Offensive Security
764ac4bf5c
DB: 2019-04-03
...
13 changes to exploits/shellcodes
AIDA64 Extreme Edition 5.99.4800 - Local SEH Buffer Overflow
Mozilla Firefox 3 - 'ftp://' URL Multiple File Format Handling Cross-Site Scripting Vulnerabilities
Google Chrome 0.2.149 - 'ftp://' URL Multiple File Format Handling Cross-Site Scripting Vulnerabilities
Inout EasyRooms - SQL Injection
Inout RealEstate - 'city' SQL Injection
WordPress Plugin PayPal Checkout Payment Gateway 1.6.8 - Parameter Tampering
JioFi 4G M2S 1.0.2 - Cross-Site Request Forgery
LimeSurvey < 3.16 - Remote Code Execution
CMS Made Simple < 2.2.10 - SQL Injection
Fiverr Clone Script 1.2.2 - SQL Injection / Cross-Site Scripting
phpFileManager 1.7.8 - Local File Inclusion
2019-04-03 05:02:02 +00:00
Offensive Security
790034e7df
DB: 2019-03-16
...
7 changes to exploits/shellcodes
Mail Carrier 2.5.1 - 'MAIL FROM' Buffer Overflow
NetData 1.13.0 - HTML Injection
CMS Made Simple Showtime2 Module 3.6.2 - Authenticated Arbitrary File Upload
ICE HRM 23.0 - Multiple Vulnerabilities
Vembu Storegrid Web Interface 4.4.0 - Multiple Vulnerabilities
Laundry CMS - Multiple Vulnerabilities
Moodle 3.4.1 - Remote Code Execution
2019-03-16 05:01:58 +00:00
Offensive Security
b4e61d43c1
DB: 2019-03-15
...
6 changes to exploits/shellcodes
Microsoft Windows - .reg File / Dialog Box Message Spoofing
Microsoft Windows - '.reg' File / Dialog Box Message Spoofing
FTPGetter Standard 5.97.0.177 - Remote Code Execution
Apache UNO / LibreOffice Version: 6.1.2 / OpenOffice 4.1.6 API - Remote Code Execution
Intel Modular Server System 10.18 - Cross-Site Request Forgery (Change Admin Password)
Pegasus CMS 1.0 - 'extra_fields.php' Plugin Remote Code Execution
2019-03-15 05:01:51 +00:00
Offensive Security
c5fbc00e3e
DB: 2019-03-14
...
8 changes to exploits/shellcodes
Microsoft Windows - .reg File / Dialog Box Message Spoofing
Core FTP Server FTP / SFTP Server v2 Build 674 - 'MDTM' Directory Traversal
Core FTP Server FTP / SFTP Server v2 Build 674 - 'SIZE' Directory Traversal
Microsoft Windows MSHTML Engine - _Edit_ Remote Code Execution
elFinder PHP Connector < 2.1.48 - exiftran Command Injection (Metasploit)
Apache Tika-server < 1.18 - Command Injection
WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion
pfSense 2.4.4-p1 (HAProxy Package 0.59_14) - Persistent Cross-Site Scripting
2019-03-14 05:01:58 +00:00
Offensive Security
880bbe402e
DB: 2019-03-08
...
14991 changes to exploits/shellcodes
HTC Touch - vCard over IP Denial of Service
TeamSpeak 3.0.0-beta25 - Multiple Vulnerabilities
PeerBlock 1.1 - Blue Screen of Death
WS10 Data Server - SCADA Overflow (PoC)
Symantec Endpoint Protection 12.1.4013 - Service Disabling
Memcached 1.4.33 - 'Crash' (PoC)
Memcached 1.4.33 - 'Add' (PoC)
Memcached 1.4.33 - 'sasl' (PoC)
Memcached 1.4.33 - 'Crash' (PoC)
Memcached 1.4.33 - 'Add' (PoC)
Memcached 1.4.33 - 'sasl' (PoC)
Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow
man-db 2.4.1 - 'open_cat_stream()' Local uid=man
CDRecord's ReadCD - '$RSH exec()' SUID Shell Creation
CDRecord's ReadCD - Local Privilege Escalation
Anyburn 4.3 x86 - 'Copy disc to image file' Buffer Overflow (Unicode) (SEH)
FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)
CCProxy 6.2 - 'ping' Remote Buffer Overflow
Savant Web Server 3.1 - Remote Buffer Overflow (2)
Litespeed Web Server 4.0.17 with PHP (FreeBSD) - Remote Overflow
Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)
Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit)
Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit)
Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass)
TeamCity < 9.0.2 - Disabled Registration Bypass
OpenSSH SCP Client - Write Arbitrary Files
Kados R10 GreenBee - Multiple SQL Injection
WordPress Core 5.0 - Remote Code Execution
phpBB 3.2.3 - Remote Code Execution
Linux/x86 - Create File With Permission 7775 + exit() Shellcode (Generator)
Linux/x86 - setreuid(0_0) + execve(/bin/ash_NULL_NULL) + XOR Encoded Shellcode (58 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/csh__ [/bin/csh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/ksh__ [/bin/ksh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/zsh__ [/bin/zsh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(/bin/ash_NULL_NULL) + XOR Encoded Shellcode (58 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/csh__ [/bin/csh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/ksh__ [/bin/ksh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/zsh__ [/bin/zsh_ NULL]) + XOR Encoded Shellcode (53 bytes)
2019-03-08 05:01:50 +00:00
Offensive Security
e2ed64fffa
DB: 2019-02-23
...
5 changes to exploits/shellcodes
WebKit JSC - reifyStaticProperty Needs to set the PropertyAttribute::CustomAccessor flag for CustomGetterSetter
Nuuo Central Management - Authenticated SQL Server SQL Injection (Metasploit)
Quest NetVault Backup Server < 11.4.5 - Process Manager Service SQL Injection / Remote Code Execution
Micro Focus Filr 3.4.0.217 - Path Traversal / Local Privilege Escalation
Teracue ENC-400 - Command Injection / Missing Authentication
2019-02-23 05:01:55 +00:00
Offensive Security
cd868436ff
DB: 2019-02-19
...
25 changes to exploits/shellcodes
Realterm Serial Terminal 2.0.0.70 - Denial of Service
Realterm Serial Terminal 2.0.0.70 - Local Buffer Overflow (SEH)
NBMonitor 1.6.5.0 - 'Key' Denial of Service (PoC)
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During OTF Font Rendering in glyph_CloseContour
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in OpenTypeLayoutEngine::adjustGlyphPositions
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in ExtractBitMap_blocClass
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in AlternateSubstitutionSubtable::process
mIRC < 7.55 - Remote Command Execution Using Argument Injection Through Custom URI Protocol Handlers
qdPM 9.1 - 'type' Cross-Site Scripting
qdPM 9.1 - 'search[keywords]' Cross-Site Scripting
Master IP CAM 01 3.3.4.2103 - Remote Command Execution
MISP 2.4.97 - SQL Command Execution via Command Injection in STIX Module
CMSsite 1.0 - 'post' SQL Injection
M/Monit 3.7.2 - Privilege Escalation
Webiness Inventory 2.3 - 'ProductModel' Arbitrary File Upload
Apache CouchDB 2.3.0 - Cross-Site Scripting
ArangoDB Community Edition 3.4.2-1 - Cross-Site Scripting
Comodo Dome Firewall 2.7.0 - Cross-Site Scripting
Zoho ManageEngine ServiceDesk Plus (SDP) < 10.0 build 10012 - Arbitrary File Upload
WordPress Plugin WooCommerce - GloBee (cryptocurrency) Payment Gateway 1.1.1 - Payment Bypass / Unauthorized Order Status Spoofing
macOS - Reverse (::1:4444/TCP) Shell (/bin/sh) +IPv6 Shellcode (119 bytes)
macOS - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (129 bytes)
macOS - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (103 bytes)
macOS - Bind (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (123 bytes)
macOS - execve(/bin/sh) + Null-Free Shellcode (31 bytes)
2019-02-19 05:02:08 +00:00
Offensive Security
9e738d6dae
DB: 2019-01-23
...
