bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2787 commits 1 branch 0 tags 258 MiB
Commit graph

61 commits

Author SHA1 Message Date
Exploit-DB
2aed99237c DB: 2024-02-01 
8 changes to exploits/shellcodes/ghdb

Proxmox VE - TOTP Brute Force

RoyalTSX 6.0.1 - RTSZ File Handling Heap Memory Corruption PoC

GoAhead Web Server 2.5 - 'goform/formTest' Multiple HTML Injection Vulnerabilities

101 News 1.0 - Multiple-SQLi
Academy LMS 6.2 - Reflected XSS
Academy LMS 6.2 - SQL Injection

Grocy <=4.0.2 - CSRF
 2024-02-01 00:16:32 +00:00
Exploit-DB
2f07358143 DB: 2023-04-15 
16 changes to exploits/shellcodes/ghdb

InnovaStudio WYSIWYG Editor 5.4 - Unrestricted File Upload / Directory Traversal

Sielco Analog FM Transmitter 2.12 - Remote Privilege Escalation
Sielco Analog FM Transmitter 2.12 - 'id' Cookie Brute Force Session Hijacking
Sielco Analog FM Transmitter 2.12 - Cross-Site Request Forgery
Sielco Analog FM Transmitter 2.12 - Improper Access Control Change Admin Password
Sielco PolyEco Digital FM Transmitter 2.0.6 - Account Takeover / Lockout / EoP
Sielco PolyEco Digital FM Transmitter 2.0.6 - Authentication Bypass Exploit
Sielco PolyEco Digital FM Transmitter 2.0.6 - Authorization Bypass Factory Reset
Sielco PolyEco Digital FM Transmitter 2.0.6 - Radio Data System POST Manipulation
Sielco PolyEco Digital FM Transmitter 2.0.6 - Unauthenticated Information Disclosure

Google Chrome Browser 111.0.5563.64 - AXPlatformNodeCocoa Fatal OOM/Crash (macOS)

Bludit 4.0.0-rc-2 - Account takeover

Microsoft Windows 11 - 'cmd.exe' Denial of Service
 2023-04-15 00:16:19 +00:00
Exploit-DB
d7c9ba572a DB: 2023-04-07 
50 changes to exploits/shellcodes/ghdb

Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal and LFI

ABUS Security Camera TVIP 20000-21150 - LFI_ RCE and SSH Root Access

Arris Router Firmware 9.1.103 - Remote Code Execution (RCE) (Authenticated)
Osprey Pump Controller 1.0.1 - (eventFileSelected) Command Injection
Osprey Pump Controller 1.0.1 - (pseudonym) Semi-blind Command Injection
Osprey Pump Controller 1.0.1 - (userName) Blind Command Injection
Osprey Pump Controller 1.0.1 - Administrator Backdoor Access
Osprey Pump Controller 1.0.1 - Authentication Bypass Credentials Modification
Osprey Pump Controller 1.0.1 - Cross-Site Request Forgery
Osprey Pump Controller 1.0.1 - Predictable Session Token / Session Hijack
Osprey Pump Controller 1.0.1 - Unauthenticated File Disclosure
Osprey Pump Controller 1.0.1 - Unauthenticated Remote Code Execution Exploit
Osprey Pump Controller v1.0.1 - Unauthenticated Reflected XSS

WIMAX SWC-5100W Firmware V(1.11.0.1 :1.9.9.4) - Authenticated RCE

HospitalRun  1.0.0-beta - Local Root Exploit for macOS

Adobe Connect 10 - Username Disclosure

craftercms 4.x.x - CORS

EasyNas 1.1.0 - OS Command Injection

Agilebio Lab Collector Electronic Lab Notebook  v4.234 - Remote Code Execution (RCE)

Art Gallery Management System Project in PHP v 1.0 - SQL injection

atrocore 1.5.25 User interaction - Unauthenticated File upload - RCE
Auto Dealer Management System 1.0 - Broken Access Control Exploit
Auto Dealer Management System v1.0 - SQL Injection
Auto Dealer Management System v1.0 - SQL Injection in sell_vehicle.php
Auto Dealer Management System v1.0 - SQL Injection on manage_user.php
Best pos Management System v1.0 - Remote Code Execution (RCE) on File Upload
Best pos Management System v1.0 - SQL Injection

ChurchCRM v4.5.3-121fcc1 - SQL Injection

Dompdf 1.2.1 - Remote Code Execution (RCE)
Employee Task Management System v1.0 - Broken Authentication
Employee Task Management System v1.0 - SQL Injection on (task-details.php?task_id=?)
Employee Task Management System v1.0 - SQL Injection on edit-task.php

flatnux 2021-03.25 - Remote Code Execution (Authenticated)

Intern Record System v1.0 - SQL Injection (Unauthenticated)

Kimai-1.30.10 - SameSite Cookie-Vulnerability session hijacking

LDAP Tool Box Self Service Password v1.5.2 -  Account takeover
Music Gallery Site v1.0 - Broken Access Control
Music Gallery Site v1.0 - SQL Injection on  music_list.php
Music Gallery Site v1.0 - SQL Injection on page Master.php
Music Gallery Site v1.0 - SQL Injection on page view_music_details.php

POLR URL 2.3.0 - Shortener Admin Takeover

Purchase Order Management-1.0 - Local File Inclusion

Simple Food Ordering System v1.0 - Cross-Site Scripting (XSS)

Simple Task Managing System v1.0 - SQL Injection (Unauthenticated)

modoboa  2.0.4 - Admin TakeOver

pdfkit v0.8.7.2 - Command Injection

FileZilla Client 3.63.1 - 'TextShaping.dl' DLL Hijacking

Windows 11 10.0.22000 -  Backup service Privilege Escalation

TitanFTP 2.0.1.2102 - Path traversal to Remote Code Execution (RCE)

Unified Remote 3.13.0 - Remote Code Execution (RCE)
 2023-04-07 00:16:28 +00:00
Offensive Security
d63de06c7a DB: 2022-11-10 
2776 changes to exploits/shellcodes/ghdb
 2022-11-10 16:39:50 +00:00
Offensive Security
ad453a2c73 DB: 2022-02-03 
17 changes to exploits/shellcodes

CONTPAQi(R) AdminPAQ 14.0.0 - Unquoted Service Path
Mozilla Firefox 67 - Array.pop JIT Type Confusion
Fetch Softworks Fetch FTP Client 5.8 - Remote CPU Consumption (Denial of Service)
Ametys CMS v4.4.1 - Cross Site Scripting (XSS)
uBidAuction v2.0.1 - 'Multiple' Cross Site Scripting (XSS)
Chamilo LMS 1.11.14 - Account Takeover
Wordpress Plugin Download Monitor WordPress V 4.4.4 - SQL Injection (Authenticated)
WordPress Plugin Domain Check 1.0.16 - Reflected Cross-Site Scripting (XSS) (Authenticated)
Wordpress Plugin 404 to 301 2.0.2 - SQL-Injection (Authenticated)
PHP Restaurants 1.0 - SQLi (Unauthenticated)
Moodle 3.11.4 - SQL Injection
Huawei DG8045 Router 1.0 - Credential Disclosure
PHP Unit 4.8.28 - Remote Code Execution (RCE) (Unauthenticated)
WordPress Plugin Contact Form Check Tester 1.0.2 - Broken Access Control
WordPress Plugin Product Slider for WooCommerce 1.13.21 - Cross Site Scripting (XSS)
WordPress Plugin Post Grid 2.1.1 - Cross Site Scripting (XSS)
WordPress Plugin Learnpress 4.1.4.1 - Arbitrary Image Renaming
 2022-02-03 05:01:57 +00:00
Offensive Security
90f7e494d6 DB: 2021-12-15 
9 changes to exploits/shellcodes

Laravel Valet 2.0.3 - Local Privilege Escalation (macOS)
Microsoft Internet Explorer / ActiveX Control - Security Bypass
Apache Log4j2 2.14.1 - Information Disclosure
Apache Log4j 2 - Remote Code Execution (RCE)
WordPress Plugin Typebot 1.4.3 - Stored Cross Site Scripting (XSS) (Authenticated)
Booked Scheduler 2.7.5 - Remote Command Execution (RCE) (Authenticated)
Zucchetti Axess CLOKI Access Control 1.64 - Cross Site Request Forgery (CSRF)
meterN v1.2.3 - Remote Code Execution (RCE) (Authenticated)
Online Thesis Archiving System 1.0 - SQLi Authentication Bypass
 2021-12-15 05:01:54 +00:00
Offensive Security
de260aeac6 DB: 2021-10-30 
95 changes to exploits/shellcodes

