k - Using SetClassLong to Switch Between CS_CLASSDC and CS_OWNDC Corrupts DC Cache

VMware Workstation - ALSA Config File Local Privilege Escalation (Metasploit)
keene digital media server 1.0.2 - Directory Traversal variant
Xedus Web Server 1.0 - test.x 'Username' Cross-Site Scripting
Xedus Web Server 1.0 - testgetrequest.x 'Username' Cross-Site Scripting
Xedus Web Server 1.0 - Traversal Arbitrary File Access
Keene Digital Media Server 1.0.2 - Directory Traversal
Xedus Web Server 1.0 - test.x 'Username' Cross-Site Scripting
Xedus Web Server 1.0 - testgetrequest.x 'Username' Cross-Site Scripting
Xedus Web Server 1.0 - Traversal Arbitrary File Access
D-Link DNS-320 ShareCenter < 1.06 - Backdoor Access
WDMyCloud < 2.30.165 - Multiple Vulnerabilities
Ayukov NFTP FTP Client 2.0 - Buffer Overflow (Metasploit)
Cisco IOS - Remote Code Execution

Simple Machines Forum (SMF) 1.0.4 - 'modify' SQL Injection

WordPress 1.5.1.2 - xmlrpc Interface SQL Injection
WordPress 1.5.1.2 - 'xmlrpc' Interface SQL Injection

MySQL Eventum 1.5.5 - 'login.php' SQL Injection

PHP live helper 2.0.1 - Multiple Vulnerabilities
PHP Live Helper 2.0.1 - Multiple Vulnerabilities

Zen Cart 1.3.9f (typefilter) - Local File Inclusion
Zen Cart 1.3.9f - 'typefilter' Local File Inclusion

phpWebSite 0.7.3/0.8.x/0.9.x - Comment Module CM_pid Cross-Site Scripting
phpWebSite 0.7.3/0.8.x/0.9.x Comment Module - 'CM_pid' Cross-Site Scripting

YaBB 1.x/9.1.2000 - YaBB.pl IMSend Cross-Site Scripting
YaBB 1.x/9.1.2000 - 'YaBB.pl IMSend' Cross-Site Scripting
SugarCRM 1.x/2.0 Module - 'record' SQL Injection
SugarCRM 1.x/2.0 Module - Traversal Arbitrary File Access
SugarCRM 1.x/2.0 Module - 'record' SQL Injection
SugarCRM 1.x/2.0 Module - Traversal Arbitrary File Access
phpGroupWare 0.9.x - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
phpGroupWare 0.9.x - 'viewticket_details.php?ticket_id' Cross-Site Scripting
phpGroupWare 0.9.x - 'viewticket_details.php?ticket_id' SQL Injection
phpGroupWare 0.9.x - 'index.php' Multiple SQL Injections
phpGroupWare 0.9.x - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
phpGroupWare 0.9.x - 'viewticket_details.php?ticket_id' Cross-Site Scripting
phpGroupWare 0.9.x - 'viewticket_details.php?ticket_id' SQL Injection
phpGroupWare 0.9.x - 'index.php' Multiple SQL Injections
Kayako eSupport 2.x - 'index.php' Knowledgebase Cross-Site Scripting
Kayako eSupport 2.x - Ticket System Multiple SQL Injections
Kayako eSupport 2.x - 'index.php' Knowledgebase Cross-Site Scripting
Kayako eSupport 2.x - Ticket System Multiple SQL Injections

Kayako ESupport 2.3 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

Double Choco Latte 0.9.3/0.9.4 - 'main.php' Arbitrary PHP Code Execution

PHPCOIN 1.2 - 'auxpage.php?page' Traversal Arbitrary File Access
phpCoin 1.2 - 'auxpage.php?page' Traversal Arbitrary File Access
ModernGigabyte ModernBill 4.3 - 'news.php' File Inclusion
ModernGigabyte ModernBill 4.3 - 'C_CODE' Cross-Site Scripting
ModernGigabyte ModernBill 4.3 - 'Aid' Cross-Site Scripting
ModernGigabyte ModernBill 4.3 - 'news.php' File Inclusion
ModernGigabyte ModernBill 4.3 - 'C_CODE' Cross-Site Scripting
ModernGigabyte ModernBill 4.3 - 'Aid' Cross-Site Scripting
Yappa-ng 1.x/2.x - Remote File Inclusion
Yappa-ng 1.x/2.x - Cross-Site Scripting
Yappa-ng 1.x/2.x - Remote File Inclusion
Yappa-ng 1.x/2.x - Cross-Site Scripting

Notes Module for phpBB - SQL Injection
phpBB Notes Module - SQL Injection
osTicket 1.2/1.3 - Multiple Input Validation / Remote Code Injection Vulnerabilities
SitePanel2 2.6.1 - Multiple Input Validation Vulnerabilities
osTicket 1.2/1.3 - Multiple Input Validation / Remote Code Injection Vulnerabilities
SitePanel2 2.6.1 - Multiple Input Validation Vulnerabilities

Help Center Live 1.0/1.2.x - Multiple Input Validation Vulnerabilities
HelpCenter Live! 1.0/1.2.x - Multiple Input Validation Vulnerabilities

