bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1078 commits 1 branch 0 tags 351 MiB
Commit graph

22 commits

Author SHA1 Message Date
Offensive Security
eddddf7aa8 DB: 2016-12-15 
5 new exploits

Microsoft Internet Explorer 9 IEFRAME - CSelection­Interact­Button­Behavior::_Update­Button­Location Use-After-Free (MS13-047)
Microsoft Internet Explorer 9 - IEFRAME CSelection­Interact­Button­Behavior::_Update­Button­Location Use-After-Free (MS13-047)

Poppler 0.10.3 - Multiple Denial of Service Vulnerabilities
Poppler 0.10.3 - Denial of Service

Samsung Devices KNOX Extensions - OTP Service Heap Overflow

Serva 3.0.0 HTTP Server - Denial of Service
Serva 3.0.0 - HTTP Server Denial of Service
TP-LINK TD-W8151N - Denial of Service
Samsung Devices KNOX Extensions - OTP TrustZone Trustlet Stack Buffer Overflow

CMailServer 5.4.6 - 'CMailCOM.dll' Remote Overwrite (SEH)
Youngzsoft CMailServer 5.4.6 - 'CMailCOM.dll' Remote Overwrite (SEH)
Trixbox - (langChoice) Local File Inclusion (connect-back) (2)
Trixbox 2.6.1 - (langChoice) Remote Code Execution (Python)
Fonality trixbox - 'langChoice' Parameter Local File Inclusion (connect-back) (2)
Fonality trixbox 2.6.1 - 'langChoice' Parameter Remote Code Execution (Python)
Youngzsoft 3.30/4.0 CMailServer - Buffer Overflow (1)
Youngzsoft 3.30/4.0 CMailServer - Buffer Overflow (2)
Youngzsoft CMailServer 3.30/4.0 - Buffer Overflow (1)
Youngzsoft CMailServer 3.30/4.0 - Buffer Overflow (2)

Joomla! Component 'com_contenthistory' - SQL Injection / Remote Code Execution (Metasploit)
Joomla! 3.4.4 Component Content History - SQL Injection / Remote Code Execution (Metasploit)

McAfee Virus Scan Enterprise for Linux - Remote Code Execution

BrewBlogger 1.3.1 - (printLog.php) SQL Injection
BrewBlogger 1.3.1 - 'printLog.php' SQL Injection

ContentNow 1.30 - (Local File Inclusion / Arbitrary File Upload / Delete) Multiple Vulnerabilities
ContentNow 1.30 - Local File Inclusion / Arbitrary File Upload/Delete

ContentNow 1.30 - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities
ContentNow 1.30 - Arbitrary File Upload / Cross-Site Scripting

ContentNow 1.39 - (pageid) SQL Injection
ContentNow 1.39 - 'pageid' Parameter SQL Injection

Maian Recipe 1.0 - (path_to_folder) Remote File Inclusion
Maian Recipe 1.0 - 'path_to_folder' Parameter Remote File Inclusion

Sisplet CMS 05.10 - (site_path) Remote File Inclusion
Sisplet CMS 05.10 - 'site_path' Parameter Remote File Inclusion
Sisplet CMS - 'index.php id' 2008-01-24 SQL Injection
VanGogh Web CMS 0.9 - (article_ID) SQL Injection
Sisplet CMS 2008-01-24 - 'id' Parameter SQL Injection
VanGogh Web CMS 0.9 - 'article_ID' Parameter SQL Injection
Efestech Shop 2.0 - 'cat_id' SQL Injection
plx Ad Trader 3.2 - (adid) SQL Injection
Joomla! Component versioning 1.0.2 - 'id' SQL Injection
Joomla! Component mygallery - 'cid' SQL Injection
XchangeBoard 1.70 - (boardID) SQL Injection
CMS little 0.0.1 - (index.php template) Local File Inclusion
Joomla! Component com_brightweblinks - 'catid' SQL Injection
Efestech Shop 2.0 - 'cat_id' Parameter SQL Injection
plx Ad Trader 3.2 - 'adid' Parameter SQL Injection
Joomla! Component versioning 1.0.2 - 'id' Parameter SQL Injection
Joomla! Component mygallery - 'cid' Parameter SQL Injection
XchangeBoard 1.70 - 'boardID' Parameter SQL Injection
CMS little 0.0.1 - 'template' Parameter Local File Inclusion
Joomla! Component Brightcode Weblinks - 'catid' Parameter SQL Injection

phPortal 1.2 - Multiple Remote File Inclusions
PHPortal 1.2 - Multiple Remote File Inclusions
phpWebNews 0.2 MySQL Edition - (id_kat) SQL Injection
phpWebNews 0.2 MySQL Edition - (det) SQL Injection
pHNews CMS - Multiple Local File Inclusion
PHPwebnews 0.2 MySQL Edition - 'id_kat' Parameter SQL Injection
PHPwebnews 0.2 MySQL Edition - 'det' Parameter SQL Injection
pHNews CMS Alpha 1 - Local File Inclusion

Kasseler CMS 1.3.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Kasseler CMS 1.3.0 - Local File Inclusion / Cross-Site Scripting
XPOZE Pro 3.06 - 'uid' SQL Injection
ContentNow 1.4.1 - (Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities
SmartPPC Pay Per Click Script - '&idDirectory=' Blind SQL Injection (1)
XPOZE Pro 3.06 - 'uid' Parameter SQL Injection
ContentNow 1.4.1 - Arbitrary File Upload / Cross-Site Scripting
SmartPPC Pay Per Click Script - 'idDirectory' Blind SQL Injection (1)
Fuzzylime CMS 3.01a - (file) Local File Inclusion
Triton CMS Pro - (x-forwarded-for) Blind SQL Injection
Neutrino 0.8.4 Atomic Edition - Remote Code Execution
SmartPPC Pay Per Click Script - '&idDirectory=' Blind SQL Injection (2)
Fuzzylime CMS 3.01a - 'file' Parameter Local File Inclusion
Triton CMS Pro 1.06 - 'x-forwarded-for' Blind SQL Injection
QNX Neutrino 0.8.4 Atomic Edition - Remote Code Execution
SmartPPC Pay Per Click Script - 'idDirectory' Blind SQL Injection (2)

Joomla! Component com_content 1.0.0 - 'itemID' SQL Injection
Joomla! Component Content 1.0.0 - 'itemID' Parameter SQL Injection

BoonEx Ray 3.5 - (sIncPath) Remote File Inclusion
BoonEx Ray 3.5 - 'sIncPath' Parameter Remote File Inclusion
DreamPics Builder - (page) SQL Injection
DreamNews Manager - 'id' SQL Injection
gapicms 9.0.2 - (dirDepth) Remote File Inclusion
phpDatingClub - 'website.php' Local File Inclusion
DreamPics Builder - 'page' Parameter SQL Injection
DreamNews Manager - 'id' Parameter SQL Injection
gapicms 9.0.2 - 'dirDepth' Parameter Remote File Inclusion
phpDatingClub 3.7 - 'website.php' Local File Inclusion

Million Pixels 3 - (id_cat) SQL Injection
Million Pixels 3 - 'id_cat' Parameter SQL Injection
Fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution (PHP)
Fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution (Perl)
Fuzzylime CMS 3.01 - 'poll' Parameter Remote Code Execution (PHP)
Fuzzylime CMS 3.01 - 'poll' Parameter Remote Code Execution (Perl)
WebCMS Portal Edition - 'id' SQL Injection
jsite 1.0 oe - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities
Avlc Forum - 'vlc_forum.php id' SQL Injection
Fuzzylime CMS 3.01 - (commrss.php) Remote Code Execution
WebCMS Portal Edition - 'id' Parameter SQL Injection
jsite 1.0 oe - SQL Injection / Local File Inclusion
Avlc Forum - 'vlc_forum.php' SQL Injection
Fuzzylime CMS 3.01 - 'commrss.php' Remote Code Execution

Ultrastats 0.2.142 - (players-detail.php) Blind SQL Injection
Ultrastats 0.2.142 - 'players-detail.php' Blind SQL Injection

CodeDB - 'list.php lang' Local File Inclusion
CodeDB 1.1.1 - 'list.php' Local File Inclusion

Pluck 4.5.1 - (blogpost) Local File Inclusion (win only)
Pluck CMS 4.5.1 - 'blogpost' Parameter Local File Inclusion (win only)
Pragyan CMS 2.6.2 - (sourceFolder) Remote File Inclusion
Comdev Web Blogger 4.1.3 - (arcmonth) SQL Injection
Pragyan CMS 2.6.2 - 'sourceFolder' Parameter Remote File Inclusion
Comdev Web Blogger 4.1.3 - 'arcmonth' Parameter SQL Injection

phpWebNews 0.2 MySQL Edition - (SQL) Insecure Cookie Handling
PHPwebnews 0.2 MySQL Edition - (SQL) Insecure Cookie Handling

WebCMS Portal Edition - 'index.php id' Blind SQL Injection
WebCMS Portal Edition - 'id' Parameter Blind SQL Injection

Pluck 4.5.3 - (update.php) Remote File Corruption Exploit
Pluck CMS 4.5.3 - 'update.php' Remote File Corruption Exploit

Ultrastats 0.2.144/0.3.11 - (index.php serverid) SQL Injection
Ultrastats 0.2.144/0.3.11 - 'serverid' Parameter SQL Injection