Product Key Explorer 4.2.7 - 'multiple' Denial of Service (PoC)
Managed Switch Port Mapping Tool 2.85.2 - Denial of Service (PoC)
AgataSoft PingMaster Pro 2.1 - Denial of Service (PoC)
Nsauditor 3.2.2.0 - 'Event Description' Denial of Service (PoC)
WordPress Plugin WPGraphQL 1.3.5 - Denial of Service
Sandboxie 5.49.7 - Denial of Service (PoC)
WebSSH for iOS 14.16.10 - 'mashREPL' Denial of Service (PoC)
iDailyDiary 4.30 - Denial of Service (PoC)
RarmaRadio 2.72.8 - Denial of Service (PoC)
DupTerminator 1.4.5639.37199 - Denial of Service (PoC)
Color Notes 1.4 - Denial of Service (PoC)
Macaron Notes great notebook 5.5 - Denial of Service (PoC)
My Notes Safe 5.3 - Denial of Service (PoC)

n+otes 1.6.2 - Denial of Service (PoC)

Telegram Desktop 2.9.2 - Denial of Service (PoC)

Mini-XML 3.2 - Heap Overflow
Solaris 10 (Intel) - 'dtprintinfo' Local Privilege Escalation (2)
Solaris 10 (Intel) - 'dtprintinfo' Local Privilege Escalation (3)
Solaris 10 (SPARC) - 'dtprintinfo' Local Privilege Escalation (1)
Solaris 10 (SPARC) - 'dtprintinfo' Local Privilege Escalation (2)

MariaDB 10.2 - 'wsrep_provider' OS Command Execution

Microsoft Internet Explorer 11 and WPAD service 'Jscript.dll' - Use-After-Free

Visual Studio Code 1.47.1 - Denial of Service (PoC)

DELL dbutil_2_3.sys 2.3 - Arbitrary Write to Local Privilege Escalation (LPE)

MySQL User-Defined (Linux) x32 / x86_64 - 'sys_exec' Local Privilege Escalation (2)

Cmder Console Emulator 1.3.18 - 'Cmder.exe' Denial of Service (PoC)

GNU Wget < 1.18 - Arbitrary File Upload (2)

WebCTRL OEM 6.5 - 'locale' Reflected Cross-Site Scripting (XSS)

E-Learning System 1.0 - Authentication Bypass

PEEL Shopping 9.3.0 - 'Comments' Persistent Cross-Site Scripting

GetSimple CMS 3.3.16 - Persistent Cross-Site Scripting

EgavilanMedia User Registration & Login System with Admin Panel 1.0 - Persistent Cross-Site Scripting

Selea Targa 512 IP OCR-ANPR Camera - Stream Disclosure (Unauthenticated)

Library System 1.0 - Authentication Bypass

Web Based Quiz System 1.0 - 'name' Persistent Cross-Site Scripting

Dolibarr ERP 11.0.4 - File Upload Restrictions Bypass (Authenticated RCE)

GetSimple CMS My SMTP Contact Plugin 1.1.1 - Cross-Site Request Forgery

GravCMS 1.10.7 - Unauthenticated Arbitrary File Write (Metasploit)

Umbraco v8.14.1 - 'baseUrl' SSRF

Cacti 1.2.12 - 'filter' SQL Injection

GetSimple CMS Custom JS 0.1 - Cross-Site Request Forgery

Internship Portal Management System 1.0 - Remote Code Execution(Unauthenticated)
Markdown Explorer 0.1.1 - Persistent Cross-Site Scripting
Xmind 2020 - Persistent Cross-Site Scripting
Tagstoo 2.0.1 - Persistent Cross-Site Scripting
SnipCommand 0.1.0 - Persistent Cross-Site Scripting
Moeditor 0.2.0 - Persistent Cross-Site Scripting
Marky 0.0.1 - Persistent Cross-Site Scripting
StudyMD 0.3.2 - Persistent Cross-Site Scripting
Freeter 1.2.1 - Persistent Cross-Site Scripting
Markright 1.0 - Persistent Cross-Site Scripting
Markdownify 1.2.0 - Persistent Cross-Site Scripting
Anote 1.0 - Persistent Cross-Site Scripting
Subrion CMS 4.2.1 - Arbitrary File Upload
Printable Staff ID Card Creator System 1.0 - 'email' SQL Injection

Schlix CMS 2.2.6-6 - Arbitary File Upload (Authenticated)

Selenium 3.141.59 - Remote Code Execution (Firefox/geckodriver)

CHIYU IoT Devices - Denial of Service (DoS)

Zenario CMS 8.8.52729 - 'cID' SQL injection (Authenticated)

TextPattern CMS 4.8.7 - Remote Command Execution (Authenticated)

WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 - Directory Traversal

Atlassian Jira Server Data Center 8.16.0 - Reflected Cross-Site Scripting (XSS)

Scratch Desktop 3.17 - Remote Code Execution

Church Management System 1.0 - Arbitrary File Upload (Authenticated)

Phone Shop Sales Managements System 1.0 - Arbitrary File Upload

Zoo Management System 1.0 - 'Multiple' Persistent Cross-Site-Scripting (XSS)

WordPress Plugin Current Book 1.0.1 - 'Book Title' Persistent Cross-Site Scripting

ForgeRock Access Manager 14.6.3 - Remote Code Execution (RCE) (Unauthenticated)

KevinLAB BEMS 1.0 - Authentication Bypass

Event Registration System with QR Code 1.0 - Authentication Bypass

CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF)

Panasonic Sanyo CCTV Network Camera 2.03-0x - Cross-Site Request Forgery (Change Password)

qdPM 9.2 - Password Exposure (Unauthenticated)
ApacheOfBiz 17.12.01 - Remote Command Execution (RCE)
Movable Type 7 r.5002 - XMLRPC API OS Command Injection (Metasploit)

GeoVision Geowebserver 5.3.3 - Local FIle Inclusion

Simple Phone Book 1.0 - 'Username' SQL Injection (Unauthenticated)

Umbraco CMS 8.9.1 - Directory Traversal

Traffic Offense Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Dolibarr ERP 14.0.1 - Privilege Escalation

Compro Technology IP Camera - 'killps.cgi' Denial of Service (DoS)

Drupal Module MiniorangeSAML 8.x-2.22 - Privilege escalation

Phpwcms 1.9.30 - Arbitrary File Upload

Windows/x86 - Download File (http://10.10.10.5:8080/2NWyfQ9T.hta) Via mshta + Execute + Stager Shellcode (143 bytes)
Linux/x64 - Bind_tcp (0.0.0.0:4444) + Password (12345678) + Shell (/bin/sh) Shellcode (142 bytes)
Linux/x64 - execve _cat /etc/shadow_ Shellcode (66 bytes)
Windows/x86 - Add User Alfred to Administrators/Remote Desktop Users Group Shellcode (240 bytes)
Windows/x64 - Dynamic Null-Free WinExec PopCalc Shellcode (205 Bytes)
Windows/x64 - Dynamic NoNull Add RDP Admin (BOKU:SP3C1ALM0V3) Shellcode (387 Bytes)
Linux/x86 - setreuid(0) + execve(_/bin/sh_) Shellcode (29 bytes)
Linux/x86 - Bind (User Specified Port) Shell (/bin/sh) Shellcode (102 bytes)
Linux/x86 - Reverse (dynamic IP and port/TCP) Shell (/bin/sh) Shellcode (86 bytes)
Linux/x86 - Egghunter Reverse TCP Shell dynamic IP and port Shellcode
Windows/x86 - WinExec PopCalc PEB & Export Directory Table NullFree Dynamic Shellcode (178 bytes)
Windows/x86 - MessageBoxA PEB & Export Address Table NullFree/Dynamic Shellcode (230 bytes)
 2021-10-30 05:02:09 +00:00
Offensive Security
1cf7d7364a DB: 2021-10-13 
176 changes to exploits/shellcodes

Easy CD & DVD Cover Creator 4.13 - Denial of Service (PoC)
Managed Switch Port Mapping Tool 2.85.2 - Denial of Service (PoC)
Nsasoft Hardware Software Inventory 1.6.4.0 - 'multiple' Denial of Service (PoC)
Sandboxie 5.49.7 - Denial of Service (PoC)
WebSSH for iOS 14.16.10 - 'mashREPL' Denial of Service (PoC)
iDailyDiary 4.30 - Denial of Service (PoC)
RarmaRadio 2.72.8 - Denial of Service (PoC)
DupTerminator 1.4.5639.37199 - Denial of Service (PoC)
Color Notes 1.4 - Denial of Service (PoC)
Macaron Notes great notebook 5.5 - Denial of Service (PoC)
My Notes Safe 5.3 - Denial of Service (PoC)
Sticky Notes & Color Widgets 1.4.2 - Denial of Service (PoC)
NBMonitor 1.6.8 - Denial of Service (PoC)
Nsauditor 3.2.3 - Denial of Service (PoC)
Sticky Notes Widget Version 3.0.6 - Denial of Service (PoC)
n+otes 1.6.2 - Denial of Service (PoC)
Secure Notepad Private Notes 3.0.3 - Denial of Service (PoC)
Post-it 5.0.1 - Denial of Service (PoC)
Notex the best notes 6.4 - Denial of Service (PoC)
Solaris 10 1/13 (Intel) - 'dtprintinfo' Local Privilege Escalation (2)
Solaris 10 1/13 (Intel) - 'dtprintinfo' Local Privilege Escalation (3)
Solaris 10 1/13 (SPARC) - 'dtprintinfo' Local Privilege Escalation (1)
Solaris 10 1/13 (SPARC) - 'dtprintinfo' Local Privilege Escalation (2)
Solaris 10 1/13 (SPARC) - 'dtprintinfo' Local Privilege Escalation (3)

