bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2448 commits 1 branch 0 tags 258 MiB
Commit graph

21 commits

Author SHA1 Message Date
Offensive Security
b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
 2021-09-03 20:19:21 +00:00
Offensive Security
36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
 2021-09-03 13:39:06 +00:00
Offensive Security
4e7ab00187 DB: 2021-08-20 
204 changes to exploits/shellcodes

Charity Management System CMS 1.0 - Multiple Vulnerabilities
 2021-08-20 05:01:51 +00:00
Offensive Security
d6a44bd00b DB: 2021-06-08 
11 changes to exploits/shellcodes

Sticky Notes & Color Widgets 1.4.2 - Denial of Service (PoC)

IcoFX 2.6 - '.ico' Buffer Overflow SEH + DEP Bypass using JOP

GitLab Community Edition (CE) 13.10.3 - 'Sign_Up' User Enumeration
OptiLink ONT1GEW GPON 2.1.11_X101 Build 1127.190306 - Remote Code Execution (Authenticated)
WordPress Plugin Smart Slider-3 3.5.0.8 - 'name' Stored Cross-Site Scripting (XSS)
Rocket.Chat 3.12.1 - NoSQL Injection to RCE (Unauthenticated)
Grav CMS 1.7.10 - Server-Side Template Injection (SSTI) (Authenticated)
Wordpress Plugin wpDiscuz 7.0.4 - Arbitrary File Upload (Unauthenticated)
 2021-06-08 05:02:03 +00:00
Offensive Security
1dc98b3b8e DB: 2021-06-05 
6 changes to exploits/shellcodes

Inkpad Notepad & To do list 4.3.61 - Denial of Service (PoC)
Color Notes 1.4 - Denial of Service (PoC)
Macaron Notes great notebook 5.5 - Denial of Service (PoC)
My Notes Safe 5.3 - Denial of Service (PoC)
Monstra CMS 3.0.4 - Remote Code Execution (Authenticated)
Gitlab 13.10.2 - Remote Code Execution (Authenticated)
 2021-06-05 05:01:54 +00:00
Offensive Security
a9fa314bbf DB: 2021-06-04 
14 changes to exploits/shellcodes

BasicNote 1.1.9 - Denial of Service (PoC)
ColorNote 4.1.9 - Denial of Service (PoC)
Notepad notes 2.6.7 - Denial of Service (PoC)
Blacknote 2.2.1 - Denial of Service (PoC)

CHIYU IoT Devices - 'Telnet' Authentication Bypass
PHP 8.1.0-dev - 'User-Agentt' Remote Code Execution
Seo Panel 4.8.0 - 'from_time' Reflected XSS
CHIYU IoT Devices - Denial of Service (DoS)
FUDForum 3.1.0 - 'srch' Reflected XSS
FUDForum 3.1.0 - 'author' Reflected XSS
Gitlab 13.9.3 - Remote Code Execution (Authenticated)
4Images 1.8 - 'redirect' Reflected XSS
 2021-06-04 05:01:54 +00:00
Offensive Security
dcd1229758 DB: 2021-05-04 
7 changes to exploits/shellcodes

GetSimple CMS Custom JS 0.1 - CSRF to XSS to RCE
Voting System 1.0 - Time based SQLI  (Unauthenticated SQL injection)
Piwigo 11.3.0 - 'language' SQL
GitLab Community Edition (CE) 13.10.3 - User Enumeration
GitLab Community Edition (CE) 13.10.3 - 'Sign_Up' User Enumeration

Windows/x64 - Dynamic Null-Free WinExec PopCalc Shellcode (205 Bytes)
Windows/x64 - Dynamic NoNull Add RDP Admin (BOKU:SP3C1ALM0V3) Shellcode (387 Bytes)
 2021-05-04 05:01:59 +00:00
Offensive Security
0ec0dacc0e DB: 2021-02-26 
3 changes to exploits/shellcodes

