bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1616 commits 1 branch 0 tags 267 MiB
Commit graph

6 commits

Author SHA1 Message Date
Offensive Security
9ea5e15796 DB: 2018-08-03 
13 changes to exploits/shellcodes

Sun Solaris 11.3 AVS - Local Kernel root Exploit

Allok Fast AVI MPEG Splitter 1.2 - Buffer Overflow (PoC)
AgataSoft Auto PingMaster 1.5 - 'Host name' Denial of Service (PoC)
Imperva SecureSphere 11.5 / 12.0 / 13.0 - Privilege Escalation
SecureSphere 12.0.0.50 - SealMode Shell Escape (Metasploit)

wityCMS 0.6.1 - Cross-Site Scripting

Chartered Accountant : Auditor Website 2.0.1 - Cross-Site Scripting
WityCMS 0.6.2 - Cross-Site Request Forgery (Password Change)
TI Online Examination System v2 - Arbitrary File Download
PageResponse FB Inboxer Add-on 1.2 - 'search_field' SQL Injection
CoSoSys Endpoint Protector 4.5.0.1 - Authenticated Remote Root Command Injection
Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection
ASUS DSL-N12E_C1 1.1.2.3_345 - Remote Command Execution
Seq 4.2.476 - Authentication Bypass
 2018-08-03 05:01:46 +00:00
Offensive Security
6d3190ddfa DB: 2018-06-13 
9 changes to exploits/shellcodes

WebKitGTK+ < 2.21.3 - 'WebKitFaviconDatabase' DoS
WebKitGTK+ < 2.21.3 - 'WebKitFaviconDatabase' Denial of Service (Metasploit)
Joomla! Component EkRishta 2.10 - 'username' SQL Injection
Siaberry 1.2.2 - Command Injection
OX App Suite 7.8.4 - Multiple Vulnerabilities
Canon PrintMe EFI - Cross-Site Scripting
WordPress Google Map Plugin < 4.0.4 - SQL Injection
WordPress Ultimate Form Builder Lite Plugin < 1.3.7 - SQL Injection
Canon LBP7110Cw - Authentication Bypass
Canon LBP6030w - Authentication Bypass
 2018-06-13 05:01:52 +00:00
Offensive Security
08c35595ed DB: 2018-05-22 
23 changes to exploits/shellcodes

Linux 2.6.30 < 2.6.36-rc8 - Reliable Datagram Sockets (RDS) Privilege Escalation (Metasploit)
R 3.4.4 - Local Buffer Overflow (DEP Bypass)

KYOCERA Multi-Set Template Editor 3.4 - Out-Of-Band XML External Entity Injection

Adobe Enterprise Manager (AEM) < 6.3 - Remote Code Execution
Superfood 1.0 - Multiple Vulnerabilities
Private Message PHP Script 2.0 - Persistent Cross-Site Scripting
Flippy DamnFacts - Viral Fun Facts Sharing Script 1.1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery
Zenar Content Management System - Cross-Site Scripting
GitBucket 4.23.1 - Remote Code Execution
ManageEngine Recovery Manager Plus 5.3 - Persistent Cross-Site Scripting
Siemens SIMATIC S7-1200 CPU - Cross-Site Request Forgery
Teradek VidiU Pro 3.0.3 - Cross-Site Request Forgery
Teradek VidiU Pro 3.0.3 - Server-Side Request Forgery
Teradek Cube 7.3.6 - Cross-Site Request Forgery
Teradek Slice 7.3.15 - Cross-Site Request Forgery
Schneider Electric PLCs - Cross-Site Request Forgery
Auto Dealership & Vehicle Showroom WebSys 1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Admin Panel Authentication Bypass
Merge PACS 7.0 - Cross-Site Request Forgery
Model Agency Media House & Model Gallery 1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Authentication Bypass
Wchat PHP AJAX Chat Script  1.5 - Persistent Cross-Site Scripting
 2018-05-22 05:01:47 +00:00
Offensive Security
e8f4ef9188 DB: 2018-04-19 
14 changes to exploits/shellcodes

PDFunite 0.41.0 - '.pdf' Local Buffer Overflow
RSVG 2.40.13 / 2.42.2 - '.svg' Buffer Overflow
VX Search 10.6.18 - 'directory' Local Buffer Overflow

Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (Metasploit)
Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (Metasploit)
Easy File Sharing Web Server 7.2 - Stack Buffer Overflow

Coship RT3052 Wireless Router - Persistent Cross-Site Scripting

Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution
Drupal  < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution
MySQL Squid Access Report 2.1.4 - SQL Injection / Cross-Site Scripting
Rvsitebuilder CMS - Database Backup Download
Match Clone Script 1.0.4 - Cross-Site Scripting
Kodi 17.6 - Persistent Cross-Site Scripting
Lutron Quantum 2.0 - 3.2.243 - Information Disclosure
WordPress Plugin Caldera Forms 1.5.9.1 - Cross-Site Scripting
Joomla! Component JS Jobs 1.2.0 - Cross-Site Request Forgery
Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities
 2018-04-19 05:01:48 +00:00
Offensive Security
e3fb91f1d7 DB: 2018-03-24 
14 changes to exploits/shellcodes

Android Bluetooth -  BNEP bnep_data_ind() Remote Heap Disclosure
Android Bluetooth -  BNEP BNEP_SETUP_CONNECTION_REQUEST_MSG Out-of-Bounds Read
Dell EMC NetWorker - Denial of Service
WM Recorder 16.8.1 - Denial of Service
Easy Avi Divx Xvid to DVD Burner 2.9.11 - '.avi' Denial of Service
Allok Quicktime to AVI MPEG DVD Converter 4.6.1217 - Stack-Based Buffer Overflow
Crashmail 1.6 - Stack-Based Buffer Overflow ( ROP execve )
Easy CD DVD Copy 1.3.24 - Local Buffer Overflow (SEH)
Hikvision IP Camera versions 5.2.0 - 5.3.9 (Builds 140721 - 170109) - Access Control Bypass
TL-WR720N 150Mbps Wireless N Router - Cross-Site Request Forgery
XenForo 2 - CSS Loader Denial of Service
MyBB Plugin Last User's Threads in Profile Plugin 1.2 - Persistent Cross-Site Scripting
Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion

Linux/x86 - EggHunter Shellcode (11 Bytes)
 2018-03-24 05:01:48 +00:00
Offensive Security
d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
 2017-11-24 20:56:23 +00:00