3 changes to exploits/shellcodes
CloudMe Sync 1.11.2 - Buffer Overflow + Egghunt
Microsoft Windows VCF or Contact' File - URL Manipulation-Spoof Arbitrary Code Execution
PHP Dashboards NEW 5.8 - Local File Inclusion
PHP Uber-style GeoTracking 1.1 - SQL Injection
Adianti Framework 5.5.0 - SQL Injection
PHP Dashboards NEW 5.8 - Local File Inclusion
PHP Uber-style GeoTracking 1.1 - SQL Injection
Adianti Framework 5.5.0 - SQL Injection
Joomla! Component Easy Shop 1.2.3 - Local File Inclusion
2019-01-23 05:01:52 +00:00
Offensive Security
c6ebf8bc23
DB: 2018-12-19
...
10 changes to exploits/shellcodes
VMware Fusion 2.0.5 - vmx86 kext Local Buffer Overflow (PoC)
Microsoft Windows - 'jscript!JsArrayFunctionHeapSort' Out-of-Bounds Write
AnyBurn 4.3 - Local Buffer Overflow Denial of Service
Exel Password Recovery 8.2.0.0 - Local Buffer Overflow Denial of Service
MegaPing - Local Buffer Overflow Denial of Service
Exim 4.41 - 'dns_build_reverse' Local
Exim 4.41 - 'dns_build_reverse' Local Buffer Overflow
Microsoft Jet Database - 'msjet40.dll' Reverse Shell (2)
Microsoft Jet Database - 'msjet40.dll' Code Execution (Reverse Shell) (2)
Microsoft Windows Server 2003 - Token Kidnapping Local
Microsoft Windows Server 2003 - Token Kidnapping Local Privilege Escalation
VMware Fusion 2.0.5 - vmx86 kext Local
Nsauditor 3.0.28.0 - Local SEH Buffer Overflow
Google Android 2.0 < 2.1 - Reverse Shell
Google Android 2.0 < 2.1 - Code Execution (Reverse Shell 10.0.2.2:2222/TCP)
MiniShare 1.4.1 - Remote Buffer Overflow HEAD and POST Method
SDL Web Content Manager 8.5.0 - XML External Entity Injection
2018-12-19 05:01:45 +00:00
Offensive Security
9bd9fb0da3
DB: 2018-12-11
...
2 changes to exploits/shellcodes
Adiscon LogAnalyzer 4.1.7 - Cross-Site Scripting
DomainMOD 4.11.01 - 'DisplayName' Cross-Site Scripting
Adiscon LogAnalyzer < 4.1.7 - Cross-Site Scripting
DomainMOD 4.11.01 - 'DisplayName' Cross-Site Scripting
2018-12-11 05:01:44 +00:00
Offensive Security
60710bbfd9
DB: 2018-12-05
...
19 changes to exploits/shellcodes
Microsoft Lync for Mac 2011 - Injection Forced Browsing/Download
Wireshark - 'cdma2k_message_ACTIVE_SET_RECORD_FIELDS' Stack Corruption
Wireshark - 'find_signature' Heap Out-of-Bounds Read
Xorg X11 Server (AIX) - Local Privilege Escalation
Emacs - movemail Privilege Escalation (Metasploit)
OpenSSH < 7.7 - User Enumeration (2)
HP Intelligent Management - Java Deserialization RCE (Metasploit)
Rockwell Automation Allen-Bradley PowerMonitor 1000 - Incorrect Access Control Authentication Bypass
DomainMOD 4.11.01 - Owner name Field Cross-Site Scripting
NEC Univerge Sv9100 WebPro - 6.00 - Predictable Session ID / Clear Text Password Storage
KeyBase Botnet 1.5 - SQL Injection
Dolibarr ERP/CRM 8.0.3 - Cross-Site Scripting
DomainMOD 4.11.01 - Custom Domain Fields Cross-Site Scripting
DomainMOD 4.11.01 - Custom SSL Fields Cross-Site Scripting
NUUO NVRMini2 3.9.1 - Authenticated Command Injection
DomainMOD 4.11.01 - Registrar Cross-Site Scripting
FreshRSS 1.11.1 - Cross-Site Scripting
Linux/x86 - /usr/bin/head -n99 cat etc/passwd Shellcode (61 Bytes)
Linux/x64 - Reverse (0.0.0.0:1907/TCP) Shell Shellcode (119 Bytes)
2018-12-05 05:01:44 +00:00
Offensive Security
0a4925cc93
DB: 2018-12-04
...
10 changes to exploits/shellcodes
Mozilla Firefox 63.0.1 - Denial of Service (PoC)
Budabot 4.0 - Denial of Service (PoC)
CyberArk 9.7 - Memory Disclosure
Fleetco Fleet Maintenance Management 1.2 - Remote Code Execution
Rockwell Automation Allen-Bradley PowerMonitor 1000 - Cross-Site Scripting
PaloAlto Networks Expedition Migration Tool 1.0.106 - Information Disclosure
Joomla! Component JE Photo Gallery 1.1 - 'categoryid' SQL Injection
PHP Server Monitor 3.3.1 - Cross-Site Request Forgery
Apache Superset 0.23 - Remote Code Execution
Wordpress Plugins Advanced-Custom-Fields 5.7.7 - Cross-Site Scripting
2018-12-04 05:01:48 +00:00
Offensive Security
dfd1e454e1
DB: 2018-11-28
...
10 changes to exploits/shellcodes
MariaDB Client 10.1.26 - Denial of Service (PoC)
Arm Whois 3.11 - Buffer Overflow (ASLR)
Xorg X11 Server - SUID privilege escalation (Metasploit)
ELBA5 5.8.0 - Remote Code Execution
Netgear Devices - Unauthenticated Remote Command Execution (Metasploit)
Ricoh myPrint 2.9.2.4 - Hard-Coded Credentials
WordPress Plugins Easy Testimonials 3.2 - Cross-Site Scripting
Ticketly 1.0 - 'kind_id' SQL Injection
No-Cms 1.0 - 'order_by' SQL Injection
Zyxel VMG1312-B10D 5.13AAXA.8 - Directory Traversal
2018-11-28 11:08:29 +00:00
Offensive Security
832a222df4
DB: 2018-10-26
...
21 changes to exploits/shellcodes
ServersCheck Monitoring Software 14.3.3 - Denial of Service (PoC)
BORGChat 1.0.0 build 438 - Denial of Service (PoC)
libtiff 4.0.9 - Decodes Arbitrarily Sized JBIG into a Target Buffer
Adult Filter 1.0 - Buffer Overflow (SEH)
WebEx - Local Service Permissions Exploit (Metasploit)
exim 4.90 - Remote Code Execution
ServersCheck Monitoring Software 14.3.3 - Arbitrary File Write
exim 4.90 - Remote Code Execution
WebExec - Authenticated User Code Execution (Metasploit)
ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution
Ekushey Project Manager CRM 3.1 - Cross-Site Scripting
phptpoint Pharmacy Management System 1.0 - 'username' SQL injection
phptpoint Hospital Management System 1.0 - 'user' SQL injection
Simple Chat System 1.0 - 'id' SQL Injection
Delta Sql 1.8.2 - Arbitrary File Upload
User Management 1.1 - Cross-Site Scripting
ClipBucket 2.8 - 'id' SQL Injection
Simple POS and Inventory 1.0 - 'cat' SQL Injection
AiOPMSD Final 1.0.0 - 'q' SQL Injection
AjentiCP 1.2.23.13 - Cross-Site Scripting
MPS Box 0.1.8.0 - 'uuid' SQL Injection
Open STA Manager 2.3 - Arbitrary File Download
2018-10-26 05:01:46 +00:00
Offensive Security
635345499a
DB: 2018-10-18
...