Pluck CMS 4.5.3 - (g_pcltar_lib_dir) Local File Inclusion
Pluck CMS 4.5.3 - 'g_pcltar_lib_dir' Parameter Local File Inclusion

Fuzzylime CMS 3.03 - (track.php p) Local File Inclusion
Fuzzylime CMS 3.03 - 'track.php' Local File Inclusion

CMS little 0.0.1 - (index.php term) SQL Injection
CMS little 0.0.1 - 'term' Parameter SQL Injection

SHOP-INET 4 - 'show_cat2.php grid' SQL Injection
SHOP-INET 4 - 'grid' Parameter SQL Injection

Pluck CMS 4.6.1 - (module_pages_site.php post) Local File Inclusion
Pluck CMS 4.6.1 - 'module_pages_site.php' Local File Inclusion

Joomla! Component Maian Music 1.2.1 - (category) SQL Injection
Joomla! Component Maian Music 1.2.1 - 'category' Parameter SQL Injection

Pluck 4.6.2 - (langpref) Local File Inclusion
Pluck CMS 4.6.2 - 'langpref' Parameter Local File Inclusion

phportal 1.0 - Insecure Cookie Handling
PHPortal 1.0 - Insecure Cookie Handling

Kasseler CMS - (File Disclosure / Cross-Site Scripting) Multiple Vulnerabilities
Kasseler CMS - File Disclosure / Cross-Site Scripting

DreamPics Builder - (exhibition_id) SQL Injection
DreamPics Builder - 'exhibition_id' Parameter SQL Injection

Trixbox 2.2.4 - PhonecDirectory.php SQL Injection
Fonality trixbox 2.2.4 - 'PhonecDirectory.php' SQL Injection

Kasseler CMS 1.4.x lite - (Module Jokes) SQL Injection
Kasseler CMS 1.4.x lite Module Jokes - SQL Injection

PHPortal_1.2 - (gunaysoft.php) Remote File Inclusion
PHPortal 1.2 - 'gunaysoft.php' Remote File Inclusion

Trixbox CE 2.6.1 - langChoice PHP Local File Inclusion (Metasploit)
Fonality trixbox CE 2.6.1 - 'langChoice' Parameter Local File Inclusion (Metasploit)

maian weblog 4.0 - Blind SQL Injection
Maian Weblog 4.0 - Blind SQL Injection

brewblogger 2.3.2 - Multiple Vulnerabilities
BrewBlogger 2.3.2 - Multiple Vulnerabilities
Maian Weblog 2.0 - print.php Multiple Parameter SQL Injection
Maian Weblog 2.0 - mail.php Multiple Parameter SQL Injection
Maian Weblog 2.0 - 'print.php' SQL Injection
Maian Weblog 2.0 - 'mail.php' SQL Injection
PHPwebnews 0.1 - iklan.php m_txt Parameter Cross-Site Scripting
PHPwebnews 0.1 - 'index.php' m_txt Parameter Cross-Site Scripting
PHPwebnews 0.1 - bukutamu.php m_txt Parameter Cross-Site Scripting
PHPwebnews 0.1 - 'iklan.php' Cross-Site Scripting
PHPwebnews 0.1 - 'index.php' Cross-Site Scripting
PHPwebnews 0.1 - 'bukutamu.php' Cross-Site Scripting

Joomla! Component com_content 1.5 RC3 - 'index.php' view Parameter SQL Injection
Joomla! Component Content 1.5 RC3 - 'view' Parameter SQL Injection
Trixbox 2.4.2 - user/index.php Query String Cross-Site Scripting
Trixbox 2.4.2 - maint/index.php Query String Cross-Site Scripting
Fonality trixbox 2.4.2 - Cross-Site Scripting

Pluck 4.5.2 - Multiple Cross-Site Scripting Vulnerabilities
Pluck CMS 4.5.2 - Multiple Cross-Site Scripting Vulnerabilities

Trixbox - SQL Injection
Fonality trixbox - SQL Injection

Trixbox - 'endpoint_aastra.php mac Parameter' Remote Code Injection
Fonality trixbox - 'mac' Parameter Remote Code Injection

THELIA 1.4.2.1 - Multiple Cross-Site Scripting Vulnerabilities

Pluck 4.6.3 - 'cont1' Parameter HTML Injection
Pluck CMS 4.6.3 - 'cont1' Parameter HTML Injection

Pluck 4.7 - Multiple Local File Inclusion / File Disclosure Vulnerabilities
Pluck CMS 4.7 - Multiple Local File Inclusion / File Disclosure Vulnerabilities

Boonex Dolphin 6.1 - 'xml/get_list.php' SQL Injection
Boonex Dolphin 6.1 - 'get_list.php' SQL Injection

Joomla! Component 'com_content' - 'year' Parameter SQL Injection
Joomla! Component Content - 'year' Parameter SQL Injection

Pluck 4.7 - Directory Traversal
Pluck CMS 4.7 - Directory Traversal

SenseSites CommonSense CMS - cat2.php id Parameter SQL Injection
SenseSites CommonSense CMS - 'id' Parameter SQL Injection
Fonality trixbox - /maint/modules/endpointcfg/endpoint_generic.php mac Parameter SQL Injection
Fonality trixbox - /maint/modules/home/index.php lang Parameter Directory Traversal
Fonality trixbox - '/maint/modules/asterisk_info/asterisk_info.php' lang Parameter Directory Traversal
Fonality trixbox - /maint/modules/repo/repo.php lang Parameter Directory Traversal
Fonality trixbox - '/maint/modules/endpointcfg/endpointcfg.php' lang Directory Traversal
Fonality trixbox - /var/www/html/maint/modules/home/index.php lang Parameter Remote Code Execution
Fonality trixbox - 'endpoint_generic.php' SQL Injection
Fonality trixbox - 'index.php' Directory Traversal
Fonality trixbox - 'asterisk_info.php' Directory Traversal
Fonality trixbox - 'repo.php' Directory Traversal
Fonality trixbox - 'endpointcfg.php' Directory Traversal
Fonality trixbox - 'index.php' Remote Code Execution

Joomla! Component DT Register - 'cat' SQL Injection
 2016-12-15 05:01:19 +00:00
Offensive Security
fb1dd3709f DB: 2016-12-08 
12 new exploits

vsftpd 2.0.5 - (CWD) Authenticated Remote Memory Consumption Exploit
vsftpd 2.0.5 - 'CWD' Authenticated Remote Memory Consumption

XChat - Heap Overflow Denial of Service
XChat 2.8.9 - Heap Overflow Denial of Service

Adobe Photoshop CC & Bridge CC - '.png' File Parsing Memory Corruption (1)
Adobe Photoshop CC / Bridge CC - '.png' File Parsing Memory Corruption (1)

glibc - getaddrinfo Stack Based Buffer Overflow (1)
glibc - 'getaddrinfo' Stack Based Buffer Overflow (PoC)
Microsoft Edge - JSON.parse Info Leak
Android - IOMXNodeInstance::enableNativeBuffers Unchecked Index
Microsoft Edge - CMarkup::Ensure­Delete­CFState Use-After-Free (MS15-125)
Microsoft Internet Explorer 9 - CDoc::Execute­Script­Uri Use-After-Free (MS13-009)
Microsoft Edge - CBase­Scriptable::Private­Query­Interface Memory Corruption (MS16-068)
Windows 10 x86/x64 WLAN AutoConfig - Denial of Service (POC)

Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Privilege Escalation (1)
Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Privilege Escalation

Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation (2)
Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation

Microsoft PowerShell - XML External Entity Injection

XChat 2.8.7b - (URI Handler) Remote Code Execution (Internet Explorer 6/7'
XChat 2.8.7b - 'URI Handler' Remote Code Execution (Internet Explorer 6/7)

Android - Inter-Process munmap with User-Controlled Size in android.graphics.Bitmap

glibc - getaddrinfo Stack Based Buffer Overflow (2)
glibc - 'getaddrinfo' Stack Based Buffer Overflow

Microsoft Internet Explorer jscript9 - Java­Script­Stack­Walker Memory Corruption (MS15-056)

Linux/x86 - Netcat (-e option disabled) Reverse Shell Shellcode (180 bytes)

Gravity Board X 1.1 - (csscontent) Remote Code Execution
Gravity Board X 1.1 - 'csscontent' Parameter Remote Code Execution

Mambo Component 'com_extcalendar' 2.0 - Remote File Inclusion
Mambo Component ExtCalendar 2.0 - Remote File Inclusion

Mambo Component com_babackup 1.1 - File Inclusion
Mambo Component bigAPE-Backup 1.1 - File Inclusion

E-Smart Cart 1.0 - 'Product_ID' SQL Injection
E-Smart Cart 1.0 - 'Product_ID' Parameter SQL Injection

Joomla! / Mambo Component 'com_swmenupro' 4.0 - Remote File Inclusion
Joomla! / Mambo Component SWmenu 4.0 - Remote File Inclusion

Joomla! / Mambo Component 'com_thopper' 1.1 - Remote File Inclusion
Joomla! / Mambo Component Taskhopper 1.1 - Remote File Inclusion

Joomla! / Mambo Component 'com_articles' 1.1 - Remote File Inclusion
Joomla! / Mambo Component New Article 1.1 - Remote File Inclusion

Cartweaver - 'Details.cfm ProdID' SQL Injection
Cartweaver 2.16.11 - 'ProdID' Parameter SQL Injection

