bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2711 commits 1 branch 0 tags 258 MiB
Commit graph

5 commits

Author SHA1 Message Date
Offensive Security
c9e53fa57b DB: 2022-11-12 
7 changes to exploits/shellcodes/ghdb

AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 - Path Traversal

MSNSwitch Firmware MNT.2408 - Remote Code Exectuion (RCE)

SmartRG Router SR510n 2.6.13 - RCE (Remote Code Execution)

Open Web Analytics 1.7.3 - Remote Code Execution (RCE)

CVAT 2.0 - SSRF (Server Side Request Forgery)

IOTransfer V4 - Unquoted Service Path

NetTransport 2.96L - Remote Buffer Overflow (DEP Bypass)

Linux/MIPS (Little Endian) - system(telnetd -l /bin/sh) Shellcode (80 bytes)

Linux/MIPS - reboot() Shellcode (32 bytes)

Linux/x86 - execve(/bin/sh) + Socket Re-Use Shellcode (50 bytes)

Linux/x86 - setuid(0) + setgid(0) + execve(/bin/sh_ [/bin/sh_ NULL]) Shellcode (37 bytes)

Windows/x86 - Write-to-file ('pwned' ./f.txt) + Null-Free Shellcode (278 bytes)
 2022-11-12 09:02:02 +00:00
Offensive Security
b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
 2021-09-03 20:19:21 +00:00
Offensive Security
36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
 2021-09-03 13:39:06 +00:00
Offensive Security
a7ddd8282b DB: 2018-01-11 
28 changes to exploits/shellcodes

Multiple CPUs - Information Leak Using Speculative Execution
Microsoft Edge Chakra JIT - 'Lowerer::LowerSetConcatStrMultiItem' Missing Integer Overflow Check

Jungo Windriver 12.5.1 - Privilege Escalation
DiskBoss Enterprise 8.8.16 - Buffer Overflow
HPE iMC - dbman RestoreDBase Unauthenticated Remote Command Execution (Metasploit)
HPE iMC - dbman RestartDB Unauthenticated Remote Command Execution (Metasploit)

Synology Photostation 6.7.2-3429 - Remote Code Execution (Metasploit)
Worpress Plugin Service Finder Booking < 3.2 - Local File Disclosure
Muviko 1.1 - SQL Injection
WordPress Plugin Events Calendar - 'event_id' SQL Injection
WordPress Plugin Social Media Widget by Acurax 3.2.5 - Cross-Site Request Forgery
WordPress Plugin CMS Tree Page View 1.4 - Cross-Site Request Forgery / Privilege Escalation
WordPress Plugin Admin Menu Tree Page View 2.6.9 - Cross-Site Request Forgery / Privilege Escalation
WordPress Plugin WordPress Download Manager 2.9.60 - Cross-Site Request Forgery
Joomla! Component Easydiscuss < 4.0.21 - Cross-Site Scripting

BSD/x86 - Bind TCP Shell (31337/TCP) + setuid(0) Shellcode (94 bytes)
BSD/x86 - setuid(0) + Bind TCP Shell (31337/TCP) Shellcode (94 bytes)
BSD/x86 - execve /bin/cat /etc/master.passwd | mail [email] Shellcode (92 bytes)
BSD/x86 - Reverse TCP Shell (192.168.1.69:6969/TCP) Shellcode (129 bytes)
BSD/x86 - execve(/bin/cat /etc/master.passwd) | mail root@localhost Shellcode (92 bytes)
FreeBSD/x86 - Reverse TCP Shell (192.168.1.69:6969/TCP) Shellcode (129 bytes)

BSD/x86 - Bind TCP Shell (31337/TCP) + Fork Shellcode (111 bytes)
FreeBSD/x86 - Bind TCP Shell (31337/TCP) + Fork Shellcode (111 bytes)
Linux/x86 - execve /bin/dash Shellcode (30 bytes)
Alpha - /bin/sh Shellcode (80 bytes)
Alpha - execve() Shellcode (112 bytes)
Alpha - setuid() Shellcode (156 bytes)
BSD/x86 - setreuid(geteuid()_ geteuid()) + execve(_/bin/sh_) Shellcode (36 bytes)
Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (53 bytes)
 2018-01-11 05:02:24 +00:00
Offensive Security
b3eb5f7be0 DB: 2017-12-30 
1 changes to exploits/shellcodes

NetTransport 2.96L - Buffer Overflow (DEP Bypass)
 2017-12-30 05:02:21 +00:00