Offensive Security
|
d12dffd438
|
DB: 2018-02-03
21 changes to exploits/shellcodes
Microsoft Windows Subsystem for Linux - 'execve()' Local Privilege Escalation
Joomla! Component JEXTN Membership 3.1.0 - 'usr_plan' SQL Injection
Event Manager 1.0 - SQL Injection
Fancy Clone Script - 'search_browse_product' SQL Injection
Real Estate Custom Script - 'route' SQL Injection
Advance Loan Management System - 'id' SQL Injection
IPSwitch MOVEit 8.1 < 9.4 - Cross-Site Scripting
Joomla! Component JE PayperVideo 3.0.0 - 'usr_plan' SQL Injection
Joomla! Component JEXTN Reverse Auction 3.1.0 - SQL Injection
Joomla! Component JEXTN Classified 1.0.0 - 'sid' SQL Injection
Joomla! Component Jimtawl 2.1.6 - Arbitrary File Upload
Joomla! Component JMS Music 1.1.1 - SQL Injection
Oracle Hospitality Simphony (MICROS) 2.7 < 2.9 - Directory Traversal
FiberHome AN5506 - Unauthenticated Remote DNS Change
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (136 bytes)
Linux/x64 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (104 bytes)
Linux/x64 - Egghunter (0xbeefbeef) Shellcode (34 bytes)
Linux/x64 - Custom Encoded XOR + execve(/bin/sh) Shellcode
Linux/x64 - Custom Encoded XOR + Polymorphic + execve(/bin/sh) Shellcode (Generator)
Linux/x64 - Twofish Encoded + DNS (CNAME) Password + execve(/bin/sh) Shellcode
|
2018-02-03 05:01:48 +00:00 |
|
Offensive Security
|
bd1b51b595
|
DB: 2018-01-27
9 changes to exploits/shellcodes
RAVPower 2.000.056 - Memory Disclosure
Acunetix WVS 10 - Local Privilege Escalation
NoMachine 5.3.9 - Local Privilege Escalation
Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (1)
Acunetix WVS 10 - Remote Command Execution
Exodus Wallet (ElectronJS Framework) - Remote Code Execution
BMC BladeLogic 8.3.00.64 - Remote Command Execution
Vodafone Mobile Wifi - Reset Admin Password
Rejetto HTTP File Server (HFS) 2.3a/2.3b/2.3c - Remote Command Execution
ASUS DSL-N14U B1 Router 1.1.2.3_345 - Change Administrator Password
Telerik UI for ASP.NET AJAX 2012.3.1308 < 2017.1.118 - Encryption Keys Disclosure
Telerik UI for ASP.NET AJAX 2012.3.1308 < 2017.1.118 - Arbitrary File Upload
Dodocool DC38 N300 - Cross-site Request Forgery
WordPress Plugin Learning Management System - 'course_id' SQL Injection
Linux/x86 - Disable ASLR Security + Obfuscated Shellcode (23 bytes)
|
2018-01-27 05:01:58 +00:00 |
|
Offensive Security
|
267f841bd8
|
DB: 2017-12-28
9 changes to exploits/shellcodes
Telesquare SKT LTE Router SDT-CS3B1 - Denial of Service
SysGauge Server 3.6.18 - Denial of Service
ALLMediaServer 0.95 - Buffer Overflow
Sony Playstation 4 4.05 FW - Local Kernel Loader
Xerox DC260 EFI Fiery Controller Webtools 2.0 - Arbitrary File Disclosure
Easy!Appointments 1.2.1 - Cross-Site Scripting
Telesquare SKT LTE Router SDT-CS3B1 - Cross-Site Request Forgery
Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure
DotNetNuke DreamSlider 01.01.02 - Arbitrary File Download
|
2017-12-28 05:02:19 +00:00 |
|
Offensive Security
|
d304cc3d3e
|
DB: 2017-11-24
116602 new exploits
Too many to list!
|
2017-11-24 20:56:23 +00:00 |
|