Joomla! / Mambo Component 'com_rsgallery' 2.0b5 - 'catid' SQL Injection
Joomla! / Mambo Component rsgallery 2.0b5 - 'catid' Parameter SQL Injection

xeCMS 1.x - (view.php list) Remote File Disclosure
xeCMS 1.x - 'view.php' Remote File Disclosure

Mambo Component 'com_portfolio' 1.0 - 'categoryId' SQL Injection
Mambo Component Portfolio Manager 1.0 - 'categoryId' Parameter SQL Injection

Easy-Clanpage 2.2 - 'id' SQL Injection
Easy-Clanpage 2.2 - 'id' Parameter SQL Injection
JAMM CMS - 'id' Blind SQL Injection
Gravity Board X 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
JAMM CMS - 'id' Parameter Blind SQL Injection
Gravity Board X 2.0 Beta - SQL Injection / Cross-Site Scripting
GLLCTS2 <= 4.2.4 - (login.php detail) SQL Injection
Butterfly ORGanizer 2.0.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
GLLCTS2 <= 4.2.4 - 'detail' Parameter SQL Injection
Butterfly ORGanizer 2.0.0 - SQL Injection / Cross-Site Scripting

Mambo Component 'com_galleries' 1.0 - 'aid' Parameter SQL Injection
Mambo Component Galleries 1.0 - 'aid' Parameter SQL Injection
Easy-Clanpage 3.0b1 - (section) Local File Inclusion
WebChamado 1.1 - (tsk_id) SQL Injection
Pre News Manager 1.0 - (index.php id) SQL Injection
Pre Ads Portal 2.0 - SQL Injection
Easy-Clanpage 3.0b1 - 'section' Parameter Local File Inclusion
WebChamado 1.1 - 'tsk_id' Parameter SQL Injection
Pre News Manager 1.0 - 'id' Parameter SQL Injection
Pre ADS Portal 2.0 - SQL Injection

GLLCTS2 - 'listing.php sort' Blind SQL Injection
GLLCTS2 - 'sort' Parameter Blind SQL Injection

Contenido 4.8.4 - (Remote File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Contenido 4.8.4 - Remote File Inclusion / Cross-Site Scripting
PHPMyCart - 'shop.php cat' SQL Injection
SHOUTcast Admin Panel 2.0 - (page) Local File Inclusion
Cartweaver 3 - (prodId) Blind SQL Injection
DIY - (index_topic did) Blind SQL Injection
PHPMyCart 1.3 - 'cat' Parameter SQL Injection
SHOUTcast Admin Panel 2.0 - 'page' Parameter Local File Inclusion
Cartweaver 3 - 'prodId' Parameter Blind SQL Injection
DIY - 'did' Parameter Blind SQL Injection
ezcms 1.2 - (Blind SQL Injection / Authentication Bypass) Multiple Vulnerabilities
PHPEasyNews 1.13 RC2 - (POST) SQL Injection
ezcms 1.2 - Blind SQL Injection / Authentication Bypass
PHPEasyNews 1.13 RC2 - 'POST' Parameter SQL Injection

Devalcms 1.4a - (currentfile) Local File Inclusion
Devalcms 1.4a - 'currentfile' Parameter Local File Inclusion

IPTBB 0.5.6 - (index.php act) Local File Inclusion
IPTBB 0.5.6 - 'act' Parameter Local File Inclusion

Mambo Component 'articles' - 'artid' Parameter Blind SQL Injection
Mambo Component Articles - 'artid' Parameter Blind SQL Injection

Mambo Component 'com_n-gallery' - Multiple SQL Injections
Mambo Component N-Gallery - Multiple SQL Injections

devalcms 1.4a - Cross-Site Scripting / Remote Code Execution
Devalcms 1.4a - Cross-Site Scripting / Remote Code Execution

PHP JOBWEBSITE PRO - (Authentication Bypass) SQL Injection
PHP JOBWEBSITE PRO - Authentication Bypass

Pre ADS Portal 2.0 - (Authentication Bypass / Cross-Site Scripting) Multiple Vulnerabilities
Pre ADS Portal 2.0 - Authentication Bypass / Cross-Site Scripting

Mambo Component 'com_n-forms' - 'form_id' Parameter Blind SQL Injection
Mambo Component n-form - 'form_id' Parameter Blind SQL Injection

Pre Job Board - (Authentication Bypass) SQL Injection
Pre Job Board - Authentication Bypass

Butterfly ORGanizer 2.0.1 - (view.php id) SQL Injection
Butterfly ORGanizer 2.0.1 - 'id' Parameter SQL Injection

facil-cms 0.1rc2 - Multiple Vulnerabilities
Facil-CMS 0.1RC2 - Multiple Vulnerabilities

Family Connections CMS 1.9 - (member) SQL Injection
Family Connections CMS 1.9 - SQL Injection

Mambo Component 'com_hestar' - SQL Injection
Mambo Component Hestar - SQL Injection

Joomla! / Mambo Component 'com_tupinambis' - SQL Injection
Joomla! / Mambo Component Tupinambis - SQL Injection

Joomla! / Mambo Component 'com_ezine' 2.1 - Remote File Inclusion
Joomla! / Mambo Component D4J eZine 2.1 - Remote File Inclusion

Mambo Component 'com_materialsuche' 1.0 - SQL Injection
Mambo Component Material Suche 1.0 - SQL Injection

Pre ADS Portal - 'cid' SQL Injection
Pre ADS Portal - 'cid' Parameter SQL Injection

Pre News Manager - (nid) SQL Injection
Pre News Manager - 'nid' Parameter SQL Injection

Mambo Component 'com_akogallery' - SQL Injection
Mambo Component AkoGallery - SQL Injection

Mambo Component 'com_mambads' - SQL Injection
Mambo Component MambAds - SQL Injection

Facil-CMS - (Local File Inclusion / Remote File Inclusion)
Facil-CMS 0.1RC2 - Local / Remote File Inclusion

AskMe Pro 2.1 - (que_id) SQL Injection
Alstrasoft AskMe Pro 2.1 - 'que_id' Parameter SQL Injection

Pre Job Board Pro - SQL Injection Authentication Bypass
Pre Job Board Pro - Authentication Bypass

DiY-CMS 1.0 - Multiple Remote File Inclusion
DIY-CMS 1.0 - Multiple Remote File Inclusion

Alstrasoft AskMe Pro 2.1 - (forum_answer.php?que_id) SQL Injection

Alstrasoft AskMe Pro 2.1 - (profile.php?id) SQL Injection
Alstrasoft AskMe Pro 2.1 - 'profile.php' SQL Injection

Pre Ads Portal - SQL Bypass
Pre ADS Portal - Authentication Bypass

Family Connections CMS 2.3.2 - (POST) Persistent Cross-Site Scripting / XML Injection
Family Connections CMS 2.3.2 - Persistent Cross-Site Scripting / XML Injection

Family Connections CMS 2.5.0 / 2.7.1 - (less.php) Remote Command Execution
Family Connections CMS 2.5.0 / 2.7.1 - 'less.php' Remote Command Execution

Family Connections CMS - 'less.php' Remote Command Execution (Metasploit)
Family Connections CMS 2.7.1 - 'less.php' Remote Command Execution (Metasploit)

Gravity Board X 1.1 - DeleteThread.php Cross-Site Scripting

Clever Copy 3.0 - Connect.INC Information Disclosure
Clever Copy 3.0 - 'Connect.INC' Information Disclosure

Cartweaver 2.16.11 - Results.cfm category Parameter SQL Injection
Cartweaver 2.16.11 - Details.cfm ProdID Parameter SQL Injection
Cartweaver 2.16.11 - 'Results.cfm' SQL Injection
Mambo Component 'lmtg_myhomepage' 1.2 - Multiple Remote File Inclusion
Mambo Component 'com_rssxt' 1.0 - 'MosConfig_absolute_path' Parameter Multiple Remote File Inclusion
Mambo Component LMTG Myhomepage 1.2 - Multiple Remote File Inclusion
Mambo Component Rssxt 1.0 - 'MosConfig_absolute_path' Parameter Multiple Remote File Inclusion

Mambo Component 'com_admin-copy_module' - 'MosConfig_absolute_path' Parameter Remote File Inclusion
Mambo Component Display MOSBot Manager - 'MosConfig_absolute_path' Parameter Remote File Inclusion

Joomla! / Mambo Component 'com_comprofiler' 1.0 - 'class.php' Remote File Inclusion
Joomla! / Mambo Component Comprofiler 1.0 - 'class.php' Remote File Inclusion

Joomla! / Mambo Component 'com_sg' - 'pid' Parameter SQL Injection
Joomla! / Mambo Component com_sg - 'pid' Parameter SQL Injection

Joomla! / Mambo Component 'com_salesrep' - 'rid' Parameter SQL Injection
Joomla! / Mambo Component com_salesrep - 'rid' Parameter SQL Injection
Joomla! / Mambo Component 'com_filebase' - 'filecatid' Parameter SQL Injection
Joomla! / Mambo Component 'com_scheduling' - 'id' Parameter SQL Injection
Joomla! / Mambo Component Filebase - 'filecatid' Parameter SQL Injection
Joomla! / Mambo Component com_scheduling - 'id' Parameter SQL Injection

Joomla! / Mambo Component 'com_profile' - 'oid' Parameter SQL Injection
Joomla! / Mambo Component com_profile - 'oid' Parameter SQL Injection