15 changes to exploits/shellcodes
Git Submodule - Arbitrary Code Execution
Git Submodule - Arbitrary Code Execution (PoC)
Any Sound Recorder 2.93 - Buffer Overflow (SEH)
Git Submodule - Arbitrary Code Execution
Microsoft Windows Server 2008 R2 (x64) - 'SrvOs2FeaToNt' SMB Remote Code Execution (MS17-010)
Microsoft Windows Windows 7/2008 R2 (x64) - 'EternalBlue' SMB Remote Code Execution (MS17-010)
Microsoft Windows Windows 7/2008 R2 - 'EternalBlue' SMB Remote Code Execution (MS17-010)
FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials
BigTree CMS 4.2.23 - Cross-Site Scripting
Time and Expense Management System 3.0 - Cross-Site Request Forgery (Add Admin)
TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure
Time and Expense Management System 3.0 - 'table' SQL Injection
2018-10-18 05:01:46 +00:00
Offensive Security
731dd0f423
DB: 2018-10-16
...
22 changes to exploits/shellcodes
Snes9K 0.0.9z - Buffer Overflow (SEH)
NoMachine < 5.3.27 - Remote Code Execution
MaxOn ERP Software 8.x-9.x - 'nomor' SQL Injection
FLIR Brickstream 3D+ - RTSP Stream Disclosure
FLIR AX8 Thermal Camera 1.32.16 - RTSP Stream Disclosure
CAMALEON CMS 2.4 - Cross-Site Scripting
Academic Timetable Final Build 7.0a-7.0b - 'id' SQL Injection
FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure
FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure
Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin)
AlchemyCMS 4.1 - Cross-Site Scripting
FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution
College Notes Management System 1.0 - 'user' SQL Injection
Advanced HRM 1.6 - Remote Code Execution
Centos Web Panel 0.9.8.480 - Multiple Vulnerabilities
Academic Timetable Final Build 7.0 - Information Disclosure
KORA 2.7.0 - 'cid' SQL Injection
2018-10-16 05:01:45 +00:00
Offensive Security
6fe17058fb
DB: 2018-10-10
...
15 changes to exploits/shellcodes
Microsoft Edge Chakra JIT - 'BailOutOnInvalidatedArrayHeadSegment' Check Bypass
Microsoft Edge Chakra JIT - Type Confusion
Seqrite End Point Security 7.4 - Privilege Escalation
Free MP3 CD Ripper 2.8 - '.wma' Buffer Overflow (SEH) (DEP Bypass)
360 3.5.0.1033 - Sandbox Escape
ghostscript - executeonly Bypass with errorhandler Setup
ifwatchd - Privilege Escalation (Metasploit)
FTPShell Server 6.80 - 'Add Account Name' Buffer Overflow (SEH)
Delta Electronics Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow (Metasploit)
Wikidforum 2.20 - 'select_sort' SQL Injection
Wikidforum 2.20 - 'message_id' SQL Injection
Monstra 3.0.4 - Cross-Site Scripting
2018-10-10 05:01:44 +00:00
Offensive Security
a54a696d48
DB: 2018-09-29
...
2 changes to exploits/shellcodes
Linux - VMA Use-After-Free via Buggy vmacache_flush_all() Fastpath
Linux Kernel - VMA Use-After-Free via Buggy vmacache_flush_all() Fastpath Local Privilege Escalation
PCProtect 4.8.35 - Privilege Escalation
Microsoft Edge - Sandbox Escape
2018-09-29 05:01:58 +00:00
Offensive Security
ed0e1e4d44
DB: 2018-09-25
...
1979 changes to exploits/shellcodes
Couchdb 1.5.0 - 'uuids' Denial of Service
Apache CouchDB 1.5.0 - 'uuids' Denial of Service
Beyond Remote 2.2.5.3 - Denial of Service (PoC)
udisks2 2.8.0 - Denial of Service (PoC)
Termite 3.4 - Denial of Service (PoC)
SoftX FTP Client 3.3 - Denial of Service (PoC)
Silverstripe 2.3.5 - Cross-Site Request Forgery / Open redirection
SilverStripe CMS 2.3.5 - Cross-Site Request Forgery / Open Redirection
Silverstripe CMS 3.0.2 - Multiple Vulnerabilities
SilverStripe CMS 3.0.2 - Multiple Vulnerabilities
Silverstripe CMS 2.4 - File Renaming Security Bypass
SilverStripe CMS 2.4 - File Renaming Security Bypass
Silverstripe CMS 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities
SilverStripe CMS 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities
Silverstripe CMS 2.4.7 - 'install.php' PHP Code Injection
SilverStripe CMS 2.4.7 - 'install.php' PHP Code Injection
Silverstripe Pixlr Image Editor - 'upload.php' Arbitrary File Upload
SilverStripe CMS Pixlr Image Editor - 'upload.php' Arbitrary File Upload
Silverstripe CMS 2.4.x - 'BackURL' Open Redirection
SilverStripe CMS 2.4.x - 'BackURL' Open Redirection
Silverstripe CMS - 'MemberLoginForm.php' Information Disclosure
SilverStripe CMS - 'MemberLoginForm.php' Information Disclosure
Silverstripe CMS - Multiple HTML Injection Vulnerabilities
SilverStripe CMS - Multiple HTML Injection Vulnerabilities
Apache CouchDB 1.7.0 and 2.x before 2.1.1 - Remote Privilege Escalation
Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation
Monstra CMS before 3.0.4 - Cross-Site Scripting
Monstra CMS < 3.0.4 - Cross-Site Scripting (2)
Monstra CMS < 3.0.4 - Cross-Site Scripting
Monstra CMS < 3.0.4 - Cross-Site Scripting (1)
Navigate CMS 2.8 - Cross-Site Scripting
Collectric CMU 1.0 - 'lang' SQL injection
Joomla! Component CW Article Attachments 1.0.6 - 'id' SQL Injection
LG SuperSign EZ CMS 2.5 - Remote Code Execution
MyBB Visual Editor 1.8.18 - Cross-Site Scripting
Joomla! Component AMGallery 1.2.3 - 'filter_category_id' SQL Injection
Joomla! Component Micro Deal Factory 2.4.0 - 'id' SQL Injection
RICOH Aficio MP 301 Printer - Cross-Site Scripting
Joomla! Component Auction Factory 4.5.5 - 'filter_order' SQL Injection
RICOH MP C6003 Printer - Cross-Site Scripting
Linux/ARM - Egghunter (PWN!) + execve(_/bin/sh__ NULL_ NULL) Shellcode (28 Bytes)
Linux/ARM - sigaction() Based Egghunter (PWN!) + execve(_/bin/sh__ NULL_ NULL) Shellcode (52 Bytes)
2018-09-25 05:01:51 +00:00
Offensive Security
29542c36ab
DB: 2018-09-19
...
7 changes to exploits/shellcodes
Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service (PoC)
Microsoft Edge Chakra - 'PathTypeHandlerBase::SetAttributesHelper' Type Confusion
Microsoft Edge Chakra JIT - 'localeCompare' Type Confusion
Solaris - libnspr NSPR_LOG_FILE Privilege Escalation (Metasploit)
NUUO NVRMini2 3.8 - 'cgi_system' Buffer Overflow (Enable Telnet)
Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution
HongCMS 3.0.0 - SQL Injection
HongCMS 3.0.0 - (Authenticated) SQL Injection
Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Scripting
WordPress Plugin Arigato Autoresponder and Newsletter 2.5 - Blind SQL Injection / Reflected Cross-Site Scripting
Linux/ARM - Jump Back Shellcode + execve(_/bin/sh__ NULL_ NULL) Shellcode (4 Bytes)
2018-09-19 05:01:45 +00:00
Offensive Security
1e34c2b6a5
DB: 2018-08-14
...