MariaDB 10.2 /MySQL - 'wsrep_provider' OS Command Execution

Visual Studio Code 1.47.1 - Denial of Service (PoC)

DELL dbutil_2_3.sys 2.3 - Arbitrary Write to Local Privilege Escalation (LPE)
Backup Key Recovery 2.2.7 - Denial of Service (PoC)
memono Notepad Version 4.2 - Denial of Service (PoC)

Microsoft Exchange 2019 - SSRF to Arbitrary File Write (Proxylogon)

Dlink DSL2750U - 'Reboot' Command Injection
E-Learning System 1.0 - Authentication Bypass & RCE POC
Netsia SEBA+ 0.16.1 - Authentication Bypass and Add Root User (Metasploit)

ICE Hrm 29.0.0.OS - 'Account Takeover' Cross-Site Scripting and Session Fixation

GetSimple CMS 3.3.16 - Reflected XSS to RCE
House Rental and Property Listing 1.0 - Multiple Stored XSS
Resumes Management and Job Application Website 1.0 - Authentication Bypass (Sql Injection)

EgavilanMedia User Registration & Login System with Admin Panel 1.0 - Multiple Stored Cross-Site Scripting

Cisco RV110W 1.2.1.7 - 'vpn_account' Denial of Service (PoC)

Inteno IOPSYS 3.16.4 - root filesystem access via sambashare (Authenticated)

Selea Targa IP OCR-ANPR Camera - RTP/RTSP/M-JPEG Stream Disclosure (Unauthenticated)

CMSUno 1.6.2 - 'lang/user' Remote Code Execution (Authenticated)

WordPress Plugin SuperForms 4.9 - Arbitrary File Upload to Remote Code Execution

Home Assistant Community Store (HACS) 1.10.0 - Path Traversal to Account Takeover

Hotel and Lodge Management System 1.0 - Remote Code Execution (Unauthenticated)

Microsoft Exchange 2019 - SSRF to Arbitrary File Write (Proxylogon) (PoC)

Dolibarr ERP/CRM 11.0.4 - File Upload Restrictions Bypass (Authenticated RCE)

Montiorr 1.7.6m - File Upload to XSS

GetSimple CMS Custom JS 0.1 - CSRF to XSS to RCE

Internship Portal Management System 1.0 - Remote Code Execution Via File Upload (Unauthenticated)
Markdown Explorer 0.1.1 - XSS to RCE
Xmind 2020 - XSS to RCE
Tagstoo 2.0.1 - Stored XSS to RCE
SnipCommand 0.1.0 - XSS to RCE
Moeditor 0.2.0 - XSS to RCE
Marky 0.0.1 - XSS to RCE
StudyMD 0.3.2 - XSS to RCE
Freeter 1.2.1 - XSS to RCE
Markright 1.0 - XSS to RCE
Markdownify 1.2.0 - XSS to RCE
Anote 1.0 - XSS to RCE
Subrion CMS 4.2.1 - File Upload Bypass to RCE (Authenticated)
Printable Staff ID Card Creator System 1.0 - SQLi & RCE via Arbitrary File Upload

Schlix CMS 2.2.6-6 - Arbitary File Upload And Directory Traversal Leads To RCE (Authenticated)

Selenium 3.141.59 - Remote Code Execution (Firefox/geckodriver)

CHIYU IoT Devices - Denial of Service (DoS)

Rocket.Chat 3.12.1 - NoSQL Injection to RCE (Unauthenticated)

TextPattern CMS 4.8.7 - Remote Command Execution (Authenticated)

WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 - Directory Traversal

Atlassian Jira Server/Data Center 8.16.0 - Reflected Cross-Site Scripting (XSS)

Phone Shop Sales Managements System 1.0 - 'Multiple' Arbitrary File Upload to Remote Code Execution
ForgeRock Access Manager/OpenAM 14.6.3 - Remote Code Execution (RCE) (Unauthenticated)
Seagate BlackArmor NAS sg2000-2000.1331 - Command Injection

Dolibarr ERP/CRM 10.0.6 - Login Brute Force

qdPM 9.2 - DB Connection String and Password Exposure (Unauthenticated)

Simple Phone book/directory 1.0 - 'Username' SQL Injection (Unauthenticated)

ECOA Building Automation System - Hidden Backdoor Accounts and backdoor() Function

Budget and Expense Tracker System 1.0 - Authenticated Bypass
WordPress Plugin Select All Categories and Taxonomies 1.3.1 - Reflected Cross-Site Scripting (XSS)
WordPress Plugin Redirect 404 to Parent 1.3.0 - Reflected Cross-Site Scripting (XSS)
Drupal Module MiniorangeSAML 8.x-2.22 - Privilege escalation via XML Signature Wrapping
Phpwcms 1.9.30 - File Upload to XSS

Linux/x86 - execve(/bin/sh) Shellcode (17 bytes)
Linux/x64 - execve(/bin/sh) Shellcode (21 bytes) (2)
Linux/x86 - setreuid(0) + execve(_/bin/sh_) Shellcode (29 bytes)
Linux/x86 - Bind (User Specified Port) Shell (/bin/sh) Shellcode (102 bytes)
Linux/x86 - Reverse (dynamic IP and port/TCP) Shell (/bin/sh) Shellcode (86 bytes)
Linux/x86 - Egghunter Reverse TCP Shell dynamic IP and port Shellcode
 2021-10-13 05:02:15 +00:00
Offensive Security
b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
 2021-09-03 20:19:21 +00:00
Offensive Security
36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
 2021-09-03 13:39:06 +00:00
Offensive Security
9008c67d8b DB: 2021-06-29 
5 changes to exploits/shellcodes

WordPress Plugin YOP Polls 6.2.7 - Stored Cross Site Scripting (XSS)
SAS Environment Manager 2.5 - 'name' Stored Cross-Site Scripting (XSS)
Atlassian Jira Server/Data Center 8.16.0 - Reflected Cross-Site Scripting (XSS)
Netgear WNAP320 2.0.3 - 'macAddress' Remote Code Execution (RCE) (Unauthenticated)
 2021-06-29 05:01:55 +00:00
Offensive Security
f564ddfd17 DB: 2020-05-13 
10 changes to exploits/shellcodes

LanSend 3.2 - Buffer Overflow (SEH)
MacOS 320.whatis Script - Privilege Escalation
Phase Botnet - Blind SQL Injection
Orchard Core RC1 - Persistent Cross-Site Scripting
ChopSlider3 Wordpress Plugin3.4 - 'id' SQL Injection
CuteNews 2.1.2 - Authenticated Arbitrary File Upload
Cisco Digital Network Architecture Center 1.3.1.4 - Persistent Cross-Site Scripting
qdPM 9.1 - Arbitrary File Upload
TylerTech Eagle 2018.3.11 - Remote Code Execution
 2020-05-13 05:01:48 +00:00
Offensive Security
0f5a9de36d DB: 2020-04-29 
8 changes to exploits/shellcodes

Source Engine CS:GO BuildID: 4937372 - Arbitrary Code Execution
Docker-Credential-Wincred.exe - Privilege Escalation (Metasploit)
NVIDIA Update Service Daemon 1.0.21  - 'nvUpdatusService' Unquoted Service Path

CloudMe 1.11.2 - Buffer Overflow (PoC)
School ERP Pro 1.0 - 'es_messagesid' SQL Injection
School ERP Pro 1.0 - Remote Code Execution
 2020-04-29 05:01:47 +00:00
Offensive Security
c3e827f657 DB: 2020-04-17 
8 changes to exploits/shellcodes

VMware Fusion - USB Arbitrator Setuid Privilege Escalation (Metasploit)
TP-Link Archer A7/C7 - Unauthenticated LAN Remote Code Execution (Metasploit)
Liferay Portal - Java Unmarshalling via JSONWS RCE (Metasploit)
ThinkPHP - Multiple PHP Injection RCEs (Metasploit)
Pandora FMS - Ping Authenticated Remote Code Execution (Metasploit)
PlaySMS - index.php Unauthenticated Template Injection Code Execution (Metasploit)
DotNetNuke - Cookie Deserialization Remote Code Execution (Metasploit)
Apache Solr - Remote Code Execution via Velocity Template (Metasploit)
 2020-04-17 05:01:48 +00:00
Offensive Security
d3992973f1 DB: 2020-03-21 
2 changes to exploits/shellcodes

VMware Fusion 11.5.2 - Privilege Escalation

Exagate Sysguard 6001 - Cross-Site Request Forgery (Add Admin)
 2020-03-21 05:01:49 +00:00
Offensive Security
85cdf30cea DB: 2020-03-19 
7 changes to exploits/shellcodes