Joomla! / Mambo Component 'com_datsogallery' 1.3.1 - 'id' Parameter SQL Injection
Joomla! / Mambo Component Datsogallery 1.3.1 - 'id' Parameter SQL Injection
PHP JOBWEBSITE PRO - siteadmin/forgot.php adname Parameter SQL Injection
PHP JOBWEBSITE PRO - siteadmin/forgot.php Multiple Parameter Cross-Site Scripting
PHP JOBWEBSITE PRO - 'adname' Parameter SQL Injection
PHP JOBWEBSITE PRO - 'forgot.php' Cross-Site Scripting

Joomla! / Mambo Component 'com_gigcal' 1.0 - 'banddetails.php' SQL Injection
Joomla! / Mambo Component gigCalendar 1.0 - 'banddetails.php' SQL Injection

Conkurent PHPMyCart 1.3 - Cross-Site Scripting / Authentication Bypass
PHPMyCart 1.3 - Cross-Site Scripting / Authentication Bypass

Mambo Component 'com_docman' 1.3.0 - Multiple SQL Injection
Mambo Component Docman 1.3.0 - Multiple SQL Injection

Mambo Component 'com_n-skyrslur' - Cross-Site Scripting
Mambo Component N-Skyrslur - Cross-Site Scripting

Mambo Component 'com_n-gallery' - SQL Injection
Mambo Component N-Gallery - SQL Injection

Mambo Component 'com_n-press' - SQL Injection
Mambo Component N-Press - SQL Injection
Mambo Component 'com_n-frettir' - SQL Injection
Mambo Component 'com_n-myndir' - SQL Injection
Mambo Component N-Frettir - SQL Injection
Mambo Component N-Myndir - SQL Injection

AbanteCart - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
Edge SkateShop - Authentication bypass

AbanteCart 1.2.7 - Cross-Site Scripting
 2016-12-08 05:01:21 +00:00
Offensive Security
01eb066d9d DB: 2016-10-13 
11 new exploits

IBM AIX 5.2/5.3 FTP Client - Local Buffer Overflow

Yahoo! Widgets Engine 4.0.3 - YDPCTL.dll ActiveX Control Buffer Overflow

Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin)
Simple PHP Blog 0.8.4 - (Add Admin) Cross-Site Request Forgery

miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post)
miniblog 1.0.1 - (Add New Post) Cross-Site Request Forgery

PHP Press Release - Cross-Site Request Forgery (Add Admin)
PHP Press Release - (Add Admin) Cross-Site Request Forgery
Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post)
Spacemarc News - Cross-Site Request Forgery (Add New Post)
Minecraft Launcher - Insecure File Permissions Privilege Escalation
Maian Weblog 4.0 - (Add New Post) Cross-Site Request Forgery
Spacemarc News - (Add New Post) Cross-Site Request Forgery
Minecraft Launcher 1.6.61 - Insecure File Permissions Privilege Escalation
sheed AntiVirus - Unquoted Service Path Privilege Escalation
AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities
sheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation
AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities

Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit)
Linux Kernel 3.13.1 - 'Recvmmsg' Privilege Escalation (Metasploit)

ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)
ApPHP MicroBlog 1.0.2 - (Add New Author) Cross-Site Request Forgery
Subversion 1.6.6 / 1.6.12 - Code Execution
Cisco Webex Player T29.10 - '.WRF' Use-After-Free Memory Corruption
Cisco Webex Player T29.10 - '.ARF' Out-of-Bounds Memory Corruption
Adobe Flash Player 23.0.0.162 - '.SWF' ConstantPool Critical Memory Corruption
Categorizator 0.3.1 - SQL Injection
NetBilletterie 2.8 - Multiple Vulnerabilities
ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting
OpenCimetiere v3.0.0-a5 - Blind SQL Injection
Android - Binder Generic ASLR Leak
ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery
 2016-10-13 05:01:17 +00:00
Offensive Security
f8b17d14a1 DB: 2016-10-12 
12 new exploits

Linux Kernel 4.6.2 (Ubuntu 16.04.1) - IP6T_SO_SET_REPLACE Privilege Escalation
Linux Kernel 4.6.2 (Ubuntu 16.04.1) - 'IP6T_SO_SET_REPLACE' Privilege Escalation
Spacemarc News - Cross-Site Request Forgery (Add New Post)
Minecraft Launcher - Insecure File Permissions Privilege Escalation
BirdBlog 1.4.0 - (Add New Post) Cross-Site Request Forgery
phpEnter 4.2.7 - (Add New Post) Cross-Site Request Forgery
sheed AntiVirus - Unquoted Service Path Privilege Escalation
AVTECH IP Camera_ NVR_ and DVR Devices - Multiple Vulnerabilities
RSA Enterprise Compromise Assessment Tool 4.1.0.1 - XML External Entity Injection
Android - 'gpsOneXtra' Data Files Denial of Service
Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit)
Allwinner 3.4 Legacy Kernel - Local Privilege Escalation (Metasploit)
ApPHP MicroBlog 1.0.2 - Stored Cross Site Scripting
ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)
 2016-10-12 05:01:17 +00:00
Offensive Security
d9bdc2e376 DB: 2016-10-04 
7 new exploits

maplab ms4w 2.2.1 - Remote File Inclusion
MapLab MS4W 2.2.1 - Remote File Inclusion

Gimp 2.2.14 (Windows x86) - '.ras' Download/Execute Buffer Overflow
Gimp 2.2.14 (Win x86) - '.ras' Download/Execute Buffer Overflow

Grandsteam GXV3611_HD - SQL Injection

Glassfish Server - Unquoted Service Path Privilege Escalation
Windows Firewall Control - Unquoted Service Path Privilege Escalation
Android - Insufficient Binder Message Verification Pointer Leak
DWebPro 8.4.2 - Multiple Vulnerabilities
Apache Tomcat 8/7/6 (Debian-Based Distros) - Privilege Escalation
Street Fighter 5 - 'Capcom.sys' Kernel Execution (Metasploit)
 2016-10-04 05:01:17 +00:00
Offensive Security
f1e68e0b1d DB: 2016-09-15 
3 new exploits

Android - getpidcon Usage binder Service Replacement Race Condition

PrivateTunnel Client 2.7.0 (x64) - Local Credentials Disclosure

Apache Mina 2.0.13 - Remote Command Execution
 2016-09-15 05:07:49 +00:00
Offensive Security
fc4bc08825 DB: 2016-07-12 
15 new exploits

Apache HTTPd - Arbitrary Long HTTP Headers DoS
Apache HTTPd - Arbitrary Long HTTP Headers DoS (Perl)

Apache HTTPd - Arbitrary Long HTTP Headers DoS
Apache HTTPd - Arbitrary Long HTTP Headers DoS (C)

Mercury Mail 4.01 (Pegasus) IMAP Buffer Overflow Exploit (c code)
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow Exploit (C) (1)

Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (2) (c code)
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (C) (2)
Webhints <= 1.03 - Remote Command Execution Exploit (perl code) (1)
Webhints <= 1.03 - Remote Command Execution Exploit (c code) (2)
Webhints <= 1.03 - Remote Command Execution Exploit (perl code) (3)
Webhints <= 1.03 - Remote Command Execution Exploit (Perl) (1)
Webhints <= 1.03 - Remote Command Execution Exploit (C) (2)
Webhints <= 1.03 - Remote Command Execution Exploit (Perl) (3)
phpBB <= 2.0.15 - Register Multiple Users Denial of Service (Perl Code)
phpBB <= 2.0.15 - Register Multiple Users Denial of Service (C Code)
phpBB <= 2.0.15 - Register Multiple Users Denial of Service (Perl)
phpBB <= 2.0.15 - Register Multiple Users Denial of Service (C)

SimpleBBS <= 1.1 - Remote Commands Execution Exploit (c code)
SimpleBBS <= 1.1 - Remote Commands Execution Exploit (C)

Xmame 0.102 (-lang) Local Buffer Overflow Exploit (c code)
Xmame 0.102 - (lang) Local Buffer Overflow Exploit (C)

aFAQ 1.0 (faqDsp.asp catcode) Remote SQL Injection Vulnerability
aFAQ 1.0 - (faqDsp.asp catcode) Remote SQL Injection Vulnerability

Apple CFNetwork HTTP Response Denial of Service Exploit (rb code)
Apple CFNetwork - HTTP Response Denial of Service Exploit (RB)

PhpBlock a8.4 (PATH_TO_CODE) Remote File Inclusion Vulnerability
PhpBlock a8.4 - (PATH_TO_CODE) Remote File Inclusion Vulnerability

WebPortal CMS <= 0.7.4 (code) Remote Code Execution Vulnerability
WebPortal CMS <= 0.7.4 - (code) Remote Code Execution Vulnerability

emergecolab 1.0 (sitecode) Local File Inclusion Vulnerability
emergecolab 1.0 - (sitecode) Local File Inclusion Vulnerability

Simple Machines Forums (BBCode) Cookie Stealing Vulnerability
Simple Machines Forums - (BBCode) Cookie Stealing Vulnerability

Movie PHP Script 2.0 (init.php anticode) Code Execution Vulnerability
Movie PHP Script 2.0 - (init.php anticode) Code Execution Vulnerability

Kjtechforce mailman b1 (code) SQL Injection Delete Row Vulnerability
Kjtechforce mailman b1 - (code) SQL Injection Delete Row Vulnerability