ASUS Remote Link 1.1.2.13 - Remote Code Execution

Vehicle Parking Management System 1.0 - 'catename' Persistent Cross-Site Scripting (XSS)
 2021-02-26 05:01:57 +00:00
Offensive Security
b96bdbcfa5 DB: 2021-02-12 
8 changes to exploits/shellcodes

Online Marriage Registration System 1.0 - Remote Code Execution
Online Marriage Registration System 1.0 - Remote Code Execution (1)

Gitlab 11.4.7 - Remote Code Execution
GitLab 11.4.7 - Remote Code Execution (Authenticated) (1)

Online Marriage Registration System (OMRS) 1.0 - Remote Code Execution (Authenticated)
Online Marriage Registration System (OMRS) 1.0 - Remote Code Execution (2)

GitLab 11.4.7 - Remote Code Execution (Authenticated)

GitLab 11.4.7 - RCE (Authenticated)
GitLab 11.4.7 - RCE (Authenticated) (2)

Openlitespeed Web Server 1.7.8 - Command Injection (Authenticated)
Openlitespeed Web Server 1.7.8 - Command Injection (Authenticated) (1)
PEEL Shopping 9.3.0 - 'address' Stored Cross-Site Scripting
b2evolution 6.11.6 - 'redirect_to' Open Redirect
b2evolution 6.11.6 - 'tab3' Reflected XSS
Openlitespeed WebServer 1.7.8 - Command Injection (Authenticated) (2)
Online Marriage Registration System (OMRS) 1.0 - Remote code execution (3)
 2021-02-12 05:01:57 +00:00
Offensive Security
f268b6f221 DB: 2021-01-28 
4 changes to exploits/shellcodes

Openlitespeed Web Server 1.7.8 - Command Injection (Authenticated)
STVS ProVision 5.9.10 - File Disclosure (Authenticated)
STVS ProVision 5.9.10 - Cross-Site Request Forgery (Add Admin)
 2021-01-28 05:01:55 +00:00
Offensive Security
4a75b60de1 DB: 2020-12-25 
4 changes to exploits/shellcodes

Apartment Visitors Management System 1.0 - Authentication Bypass
WordPress Plugin Adning Advertising 1.5.5 - Arbitrary File Upload
WordPress Plugin WP-PostRatings 1.86 - 'postratings_image' Cross-Site Scripting
GitLab 11.4.7 - RCE (Authenticated)
 2020-12-25 05:01:54 +00:00
Offensive Security
58ad270f64 DB: 2020-12-17 
6 changes to exploits/shellcodes

Tibco ObfuscationEngine 5.11 - Fixed Key Password Decryption

Adobe (Multiple Products) - XML Injection File Content Disclosure
GitLab 11.4.7 - Remote Code Execution (Authenticated)
Grav CMS 1.6.30 Admin Plugin 1.9.18 - 'Page Title' Persistent Cross-Site Scripting
Raysync 3.3.3.8 - RCE
Magic Home Pro 1.5.1 - Authentication Bypass
PrestaShop ProductComments 4.2.0 - 'id_products' Time Based Blind SQL Injection
Seotoaster 3.2.0 - Stored XSS on Edit page properties
 2020-12-17 05:01:57 +00:00
Offensive Security
d7c025fc8d DB: 2020-12-15 
13 changes to exploits/shellcodes

System Explorer 7.0.0 - 'SystemExplorerHelpService' Unquoted Service Path
Rukovoditel 2.6.1 - Cross-Site Request Forgery (Change password)
LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection
MiniWeb HTTP Server 0.8.19 - Buffer Overflow (PoC)
Seacms 11.1 - 'ip and weburl' Remote Command Execution
Seacms 11.1 - 'file' Local File Inclusion
Seacms 11.1 - 'checkuser' Stored XSS
WordPress Plugin Total Upkeep 1.14.9 - Database and Files Backup Download
Rumble Mail Server 0.51.3135 - 'servername' Stored XSS
Rumble Mail Server 0.51.3135 - 'domain and path' Stored XSS
Rumble Mail Server 0.51.3135 - 'username' Stored XSS
Macally WIFISD2-2A82 2.000.010 - Guest to Root Privilege Escalation
Gitlab 11.4.7 - Remote Code Execution
 2020-12-15 05:02:04 +00:00
Offensive Security
21fa83f241 DB: 2020-11-20 
12 changes to exploits/shellcodes