FusionBB 0.x - Multiple Input Validation Vulnerabilities
Invision Power Services Invision Gallery 1.0.1/1.3 - SQL Injection
Invision Community Blog 1.0/1.1 - Multiple Input Validation Vulnerabilities
Invision Power Services Invision Gallery 1.0.1/1.3 - SQL Injection
Invision Community Blog 1.0/1.1 - Multiple Input Validation Vulnerabilities

osCommerce 2.1/2.2 - Multiple HTTP Response Splitting Vulnerabilities

PAFaq - Question Cross-Site Scripting

PAFaq - Administrator 'Username' SQL Injection
UBBCentral UBB.Threads 5.5.1/6.x - 'download.php?Number' SQL Injection
UBBCentral UBB.Threads 5.5.1/6.x - 'calendar.php' Multiple SQL Injections
UBBCentral UBB.Threads 5.5.1/6.x - 'modifypost.php?Number' SQL Injection
UBBCentral UBB.Threads 5.5.1/6.x - 'viewmessage.php?message' SQL Injection
UBBCentral UBB.Threads 5.5.1/6.x - 'addfav.php?main' SQL Injection
UBBCentral UBB.Threads 5.5.1/6.x - 'notifymod.php?Number' SQL Injection
UBBCentral UBB.Threads 5.5.1/6.x - 'grabnext.php?posted' SQL Injection
UBBCentral UBB.Threads 5.5.1/6.x - 'download.php?Number' SQL Injection
UBBCentral UBB.Threads 5.5.1/6.x - 'calendar.php' Multiple SQL Injections
UBBCentral UBB.Threads 5.5.1/6.x - 'modifypost.php?Number' SQL Injection
UBBCentral UBB.Threads 5.5.1/6.x - 'viewmessage.php?message' SQL Injection
UBBCentral UBB.Threads 5.5.1/6.x - 'addfav.php?main' SQL Injection
UBBCentral UBB.Threads 5.5.1/6.x - 'notifymod.php?Number' SQL Injection
UBBCentral UBB.Threads 5.5.1/6.x - 'grabnext.php?posted' SQL Injection
Kayako LiveResponse 2.0 - 'index.php?Username' Cross-Site Scripting
Kayako LiveResponse 2.0 - 'index.php' Calendar Feature Multiple SQL Injections
Kayako Live Response 2.0 - 'index.php?Username' Cross-Site Scripting
Kayako Live Response 2.0 - 'index.php' Calendar Feature Multiple SQL Injections
MySQL AB Eventum 1.x - 'view.php?id' Cross-Site Scripting
MySQL AB Eventum 1.x - 'list.php?release' Cross-Site Scripting
MySQL AB Eventum 1.x - 'get_jsrs_data.php?F' Cross-Site Scripting
MySQL AB Eventum 1.x - 'view.php?id' Cross-Site Scripting
MySQL AB Eventum 1.x - 'list.php?release' Cross-Site Scripting
MySQL AB Eventum 1.x - 'get_jsrs_data.php?F' Cross-Site Scripting

RunCMS 1.1/1.2 Module Newbb_plus/Messages - SQL Injection

EyeOS 0.8.x - Session Remote Command Execution
eyeOS 0.8.x - Session Remote Command Execution

CPAINT 1.3/2.0 - 'TYPE.php' Cross-Site Scripting
CPAINT 1.3/2.0.2 - 'TYPE.php' Cross-Site Scripting

XMB Forum 1.8/1.9 - 'u2u.php?Username' Cross-Site Scripting

Zen Cart Web Shopping Cart 1.x - 'autoload_func.php?autoLoadConfig[999][0][loadFile]' Remote File Inclusion
Zen Cart Web Shopping Cart 1.3.0.2 - 'autoload_func.php?autoLoadConfig[999][0][loadFile]' Remote File Inclusion

osCommerce 2.1/2.2 - 'product_info.php' SQL Injection

CakePHP 1.1.7.3363 - 'Vendors.php' Directory Traversal

HAMweather 3.9.8 - 'template.php' Script Code Injection

Kayako SupportSuite 3.0.32 - PHP_SELF Trigger_Error Function Cross-Site Scripting
Kayako SupportSuite 3.0.32 - 'PHP_SELF Trigger_Error' Function Cross-Site Scripting

Jamroom 3.3.8 - Cookie Authentication Bypass
Kayako SupportSuite 3.x - '/visitor/index.php?sessionid' Cross-Site Scripting
Kayako SupportSuite 3.x - 'index.php?filter' Cross-Site Scripting
Kayako SupportSuite 3.x - '/staff/index.php?customfieldlinkid' SQL Injection
Kayako SupportSuite 3.x - '/visitor/index.php?sessionid' Cross-Site Scripting
Kayako SupportSuite 3.x - 'index.php?filter' Cross-Site Scripting
Kayako SupportSuite 3.x - '/staff/index.php?customfieldlinkid' SQL Injection