WordPress Activity Log Plugin 2.3.1 - Persistent XSS

IPS Community Suite 4.1.12.3 - PHP Code Injection
Adobe Flash - ATF Processing Overflow
Adobe Flash - JXR Processing Double Free
Adobe Flash - LMZA Property Decoding Heap Corruption
Adobe Flash - ATF Image Packing Overflow
Tiki Wiki 15.1 - Unauthenticated File Upload Vulnerability (msf)

Ho' Detector (Promiscuous mode detector shellcode) (56 bytes)
Ho' Detector - Promiscuous mode detector shellcode (56 bytes)

MS16-016 mrxdav.sys WebDav Local Privilege Escalation

Ruby on Rails ActionPack Inline ERB Code Execution

Lan Messenger sending PM Buffer Overflow (UNICODE) - Overwrite SEH
Lan Messenger - sending PM Buffer Overflow (UNICODE) Overwrite SEH
Tiki Wiki CMS 15.0 - Arbitrary File Download
Belkin Router AC1200 Firmware 1.00.27 - Authentication Bypass
WordPress All in One SEO Pack Plugin 2.3.6.1 - Persistent XSS
Device42 WAN Emulator 2.3 Traceroute Command Injection
Device42 WAN Emulator 2.3 Ping Command Injection
Device42 WAN Emulator 2.3 - Traceroute Command Injection
Device42 WAN Emulator 2.3 - Ping Command Injection

Samsung Galaxy S6 Samsung Gallery - Bitmap Decoding Crash

Dell KACE K1000 File Upload
Dell KACE K1000 - File Upload

Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection
Dell SonicWALL Scrutinizer 11.01 - methodDetail SQL Injection

Valve Steam 3.42.16.13 - Local Privilege Escalation
Beauty Parlour & SPA Saloon Management System - Blind SQL Injection
Clinic Management System - Blind SQL Injection

Linux x86-64 Continuously-Probing Reverse Shell via Socket + Port-range + Password - 172 Bytes
 2016-07-12 05:05:04 +00:00
Offensive Security
76bc268c80 DB: 2016-07-11 2016-07-11 05:06:57 +00:00
Offensive Security
076ef173f9 DB: 2016-06-11 
23 new exploits

Poison Ivy 2.1.x C2 Buffer Overflow (msf)
Matrix42 Remote Control Host 3.20.0031 - Unquoted Path Privilege Escalation
Dell OpenManage Server Administrator 8.3 - XML External Entity Exploit
Mobiketa 1.0 - CSRF Add Admin Exploit
miniMySQLAdmin 1.1.3 - CSRF Execute SQL Query
phpMyFAQ 2.9.0 - Stored XSS
Windows x86 system(_systeminfo_) Shellcode
Armadito Antimalware - Backdoor/Bypass
Riot Games League of Legends - Insecure File Permissions Privilege Escalation
IPFire proxy.cgi RCE
IPFire Bash Environment Variable Injection (Shellshock)
Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution
OS X Kernel - Exploitable NULL Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Android - /system/bin/sdcard Stack Buffer Overflow
OS X Kernel - Exploitable NULL Pointer Dereference in AppleMuxControl.kext
OS X Kernel - Exploitable NULL Pointer Dereference in AppleGraphicsDeviceControl
OS X Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource
OS X Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
OS X Kernel - Exploitable NULL Pointer Dereference in IOAudioEngine
OS X Kernel - OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type
OS X Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2
OS X/iOS Kernel - UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient
OS X Kernel - Stack Buffer Overflow in GeForce GPU Driver
 2016-06-11 05:06:22 +00:00
Offensive Security
614fb1caf8 DB: 2016-05-12 
22 new exploits

PoPToP PPTP <= 1.1.4-b3 - Remote Root Exploit (poptop-sane.c)
PoPToP PPTP <= 1.1.4-b3 - 'poptop-sane.c' Remote Root Exploit

Atftpd 0.6 - Remote Root Exploit (atftpdx.c)
Atftpd 0.6 - 'atftpdx.c' Remote Root Exploit

Yahoo Messenger 5.5 - Remote Exploit (DSR-ducky.c)
Yahoo Messenger 5.5 - 'DSR-ducky.c' Remote Exploit

CCBILL CGI Remote Exploit for whereami.cgi (ccbillx.c)
CCBILL CGI - 'ccbillx.c' whereami.cgi Remote Exploit

Cisco IOS IPv4 Packet Denial of Service Exploit (cisco-bug-44020.c)
Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service Exploit

wu-ftpd 2.6.2 - Remote Denial of Service Exploit (wuftpd-freezer.c)
wu-ftpd 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service Exploit

Microsoft Windows - (Jolt2.c) Denial of Service Exploit
Microsoft Windows - 'Jolt2.c' Denial of Service Exploit

TCP SYN Denial of Service Exploit (bang.c)
TCP SYN - 'bang.c' Denial of Service Exploit

Apache HTTPd - Arbitrary Long HTTP Headers DoS (C)
Apache HTTPd - Arbitrary Long HTTP Headers DoS

Linux Kernel <= 2.4.26- File Offset Pointer Handling Memory Disclosure Exploit
Linux Kernel <= 2.4.26 - File Offset Pointer Handling Memory Disclosure Exploit

Linux Kernel 2.6.x (Slackware 9.1/ Debian 3.0) - chown() Group Ownership Alteration Exploit
Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Exploit

Veritas Backup Exec Agent 8.x/9.x - Browser Overflow (C)
Veritas Backup Exec Agent 8.x/9.x - Browser Overflow

Apache OpenSSL - Remote Exploit (Multiple Targets) (OpenFuckV2.c)
Apache OpenSSL - 'OpenFuckV2.c' Remote Exploit

CA License Server (GETCONFIG) Remote Buffer Overflow Exploit (c)
CA License Server (GETCONFIG) Remote Buffer Overflow Exploit

Aeon 0.2a - Local Linux Exploit (C)
Aeon 0.2a - Local Linux Exploit

Linux Kernel 2.4 / 2.6 - bluez Local Root Privilege Escalation Exploit (3)
Linux Kernel 2.4.x / 2.6.x - 'Bluez' Bluetooth Signed Buffer Index Local Root (3)

nbSMTP <= 0.99 (util.c) Client-Side Command Execution Exploit
nbSMTP <= 0.99 - 'util.c' Client-Side Command Execution Exploit

SuSE Linux <= 9.3 / 10 - (chfn) Local Root Privilege Escalation Exploit
Linux chfn (SuSE <= 9.3 / 10) - Local Privilege Escalation Exploit

SugarSuite Open Source <= 4.0beta Remote Code Execution Exploit (c)
SugarSuite Open Source <= 4.0beta - Remote Code Execution Exploit
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (c)
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (pl)
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (Perl)

OpenVMPSd <= 1.3 - Remote Format String Exploit (Multiple Targets)
OpenVMPSd <= 1.3 - Remote Format String Exploit

Ubuntu Breezy 5.10 Installer Password Disclosure Vulnerability
Ubuntu Breezy 5.10 - Installer Password Disclosure Vulnerability

X.Org X11 (X11R6.9.0/X11R7.0) - Local Root Privilege Escalation Exploit
X.Org X11 (X11R6.9.0/X11R7.0) - Local Privilege Escalation Exploit

DataLife Engine <= 4.1 - Remote SQL Injection Exploit (php)
DataLife Engine <= 4.1 - Remote SQL Injection Exploit (PHP)
Opera 9 IRC Client Remote Denial of Service Exploit (c)
Opera 9 IRC Client Remote Denial of Service Exploit (py)
Opera 9 - IRC Client Remote Denial of Service Exploit
Opera 9 IRC Client - Remote Denial of Service Exploit (Python)

Microsoft Windows PNG File IHDR Block Denial of Service Exploit PoC (c)
Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (1)

Microsoft Windows PNG File IHDR Block Denial of Service Exploit PoC (c) (2)
Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (2)

Microsoft Internet Explorer (VML) Remote Buffer Overflow Exploit (SP2) (pl)
Microsoft Internet Explorer (VML) - Remote Buffer Overflow Exploit (SP2) (Perl)

Microsoft Internet Explorer WebViewFolderIcon setSlice() Exploit (pl)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (Perl)

Microsoft Internet Explorer WebViewFolderIcon setSlice() Exploit (c)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit

cPanel <= 10.8.x - (cpwrap via mysqladmin) Local Root Exploit (php)
cPanel <= 10.8.x - (cpwrap via mysqladmin) Local Root Exploit (PHP)

Xfire <= 1.6.4 - Remote Denial of Service Exploit (pl)
Xfire <= 1.6.4 - Remote Denial of Service Exploit (Perl)

Microsoft Windows NetpManageIPCConnect Stack Overflow Exploit (py)
Microsoft Windows NetpManageIPCConnect - Stack Overflow Exploit (Python)

VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (c)
VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit

QK SMTP <= 3.01 (RCPT TO) Remote Buffer Overflow Exploit (pl)
QK SMTP <= 3.01 - (RCPT TO) Remote Buffer Overflow Exploit (Perl)

Ubuntu/Debian Apache 1.3.33/1.3.34 - (CGI TTY) Local Root Exploit
Apache 1.3.33/1.3.34 (Ubuntu / Debian) - (CGI TTY) Local Root Exploit

WarFTP 1.65 (USER) Remote Buffer Overlow Exploit (multiple targets)
WarFTP 1.65 (USER) Remote Buffer Overlow Exploit