Internet Download Manager 6.38.12 - Scheduler Downloads Scheduler Buffer Overflow (PoC)

Genexis Platinum 4410 Router 2.1 - UPnP Credential Exposure
Joomla! Component com_memorix - SQL Injection
Joomla! Component com_informations - SQL Injection
Joomla! Component com_memorix - SQL Injection
Joomla! Component com_informations - SQL Injection
PESCMS TEAM 2.3.2 - Multiple Reflected XSS
Fortinet FortiOS 6.0.4 - Unauthenticated SSL VPN User Password Modification
xuucms 3 - 'keywords' SQL Injection
Gitlab 12.9.0 - Arbitrary File Read (Authenticated)
TestBox CFML Test Framework 4.1.0 - Arbitrary File Write and Remote Code Execution
TestBox CFML Test Framework 4.1.0 - Directory Traversal
Gemtek WVRTM-127ACN 01.01.02.141 - Authenticated Arbitrary Command Injection
M/Monit 3.7.4 - Privilege Escalation
M/Monit 3.7.4 - Password Disclosure
Nagios Log Server 2.1.7 - Persistent Cross-Site Scripting
 2020-11-20 05:02:04 +00:00
Offensive Security
e46d9f65ff DB: 2020-07-27 
32 changes to exploits/shellcodes

Calavera UpLoader 3.5 - 'FTP Logi' Denial of Service (PoC + SEH Overwrite)
Nidesoft DVD Ripper 5.2.18 - Local Buffer Overflow (SEH)
Frigate Professional 3.36.0.9 - 'Pack File' Buffer Overflow (SEH Egghunter)
DiskBoss 7.7.14 - 'Reports and Data Directory' Buffer Overflow (SEH Egghunter)
Socusoft Photo to Video Converter Professional 8.07 - 'Output Folder' Buffer Overflow (SEH Egghunter)
Port Forwarding Wizard 4.8.0 - Buffer Overflow (SEH)
Free MP3 CD Ripper 2.8 - Stack Buffer Overflow (SEH + Egghunter)
docPrint Pro 8.0 - 'Add URL' Buffer Overflow (SEH Egghunter)
GOautodial 4.0 - Persistent Cross-Site Scripting (Authenticated)
ManageEngine Applications Manager 13 - 'MenuHandlerServlet' SQL Injection
INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution
UBICOD Medivision Digital Signage 1.5.1 - Cross-Site Request Forgery (Add Admin)
WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download
WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection (Unauthenticated)
Bludit 3.9.2 - Directory Traversal
LibreHealth 2.0.0 - Authenticated Remote Code Execution
Online Course Registration 1.0 - Unauthenticated Remote Code Execution
elaniin CMS - Authentication Bypass
Koken CMS 0.22.24 - Arbitrary File Upload (Authenticated)
PandoraFMS 7.0 NG 746 - Persistent Cross-Site Scripting
Bio Star 2.8.2 - Local File Inclusion
Webtareas 2.1p - Arbitrary File Upload (Authenticated)
F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion
Sickbeard 0.1 - Cross-Site Request Forgery (Disable Authentication)
Socket.io-file 2.0.31 - Arbitrary File Upload
pfSense 2.4.4-p3 - Cross-Site Request Forgery
Virtual Airlines Manager 2.6.2 - Persistent Cross-Site Scripting
Rails 5.0.1 - Remote Code Execution

Linux/x86 - ASLR deactivation polymorphic Shellcode (124 bytes)
Linux/x86 - Egghunter(0x50905090) + sigaction + execve(/bin/sh) Shellcode (35 bytes)
Windows/x86 - Download using mshta.exe Shellcode (100 bytes)
 2020-07-27 05:02:04 +00:00
Offensive Security
81205fc37a DB: 2020-05-07 
8 changes to exploits/shellcodes