NetBackup 7.0 - 'NetBackup INET Daemon' Unquoted Service Path
Microsoft VSCode Python Extension - Code Execution
VMWare Fusion - Local Privilege Escalation

Microtik SSH Daemon 6.44.3 - Denial of Service (PoC)

Netlink GPON Router 1.0.11 - Remote Code Execution

Windows\x64 - Dynamic MessageBoxA or MessageBoxW PEB & Import Table Method Shellcode (232 bytes)
 2020-03-19 05:01:49 +00:00
Offensive Security
b7471ba451 DB: 2019-12-19 
9 changes to exploits/shellcodes

XnView 2.49.1 - 'Research' Denial of Service (PoC)
macOS 10.14.6 (18G87) - Kernel Use-After-Free due to Race Condition in wait_for_namespace_event()

AVS Audio Converter 9.1 - 'Exit folder' Buffer Overflow

OpenMRS - Java Deserialization RCE (Metasploit)
Tautulli 2.1.9 - Cross-Site Request Forgery (ShutDown)
Xerox AltaLink C8035 Printer - Cross-Site Request Forgery (Add Admin)
Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting
Telerik UI - Remote Code Execution via Insecure Deserialization
 2019-12-19 05:01:59 +00:00
Offensive Security
f1354b784a DB: 2019-11-23 
4 changes to exploits/shellcodes

Internet Explorer - Use-After-Free in JScript Arguments During toJSON Callback
ProShow Producer 9.0.3797 - ('ScsiAccess') Unquoted Service Path
LiteManager 4.5.0 - Insecure File Permissions
macOS 10.14.6 - root->kernel Privilege Escalation via update_dyld_shared_cache
 2019-11-23 05:01:42 +00:00
Offensive Security
52ab59aad8 DB: 2019-11-06 
12 changes to exploits/shellcodes

FileOptimizer 14.00.2524 - Denial of Service (PoC)
JavaScriptCore - Type Confusion During Bailout when Reconstructing Arguments Objects
WebKit - Universal XSS in JSObject::putInlineSlow and JSValue::putToPrimitive
macOS XNU - Missing Locking in checkdirs_callback() Enables Race with fchdir_common()
Blue Stacks App Player 2.4.44.62.57 - _BstHdLogRotatorSvc_ Unquote Service Path
Network Inventory Advisor 5.0.26.0 - 'niaservice' Unquoted Service Path
thejshen Globitek CMS 1.4 - 'id' SQL Injection
thrsrossi Millhouse-Project 1.414 - 'content' Persistent Cross-Site Scripting
rimbalinux AhadPOS 1.11 - 'alamatCustomer' SQL Injection
html5_snmp 1.11 - 'Remark' Persistent Cross-Site Scripting
html5_snmp 1.11 - 'Router_ID' SQL Injection
SD.NET RIM 4.7.3c - 'idtyp' SQL Injection
 2019-11-06 05:01:40 +00:00
Offensive Security
577557762c DB: 2019-11-05 
6 changes to exploits/shellcodes

Apple macOS 10.15.1 - Denial of Service (PoC)
Aida64 6.10.5200 - Buffer Overflow (SEH)
OpenVPN Connect 3.0.0.272 - 'agent_ovpnconnect' Unquoted Service Path
Launch Manager 6.1.7600.16385 - 'DsiWMIService' Unquoted Service Path
Micro Focus (HPE) Data Protector - SUID Privilege Escalation (Metasploit)

Ayukov NFTP client 1.71 - 'SYST' Buffer Overflow
 2019-11-05 05:01:42 +00:00
Offensive Security
da622bb1aa DB: 2019-10-10 
3 changes to exploits/shellcodes

Foscam Video Management System 1.1.6.6 - 'UID' Denial of Service (PoC)
XNU - Remote Double-Free via Data Race in IPComp Input Path

DeviceViewer 3.12.0.1 - 'add user' Local Buffer Overflow (DEP Bypass)
 2019-10-10 05:01:46 +00:00
Offensive Security
d6e0b04877 DB: 2019-09-20 
4 changes to exploits/shellcodes

macOS 18.7.0 Kernel - Local Privilege Escalation
Western Digital My Book World II NAS 1.02.12 - Authentication Bypass / Command Execution
DIGIT CENTRIS 4 ERP - 'datum1' SQL Injection
GOautodial 4.0 - 'CreateEvent' Persistent Cross-Site Scripting
 2019-09-20 05:02:06 +00:00
Offensive Security
d1ba848ff5 DB: 2019-08-06 
4 changes to exploits/shellcodes

macOS iMessage - Heap Overflow when Deserializing
Apache Tika 1.15 - 1.17 - Header Command Injection (Metasploit)
ARMBot Botnet - Arbitrary Code Execution
 2019-08-06 05:02:23 +00:00
Offensive Security
808010b53f DB: 2019-07-03 
2 changes to exploits/shellcodes

Mac OS X TimeMachine - 'tmdiagnose' Command Injection Privilege Escalation (Metasploit)

Linux Mint 18.3-19.1 - 'yelp' Command Injection
Linux Mint 18.3-19.1 - 'yelp' Command Injection (Metasploit)

Centreon 19.04  - Remote Code Execution

Linux/x86 - execve /bin/sh using JMP-CALL-POP Shellcode (21 bytes)
Linux/x86 - execve(/bin/sh) using JMP-CALL-POP Shellcode (21 bytes)
 2019-07-03 05:01:50 +00:00
Offensive Security
7e48b809b3 DB: 2019-06-20 
3 changes to exploits/shellcodes

BlogEngine.NET 3.3.6/3.3.7 - 'dirPath' Directory Traversal / Remote Code Execution
BlogEngine.NET 3.3.6/3.3.7 - 'theme Cookie' Directory Traversal / Remote Code Execution
 2019-06-20 05:01:55 +00:00
Offensive Security
18a676ca3b DB: 2019-05-28 
3 changes to exploits/shellcodes

Pidgin 2.13.0 - Denial of Service (PoC)

Typora 0.9.9.24.6 - Directory Traversal

Deltek Maconomy 2.2.5 - Local File Inclusion
 2019-05-28 05:01:55 +00:00
Offensive Security
970f7b1104 DB: 2019-05-24 
18 changes to exploits/shellcodes

macOS < 10.14.5 / iOS < 12.3 DFG JIT Compiler - 'HasIndexedProperty' Use-After-Free
macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - Loop-Invariant Code Motion (LICM) in DFG JIT Leaves Stack Variable Uninitialized
macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - AIR Optimization Incorrectly Removes Assignment to Register
macOS < 10.14.5 / iOS < 12.3 XNU - Wild-read due to bad cast in stf_ioctl
macOS < 10.14.5 / iOS < 12.3 XNU - 'in6_pcbdetach' Stale Pointer Use-After-Free
Apple macOS < 10.14.5 / iOS < 12.3 DFG JIT Compiler - 'HasIndexedProperty' Use-After-Free
Apple macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - Loop-Invariant Code Motion (LICM) in DFG JIT Leaves Stack Variable Uninitialized
Apple macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - AIR Optimization Incorrectly Removes Assignment to Register
Apple macOS < 10.14.5 / iOS < 12.3 XNU - Wild-read due to bad cast in stf_ioctl
Apple macOS < 10.14.5 / iOS < 12.3 XNU - 'in6_pcbdetach' Stale Pointer Use-After-Free
NetAware 1.20 - 'Add Block' Denial of Service (PoC)
NetAware 1.20 - 'Share Name' Denial of Service (PoC)
Terminal Services Manager 3.2.1 - Denial of Service
Visual Voicemail for iPhone - IMAP NAMESPACE Processing Use-After-Free
Microsoft Windows 10 (17763.379) - Install DLL
Microsoft Windows (x84/x64) - 'Error Reporting' Discretionary Access Control List / Local Privilege Escalation
Microsoft Windows 10 1809 - 'CmKeyBodyRemapToVirtualForEnum' Arbitrary Key Enumeration Privilege Escalation
Apple Mac OS X - Feedback Assistant Race Condition (Metasploit)
Microsoft Windows (x84) - Task Scheduler' .job' Import Arbitrary Discretionary Access Control List Write / Local Privilege Escalation
Microsoft Internet Explorer 11 - Sandbox Escape
Microsoft Windows - 'Win32k' Local Privilege Escalation

Axis Network Camera - .srv to parhand RCE (Metasploit)
Axis Network Camera - .srv to parhand Remote Code Execution (Metasploit)

HP Intelligent Management - Java Deserialization RCE (Metasploit)
HP Intelligent Management - Java Deserialization Remote Code Execution (Metasploit)

Erlang - Port Mapper Daemon Cookie RCE (Metasploit)
Erlang - Port Mapper Daemon Cookie Remote Code Execution (Metasploit)