XOOPS Module WF-Snippets <= 1.02 (c) BLIND SQL Injection Exploit
XOOPS Module WF-Snippets <= 1.02 (c) - BLIND SQL Injection Exploit

IrfanView 3.99 - (.ani) Local Buffer Overflow Exploit (multiple targets)
IrfanView 3.99 - (.ani) Local Buffer Overflow Exploit

3proxy 0.5.3g logurl() Remote Buffer Overflow Exploit (Win32) (pl)
3proxy 0.5.3g logurl() - Remote Buffer Overflow Exploit (Win32) (Perl)

Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Exploit (c)
Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Exploit
fuzzylime CMS 3.01 (polladd.php poll) Remote Code Execution Exploit (php)
fuzzylime CMS 3.01 (polladd.php poll) Remote Code Execution Exploit (pl)
fuzzylime CMS 3.01 (polladd.php poll) Remote Code Execution Exploit (PHP)
fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution Exploit (Perl)

IntelliTamper 2.07 - (map file) Local Arbitrary Code Execution Exploit (pl)
IntelliTamper 2.07 - (map file) Local Arbitrary Code Execution Exploit (Perl)

IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow Exploit (c)
IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow Exploit

BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (py)
BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (Python)

BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (c)
BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit

CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit (py)
CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit (Python)

Browser3D 3.5 - (.sfs) Local Stack Overflow Exploit (c)
Browser3D 3.5 - (.sfs) Local Stack Overflow Exploit

Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002) (py)
Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002) (Python)

EFS Easy Chat Server Authentication Request Buffer Overflow Exploit (pl)
EFS Easy Chat Server - Authentication Request Buffer Overflow Exploit (Perl)

CastRipper 2.50.70 - (.m3u) Universal Stack Overflow Exploit (py)
CastRipper 2.50.70 - (.m3u) Universal Stack Overflow Exploit (Python)

Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (php)
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (PHP)

Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (pl)
Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (Perl)

kloxo 5.75 - (24 issues) Multiple Vulnerabilities
kloxo 5.75 - Multiple Vulnerabilities

Mozilla Firefox 3.5 (Font tags) Remote Heap Spray Exploit (pl)
Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (Perl)

Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (C)
Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit

MailEnable 1.52 HTTP Mail Service Stack BoF Exploit PoC
MailEnable 1.52 - HTTP Mail Service Stack BoF Exploit PoC

(Ubuntu 9.10/10.04) PAM 1.1.0 - MOTD File Tampering (Privilege Escalation)
Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation Local Root Exploit (1)

Cacti 0.8.7e: Multiple Security Issues
Cacti 0.8.7e - Multiple Vulnerabilities

(Tod Miller's) Sudo/SudoEdit 1.6.x < 1.6.9p21 & 1.7.x < 1.7.2p4 - Local Root Exploit
(Tod Miller's) Sudo/SudoEdit 1.6.x / 1.7.x (<= 1.6.9p21 / <= 1.7.2p4) - Local Root Exploit

PAM 1.1.0 MOTD (Ubuntu 9.10/10.04) - Local Root Exploit
Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation Local Root Exploit (2)

Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32-21) - Privilege Escalation Exploit
Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32) - Privilege Escalation Exploit

Ubuntu Linux - 'mountall' - Local Privilege Escalation Vulnerability
mountall <= 2.15.2 (Ubuntu 10.04/10.10) - Local Privilege Escalation Vulnerability

Cilem Haber 1.4.4 (Tr) - Database Disclosure Exploit (.py)
Cilem Haber 1.4.4 (Tr) - Database Disclosure Exploit (Python)

PHP Hosting Directory 2.0 Database Disclosure Exploit (.py)
PHP Hosting Directory 2.0 Database Disclosure Exploit (Python)

systemtap - Local Root Privilege Escalation Vulnerability
systemtap - Local Privilege Escalation Vulnerability

Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 110.10) - Local Privilege Escalation Exploit (2)
Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 11.10) - Local Privilege Escalation Exploit (2)

Kunena < 1.5.13_ < 1.6.3 - SQL Injection Vulnerability
Kunena < 1.5.13 / < 1.6.3 - SQL Injection Vulnerability

HP OpenView NNM 7.53_ 7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow
HP OpenView NNM 7.53/7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow

Safari 5.0.6_ 5.1 - SVG DOM Processing PoC
Safari 5.0.6/5.1 - SVG DOM Processing PoC

Ubuntu <= 11.04 ftp client Local Buffer Overflow Crash PoC
FTP Client (Ubuntu <= 11.04) - Local Buffer Overflow Crash PoC

Acpid 1:2.0.10-1ubuntu2 - Privilege Boundary Crossing Vulnerability
Acpid 1:2.0.10-1ubuntu2 (Ubuntu 11.10/11.04) - Privilege Boundary Crossing Local Root Exploit
RedHat Linux <= 6.0_ Slackware Linux <= 4.0 Termcap tgetent() Buffer Overflow (1)
RedHat Linux <= 6.0_ Slackware Linux <= 4.0 Termcap tgetent() Buffer Overflow (2)
RedHat Linux <= 6.0 / Slackware Linux <= 4.0 - Termcap tgetent() Buffer Overflow (1)
RedHat Linux <= 6.0 / Slackware Linux <= 4.0 - Termcap tgetent() Buffer Overflow (2)
Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1)
Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2)
Linux Kernel 2.2.x/2.4.0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1)
Linux Kernel 2.2.x/2.4.0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2)

Debian 2.x_RedHat 6.2_IRIX 5/6_ Solaris 2.x Mail Reply-To Field Vulnerability
Debian 2.x_ RedHat 6.2_ IRIX 5/6_ Solaris 2.x - Mail Reply-To Field Vulnerability

Pure-FTPd 1.0.21 (CentOS 6.2 & Ubuntu 8.04) - Crash PoC (Null Pointer Dereference)
Pure-FTPd 1.0.21 (CentOS 6.2 / Ubuntu 8.04) - Crash PoC (Null Pointer Dereference)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (1)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (2)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (3)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (4)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (5)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (1)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (2)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (3)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (4)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (5)

cPanel 5.0 - Openwebmail Local Privileges Escalation Vulnerability
cPanel 5.0 - Openwebmail Local Privilege Escalation Vulnerability

Linux-PAM 0.77 - Pam_Wheel Module getlogin() Username Spoofing Privileged Escalation Vulnerability
Linux PAM 0.77 - Pam_Wheel Module getlogin() Username Spoofing Privilege Escalation Vulnerability

Totem Movie Player (Ubuntu) 3.4.3 - Stack Corruption
Totem Movie Player 3.4.3 (Ubuntu) - Stack Corruption

Flightgear 2.0_ 2.4 - Remote Format String Exploit
Flightgear 2.0/2.4 - Remote Format String Exploit

Opera 7.x_ Firefox 1.0_ Internet Explorer 6.0 - Information Disclosure Weakness
Opera 7.x/Firefox 1.0/Internet Explorer 6.0 - Information Disclosure Weakness
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index PoC Vulnerability (1)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (2)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (3)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (4)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index PoC (1)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root (2)
Linux Kernel <= 2.4.30 / <= 2.6.11.5 - Bluetooth bluez_sock_create Local Root Vulnerability

Linux Kernel 2.6.37 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit
Linux Kernel 2.6.32 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit

Linux Kernel 3.8.x - open-time Capability file_ns_capable() Privilege Escalation
Linux Kernel < 3.8.x - open-time Capability file_ns_capable() Privilege Escalation

OSX <= 10.8.4 - Local Root Privilege Escalation (py)
OSX <= 10.8.4 - Local Privilege Escalation (Python)

Moodle 2.3.8_ 2.4.5 - Multiple Vulnerabilities
Moodle 2.3.8/2.4.5 - Multiple Vulnerabilities

IBM AIX 6.1 / 7.1 - Local Root Privilege Escalation
IBM AIX 6.1 / 7.1 - Local Privilege Escalation

glibc and eglibc 2.5_ 2.7_ 2.13 - Buffer Overflow Vulnerability
glibc and eglibc 2.5/2.7/2.13 - Buffer Overflow Vulnerability

StatusNet/Laconica 0.7.4_ 0.8.2_ 0.9.0beta3 - Arbitrary File Reading
StatusNet/Laconica 0.7.4/0.8.2/0.9.0beta3 - Arbitrary File Reading

Links_ ELinks 'smbclient' Remote Command Execution Vulnerability
Links_ ELinks 'smbclient' - Remote Command Execution Vulnerability

Flyspray 0.9.9 - Information Disclosure_ HTML Injection and Cross-Site Scripting Vulnerabilities
Flyspray 0.9.9 - Information Disclosure/HTML Injection/Cross-Site Scripting

Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - Local Root (CONFIG_X86_X32=y)
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - 'CONFIG_X86_X32=y' Local Root Exploit

Symantec Endpoint Protection Manager 11.0_ 12.0_ 12.1 - Remote Command Execution Exploit
Symantec Endpoint Protection Manager 11.0/12.0/12.1 - Remote Command Execution Exploit

ownCloud 4.0.x_ 4.5.x (upload.php filename param) - Remote Code Execution
ownCloud 4.0.x/4.5.x (upload.php filename param) - Remote Code Execution
Procentia IntelliPen 1.1.12.1520 (Data.aspx_ value param) - Blind SQL Injection
Vtiger CRM 5.4.0_ 6.0 RC_ 6.0.0 GA (browse.php file param) - Local File Inclusion
Procentia IntelliPen 1.1.12.1520 - data.aspx Blind SQL Injection
Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA (browse.php file param) - Local File Inclusion
Haihaisoft HUPlayer 1.0.4.8 - (.m3u_ .pls_ .asx) Buffer Overflow (SEH)
Haihaisoft Universal Player 1.5.8 - (.m3u_ .pls_ .asx) Buffer Overflow (SEH)
Haihaisoft HUPlayer 1.0.4.8 - (.m3u/.pls/.asx) Buffer Overflow (SEH)
Haihaisoft Universal Player 1.5.8 - (.m3u/.pls/.asx) Buffer Overflow (SEH)