Vanilla 1.1.4 - HTML Injection / Cross-Site Scripting

UBBCentral UBB.Threads 7.3.1 - 'Forum[]' Array SQL Injection
gps-server.net GPS Tracking Software < 3.1 - Multiple Vulnerabilities
Zen Cart < 1.3.8a - SQL Injection
PHP Topsites < 2.2 - Multiple Vulnerabilities
phpLinks < 2.1.2 - Multiple Vulnerabilities
P-Synch < 6.2.5 - Multiple Vulnerabilities
WinMX < 2.6 - Design Error
FTP Service < 1.2 - Multiple Vulnerabilities
MegaBrowser < 0.71b - Multiple Vulnerabilities
Max Web Portal < 1.30 - Multiple Vulnerabilities
Snitz Forums 2000 < 3.4.0.3 - Multiple Vulnerabilities
Gespage 7.4.8 - SQL Injection

Linux/x86 - Reverse TCP /bin/sh Shell (127.1.1.1:8888/TCP) Null-Free Shellcode (67/69 bytes)
 2018-01-06 05:02:14 +00:00
Offensive Security
3eec0e4999 DB: 2018-01-04 
4 changes to exploits/shellcodes

Kingsoft Antivirus/Internet Security 9+ - Privilege Escalation
WordPress Plugin Smart Google Code Inserter < 3.5 - Authentication Bypass  / SQL Injection
EMC xPression 4.5SP1 Patch 13 - 'model.jobHistoryId' SQL Injection
 2018-01-04 05:02:14 +00:00
Offensive Security
f0d075a5de DB: 2017-12-22 
6 changes to exploits/shellcodes

Ruby < 2.2.8 / < 2.3.5 / < 2.4.2 / < 2.5.0-preview1 - 'NET::Ftp' Command Injection

Zabbix Agent 3.0.1 - mysql.size Shell Command Injection
Zabbix Agent 3.0.1 - 'mysql.size' Shell Command Injection
Cisco IOS 12.2 < 12.4 /  15.0 < 15.6 - Security Association Negotiation Request Device Memory
Technicolor DPC3928SL - SNMP Authentication Bypass
Fortinet FortiGate 4.x < 5.0.7 - SSH Backdoor
Netcore / Netis Routers - UDP Backdoor

NETGEAR R7000 - Command Injection
NETGEAR R7000 - Command Injection (PoC)

Conarc iChannel - Improper Access Restrictions
 2017-12-22 05:02:19 +00:00
Offensive Security
307f5f46af DB: 2017-12-21 
4 changes to exploits/shellcodes

Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)' Double-Write Ring-0 Address Leak

Samsung Internet Browser - SOP Bypass (Metasploit)
Ability Mail Server 3.3.2 - Cross-Site Scripting
BEIMS ContractorWeb 5.18.0.0 - SQL Injection
 2017-12-21 05:02:15 +00:00
Offensive Security
f76fbb1072 DB: 2017-12-19 
19 changes to exploits/shellcodes

CDex 1.96 - Buffer Overflow
Zoom Linux Client 2.0.106600.0904 - Command Injection
Zoom Linux Client 2.0.106600.0904 - Stack-Based Buffer Overflow

Firejail - Local Privilege Escalation

Firejail < 0.9.44.4 / < 0.9.38.8 LTS - Local Sandbox Escape

Linux kernel < 4.10.15 - Race Condition Privilege Escalation
Outlook for Android - Attachment Download Directory Traversal
Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit)
GoAhead httpd 2.5 < 3.6.5 - 'LD_PRELOAD' Remote Code Execution

Joomla! Component Guru Pro - SQL Injection
Joomla! Component Guru Pro - 'Itemid' SQL Injection
Joomla! Component User Bench 1.0 - 'userid' SQL Injection
Joomla! Component My Projects 2.0 - SQL Injection
vBulletin 5 - 'routestring' Unauthenticated Remote Code Execution
vBulletin 5 - 'cacheTemplates' Unauthenticated Remote Arbitrary File Deletion
Linksys WVBR0 - 'User-Agent' Remote Command Injection
Joomla! Component JB Visa 1.0 - 'visatype' SQL Injection
Joomla! Component Guru Pro - 'promocode' SQL Injection

Monstra CMS 3.0.4 - Arbitrary File Upload / Remote Code Execution
 2017-12-19 05:02:17 +00:00
Offensive Security
bb8b231f69 DB: 2017-12-02 
8 changes to exploits/shellcodes

6 new exploits/shellcodes

Abyss Web Server < 2.11.6 - Heap Memory Corruption

HP iMC Plat 7.2 - Remote Code Execution

HP iMC Plat 7.2 - Remote Code Execution (2)

Kodi 15 - Web Interface Arbitrary File Access (
Kodi 15 - Web Interface Arbitrary File Access
Jobs2Careers / Coroflot Clone - SQL Injection
MistServer 2.12 - Cross-Site Scripting
Artica Web Proxy 3.06 - Remote Code Execution
 2017-12-02 05:02:32 +00:00
Offensive Security
f52bbcb598 DB: 2017-11-28 
15 new exploits
 2017-11-28 19:14:29 +00:00
Offensive Security
d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
 2017-11-24 20:56:23 +00:00