CMS Made Simple (CMSMS) Showtime2 - File Upload RCE (Metasploit)
CMS Made Simple (CMSMS) Showtime2 - File Upload Remote Code Execution (Metasploit)
AIS logistics ESEL-Server - Unauth SQL Injection RCE (Metasploit)
Pimcore < 5.71 - Unserialize RCE (Metasploit)
AIS logistics ESEL-Server - Unauthenticated SQL Injection Remote Code Execution (Metasploit)
Pimcore < 5.71 - Unserialize Remote Code Execution (Metasploit)

Shopware - createInstanceFromNamedArguments PHP Object Instantiation Remote Code Execution (Metasploit)

Nagios XI 5.6.1 - SQL injection

BSD/x86 - setuid(0) + Bind (31337/TCP) Shell Shellcode (94 bytes)
BSD/x86 - setuid(0) + Bind (31337/TCP) Shell (/bin/sh) Shellcode (94 bytes)

Linux/x86 - execve(/sbin/iptables -F) Shellcode (70 bytes)
Linux/x86 - Flush IPTables Rules (execve(/sbin/iptables -F)) Shellcode (70 bytes)

Linux/x86 - /sbin/iptables --flush Shellcode (69 bytes)
Linux/x86 - Flush IPTables Rules (/sbin/iptables --flush) Shellcode (69 bytes)

Linux/x86 - iptables --flush Shellcode (43 bytes)
Linux/x86 - Flush IPTables Rules (iptables --flush) Shellcode (43 bytes)

Linux/x86 - iptables -F Shellcode (43 bytes)
Linux/x86 - Flush IPTables Rules (iptables -F) Shellcode (43 bytes)

Linux/x86 - Reverse TCP (::FFFF:192.168.1.5:4444/TCP) Shell (/bin/sh) + Null-Free + IPv6 Shellcode (86 bytes)
Linux/x86 - Reverse (::FFFF:192.168.1.5:4444/TCP) Shell (/bin/sh) + Null-Free + IPv6 Shellcode (86 bytes)

Linux/x86 - Reverse TCP (fd15:4ba5:5a2b:1002:61b7:23a9:ad3d:5509:1337/TCP) Shell (/bin/sh) + IPv6 Shellcode (Generator) (94 bytes)
Linux/x86 - Reverse (fd15:4ba5:5a2b:1002:61b7:23a9:ad3d:5509:1337/TCP) Shell (/bin/sh) + IPv6 Shellcode (Generator) (94 bytes)

Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode (181 bytes)
Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP (192.168.2.157/31337) Shellcode (181 bytes)

Linux/x86 - wget chmod execute over execve /bin/sh -c Shellcode (119 bytes)
Linux/x86 - execve(/bin/sh -c) + wget (http://127.0.0.1:8080/evilfile) + chmod 777 + execute Shellcode (119 bytes)
macOS - Reverse (::1:4444/TCP) Shell (/bin/sh) +IPv6 Shellcode (119 bytes)
macOS - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (129 bytes)
macOS - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (103 bytes)
macOS - Bind (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (123 bytes)
macOS - execve(/bin/sh) + Null-Free Shellcode (31 bytes)
Apple macOS - Reverse (::1:4444/TCP) Shell (/bin/sh) +IPv6 Shellcode (119 bytes)
Apple macOS - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (129 bytes)
Apple macOS - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (103 bytes)
Apple macOS - Bind (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (123 bytes)
Apple macOS - execve(/bin/sh) + Null-Free Shellcode (31 bytes)

Linux/x86 - Polymorphic execve(/bin/sh) Shellcode (63 bytes)
Linux/x86 - execve(/bin/sh) + Polymorphic Shellcode (63 bytes)

Linux/x86 - Add User (sshd/root) to Passwd File Shellcode (149 bytes)
Linux/x86 - Add User (sshd/root) to /etc/passwd Shellcode (149 bytes)
Linux/x86 - Cat File Encode to base64 and post via curl to Webserver Shellcode (125 bytes)
Linux/ARM - Password-Protected Reverse TCP Shellcode (100 bytes)
Linux/x86 - Rabbit Shellcode Crypter (200 bytes)
Linux/x86 - Reverse Shell Shellcode (91 Bytes) + Python Wrapper
Linux/x86 - Openssl Encrypt Files With aes256cbc Shellcode (185 bytes)
Linux/x86 - cat (.bash_history)+ base64 Encode + curl data (http://localhost:8080) Shellcode (125 bytes)
Linux/ARM - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (S59!) + Null-Free Shellcode (100 bytes)
Linux/x86 - Rabbit Encoder Shellcode  (200 bytes)
Linux/x86 - Reverse (127.0.0.1:8080/TCP) Shell (/bin/sh) + Generator Shellcode (91 Bytes)
Linux/x86 - OpenSSL Encrypt (aes256cbc) Files (test.txt) Shellcode (185 bytes)
Linux/x86 - shred file Shellcode (72 bytes)
Linux/x86 - execve /bin/sh Shellcode (20 bytes)
Linux/x86 - /sbin/iptables -F Shellcode (43 bytes)
Linux x86_64 - Delete File Shellcode (28 bytes)
Linux/x86 - Shred file (test.txt) Shellcode (72 bytes)
Linux/x86 - execve(/bin/sh) Shellcode (20 bytes)
Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (43 bytes)
Linux/x86_64 - Delete File (test.txt) Shellcode (28 bytes)
Linux/x64 - Execve(/bin/sh) Shellcode (23 bytes)
 2019-05-24 05:02:03 +00:00
Offensive Security
ab955a9b5d DB: 2019-04-19 
5 changes to exploits/shellcodes

Netwide Assembler (NASM) 2.14rc15 - NULL Pointer Dereference (PoC)

Evernote 7.9 - Code Execution via Path Traversal

LibreOffice < 6.0.7 / 6.1.3 - Macro Code Execution (Metasploit)

ManageEngine Applications Manager 11.0 < 14.0 - SQL Injection / Remote Code Execution (Metasploit)
 2019-04-19 05:02:10 +00:00
Offensive Security
880bbe402e DB: 2019-03-08 
14991 changes to exploits/shellcodes

HTC Touch - vCard over IP Denial of Service

TeamSpeak 3.0.0-beta25 - Multiple Vulnerabilities

PeerBlock 1.1 - Blue Screen of Death

WS10 Data Server - SCADA Overflow (PoC)

Symantec Endpoint Protection 12.1.4013 - Service Disabling
Memcached 1.4.33 - 'Crash' (PoC)
Memcached 1.4.33 - 'Add' (PoC)
Memcached 1.4.33 - 'sasl' (PoC)
Memcached 1.4.33 - 'Crash' (PoC)
Memcached 1.4.33 - 'Add' (PoC)
Memcached 1.4.33 - 'sasl' (PoC)

Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow

man-db 2.4.1 - 'open_cat_stream()' Local uid=man

CDRecord's ReadCD - '$RSH exec()' SUID Shell Creation

CDRecord's ReadCD - Local Privilege Escalation
Anyburn 4.3 x86 - 'Copy disc to image file' Buffer Overflow (Unicode) (SEH)
FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)

CCProxy 6.2 - 'ping' Remote Buffer Overflow

Savant Web Server 3.1 - Remote Buffer Overflow (2)

Litespeed Web Server 4.0.17 with PHP (FreeBSD) - Remote Overflow

Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)
Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit)
Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit)
Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass)
TeamCity < 9.0.2 - Disabled Registration Bypass
OpenSSH SCP Client - Write Arbitrary Files
Kados R10 GreenBee - Multiple SQL Injection
WordPress Core 5.0 - Remote Code Execution
phpBB 3.2.3  - Remote Code Execution

Linux/x86 - Create File With Permission 7775 + exit() Shellcode (Generator)
Linux/x86 - setreuid(0_0) + execve(/bin/ash_NULL_NULL) + XOR Encoded Shellcode (58 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/csh__ [/bin/csh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/ksh__ [/bin/ksh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/zsh__ [/bin/zsh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(/bin/ash_NULL_NULL) + XOR Encoded Shellcode (58 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/csh__ [/bin/csh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/ksh__ [/bin/ksh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/zsh__ [/bin/zsh_ NULL]) + XOR Encoded Shellcode (53 bytes)
 2019-03-08 05:01:50 +00:00
Offensive Security
55fab34db7 DB: 2019-03-02 
10 changes to exploits/shellcodes

Linux Kernel 3.10.0 (CentOS7) - Denial of Service
Linux Kernel 3.10.0 (CentOS 7) - Denial of Service
Google Chrome < M72 - PaymentRequest Service Use-After-Free
Google Chrome < M72 - RenderFrameHostImpl::CreateMediaStreamDispatcherHost Use-After-Free
Google Chrome < M72 - Use-After-Free in RenderProcessHostImpl Binding for P2PSocketDispatcherHost
Google Chrome < M72 - FileWriterImpl Use-After-Free
tcpdump < 4.9.3 - Multiple Heap-Based Out-of-Bounds Reads
Linux < 4.14.103 / < 4.19.25 - Out-of-Bounds Read and Write in SNMP NAT Module
macOS XNU - Copy-on-Write Behavior Bypass via Mount of User-Owned Filesystem Image