11 changes to exploits/shellcodes
IP Finder 1.5 - Denial of Service (PoC)
Acunetix WVS 10.0 Build 20150623 - Denial of Service (PoC)
PLC Wireless Router GPN2.4P21-C-CN - Denial of Service
Switch Port Mapping Tool 2.81.2 - 'Name Field' Denial of Service (PoC)
Monitoring software iSmartViewPro 1.5 - 'SavePath for ScreenShots' Buffer Overflow
PostgreSQL 9.4-0.5.3 - Privilege Escalation
Android - Directory Traversal over USB via Injection in blkid Output
Microsoft DirectX SDK - 'Xact.exe' Remote Code Execution
Oracle Weblogic Server - Deserialization Remote Code Execution (Metasploit)
Monstra-Dev 3.0.4 - Cross-Site Request Forgery(Account Hijacking)
Monstra-Dev 3.0.4 - Cross-Site Request Forgery (Account Hijacking)
IBM Sterling B2B Integrator 5.2.0.1/5.2.6.3 - Cross-Site Scripting
Linux/x64 - Add Root User (toor/toor) Shellcode (99 bytes)
2018-08-14 05:01:45 +00:00
Offensive Security
1d21694058
DB: 2018-08-10
...
13 changes to exploits/shellcodes
reSIProcate 1.10.2 - Heap Overflow
CloudMe Sync 1.10.9 - Buffer Overflow (SEH)(DEP Bypass)
AgataSoft Auto PingMaster 1.5 - Buffer Overflow (SEH)
Linux Kernel 4.14.7 (Ubuntu 16.04 / CentOS 7) - (KASLR & SMEP Bypass) Arbitrary File Read
Mikrotik WinBox 6.42 - Credential Disclosure (Metasploit)
Kirby CMS 2.5.12 - Cross-Site Request Forgery (Delete Page)
Responsive Filemanager 9.13.1 - Server-Side Request Forgery
Craft CMS SEOmatic plugin 3.1.4 - Server-Side Template Injection
Sitecore.Net 8.1 - Directory Traversal
Monstra 3.0.4 - Cross-Site Scripting
TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery (Remote Reboot)
TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery (Information Disclosure)
2018-08-10 05:01:46 +00:00
Offensive Security
300aada6a5
DB: 2018-07-24
...
7 changes to exploits/shellcodes
Windows Speech Recognition - Buffer Overflow
Knox Software Arkeia 4.0 - Backup Local Overflow
Knox Arkeia 4.0 Backup - Local Overflow
Splinterware System Scheduler Pro 5.12 - Buffer Overflow (SEH)
Knox Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit)
Knox Arkeia Backup Client 5.3.3 Type 77 (OSX) - Overflow (Metasploit)
Microsoft Windows - 'dnslint.exe' Drive-By Download
NUUO NVRmini - 'upgrade_handle.php' Remote Command Execution
Davolink DVW 3200 Router - Password Disclosure
Tenda Wireless N150 Router 5.07.50 - Cross-Site Request Forgery (Reboot Router)
Linux/x86 - Bind (4444/TCP) Shell + IPv6 Shellcode (100 bytes)
2018-07-24 05:01:45 +00:00
Offensive Security
727943f775
DB: 2018-07-10
...
8 changes to exploits/shellcodes
Tor Browser < 0.3.2.10 - Use After Free (PoC)
Boxoft WAV to WMA Converter 1.0 - Local Buffer Overflow (SEH)
Activision Infinity Ward Call of Duty Modern Warfare 2 - Buffer Overflow
HP VAN SDN Controller - Root Command Injection (Metasploit)
HID discoveryd - command_blink_on Unauthenticated RCE (Metasploit)
GitList 0.6.0 - Argument Injection (Metasploit)
Umbraco CMS SeoChecker Plugin 1.9.2 - Cross-Site Scripting
Linux/x86 - Kill Process Shellcode (20 bytes)
2018-07-10 05:01:55 +00:00
Offensive Security
5e6d432161
DB: 2018-07-07
...
2 changes to exploits/shellcodes
PolarisOffice 2017 8 - Remote Code Execution
Airties AIR5444TT - Cross-Site Scripting
2018-07-07 05:01:49 +00:00
Offensive Security
e8a3702c6c
DB: 2018-07-03
...
11 changes to exploits/shellcodes
Core FTP LE 2.2 - Buffer Overflow (PoC)
SIPp 3.6 - Local Buffer Overflow (PoC)
Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow (PoC)
Enhanced Mitigation Experience Toolkit (EMET) - XML External Entity Injection
FTPShell client 6.70 (Enterprise edition) - Stack Buffer Overflow (Metasploit)
Nagios XI 5.2.6-5.4.12 - Chained Remote Code Execution (Metasploit)
Geutebruck 5.02024 G-Cam/EFD-2250 - Remote Command Execution (Metasploit)
Geutebruck 5.02024 G-Cam/EFD-2250 - 'testaction.cgi' Remote Command Execution (Metasploit)
Geutebruck 5.02024 G-Cam/EFD-2250 - 'simple_loglistjs.cgi' Remote Command Execution (Metasploit)
VMware NSX SD-WAN Edge < 3.1.2 - Command Injection
DAMICMS 6.0.0 - Cross-Site Request Forgery (Add Admin)
Dolibarr ERP CRM < 7.0.3 - PHP Code Injection
Linux/x86 - Execve /bin/cat /etc/passwd Shellcode (37 bytes)
2018-07-03 05:01:48 +00:00
Offensive Security
d8206fb5eb
DB: 2018-06-26
...
13 changes to exploits/shellcodes
KVM (Nested Virtualization) - L1 Guest Privilege Escalation
DIGISOL DG-BR4000NG - Buffer Overflow (PoC)
Foxit Reader 9.0.1.1049 - Remote Code Execution
WordPress Plugin iThemes Security < 7.0.3 - SQL Injection
phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion
phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion (1)
phpMyAdmin 4.8.1 - Local File Inclusion
phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion (2)
WordPress Plugin Advanced Order Export For WooCommerce < 1.5.4 - CSV Injection
Ecessa Edge EV150 10.7.4 - Cross-Site Request Forgery (Add Superuser)
Intex Router N-150 - Cross-Site Request Forgery (Add Admin)
DIGISOL DG-BR4000NG - Cross-Site Scripting
Ecessa WANWorx WVR-30 < 10.7.4 - Cross-Site Request Forgery (Add Superuser)
AsusWRT RT-AC750GF - Cross-Site Request Forgery (Change Admin Password)
Ecessa ShieldLink SL175EHQ < 10.7.4 - Cross-Site Request Forgery (Add Superuser)
Intex Router N-150 - Arbitrary File Upload
WordPress Plugin Comments Import & Export < 2.0.4 - CSV Injection
2018-06-26 05:01:46 +00:00
Offensive Security
41ea196761
DB: 2018-05-19
...
12 changes to exploits/shellcodes
Microsoft Edge - 'Array.filter' Info Leak
Microsoft Edge - 'Array.filter' Information Leak
Microsoft Edge Chakra JIT - Bound Check Elimination Bug
Windows - Local Privilege Escalation
Windows WMI - Recieve Notification Exploit (Metasploit)
Microsoft Windows - Local Privilege Escalation
Microsoft Windows WMI - Recieve Notification Exploit (Metasploit)
Microsoft Xbox One 10.0.14393.2152 - Code Execution (PoC)
Prime95 29.4b8 - Stack Buffer Overflow (SEH)
DynoRoot DHCP - Client Command Injection
Linux 4.8.0 < 4.8.0-46 - AF_PACKET packet_set_ring Privilege Escalation (Metasploit)
Microsoft Edge (Windows 10) - 'chakra.dll' Info Leak / Type Confusion Remote Code Execution
Microsoft Edge (Windows 10) - 'chakra.dll' Information Leak / Type Confusion Remote Code Execution
Windows - 'EternalRomance'/'EternalSynergy'/'EternalChampion' SMB Remote Code Execution (Metasploit) (MS17-010)
Microsoft Windows - 'EternalRomance'/'EternalSynergy'/'EternalChampion' SMB Remote Code Execution (Metasploit) (MS17-010)
HPE iMC 7.3 - Remote Code Execution (Metasploit)
Healwire Online Pharmacy 3.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery
Monstra CMS before 3.0.4 - Cross-Site Scripting
SAP NetWeaver Web Dynpro 6.4 < 7.5 - Information Disclosure
Infinity Market Classified Ads Script 1.6.2 - Cross-Site Request Forgery
Cisco SA520W Security Appliance - Path Traversal
SAP B2B / B2C CRM 2.x < 4.x - Local File Inclusion
2018-05-19 05:01:48 +00:00
Offensive Security
5aca1b9763
DB: 2018-05-18
...