JIRA Issues Collector Directory Traversal
JIRA Issues Collector - Directory Traversal

CMSimple 4.4_ 4.4.2 - Remote File Inclusion
CMSimple 4.4/4.4.2 - Remote File Inclusion

Core FTP Server 1.2_ build 535_ 32-bit - Crash PoC
Core FTP Server 1.2 build 535 32-bit - Crash PoC

Samba <= 3.4.5 - Symlink Directory Traversal Vulnerability (C)
Samba <= 3.4.5 - Symlink Directory Traversal Vulnerability

Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR_ DEP & EMET 4.1.x Bypass (MS12-037)
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 4.1.x Bypass (MS12-037)

Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation
Linux Kernel < 3.2.0-23  (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation

Symantec Endpoint Protection 11.x_ 12.x - Kernel Pool Overflow
Symantec Endpoint Protection 11.x/12.x - Kernel Pool Overflow

Linux Kernel 3.16.1 - Remount FUSE Exploit
Linux Kernel < 3.16.1 - Remount FUSE Local Root Exploit

Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR_ DEP & EMET 5.0 Bypass (MS12-037)
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 5.0 Bypass (MS12-037)

Rejetto HTTP File Server (HFS) 2.3a_ 2.3b_ 2.3c - Remote Command Execution
Rejetto HTTP File Server (HFS) 2.3a/2.3b/2.3c - Remote Command Execution

Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR_ DEP & EMET 5.1 Bypass (MS12-037)
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 5.1 Bypass (MS12-037)

Mac OS X - IOKit Keyboard Driver Root Privilege Escalation
Mac OS X - IOKit Keyboard Driver Privilege Escalation

Liferay Portal 7.0.0 M1_ 7.0.0 M2_ 7.0.0 M3 - Pre-Auth RCE
Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Auth RCE

vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion_ SQL Injection & XSS
vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion/SQL Injection/XSS

MalwareBytes Anti-Exploit 1.03.1.1220_ 1.04.1.1012 Out-of-bounds Read DoS
MalwareBytes Anti-Exploit 1.03.1.1220/1.04.1.1012 Out-of-bounds Read DoS

JBoss AS 3_ 4_ 5_ 6 - Remote Command Execution
JBoss AS 3/4/5/6 - Remote Command Execution

Mac OS X < 10.7.5_ 10.8.2_ 10.9.5 10.10.2 - rootpipe Local Privilege Escalation
Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - rootpipe Local Privilege Escalation

Alienvault OSSIM/USM 4.14_ 4.15_ and 5.0 - Multiple Vulnerabilities
Alienvault OSSIM/USM 4.14/4.15/5.0 - Multiple Vulnerabilities

Pandora FMS 5.0_ 5.1 - Authentication Bypass
Pandora FMS 5.0/5.1 - Authentication Bypass

Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shell)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root Shell

Cisco AnyConnect Secure Mobility 2.x_ 3.x_ 4.x - Client DoS PoC
Cisco AnyConnect Secure Mobility 2.x/3.x/4.x - Client DoS PoC

Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shadow File)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Privilege Escalation (Access /etc/shadow)

Orchard CMS 1.7.3_ 1.8.2_ 1.9.0 - Stored XSS Vulnerability
Orchard CMS 1.7.3/1.8.2/1.9.0 - Stored XSS Vulnerability

Ubuntu 14.04 NetKit FTP Client - Crash/DoS PoC
NetKit FTP Client (Ubuntu 14.04) - Crash/DoS PoC

Interspire Email Marketer Cross Site Scripting_ HTML Injection_ and SQL Injection Vulnerabilities
Interspire Email Marketer - (Cross Site Scripting/HTML Injection/SQL Injection) Multiple Vulnerabilities

BigDump Cross Site Scripting_ SQL Injection_ and Arbitrary File Upload Vulnerabilities
BigDump - (Cross Site Scripting/SQL Injection/Arbitrary File Upload) Multiple Vulnerabilities

Elastix < 2.5 _ PHP Code Injection Exploit
Elastix < 2.5 - PHP Code Injection Exploit

Microsoft Office Excel 2007_ 2010_ 2013 - BIFFRecord Use-After-Free
Microsoft Office Excel 2007/2010/2013 - BIFFRecord Use-After-Free

OS X Regex Engine (TRE) - Integer Signedness and Overflow Issues
OS X Regex Engine (TRE) - (Integer Signedness and Overflow) Multiple Vulnerabilities

Linux Kernel 3.3.5 - 'CLONE_NEWUSER|CLONE_FS' Local Privilege Escalation Vulnerability
Linux Kernel 3.0 < 3.3.5 - 'CLONE_NEWUSER|CLONE_FS' Local Privilege Escalation Vulnerability

Linux Kernel <=4.3.3 (Ubuntu 14.04_ 15.10) - overlayfs Local Root Exploit
Linux Kernel <= 4.3.3 (Ubuntu 14.04/15.10) - overlayfs Local Root Exploit

Exim < 4.86.2 - Local Root Privilege Escalation
Exim < 4.86.2 - Local Privilege Escalation
RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - snd-usb-audio Crash PoC
RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - iowarrior driver Crash PoC
Linux Kernel 3.10.0-229.x (RHEL 7.1. CentOS) - snd-usb-audio Crash PoC
Linux Kernel 3.10.0-229.x (RHEL 7.1. CentOS) - iowarrior driver Crash PoC

Trend Micro Deep Discovery Inspector 3.8_ 3.7 - CSRF Vulnerabilities
Trend Micro Deep Discovery Inspector 3.8/3.7 - CSRF Vulnerabilities

FireEye - Privilege Escalation to root from Malware Input Processor (uid=mip)
FireEye - Malware Input Processor (uid=mip) Privilege Escalation Exploit

Novell Service Desk 7.1.0_ 7.0.3 and 6.5 - Multiple Vulnerabilities
Novell Service Desk 7.1.0/7.0.3 and 6.5 - Multiple Vulnerabilities

Internet Explorer 9_ 10_ 11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)
Internet Explorer 9/10/11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)

Linux (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow)
Linux Kernel (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow)

Linux (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps
Linux Kernel (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps
Android Broadcom Wi-Fi Driver - Memory Corruption
CIScan 1.00 - Hostname/IP Field SEH Overwrite PoC
FileZilla FTP Client 3.17.0.0 - Unquoted Path Privilege Escalation
Intuit QuickBooks Desktop 2007 - 2016 - Arbitrary Code Execution
 2016-05-12 05:03:21 +00:00
Offensive Security
921bb6b2e3 DB: 2016-04-12 
9 new exploits

Hikvision Digital Video Recorder - Cross-Site Request Forgery
WPN-XM Serverstack 0.8.6 - Cross Site Request Forgery
OpenCart 2.1.0.2 to 2.2.0.0 - json_decode Function Remote Code Execution
CAM UnZip 5.1 - Archive Path Traversal
Axis Network Cameras - Multiple Vulnerabilities
Linux/x86_64 - bindshell (PORT: 5600) - 81 bytes
Android - IOMX getConfig/getParameter Information Disclosure
Android - IMemory Native Interface is Insecure for IPC Use
Novell Service Desk 7.1.0_ 7.0.3 and 6.5 - Multiple Vulnerabilities
 2016-04-12 05:04:12 +00:00
Offensive Security
6290e0021e DB: 2016-04-02 
8 new exploits

Microsoft Windows 2000/XP - (RPC DCOM) Remote Exploit
Microsoft Windows 2000/XP - (RPC DCOM) Remote Exploit (MS03-026)

Microsoft Windows NT/2000/XP/2003/Vista/2008/7 - User Mode to Ring Escalation Vulnerability (KiTrap0D)
Microsoft Windows NT/2000/XP/2003/Vista/2008/7 - User Mode to Ring Escalation Vulnerability (KiTrap0D) (MS10-015)
PHP <= 7.0.4/5.5.33 - SNMP Format String Exploit
Windows Kernel - Bitmap Use-After-Free
Windows Kernel - NtGdiGetTextExtentExW Out-of-Bounds Memory Read
Adobe Flash - URLStream.readObject Use-After-Free
Adobe Flash - TextField.maxChars Use-After-Free
Android - ih264d_process_intra_mb Memory Corruption
Adobe Flash - Color.setTransform Use-After-Free
PHP 5.5.33 - Invalid Memory Write
 2016-04-02 05:02:51 +00:00
Offensive Security
67cc75a29b DB: 2016-03-29 
9 new exploits

Serv-U 3x - 5.x - Local Privilege Escalation Exploit
Serv-U 3.x - 5.x - Local Privilege Escalation Exploit

SHOUTcast 1.9.4 File Request Format String Remote Exploit (win)
SHOUTcast 1.9.4 - File Request Format String Remote Exploit (Windows)