Cisco WebEx Meetings < 33.6.6 / < 33.9.1 - Privilege Escalation
 2019-03-02 05:01:54 +00:00
Offensive Security
26efc559c7 DB: 2019-02-21 
8 changes to exploits/shellcodes

FTPShell Server 6.83 - 'Account name to ban' Denial of Service (PoC)
WinRAR 5.61 - '.lng' Denial of Service
FaceTime - Texture Processing Memory Corruption
Android Kernel < 4.8 - ptrace seccomp Filter Bypass
MatrixSSL < 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates

MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 - File Permissions SYSTEM Privilege Escalation
MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 - Local Privilege Escalation
Apple macOS 10.13.5 - Local Privilege Escalation

mIRC < 7.55 - Remote Command Execution Using Argument Injection Through Custom URI Protocol Handlers
mIRC < 7.55 - 'Custom URI Protocol Handlers' Remote Command Execution
Belkin Wemo UPnP - Remote Code Execution (Metasploit)

HotelDruid 2.3 - Cross-Site Scripting
 2019-02-21 05:01:57 +00:00
Offensive Security
68794471c9 DB: 2019-02-01 
13 changes to exploits/shellcodes

Anyburn 4.3 - 'Convert image to file format' Denial of Service
Advanced Host Monitor 11.90 Beta - 'Registration number' Denial of Service (PoC)
AMAC Address Change 5.4 - Denial of Service (PoC)
ASPRunner Professional 6.0.766 - Denial of Service (PoC)
FlexHEX 2.46 - Denial of Service SEH Overwrite (PoC)
LanHelper 1.74 - Denial of Service (PoC)
macOS XNU - Copy-on-Write Behaviour Bypass via Partial-Page Truncation of File
macOS < 10.14.3 / iOS < 12.1.3 - Arbitrary mach Port Name Deallocation in XPC Services due to Invalid mach Message Parsing in _xpc_serializer_unpack
macOS < 10.14.3 / iOS < 12.1.3 - Sandbox Escapes due to Type Confusions and Memory Safety Issues in iohideventsystem
macOS < 10.14.3 / iOS < 12.1.3 XNU - 'vm_map_copy' Optimization which Requires Atomicity isn't Atomic
macOS < 10.14.3 / iOS < 12.1.3 - Kernel Heap Overflow in PF_KEY due to Lack of Bounds Checking when Retrieving Statistics

10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH)(DEP Bypass)
10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH) (DEP Bypass)
R 3.5.0 - Local Buffer Overflow (SEH)
UltraISO 9.7.1.3519 - 'Output FileName' Local Buffer Overflow (SEH)
 2019-02-01 05:01:49 +00:00
Offensive Security
6e7548ed0d DB: 2019-01-25 
10 changes to exploits/shellcodes

Microsoft Remote Desktop 10.2.4(134) - Denial of Service (PoC)

AddressSanitizer (ASan) - SUID Executable Privilege Escalation (Metasploit)

Ghostscript 9.26 - Pseudo-Operator Remote Code Execution
Joomla! Component J-CruisePortal 6.0.4 - SQL Injection
Joomla! Component JHotelReservation 6.0.7 - SQL Injection
SimplePress CMS 1.0.7 - SQL Injection
SirsiDynix e-Library 3.5.x - Cross-Site Scripting
Splunk Enterprise 7.2.3 - Authenticated Custom App RCE
ImpressCMS 1.3.11 - 'bid' SQL Injection
Zyxel NBG-418N v2 Modem 1.00(AAXM.6)C0 - Cross-Site Request Forgery
 2019-01-25 05:01:41 +00:00
Offensive Security
e3c06fe0f7 DB: 2018-12-15 
16 changes to exploits/shellcodes

Angry IP Scanner 3.5.3 - Denial of Service (PoC)
UltraISO 9.7.1.3519 - 'Output FileName' Denial of Service (PoC)

Zortam MP3 Media Studio 24.15 - Local Buffer Overflow (SEH)
Cisco RV110W - Password Disclosure / Command Execution
Safari - Proxy Object Type Confusion (Metasploit)

Adminer 4.3.1 - Server-Side Request Forgery
Responsive FileManager 9.13.4 - Multiple Vulnerabilities
Fortify Software Security Center (SSC) 17.10/17.20/18.10 - Information Disclosure
Fortify Software Security Center (SSC) 17.10/17.20/18.10 - Information Disclosure (2)
Huawei Router HG532e - Command Execution
Facebook And Google Reviews System For Businesses - Cross-Site Request Forgery (Change Admin Password)
Facebook And Google Reviews System For Businesses 1.1 - SQL Injection
Facebook And Google Reviews System For Businesses 1.1 - Remote Code Execution
Double Your Bitcoin Script Automatic - Authentication Bypass
 2018-12-15 05:01:46 +00:00
Offensive Security
62445895aa DB: 2018-11-30 
8 changes to exploits/shellcodes

WebKit JSC JIT - 'JSPropertyNameEnumerator' Type Confusion
WebKit JIT - 'ByteCodeParser::handleIntrinsicCall' Type Confusion
WebKit JSC - BytecodeGenerator::hoistSloppyModeFunctionIfNecessary Does not Invalidate the 'ForInContext' Object
Unitrends Enterprise Backup - bpserverd Privilege Escalation (Metasploit)
Linux - Nested User Namespace idmap Limit Local Privilege Escalation (Metasploit)
Mac OS X - libxpc MITM Privilege Escalation (Metasploit)
PHP imap_open - Remote Code Execution (Metasploit)
TeamCity Agent - XML-RPC Command Execution (Metasploit)
 2018-11-30 05:01:41 +00:00
Offensive Security
e3299ef341 DB: 2018-11-21 
4 changes to exploits/shellcodes

macOS 10.13 - 'workq_kernreturn' Denial of Service (PoC)

Qpopper 4.0.x - poppassd Privilege Escalation
Qpopper 4.0.x - 'poppassd' Privilege Escalation

HP-UX 11.0/11.11 - swxxx Privilege Escalation
HP-UX 11.0/11.11 - 'swxxx' Privilege Escalation

ABRT - raceabrt Privilege Escalation(Metasploit)
ABRT - 'raceabrt' Privilege Escalation (Metasploit)
ImageMagick - Memory Leak
Microsoft Windows - DfMarshal Unsafe Unmarshaling Privilege Escalation

Navetti PricePoint 4.6.0.0 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery
Kordil EDMS 2.2.60rc3 - Arbitrary File Upload
Simple E-Document 1.31 - 'username' SQL Injection
2-Plan Team 1.0.4 - Arbitrary File Upload
PHP Mass Mail 1.0 - Arbitrary File Upload
WordPress Plugin Ninja Forms 3.3.17 - Cross-Site Scripting
Warranty Tracking System 11.06.3 - 'txtCustomerCode' SQL Injection
Helpdezk 1.1.1 - Arbitrary File Upload
DomainMOD 4.11.01 - Cross-Site Scripting
Kordil EDMS 2.2.60rc3 - Arbitrary File Upload
Simple E-Document 1.31 - 'username' SQL Injection
2-Plan Team 1.0.4 - Arbitrary File Upload
PHP Mass Mail 1.0 - Arbitrary File Upload
WordPress Plugin Ninja Forms 3.3.17 - Cross-Site Scripting
Warranty Tracking System 11.06.3 - 'txtCustomerCode' SQL Injection
Helpdezk 1.1.1 - Arbitrary File Upload
DomainMOD 4.11.01 - Cross-Site Scripting
Ticketly 1.0 - Cross-Site Request Forgery (Add Admin)
 2018-11-21 05:01:38 +00:00
Offensive Security
1d25aee539 DB: 2018-11-15 
15 changes to exploits/shellcodes

AMPPS 2.7 - Denial of Service (PoC)
Bosch Video Management System 8.0 - Configuration Client Denial of Service (PoC)
ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)
SwitchVPN for macOS 2.1012.03 - Privilege Escalation

Atlassian Jira - Authenticated Upload Code Execution (Metasploit)
iServiceOnline 1.0 - 'r' SQL Injection
Helpdezk 1.1.1 - 'query' SQL Injection
Electricks eCommerce 1.0 - Cross-Site Request Forgery (Change Admin Password)
EdTv 2 - 'id' SQL Injection
Dell OpenManage Network Manager 6.2.0.51 SP3 - Multiple Vulnerabilities
Advanced Comment System 1.0 - SQL Injection
Rmedia SMS 1.0 - SQL Injection
Pedidos 1.0 - SQL Injection
Electricks eCommerce 1.0 - Persistent Cross-Site Scripting
DoceboLMS 1.2 - SQL Injection / Arbitrary File Upload
 2018-11-15 05:01:40 +00:00
Offensive Security
3a7153b2ac DB: 2018-11-14 
24 changes to exploits/shellcodes