Online Clothing Store 1.0 - Persistent Cross-Site Scripting
i-doit Open Source CMDB 1.14.1 - Arbitrary File Deletion
Booked Scheduler 2.7.7 - Authenticated Directory Traversal
Online Clothing Store 1.0 - 'username' SQL Injection
webTareas 2.0.p8 - Arbitrary File Deletion
GitLab 12.9.0 - Arbitrary File Read
YesWiki cercopitheque 2020.04.18.1 - 'id' SQL Injection
MPC Sharj 3.11.1 - Arbitrary File Download
 2020-05-07 05:01:48 +00:00
Offensive Security
d68f18cb8e DB: 2019-03-30 
6 changes to exploits/shellcodes

Fat Free CRM 0.19.0 - HTML Injection

CentOS Web Panel 0.9.8.789 - NameServer Field Persistent Cross-Site Scripting
 2019-03-30 05:02:01 +00:00
Offensive Security
731dd0f423 DB: 2018-10-16 
22 changes to exploits/shellcodes

Snes9K 0.0.9z - Buffer Overflow (SEH)

NoMachine < 5.3.27 - Remote Code Execution

MaxOn ERP Software 8.x-9.x - 'nomor' SQL Injection
FLIR Brickstream 3D+ - RTSP Stream Disclosure
FLIR AX8 Thermal Camera 1.32.16 - RTSP Stream Disclosure

CAMALEON CMS 2.4 - Cross-Site Scripting
Academic Timetable Final Build 7.0a-7.0b - 'id' SQL Injection
FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure
FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure
Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin)
AlchemyCMS 4.1 - Cross-Site Scripting
FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution
College Notes Management System 1.0 - 'user' SQL Injection
Advanced HRM 1.6 - Remote Code Execution
Centos Web Panel 0.9.8.480 - Multiple Vulnerabilities
Academic Timetable Final Build 7.0 - Information Disclosure
KORA 2.7.0 - 'cid' SQL Injection
 2018-10-16 05:01:45 +00:00
Offensive Security
be89b7c04a DB: 2018-05-03 
11 changes to exploits/shellcodes

WebKit - 'WebCore::jsElementScrollHeightGetter' Use-After-Free
LibreOffice/Open Office - '.odt' Information Disclosure
Easy MPEG to DVD Burner 1.7.11 - Local Buffer Overflow (SEH)

ASUS infosvr - Auth Bypass Command Execution (Metasploit)
ASUS infosvr - Authentication Bypass Command Execution (Metasploit)

Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code (Metasploit)
xdebug < 2.5.5 - Unauthenticated OS Command Execution (Metasploit)
Metasploit Framework - 'msfd' Remote Code Execution (via Browser) (Metasploit)
Metasploit Framework - 'msfd' Remote Code Execution (Metasploit)
Exim < 4.90.1 - 'base64d' Remote Code Execution

Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code (Metasploit)

Cockpit CMS 0.4.4 < 0.5.5 - Server-Side Request Forgery
 2018-05-03 05:01:45 +00:00
Offensive Security
f0d075a5de DB: 2017-12-22 
6 changes to exploits/shellcodes

Ruby < 2.2.8 / < 2.3.5 / < 2.4.2 / < 2.5.0-preview1 - 'NET::Ftp' Command Injection

Zabbix Agent 3.0.1 - mysql.size Shell Command Injection
Zabbix Agent 3.0.1 - 'mysql.size' Shell Command Injection
Cisco IOS 12.2 < 12.4 /  15.0 < 15.6 - Security Association Negotiation Request Device Memory
Technicolor DPC3928SL - SNMP Authentication Bypass
Fortinet FortiGate 4.x < 5.0.7 - SSH Backdoor
Netcore / Netis Routers - UDP Backdoor

NETGEAR R7000 - Command Injection
NETGEAR R7000 - Command Injection (PoC)

Conarc iChannel - Improper Access Restrictions
 2017-12-22 05:02:19 +00:00
Offensive Security
d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
 2017-11-24 20:56:23 +00:00