8 changes to exploits/shellcodes
Linux < 4.16.9 / < 4.14.41 - 4-byte Infoleak via Uninitialized Struct Field in compat adjtimex Syscall
Libuser - roothelper Privilege Escalation (Metasploit)
Libuser - 'roothelper' Privilege Escalation (Metasploit)
Inteno IOPSYS 2.0 - 4.2.0 p910nd - Remote Command Execution
Inteno IOPSYS 2.0 < 4.2.0 - 'p910nd' Remote Command Execution
Nanopool Claymore Dual Miner 7.3 - Remote Code Execution
Jenkins CLI - HTTP Java Deserialization (Metasploit)
Apache Struts 2 - Struts 1 Plugin Showcase OGNL Code Execution (Metasploit)
NodAPS 4.0 - SQL injection / Cross-Site Request Forgery
Intelbras NCLOUD 300 1.0 - Authentication bypass
SuperCom Online Shopping Ecommerce Cart 1 - Persistent Cross-Site scripting / Cross site request forgery / Authentication bypass
Powerlogic/Schneider Electric IONXXXX Series - Cross-Site Request Forgery
2018-05-18 05:01:49 +00:00
Offensive Security
0ca4688023
DB: 2018-05-14
...
3 changes to exploits/shellcodes
Microsoft Windows 2003 SP2 - 'RRAS' SMB Remote Code Execution
WUZHI CMS 4.1.0 - 'form[qq_10]' Cross-Site Scripting
WUZHI CMS 4.1.0 - 'tag[pinyin]' Cross-Site Scripting
2018-05-14 05:01:48 +00:00
Offensive Security
635ec84504
DB: 2018-05-09
...
5 changes to exploits/shellcodes
2345 Security Guard 3.7 - Denial of Service
FTPShell Client 6.7 - Buffer Overflow
Palo Alto Networks - readSessionVarsFromFile() Session Corruption (Metasploit)
PlaySMS - import.php Authenticated CSV File Upload Code Execution (Metasploit)
PlaySMS 1.4 - sendfromfile.php Authenticated _Filename_ Field Code Execution (Metasploit)
Linux/x86 - execve(/bin/sh) NOT Encoded Shellcode (27 bytes)
Linux/x86 - execve(/bin/sh) + NOT Encoded Shellcode (27 bytes)
2018-05-09 05:01:46 +00:00
Offensive Security
813a3efbb5
DB: 2018-05-04
...
20 changes to exploits/shellcodes
Allok QuickTime to AVI MPEG DVD Converter 3.6.1217 - Buffer Overflow
Jnes 1.0.2 - Stack Buffer Overflow
Socusoft Photo 2 Video Converter 8.0.0 - Local Buffer Overflow
netek 0.8.2 - Denial of Service
Cisco Smart Install - Crash (PoC)
Schneider Electric InduSoft Web Studio and InTouch Machine Edition - Denial of Service
Linux Kernel < 4.17-rc1 - 'AF_LLC' Double Free
Linux Kernel 2.6.32 < 3.x.x (CentOS) - 'PERF_EVENTS' Local Privilege Escalation (1)
Linux Kernel 2.6.32 < 3.x (CentOS 5/6) - 'PERF_EVENTS' Local Privilege Escalation (1)
Adobe Reader PDF - Client Side Request Injection
Windows - Local Privilege Escalation
Apache Struts Jakarta - Multipart Parser OGNL Injection (Metasploit)
Apache Struts 2.3.5 < 2.3.31 / 2.5 < 2.5.10 - 'Jakarta' Multipart Parser OGNL Injection (Metasploit)
Adobe Flash < 28.0.0.161 - Use-After-Free
Norton Core Secure WiFi Router - 'BLE' Command Injection (PoC)
GPON Routers - Authentication Bypass / Command Injection
TBK DVR4104 / DVR4216 - Credentials Leak
Call of Duty Modern Warefare 2 - Buffer Overflow
Squirrelcart 1.x.x - 'cart.php' Remote File Inclusion
Squirrelcart 1.x - 'cart.php' Remote File Inclusion
Infinity 2.x.x - options[style_dir] Local File Disclosure
Infinity 2.x - 'options[style_dir]' Local File Disclosure
PHP-Nuke 8.x.x - Blind SQL Injection
PHP-Nuke 8.x - Blind SQL Injection
WHMCompleteSolution (WHMCS) 3.x.x < 4.0.x - 'cart.php' Local File Disclosure
WHMCompleteSolution (WHMCS) 3.x < 4.0.x - 'cart.php' Local File Disclosure
WHMCompleteSolution (WHMCS) 3.x.x - 'clientarea.php' Local File Disclosure
WHMCompleteSolution (WHMCS) 3.x - 'clientarea.php' Local File Disclosure
Ajax Availability Calendar 3.x.x - Multiple Vulnerabilities
Ajax Availability Calendar 3.x - Multiple Vulnerabilities
vBulletin vBSEO 4.x.x - 'visitormessage.php' Remote Code Injection
vBulletin vBSEO 4.x - 'visitormessage.php' Remote Code Injection
WordPress Theme Photocrati 4.x.x - SQL Injection / Cross-Site Scripting
WordPress Theme Photocrati 4.x - SQL Injection / Cross-Site Scripting
Subrion 3.X.x - Multiple Vulnerabilities
Subrion 3.x - Multiple Vulnerabilities
Ciuis CRM 1.0.7 - SQL Injection
LifeSize ClearSea 3.1.4 - Directory Traversal
WordPress Plugin Activity Log 2.4.0 - Cross-Site Scripting
DLINK DCS-5020L - Remote Code Execution (PoC)
Apache Struts2 2.0.0 < 2.3.15 - Prefixed Parameters OGNL Injection
2018-05-04 05:01:47 +00:00
Offensive Security
b1f00227f1
DB: 2018-04-27
...
12 changes to exploits/shellcodes
Free Download Manager 2.0 Built 417 - Local Buffer Overflow (SEH)
Allok AVI to DVD SVCD VCD Converter 4.0.1217 - Buffer Overflow (SEH)
Eudora Qualcomm WorldMail 9.0.333.0 - IMAPd Service UID Buffer Overflow
Shopy Point of Sale v1.0 - CSV Injection
Shopy Point of Sale 1.0 - CSV Injection
Drupal < 7.58 - 'drupalgeddon3' Authenticated Remote Code Execution (PoC)
Blog Master Pro v1.0 - CSV Injection
HRSALE The Ultimate HRM v1.0.2 - CSV Injection
HRSALE The Ultimate HRM v1.0.2 - 'award_id' SQL Injection
Blog Master Pro 1.0 - CSV Injection
HRSALE The Ultimate HRM 1.0.2 - CSV Injection
HRSALE The Ultimate HRM 1.0.2 - 'award_id' SQL Injection
HRSALE The Ultimate HRM v1.0.2 - Local File Inclusion
HRSALE The Ultimate HRM 1.0.2 - Local File Inclusion
Jfrog Artifactory < 4.16 - Unauthenticated Arbitrary File Upload / Remote Command Execution
WordPress Plugin WP with Spritz 1.0 - Remote File Inclusion
SickRage < v2018.03.09 - Clear-Text Credentials HTTP Response
October CMS User Plugin 1.4.5 - Persistent Cross-Site Scripting
MyBB Threads to Link Plugin 1.3 - Cross-Site Scripting
GitList 0.6 - Unauthenticated Remote Code Execution
TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Unauthenticated Remote Reboot
Frog CMS 0.9.5 - Persistent Cross-Site Scripting
2018-04-27 05:01:49 +00:00
Offensive Security
c249d94cb7
DB: 2018-04-25
...