CuteFTP Mac 3.1 - Denial of Service (PoC)
Evince 3.24.0 - Command Injection
Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service
XAMPP Control Panel 3.2.2 - Buffer Overflow (SEH) (Unicode)
xorg-x11-server < 1.20.1 - Local Privilege Escalation

Data Center Audit 2.6.2 - 'username' SQL Injection
Wordpress Plugin Media File Manager 1.4.2 - Directory Traversal
Paroiciel 11.20 - 'tRecIdListe' SQL Injection
Wordpress Plugin Media File Manager 1.4.2 - Directory Traversal / Cross-Site Scripting
Paroiciel 11.20 - 'tRecIdListe' SQL Injection
The Don 1.0.1 - 'login' SQL Injection
Facturation System 1.0 - 'modid' SQL Injection
The Don 1.0.1 - 'login' SQL Injection
Facturation System 1.0 - 'modid' SQL Injection
GPS Tracking System 2.12 - 'username' SQL Injection
ServerZilla 1.0 - 'email' SQL Injection
GPS Tracking System 2.12 - 'username' SQL Injection
ServerZilla 1.0 - 'email' SQL Injection

Nominas 0.27 - 'username' SQL Injection
CentOS Web Panel 0.9.8.740 - Cross-Site Request Forgery / Cross-Site Scripting
Surreal ToDo 0.6.1.2 - SQL Injection
Surreal ToDo 0.6.1.2 - Local File Inclusion
Alienor Web Libre 2.0 - SQL Injection
Musicco 2.0.0 - Arbitrary Directory Download
Data Center Audit 2.6.2 - Cross-Site Request Forgery (Update Admin)
Tina4 Stack 1.0.3 - SQL Injection / Database File Download
Tina4 Stack 1.0.3 - Cross-Site Request Forgery (Update Admin)
Easyndexer 1.0 - Arbitrary File Download
ABC ERP 0.6.4 - Cross-Site Request Forgery (Update Admin)
Gumbo CMS 0.99 - SQL Injection
Silurus Classifieds Script 2.0 - 'wcategory' SQL Injection
ClipperCMS 1.3.3 - Cross-Site Request Forgery (File Upload)
Alive Parish 2.0.4 - SQL Injection / Arbitrary File Upload
Maitra Mail Tracking System 1.7.2 - SQL Injection / Database File Download
Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery (Add Admin)
Webiness Inventory 2.3 - SQL Injection
SIPve 0.0.2-R19 - SQL Injection

Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shellcode (58 bytes)
 2018-11-14 05:01:43 +00:00
Offensive Security
11366ca935 DB: 2018-11-07 
18 changes to exploits/shellcodes

FaceTime - RTP Video Processing Heap Corruption
FaceTime - 'readSPSandGetDecoderParams' Stack Corruption
FaceTime - 'VCPDecompressionDecodeFrame' Memory Corruption
Blue Server 1.1 - Denial of Service (PoC)
eToolz 3.4.8.0 - Denial of Service (PoC)
VSAXESS V2.6.2.70 build20171226_053 - 'organization' Denial of Service (PoC)
Arm Whois 3.11 - Buffer Overflow (SEH)
libiec61850 1.3 - Stack Based Buffer Overflow
Morris Worm - sendmail Debug Mode Shell Escape (Metasploit)
blueimp's jQuery 9.22.0 - (Arbitrary) File Upload (Metasploit)
Morris Worm - fingerd Stack Buffer Overflow (Metasploit)

PHP Proxy 3.0.3 - Local File Inclusion

Voovi Social Networking Script 1.0 - 'user' SQL Injection
CMS Made Simple 2.2.7 - Remote Code Execution
OOP CMS BLOG 1.0 - Cross-Site Request Forgery (Add Admin)
Grocery crud 1.6.1 - 'search_field' SQL Injection
OOP CMS BLOG 1.0 - 'search' SQL Injection
OpenBiz Cubi Lite 3.0.8 - 'username' SQL Injection
LibreHealth 2.0.0 - Arbitrary File Actions
 2018-11-07 05:01:44 +00:00
Offensive Security
363500a603 DB: 2018-11-06 
13 changes to exploits/shellcodes

Softros LAN Messenger 9.2 - Denial of Service (PoC)
Microsoft Internet Explorer 11 - Null Pointer Dereference
LiquidVPN 1.36 / 1.37 - Privilege Escalation
Intel (Skylake / Kaby Lake) - 'PortSmash' CPU SMT Side-Channel
SiAdmin 1.1 - 'id' SQL Injection
Advantech WebAccess SCADA 8.3.2 - Remote Code Execution
WebVet 0.1a - 'id' SQL Injection
Virgin Media Hub 3.0 Router - Denial of Service (PoC)
Poppy Web Interface Generator 0.8 - Arbitrary File Upload
Mongo Web Admin 6.0 - Information Disclosure
PHP Proxy 3.0.3 - Local File Inclusion
Royal TS/X - Information Disclosure
Voovi Social Networking Script 1.0 - 'user' SQL Injection
 2018-11-06 05:01:40 +00:00
Offensive Security
defa138d04 DB: 2018-10-23 
17 changes to exploits/shellcodes

Modbus Poll 7.2.2 - Denial of Service (PoC)
AudaCity 2.3 - Denial of Service (PoC)
Apple Intel GPU Driver - Use-After-Free/Double-Delete due to bad Locking
Apple iOS/macOS - Sandbox Escape due to Trusted Length Field in Shared Memory used by HID Event Subsystem
Apple iOS - Kernel Stack Memory Disclosure due to Failure to Check copyin Return Value
Apple iOS/macOS - Sandbox Escape due to mach Message sent from Shared Memory
Apple iOS/macOS - Kernel Memory Corruption due to Integer Overflow in IOHIDResourceQueue::enqueueReport
Apple iOS Kernel - Use-After-Free due to bad Error Handling in Personas

Windows - SetImeInfoEx Win32k NULL Pointer Dereference (Metasploit)

Countly - Persistent Cross-Site Scripting
Countly - Cross-Site Scripting
MySQL Edit Table 1.0 - 'id' SQL Injection
School ERP Ultimate 2018 - Arbitrary File Download
Oracle Siebel CRM 8.1.1 - CSV Injection
The Open ISES Project 3.30A - 'tick_lat' SQL Injection
School ERP Ultimate 2018 - 'fid' SQL Injection
eNdonesia Portal 8.7 - 'artid' SQL Injection
The Open ISES Project 3.30A - Arbitrary File Download
Viva Visitor & Volunteer ID Tracking 0.95.1 - 'fname' SQL Injection
 2018-10-23 05:01:48 +00:00
Offensive Security
ed0e1e4d44 DB: 2018-09-25 
1979 changes to exploits/shellcodes

Couchdb 1.5.0 - 'uuids' Denial of Service
Apache CouchDB 1.5.0 - 'uuids' Denial of Service

Beyond Remote 2.2.5.3 - Denial of Service (PoC)
udisks2 2.8.0 - Denial of Service (PoC)
Termite 3.4 - Denial of Service (PoC)
SoftX FTP Client 3.3 - Denial of Service (PoC)

Silverstripe 2.3.5 - Cross-Site Request Forgery / Open redirection
SilverStripe CMS 2.3.5 - Cross-Site Request Forgery / Open Redirection

Silverstripe CMS 3.0.2 - Multiple Vulnerabilities
SilverStripe CMS 3.0.2 - Multiple Vulnerabilities

Silverstripe CMS 2.4 - File Renaming Security Bypass
SilverStripe CMS 2.4 - File Renaming Security Bypass

Silverstripe CMS 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities
SilverStripe CMS 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities

Silverstripe CMS 2.4.7 - 'install.php' PHP Code Injection
SilverStripe CMS 2.4.7 - 'install.php' PHP Code Injection

Silverstripe Pixlr Image Editor - 'upload.php' Arbitrary File Upload
SilverStripe CMS Pixlr Image Editor - 'upload.php' Arbitrary File Upload

Silverstripe CMS 2.4.x - 'BackURL' Open Redirection
SilverStripe CMS 2.4.x - 'BackURL' Open Redirection

Silverstripe CMS - 'MemberLoginForm.php' Information Disclosure
SilverStripe CMS - 'MemberLoginForm.php' Information Disclosure

Silverstripe CMS - Multiple HTML Injection Vulnerabilities
SilverStripe CMS - Multiple HTML Injection Vulnerabilities

Apache CouchDB 1.7.0 and 2.x before 2.1.1 - Remote Privilege Escalation
Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation

Monstra CMS before 3.0.4 - Cross-Site Scripting
Monstra CMS < 3.0.4 - Cross-Site Scripting (2)