Monstra CMS 3.0.3 - Multiple Vulnerabilities
pragmaMX Module Landkarten 2.1 - Local File Inclusion Exploit (win)
GeBlog 0.1 - GLOBALS[tplname] Local File Inclusion Exploit (win)
pragmaMX Module Landkarten 2.1 - Local File Inclusion Exploit (Windows)
GeBlog 0.1 - GLOBALS[tplname] Local File Inclusion Exploit (Windows)

PicoFlat CMS 0.5.9 - Local File Inclusion Vulnerabilitty (win)
PicoFlat CMS 0.5.9 - Local File Inclusion Vulnerabilitty (Windows)

Tribiq CMS 5.0.10a - Local File Inclusion Vulnerability (win)
Tribiq CMS 5.0.10a - Local File Inclusion Vulnerability (Windows)

Apache Tomcat - runtime.getRuntime().exec() Privilege Escalation (win)
Apache Tomcat - runtime.getRuntime().exec() Privilege Escalation (Windows)

AJA Portal 1.2 - Local File Inclusion Vulnerabilities (win)
AJA Portal 1.2 - Local File Inclusion Vulnerabilities (Windows)

Microsoft Internet Explorer 7 (Windows 2003 SP2)  - Memory Corruption PoC (MS09-002)
Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption PoC (MS09-002)

XBMC 8.10 (Get Request) Remote Buffer Overflow Exploit (win)
XBMC 8.10 - (GET Request) Remote Buffer Overflow Exploit (Windows)

MonGoose 2.4 Webserver Directory Traversal Vulnerability (win)
MonGoose 2.4 - Webserver Directory Traversal Vulnerability (Windows)

Apple iTunes 8.1.1.10 - (itms/itcp) Remote Buffer Overflow Exploit (win)
Apple iTunes 8.1.1.10 - (itms/itcp) Remote Buffer Overflow Exploit (Windows)

Adobe Related Service - (getPlus_HelperSvc.exe) Local Privilege Escalation
Adobe 9.x Related Service - (getPlus_HelperSvc.exe) Local Privilege Escalation

PulseAudio setuid - Local Privilege Escalation Exploit

Adobe Acrobat 9.1.2 - NOS Local Privilege Escalation Exploit
Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (C)

Adobe Acrobat 9.1.2 - NOS Local Privilege Escalation Exploit (py)
Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (Python)

Serv-u Web client 9.0.0.5 - Buffer Overflow
Serv-U Web Client 9.0.0.5 - Buffer Overflow (2)

Serv-u Web client 9.0.0.5 - Buffer Overflow
Serv-U Web Client 9.0.0.5 - Buffer Overflow (1)

Qihoo 360 Security Guard breg device drivers Privilege Escalation Vulnerability
Qihoo 360 Security Guard 6.1.5.1009 - breg device drivers Privilege Escalation Vulnerability

Sysax Multi Server (SFTP module) Multiple Commands DoS Vulnerabilities
Sysax Multi Server < 5.25 - (SFTP Module) Multiple Commands DoS Vulnerabilities

Integard Pro 2.2.0.9026 - Windows 7 ROP-Code  (Metasploit)
Integard Pro 2.2.0.9026 - Windows 7 ROP-Code (Metasploit)

WordPress Plugin mingle forum  <= 1.0.26 - Multiple Vulnerabilities
WordPress Plugin mingle forum <= 1.0.26 - Multiple Vulnerabilities

Microsoft Windows Server  - Service Relative Path Stack Corruption (MS08-067)
Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067)

WordPress Plugin ajax category dropdown  0.1.5 - Multiple Vulnerabilities
WordPress Plugin ajax category dropdown 0.1.5 - Multiple Vulnerabilities

Sysax Multi Server 5.50 Create Folder BOF
Sysax Multi Server 5.50 - Create Folder BOF

Sysax Multi Server <= 5.52 File Rename BoF RCE (Egghunter)
Sysax Multi Server <= 5.52 - File Rename BoF RCE (Egghunter)
Sysax Multi Server 5.53 SFTP Post Auth SEH Exploit
Sysax <= 5.53 SSH Username BoF Pre Auth RCE (Egghunter)
Sysax Multi Server 5.53 - SFTP Post Auth SEH Exploit
Sysax <= 5.53 - SSH Username BoF Pre Auth RCE (Egghunter)

Sysax 5.53 SSH Username Buffer Overflow (Metasploit)
Sysax 5.53 - SSH Username Buffer Overflow (Metasploit)

sysax <= 5.57 - Directory Traversal
Sysax <= 5.57 - Directory Traversal

Sysax <= 5.60 Create SSL Certificate Buffer Overflow
Sysax <= 5.60 - Create SSL Certificate Buffer Overflow

Sysax <= 5.62 Admin Interface Local Buffer Overflow
Sysax <= 5.62 - Admin Interface Local Buffer Overflow

Sysax Multi-Server 5.64 Create Folder Buffer Overflow

Sysax Multi Server 5.64 Create Folder Buffer Overflow
Sysax Multi Server 5.64 - Create Folder Buffer Overflow

ActFax 4.31 - Local Privilege Escalation Exploit
ActFax Server 4.31 Build 0225 - Local Privilege Escalation Exploit

PHP-Nuke  Search Module - Modules.PHP Remote Directory Traversal Vulnerability
PHP-Nuke Search Module - Modules.PHP Remote Directory Traversal Vulnerability
STHS v2 Web Portal prospects.php team Parameter SQL Injection
STHS v2 Web Portal prospect.php team Parameter SQL Injection
STHS v2 Web Portal team.php team Parameter SQL Injection
STHS v2 Web Portal - prospects.php team Parameter SQL Injection
STHS v2 Web Portal - prospect.php team Parameter SQL Injection
STHS v2 Web Portal - team.php team Parameter SQL Injection

WK UDID v1.0.1 iOS - Command Inject Vulnerability
WK UDID 1.0.1 iOS - Command Inject Vulnerability

Hawkeye-G v3.0.1.4912 CSRF Vulnerability
Hawkeye-G 3.0.1.4912 - CSRF Vulnerability

Hawkeye-G v3.0.1.4912 Persistent XSS & Information Leakage
Hawkeye-G 3.0.1.4912 - Persistent XSS & Information Leakage

Reaver Pro Local Privilege Escalation Vulnerability
Reaver Pro - Local Privilege Escalation Vulnerability

Sysax Multi Server 6.40  SSH Component Denial of Service
Sysax Multi Server 6.40 - SSH Component Denial of Service

WordPress CP Reservation Calendar Plugin 1.1.6  - SQL Injection
WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection

w3tw0rk / Pitbul IRC Bot  Remote Code Execution
w3tw0rk / Pitbul IRC Bot - Remote Code Execution

Dropbox < 3.3.x  - OSX FinderLoadBundle Local Root Exploit
Dropbox < 3.3.x - OSX FinderLoadBundle Local Root Exploit

Hitron Router CGN3ACSMR 4.5.8.16  - Arbitrary Code Execution
Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution
WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities
WordPress Plugin Sell Download v1.0.16  - Local File Disclosure
WordPress Plugin TheCartPress v1.4.7  - Multiple Vulnerabilities
WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities
WordPress Plugin Sell Download 1.0.16 - Local File Disclosure
WordPress Plugin TheCartPress 1.4.7 - Multiple Vulnerabilities

Cyclope Employee Surveillance  <= v8.6.1- Insecure File Permissions
Cyclope Employee Surveillance <= 8.6.1- Insecure File Permissions

XM Easy Personal FTP Server 5.8 - (HELP)  Remote DoS Vulnerability
XM Easy Personal FTP Server 5.8 - (HELP) Remote DoS Vulnerability

Liferay Portal 5.1.2 - Persistent XSS

Trend Micro Deep Discovery Inspector 3.8_ 3.7 - CSRF Vulnerabilities
Linux/x86_x64 - execve(/bin/sh) - 25 bytes
Linux/x86_x64 - execve(/bin/bash) - 33 bytes
TallSoft SNMP TFTP Server 1.0.0 - Denial of Service
FireEye - Privilege Escalation to root from Malware Input Processor (uid=mip)
Android One mt_wifi IOCTL_GET_STRUCT Privilege Escalation
Cogent Datahub <= 7.3.9 Gamma Script Elevation of Privilege
 2016-03-29 05:02:00 +00:00
Offensive Security
62a54b60c6 DB: 2016-02-27 
12 new exploits
 2016-02-27 05:02:14 +00:00
Offensive Security
c25db93691 DB: 2016-02-12 
4 new exploits
 2016-02-12 05:01:47 +00:00
Offensive Security
4ac8afedb7 DB: 2015-12-18 
26 new exploits
 2015-12-18 05:02:23 +00:00
Offensive Security
877373ae37 DB: 2015-11-04 
16 new exploits
 2015-11-04 05:03:17 +00:00
Offensive Security
9005d315b8 DB: 2015-10-29 
12 new exploits
 2015-10-29 05:02:34 +00:00
Offensive Security
cc553d1147 DB: 2015-04-20 
11 new exploits
 2015-04-20 12:44:13 +00:00
Offensive Security
40cfbfb905 Update: 2015-01-28 
24 new exploits
 2015-01-28 08:35:58 +00:00
Offensive Security
9195172fad Updated 11_28_2014 2014-11-28 04:53:33 +00:00
Offensive Security
637e59de55 Updated 04_09_2014 2014-04-09 04:32:27 +00:00