28 changes to exploits/shellcodes
gif2apng 1.9 - '.gif' Stack Buffer Overflow
VLC Media Player/Kodi/PopcornTime 'Red Chimera' < 2.2.5 - Memory Corruption (PoC)
Kaspersky KSN for Linux 5.2 - Memory Corruption
Microsoft (Win 10) Internet Explorer 11.371.16299.0 - Denial Of Service
Adobe Flash - Overflow when Playing Sound
Adobe Flash - Overflow in Slab Rendering
Adobe Flash - Info Leak in Image Inflation
Adobe Flash - Out-of-Bounds Write in blur Filtering
Chrome V8 JIT - 'NodeProperties::InferReceiverMaps' Type Confusion
R 3.4.4 - Local Buffer Overflow
Allok Video to DVD Burner 2.6.1217 - Buffer Overflow (SEH)
lastore-daemon D-Bus - Privilege Escalation (Metasploit)
Easy File Sharing Web Server 7.2 - 'UserID' Remote Buffer Overflow (DEP Bypass)
ASUS infosvr - Auth Bypass Command Execution (Metasploit)
UK Cookie Consent - Persistent Cross-Site Scripting
WUZHI CMS 4.1.0 - Cross-Site Request Forgery
Open-AudIT 2.1 - CSV Macro Injection
Monstra CMS 3.0.4 - Arbitrary Folder Deletion
Interspire Email Marketer < 6.1.6 - Remote Admin Authentication Bypass
Ericsson-LG iPECS NMS A.1Ac - Cleartext Credential Disclosure
WordPress Plugin Woo Import Export 1.0 - Arbitrary File Deletion
WSO2 Carbon / WSO2 Dashboard Server 5.3.0 - Persistent Cross-Site Scripting
Linux/x86 - Bind TCP (1337/TCP) Shell + Null-Free Shellcode (92 bytes)
Linux/x86 - Edit /etc/sudoers with NOPASSWD for ALL Shellcode
Linux/x86 - Reverse TCP (5555/TCP) Shellcode - (73 Bytes)
Linux/x86 - chmod 4755 /bin/dash Shellcode (33 bytes)
Linux/x86 - cp /bin/sh /tmp/sh; chmod +s /tmp/sh Shellcode (74 bytes)
Linux/x86 - execve /bin/sh Shellcode Encoded with ROT-13 + RShift-2 + XOR Encoded (44 bytes)
2018-04-25 05:01:39 +00:00
Offensive Security
e8f4ef9188
DB: 2018-04-19
...
14 changes to exploits/shellcodes
PDFunite 0.41.0 - '.pdf' Local Buffer Overflow
RSVG 2.40.13 / 2.42.2 - '.svg' Buffer Overflow
VX Search 10.6.18 - 'directory' Local Buffer Overflow
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (Metasploit)
Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (Metasploit)
Easy File Sharing Web Server 7.2 - Stack Buffer Overflow
Coship RT3052 Wireless Router - Persistent Cross-Site Scripting
Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution
MySQL Squid Access Report 2.1.4 - SQL Injection / Cross-Site Scripting
Rvsitebuilder CMS - Database Backup Download
Match Clone Script 1.0.4 - Cross-Site Scripting
Kodi 17.6 - Persistent Cross-Site Scripting
Lutron Quantum 2.0 - 3.2.243 - Information Disclosure
WordPress Plugin Caldera Forms 1.5.9.1 - Cross-Site Scripting
Joomla! Component JS Jobs 1.2.0 - Cross-Site Request Forgery
Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities
2018-04-19 05:01:48 +00:00
Offensive Security
bef325a736
DB: 2018-04-14
...
9 changes to exploits/shellcodes
GNU Beep 1.3 - 'HoleyBeep' Local Privilege Escalation
Microsoft Credential Security Support Provider - Remote Code Execution
WordPress Plugin Shopping Cart 3.0.4 - Unrestricted Arbitrary File Upload
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)
MikroTik 6.41.4 - FTP daemon Denial of Service PoC
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution
2018-04-14 05:01:49 +00:00
Offensive Security
a13c4ea572
DB: 2018-03-31
...
23 changes to exploits/shellcodes
SysGauge 4.5.18 - Local Denial of Service
Systematic SitAware - NVG Denial of Service
Allok AVI DivX MPEG to DVD Converter 2.6.1217 - Buffer Overflow (SEH)
Allok Video Joiner 4.6.1217 - Stack-Based Buffer Overflow
Allok WMV to AVI MPEG DVD WMV Converter 4.6.1217 - Buffer Overflow
Faleemi Windows Desktop Software - (DDNS/IP) Local Buffer Overflow
Advantech WebAccess < 8.1 - webvrpcs DrawSrv.dll Path BwBuildPath Stack-Based Buffer Overflow
osTicket 1.10 - SQL Injection
osTicket 1.10 - SQL Injection (PoC)
Open-AuditIT Professional 2.1 - Cross-Site Request Forgery
Homematic CCU2 2.29.23 - Arbitrary File Write
MiniCMS 1.10 - Cross-Site Request Forgery
WordPress Plugin Relevanssi 4.0.4 - Reflected Cross-Site Scripting
WordPress Plugin Contact Form 7 to Database Extension 2.10.32 - CSV Injection
Homematic CCU2 2.29.23 - Remote Command Execution
Joomla! Component Acymailing Starter 5.9.5 - CSV Macro Injection
Joomla! Component AcySMS 3.5.0 - CSV Macro Injection
WordPress Plugin WP Security Audit Log 3.1.1 - Sensitive Information Disclosure
Tenda W308R v2 Wireless Router 5.07.48 - Cookie Session Weakness Remote DNS Change
osCommerce 2.3.4.1 - Remote Code Execution
Tenda W316R Wireless Router 5.07.50 - Remote DNS Change
D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router - Authentication Bypass
Tenda FH303/A300 Firmware V5.07.68_EN - Remote DNS Change
Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload (Metasploit)
Tenda W3002R/A302/w309r Wireless Router V5.07.64_en - Remote DNS Change (PoC)
2018-03-31 05:01:49 +00:00
Offensive Security
4a4b338844
DB: 2018-03-30
...
8 changes to exploits/shellcodes
GitStack - Unsanitized Argument Remote Code Execution (Metasploit)
Exodus Wallet (ElectronJS Framework) - Remote Code Execution (Metasploit)
Drupal 7.0 < 7.31 - SQL Injection (1)
Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (PoC) (Reset Password) (1)
Drupal 7.0 < 7.31 - SQL Injection (2)
Drupal 7.32 - SQL Injection (PHP)
Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Add Admin User)
Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (PoC) (Reset Password) (2)
Drupal < 7.32 - Unauthenticated SQL Injection
Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Remote Code Execution)
Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Admin Session)
Joomla Component Fields - SQLi Remote Code Execution (Metasploit)
2018-03-30 05:01:51 +00:00
Offensive Security
285f79e70e
DB: 2018-03-27
...
4 changes to exploits/shellcodes
Crashmail 1.6 - Stack-Based Buffer Overflow ( ROP execve )
Crashmail 1.6 - Stack-Based Buffer Overflow (ROP)
Fast AVI MPEG Splitter 1.2 - Stack-Based Buffer Overflow
LabF nfsAxe 3.7 - Privilege Escalation
Acrolinx Server < 5.2.5 - Directory Traversal
Hikvision IP Camera versions 5.2.0 - 5.3.9 (Builds 140721 - 170109) - Access Control Bypass
Hikvision IP Camera versions 5.2.0 - 5.3.9 (Builds 140721 < 170109) - Access Control Bypass
Laravel Log Viewer < 0.13.0 - Local File Download
Linux/x86 - EggHunter Shellcode (11 Bytes)
Linux/x86 - EggHunter + Null-Free Shellcode (11 Bytes)
2018-03-27 05:01:50 +00:00
Offensive Security
b0fc7bfd43
DB: 2018-03-17
...