Monstra CMS < 3.0.4 - Cross-Site Scripting
Monstra CMS < 3.0.4 - Cross-Site Scripting (1)
Navigate CMS 2.8 - Cross-Site Scripting
Collectric CMU 1.0 - 'lang' SQL injection
Joomla! Component CW Article Attachments 1.0.6 - 'id' SQL Injection
LG SuperSign EZ CMS 2.5 - Remote Code Execution
MyBB Visual Editor 1.8.18 - Cross-Site Scripting
Joomla! Component AMGallery 1.2.3 - 'filter_category_id' SQL Injection
Joomla! Component Micro Deal Factory 2.4.0 - 'id' SQL Injection
RICOH Aficio MP 301 Printer - Cross-Site Scripting
Joomla! Component Auction Factory 4.5.5 - 'filter_order' SQL Injection
RICOH MP C6003 Printer - Cross-Site Scripting

Linux/ARM - Egghunter (PWN!) + execve(_/bin/sh__ NULL_ NULL) Shellcode (28 Bytes)
Linux/ARM - sigaction() Based Egghunter (PWN!) + execve(_/bin/sh__ NULL_ NULL) Shellcode (52 Bytes)
 2018-09-25 05:01:51 +00:00
Offensive Security
3e5849385e DB: 2018-09-17 
29 changes to exploits/shellcodes

Doctor Search Script 1.0.2 - Persistent Cross-Site Scripting
Multilanguage Real Estate MLM Script - Persistent Cross-Site Scripting
Naukri Clone Script - Persistent Cross-Site Scripting
Hot Scripts Clone Script Classified - Persistent Cross-Site Scripting
Facebook Clone Script 1.0.5 - Cross-Site Scripting
Schools Alert Management Script 2.0.2 - Arbitrary File Upload
Lawyer Search Script 1.0.2 - Cross-Site Scripting
Bitcoin MLM Software 1.0.2 - Cross-Site Scripting
Select Your College Script 2.0.2 - Authentication Bypass
Multi religion Responsive Matrimonial 4.7.2 - Cross-Site Scripting
Learning and Examination Management System - Cross-Site Scripting
Alibaba Clone Script 1.0.2 - Cross-Site Scripting
Groupon Clone Script 3.0.2 - Cross-Site Scripting
Schools Alert Management Script 2.0.2 - Authentication Bypass
 2018-09-17 05:02:03 +00:00
Offensive Security
b42759b8b8 DB: 2018-09-13 
15 changes to exploits/shellcodes

jiNa OCR Image to Text 1.0 - Denial of Service (PoC)
PixGPS 1.1.8 - Denial of Service (PoC)
RoboImport 1.2.0.72 - Denial of Service (PoC)
PicaJet FX 2.6.5 - Denial of Service (PoC)
iCash 7.6.5 - Denial of Service (PoC)
PDF Explorer 1.5.66.2 - Denial of Service (PoC)
Infiltrator Network Security Scanner 4.6 - Denial of Service (PoC)
Apple macOS 10.13.4 - Denial of Service (PoC)
CirCarLife SCADA 4.3.0 - Credential Disclosure
Rubedo CMS 3.4.0 - Directory Traversal
SynaMan 4.0 build 1488 - Authenticated Cross-Site Scripting (XSS)
SynaMan 4.0 build 1488 - SMTP Credential Disclosure
IBM Identity Governance and Intelligence 5.2.3.2 / 5.2.4 - SQL Injection
MyBB 1.8.17 - Cross-Site Scripting
LG Smart IP Camera 1508190 - Backup File Download
 2018-09-13 05:01:52 +00:00
Offensive Security
b02440845e DB: 2018-07-31 
5 changes to exploits/shellcodes

fusermount - user_allow_other Restriction Bypass and SELinux Label Control
ipPulse 1.92 - 'IP Address/HostName-Comment' Denial of Service (PoC)
Microsoft Windows Kernel - 'win32k!NtUserConsoleControl' Denial of Service (PoC)

Charles Proxy 4.2 - Local Privilege Escalation

H2 Database 1.4.197 - Information Disclosure
 2018-07-31 05:01:47 +00:00
Offensive Security
0909e63d9e DB: 2018-06-07 
6 changes to exploits/shellcodes

PHP 7.2.2 - 'php_stream_url_wrap_http_ex' Buffer Overflow
macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver
macOS/iOS Kernel - Heap Overflow Due to Lack of Lower Size Check in getvolattrlist
XNU Kernel - Heap Overflow Due to Bad Bounds Checking in MPTCP
Canon LBP6650/LBP3370/LBP3460/LBP7750C - Authenticaton Bypass
Canon MF210/MF220 - Authenticaton Bypass
 2018-06-07 05:01:47 +00:00
Offensive Security
89ee92def8 DB: 2018-05-31 
6 changes to exploits/shellcodes

Siemens SIMATIC S7-300 CPU - Remote Denial of Service

Procps-ng - Multiple Vulnerabilities
SearchBlox 8.6.6 - Cross-Site Request Forgery
Yosoro 1.0.4 - Remote Code Execution
MachForm < 4.2.3 - SQL Injection / Path Traversal / Upload Bypass
Dolibarr 7.0.0 - SQL Injection
 2018-05-31 05:01:44 +00:00
Offensive Security
df4d831719 DB: 2018-05-01 
6 changes to exploits/shellcodes

Navicat < 12.0.27 - Oracle Connection Overflow
macOS 10.13.2 - Double mach_port_deallocate in kextd due to Failure to Comply with MIG Ownership Rules
macOS/iOS - ReportCrash mach port Replacement due to Failure to Respect MIG Ownership Rules

Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code (Metasploit)
WordPress Plugin Form Maker 1.12.20 - CSV Injection
Nagios XI 5.2.[6-9]_ 5.3_ 5.4 - Chained Remote Root
 2018-05-01 05:01:45 +00:00
Offensive Security
dd3b710ae8 DB: 2018-03-21 
14 changes to exploits/shellcodes

Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)' 64-bit Pool Memory Disclosure
Microsoft Windows Kernel - 'NtQueryInformationThread(ThreadBasicInformation)' 64-bit Stack Memory Disclosure
Microsoft Windows Kernel - 'nt!KiDispatchException' 64-bit Stack Memory Disclosure
Microsoft Windows Kernel - 'nt!NtWaitForDebugEvent' 64-bit Stack Memory Disclosure
Internet Explorer - 'RegExp.lastMatch' Memory Disclosure
Kamailio 5.1.1 / 5.1.0 / 5.0.0 - Off-by-One Heap Overflow
Linux Kernel < 3.5.0-23 (Ubuntu 12.04.2 x64) -  'SOCK_DIAG' SMEP Bypass Local Privilege Escalation
Linux Kernel < 4.4.0-21 (Ubuntu 16.04 x64) -  'netfilter target_offset' Local Privilege Escalation
Linux Kernel < 3.5.0-23 (Ubuntu 12.04.2 x64) -  'SOCK_DIAG' SMEP Bypass Local Privilege Escalation
Linux Kernel < 4.4.0-21 (Ubuntu 16.04 x64) -  'netfilter target_offset' Local Privilege Escalation
Google Software Updater macOS - Unsafe use of Distributed Objects Privilege Escalation
Microsoft Windows - Desktop Bridge VFS Privilege Escalation
Microsoft Windows - Desktop Bridge Virtual Registry Arbitrary File Read/Write Privilege Escalation
Microsoft Windows - Desktop Bridge Virtual Registry NtLoadKey Arbitrary File Read/Write Privilege Escalation
Intelbras Telefone IP TIP200 LITE - Local File Disclosure
Vehicle Sales Management System - Multiple Vulnerabilities

Linux/x86 - execve(/bin/sh) Shellcode (18 bytes)
 2018-03-21 05:01:50 +00:00
Offensive Security
7cb274b763 DB: 2018-03-04 
6 changes to exploits/shellcodes

Microsoft Windows Windows 8.1/2012 R2 - SMB Denial of Service
Microsoft Windows 8.1/2012 R2 - SMBv3 Null Pointer Dereference Denial of Service
Apple macOS Sierra 10.12.1 - 'IOFireWireFamily' FireWire Port Denial of Service
Apple OS X Yosemite - 'flow_divert-heap-overflow' Kernel Panic
Apple macOS Sierra 10.12.3 - 'IOFireWireFamily-null-deref' FireWire Port Denial of Service

Sony Playstation 4 (PS4) 4.05 - 'Jailbreak' WebKit / 'namedobj ' Kernel Loader
Sony Playstation 4 (PS4) 4.05 - 'Jailbreak' WebKit / 'NamedObj ' Kernel Loader
Apple macOS High Sierra 10.13 - 'ctl_ctloutput-leak' Information Leak
Apple macOS Sierra 10.12.1 - 'physmem' Local Privilege Escalation
Apple OS X 10.10.5 - 'rootsh' Local Privilege Escalation

Sony Playstation 4 (PS4) 4.55 - 'Jailbreak' WebKit 5.01 / 'bpf' Kernel Loader 4.55
Sony Playstation 4 (PS4) 4.55 - 'Jailbreak' 'setAttributeNodeNS' WebKit 5.02 / 'bpf' Kernel Loader 4.55
 2018-03-04 05:01:52 +00:00