6 changes to exploits/shellcodes
Android DRM Services - Buffer Overflow
MikroTik RouterOS < 6.41.3/6.42rc27 - SMB Buffer Overflow
SAP NetWeaver AS JAVA CRM - Log injection Remote Command Execution
Firefox 46.0.1 - ASM.JS JIT-Spray Remote Code Execution
Firefox 44.0.2 - ASM.JS JIT-Spray Remote Code Execution
Spring Data REST < 2.6.9 (Ingalls SR9)_ 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution
Spring Data REST < 2.6.9 (Ingalls SR9) / 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution
Contec Smart Home 4.15 - Unauthorized Password Reset
2018-03-17 05:01:46 +00:00
Offensive Security
3f6d16d5c3
DB: 2018-03-13
...
8 changes to exploits/shellcodes
Sony Playstation 4 (PS4) 1.76 - 'dlclose' Linux Loader
Sony Playstation 4 (PS4) 1.76 - 'dlclose' Linux Kernel Loader
SC 7.16 - Stack-Based Buffer Overflow
DEWESoft X3 SP1 (64-bit) - Remote Command Execution
Eclipse Equinoxe OSGi Console - Command Execution (Metasploit)
ManageEngine Applications Manager 13.5 - Remote Code Execution (Metasploit)
Prisma Industriale Checkweigher PrismaWEB 1.21 - Hard-Coded Credentials
TextPattern 4.6.2 - 'qty' SQL Injection
Advantech WebAccess < 8.3 - Directory Traversal / Remote Code Execution
ACL Analytics 11.X - 13.0.0.579 - Arbitrary Code Execution
2018-03-13 05:01:46 +00:00
Offensive Security
ba1d29bdd6
DB: 2018-03-03
...
13 changes to exploits/shellcodes
SEGGER embOS/IP FTP Server 3.22 - Denial of Service
DualDesk 20 - 'Proxy.exe' Denial of Service
Apple iOS - '.pdf' Local Privilege Escalation / Jailbreak
Apple iOS - '.pdf' Local Privilege Escalation 'Jailbreak'
Foxit Reader 4.0 - '.pdf' Multiple Stack Based Buffer Overflow / Jailbreak
Foxit Reader 4.0 - '.pdf' Multiple Stack Based Buffer Overflow 'Jailbreak'
ASX to MP3 Converter 1.82.50 - '.asx' Local Stack Overflow
ASX to MP3 Converter 1.82.50 (Windows XP SP3) - '.asx' Local Stack Overflow
Sony Playstation 4 (PS4) 4.05 - Jailbreak (WebKit / 'namedobj ' Kernel Loader)
Sony Playstation 4 (PS4) 4.05 - 'Jailbreak' WebKit / 'namedobj ' Kernel Loader
IrfanView 4.44 Email Plugin - Buffer Overflow (SEH)
IrfanView 4.50 Email Plugin - Buffer Overflow (SEH Unicode)
Sony Playstation 3 (PS3) < 2.50 - WebKit Code Execution (PoC)
Sony Playstation 4 (PS4) < 2.50 - WebKit Code Execution (PoC)
ASX to MP3 Converter 1.82.50 (Windows 2003 x86) - '.asx' Local Stack Overflow
Apple iTouch/iPhone 1.1.1 - '.tif' Remote Privilege Escalation / Jailbreak
Apple iTouch/iPhone 1.1.1 - '.tif' Remote Privilege Escalation 'Jailbreak'
Sony Playstation 4 (PS4) 4.55 - Jailbreak (WebKit 5.01 / 'bpf' Kernel Loader 4.55)
Sony Playstation 4 (PS4) 4.55 - 'Jailbreak' WebKit 5.01 / 'bpf' Kernel Loader 4.55
TestLink Open Source Test Management < 1.9.16 - Remote Code Execution
Joomla! 3.7 - SQL Injection
Posnic Stock Management System - SQL Injection
WordPress Plugin Polls 1.2.4 - SQL Injection (PoC)
WordPress Plugin UPM-POLLS 1.0.4 - Blind SQL Injection
WordPress Plugin UPM Polls 1.0.4 - Blind SQL Injection
D-Link DIR-600M Wireless - Cross-Site Scripting
uWSGI < 2.0.17 - Directory Traversal
2018-03-03 05:01:47 +00:00
Offensive Security
5d48f0abd2
DB: 2018-02-28
...
16 changes to exploits/shellcodes
Transmission - Integer Overflows Parsing Torrent Files
Chrome V8 - 'PropertyArray' Integer Overflow
Chrome V8 - 'TranslatedState::MaterializeCapturedObjectAt' Type Confusion
Asterisk chan_pjsip 15.2.0 - 'INVITE' Denial of Service
Asterisk chan_pjsip 15.2.0 - 'SDP' Denial of Service
Asterisk chan_pjsip 15.2.0 - 'SDP fmtp' Denial of Service
Asterisk chan_pjsip 15.2.0 - 'SUBSCRIBE' Stack Corruption
Microsoft Windows Windows 8.1/2012 R2 - SMB Denial of Service
Sony Playstation 4 4.55 FW - Local Kernel
GetGo Download Manager 5.3.0.2712 - Buffer Overflow (SEH)
Schools Alert Management Script 2.0.2 - Authentication Bypass
MyBB My Arcade Plugin 1.3 - Cross-Site Scripting
Joomla! Component K2 2.8.0 - Arbitrary File Download
School Management Script 3.0.4 - Authentication Bypass
CMS Made Simple 2.1.6 - Remote Code Execution
Concrete5 < 8.3.0 - Username / Comments Enumeration
2018-02-28 05:01:52 +00:00
Offensive Security
d0ed4bb0d2
DB: 2018-02-27
...
3 changes to exploits/shellcodes
Disk Savvy Enterprise 10.4.18 - Stack-Based Buffer Overflow (Metasploit)
CloudMe Sync 1.10.9 - Stack-Based Buffer Overflow (Metasploit)
AsusWRT LAN - Unauthenticated Remote Code Execution (Metasploit)
2018-02-27 05:01:54 +00:00
Offensive Security
a4f01ec6e4
DB: 2018-02-22
...
4 changes to exploits/shellcodes
Wavpack 5.1.0 - Denial of Service
utorrent - JSON-RPC Remote Code Execution / Information Disclosure
μTorrent (uTorrent) Classic/Web - JSON-RPC Remote Code Execution / Information Disclosure
EChat Server 3.1 - 'CHAT.ghp' Buffer Overflow
Disk Savvy Enterprise 10.4.18 - Buffer Overflow (SEH)
Disk Pulse Enterprise 10.4.18 - 'Import Command' Buffer Overflow (SEH)
2018-02-22 05:01:46 +00:00
Offensive Security
e630f8c249
DB: 2018-02-16
...
45 changes to exploits/shellcodes
Cisco ASA - Crash PoC
Cisco ASA - Crash (PoC)
GNU binutils 2.26.1 - Integer Overflow (POC)
GNU binutils 2.26.1 - Integer Overflow (PoC)
K7 Total Security 15.1.0.305 - Device Driver Arbitrary Memory Read
Linux Kernel - 'AF_PACKET' Use-After-Free
Oracle Java JDK/JRE < 1.8.0.131 / Apache Xerces 2.11.0 - 'PDF/Docx' Server Side Denial of Service
Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly (2)
Microsoft Edge Chakra JIT - Memory Corruption
Microsoft Edge Chakra JIT - ImplicitCallFlags Checks Bypass
Microsoft Edge Chakra JIT - Array Type Confusion via InitProto Instructions
Microsoft Edge Chakra JIT - 'Array.prototype.reverse' Array Type Confusion
Microsoft Edge Chakra JIT - 'NewScObjectNoCtor' Array Type Confusion
Microsoft Edge Chakra JIT - 'LdThis' Type Confusion
Pdfium - Pattern Shading Integer Overflows
Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace
Chrome V8 - 'Runtime_RegExpReplace' Integer Overflow
Hotspot Shield - Information Disclosure
Linux Kernel (Ubuntu 17.04) - 'XFRM' Local Privilege Escalation
Nitro Pro PDF - Multiple Vulnerabilities
Odoo CRM 10.0 - Code Execution
Dashlane - DLL Hijacking
LightDM (Ubuntu 16.04/16.10) - Guest Account Local Privilege Escalation
LightDM (Ubuntu 16.04/16.10) - 'Guest Account' Local Privilege Escalation
Trustwave SWG 11.8.0.27 - SSH Unauthorized Access
Ichano AtHome IP Cameras - Multiple Vulnerabilities
Cisco UCS Platform Emulator 3.1(2ePE1) - Remote Code Execution
Ikraus Anti Virus 2.16.7 - Remote Code Execution
McAfee Security Scan Plus - Remote Command Execution
OrientDB - Code Execution
360 Total Security - Local Privilege Escalation
HPE Intelligent Management Center (iMC) 7.2 (E0403P10) - Code Execution
Oracle Knowledge Management 12.1.1 < 12.2.5 - XML External Entity Leading To Remote Code Execution
iBall WRA150N - Multiple Vulnerabilities
GitStack - Unauthenticated Remote Code Execution
Monstra CMS - Remote Code Execution
Ametys CMS 4.0.2 - Unauthenticated Password Reset
DblTek - Multiple Vulnerabilities
FiberHome - Directory Traversal
PHP Melody 2.7.3 - Multiple Vulnerabilities
Tiandy IP Cameras 5.56.17.120 - Sensitive Information Disclosure
Horde Groupware 5.2.21 - Unauthorized File Download
QNAP HelpDesk < 1.1.12 - SQL Injection
Hanbanggaoke IP Camera - Arbitrary Password Change
McAfee LiveSafe 16.0.3 - Man In The Middle Registry Modification Leading to Remote Command Execution
Sophos XG Firewall 16.05.4 MR-4 - Path Traversal
Cisco DPC3928 Router - Arbitrary File Disclosure
IDERA Uptime Monitor 7.8 - Multiple Vulnerabilities
Geneko Routers - Unauthenticated Path Traversal
Dasan Networks GPON ONT WiFi Router H640X versions 12.02-01121 / 2.77p1-1124 / 3.03p2-1146 - Unauthenticated Remote Code Execution
2018-02-16 05:01:50 +00:00
Offensive Security
6635886cc0
DB: 2018-02-14
...
5 changes to exploits/shellcodes
CloudMe Sync < 1.11.0 - Buffer Overflow
Advantech WebAccess 8.3.0 - Remote Code Execution
TypeSetter CMS 5.1 - 'Host' Header Injection
TypeSetter CMS 5.1 - Cross-Site Request Forgery
News Website Script 2.0.4 - 'search' SQL Injection
2018-02-14 05:01:44 +00:00
Offensive Security
2c4b08963a
DB: 2018-02-08
...
25 changes to exploits/shellcodes
QNAP NAS Devices - Heap Overflow
QNAP NVR/NAS - Buffer Overflow (PoC)
QNAP NVR/NAS Devices - Buffer Overflow (PoC)
Cisco ASA - Crash PoC
Asterisk 13.17.2 - 'chan_skinny' Remote Memory Corruption
Android - 'getpidcon' Permission Bypass in KeyStore Service
Multiple OEM - 'nsd' Remote Stack Format String (PoC)
HP-UX 11.0 - pppd Stack Buffer Overflow
HP-UX 11.0 - 'pppd' Local Stack Buffer Overflow
SGI IRIX - 'LsD' Multiple Buffer Overflows
SGI IRIX - 'LsD' Multiple Local Buffer Overflows
PostScript Utilities - 'psnup' Argument Buffer Overflow
PostScript Utilities - 'psnup' Local Buffer Overflow
Open Cubic Player 2.6.0pre6/0.1.10_rc5 - Multiple Buffer Overflows
Open Cubic Player 2.6.0pre6/0.1.10_rc5 - Multiple Local Buffer Overflows
MalwareFox AntiMalware 2.74.0.150 - Privilege Escalation
Geovision Inc. IP Camera/Video/Access Control - Multiple Remote Command Execution / Stack Overflow / Double Free / Unauthorized Access
Geovision Inc. IP Camera & Video - Remote Command Execution
Axis SSI - Remote Command Execution / Read Files
Axis Communications MPQT/PACS - Heap Overflow / Information Leakage
Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code Execution
Herospeed - 'TelnetSwitch' Remote Stack Overflow / Overwrite Password / Enable TelnetD
Uniview - Remote Command Execution / Export Config (PoC)
Vitek - Remote Command Execution / Information Disclosure (PoC)
Vivotek IP Cameras - Remote Stack Overflow (PoC)
Dahua Generation 2/3 - Backdoor Access
HiSilicon DVR Devices - Remote Code Execution
JiRos Banner Experience 1.0 - Unauthorised Create Admin
JiRos Banner Experience 1.0 - Unauthorized Create Admin
Doctor Search Script 1.0.2 - Persistent Cross-Site Scripting
Multilanguage Real Estate MLM Script - Persistent Cross-Site Scripting
Naukri Clone Script - Persistent Cross-Site Scripting
Hot Scripts Clone Script Classified - Persistent Cross-Site Scripting
Online Test Script 2.0.7 - 'cid' SQL Injection
Entrepreneur Dating Script 2.0.2 - Authentication Bypass
2018-02-08 05:01:53 +00:00
Offensive Security
efd633079a
DB: 2018-02-06
...
19 changes to exploits/shellcodes
WordPress Core - 'load-scripts.php' Denial of Service
Sync Breeze Enterprise 10.0.28 - Remote Buffer Overflow (PoC)
Claymore Dual GPU Miner 10.5 - Format String
Apport/ABRT - 'chroot' Local Privilege Escalation (Metasploit)
MalwareFox AntiMalware 2.74.0.150 - Privilege Escalation
BOCHS 2.6-5 - Buffer Overflow
Windows - 'EternalRomance'/'EternalSynergy'/'EternalChampion' SMB Remote Code Execution (Metasploit) (MS17-010)
Wonder CMS 2.3.1 - Unrestricted File Upload
Wonder CMS 2.3.1 - 'Host' Header Injection
Matrimonial Website Script 2.1.6 - 'uid' SQL Injection
NixCMS 1.0 - 'category_id' SQL Injection
Online Voting System - Authentication Bypass
Joomla! Component Zh BaiduMap 3.0.0.1 - SQL Injection
Joomla! Component Zh YandexMap 6.2.1.0 - 'id' SQL Injection
Joomla! Component Zh GoogleMap 8.4.0.0 - SQL Injection
Joomla! Component jLike 1.0 - Information Leak
Joomla! Component JSP Tickets 1.1 - SQL Injection
Student Profile Management System Script 2.0.6 - Authentication Bypass
Netis WF2419 Router - Cross-Site Scripting
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (136 bytes)
2018-02-06 05:01:50 +00:00
Offensive Security
c502d37394
DB: 2018-02-02
...
4 changes to exploits/shellcodes
WebKit - 'detachWrapper' Use-After-Free
WebKit - 'WebCore::FrameView::clientToLayoutViewportPoint' Use-After-Free
Sync Breeze Enterprise 10.4.18 - Remote Buffer Overflow (SEH)
BMC Server Automation RSCD Agent - NSH Remote Command Execution (Metasploit)
2018-02-02 05:01:51 +00:00
