exploit-db-mirror

Author	SHA1	Message	Date
Offensive Security	d304cc3d3e	DB: 2017-11-24 116602 new exploits Too many to list!	2017-11-24 20:56:23 +00:00
Offensive Security	4b39f0d26d	DB: 2017-11-16 23 new exploits VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (1) VideoLAN VLC Media Player 0.8.6a - Denial of Service (1) Microsoft Windows Explorer - '.AVI' Unspecified Denial of Service Microsoft Windows Explorer - '.AVI' File Denial of Service Microsoft Windows Explorer - Unspecified '.ANI' File Denial of Service Microsoft Windows Explorer - '.ANI' File Denial of Service Microsoft Windows Explorer - Unspecified '.doc' File Denial of Service Microsoft Windows Explorer - '.doc' File Denial of Service CDBurnerXP 4.2.4.1351 - Local Crash (Denial of Service) Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Unspecified Vulnerabilities Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Multiple Vulnerabilities iPhone / iTouch FtpDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service iPhone / iTouch FtpDisc 1.0 - Buffer Overflow / Denial of Service Aladdin eToken PKI Client 4.5 - Virtual File Handling Unspecified Memory Corruption (PoC) Aladdin eToken PKI Client 4.5 - Virtual File Handling Memory Corruption (PoC) Webby WebServer - SEH Control (PoC) Webby WebServer - Overflow (SEH) (PoC) Quick 'n Easy FTP Server Lite 3.1 - Exploit Quick 'n Easy FTP Server Lite 3.1 - Denial of Service Subtitle Translation Wizard 3.0.0 - Exploit (SEH) (PoC) Subtitle Translation Wizard 3.0.0 - Overflow (SEH) (PoC) FFDshow - SEH Exception Leading to Null Pointer on Read FFDshow - Overflow (SEH) Exception Leading to Null Pointer on Read Microsoft Internet Explorer - MSHTML Findtext Processing Issue Microsoft Internet Explorer - MSHTML Findtext Processing Exploit Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption Oreans WinLicense 2.1.8.0 - XML File Handling Memory Corruption Debian suidmanager 0.18 - Exploit AMD K6 Processor - Exploit Apple Personal Web Sharing 1.1 - Remote Denial of Service AMD K6 Processor - Denial of Service Sun Solaris 7.0 - 'procfs' Denial of Service S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - identd Denial of Service S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - 'identd' Denial of Service Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - rpc.lockd Remote Denial of Service Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - 'rpc.lockd' Remote Denial of Service D-Link DIR605L - Denial of Service RedHat Linux 6.1 i386 - Tmpwatch Recursive Write Denial of Service (Linux Kernel) ReiserFS 3.5.28 - Code Execution / Denial of Service ReiserFS 3.5.28 (Linux Kernel) - Code Execution / Denial of Service IBM AIX 4.3.3/5.1/5.2 libIM - Buffer Overflow IBM AIX 4.3.3/5.1/5.2 - 'libIM' Buffer Overflow xfstt 1.2/1.4 - Unspecified Memory Disclosure xfstt 1.2/1.4 - Memory Disclosure ViRobot Linux Server 2.0 - Exploit Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities Linux Kernel 2.4.x/2.6.x - Multiple ISO9660 Filesystem Handling Vulnerabilities IBM AIX 5.x - Invscout Local Buffer Overflow IBM AIX 5.x - 'Invscout' Local Buffer Overflow Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Unspecified Buffer Overflow Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Buffer Overflow Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption (MS06-012) Microsoft Excel 95/97/2000/2002/2003/2004 - Memory Corruption (MS06-012) IBM Tivoli Directory Server 6.0 - Unspecified LDAP Memory Corruption IBM Tivoli Directory Server 6.0 - LDAP Memory Corruption Quake 3 Engine - CL_ParseDownload Remote Buffer Overflow Quake 3 Engine - 'CL_ParseDownload' Remote Buffer Overflow Zabbix 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities Zabbix 1.1.2 - Multiple Remote Code Execution Vulnerabilities VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (2) VideoLAN VLC Media Player 0.8.6a - Denial of Service (2) Sun Solaris 10 - ICMP Unspecified Remote Denial of Service Sun Solaris 10 - ICMP Remote Denial of Service Mozilla Firefox 2.0.0.2 - Unspecified GIF Handling Denial of Service Mozilla Firefox 2.0.0.2 - '.GIF' Handling Denial of Service Progress WebSpeed 3.0/3.1 - Denial of Service GStreamer 0.10.15 - Multiple Unspecified Remote Denial of Service Vulnerabilities GStreamer 0.10.15 - Multiple Remote Denial of Service Vulnerabilities Wireshark 0.99.8 - X.509sat Dissector Unspecified Denial of Service Wireshark 0.99.8 - LDAP Dissector Unspecified Denial of Service Wireshark 0.99.8 - SCCP Dissector Decode As Feature Unspecified Denial of Service Wireshark 0.99.8 - X.509sat Dissector Denial of Service Wireshark 0.99.8 - LDAP Dissector Denial of Service Wireshark 0.99.8 - SCCP Dissector Decode As Feature Denial of Service Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (1) Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (2) Nokia Lotus Notes Connector - 'lnresobject.dll' Unspecified Remote Denial of Service Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (1) Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (2) Nokia Lotus Notes Connector - 'lnresobject.dll' Remote Denial of Service Wireshark 1.2.1 - OpcUa Dissector Unspecified Resource Exhaustion (Denial of Service) Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Unspecified Remote Denial of Service Wireshark 1.2.1 - GSM A RR Dissector packet.c Unspecified Remote Denial of Service Wireshark 1.2.1 - OpcUa Dissector Resource Exhaustion (Denial of Service) Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Remote Denial of Service Wireshark 1.2.1 - GSM A RR Dissector packet.c Remote Denial of Service Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities Opera Web Browser < 11.60 - Denial of Service / Multiple Vulnerabilities SmallFTPd - Unspecified Denial of Service SmallFTPd - Denial of Service Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Exploitable Kernel NULL Dereference Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Kernel NULL Dereference Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Kernel NULL Dereference Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient NULL Dereference Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF CREATECOLORSPACEW' Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple 'EMF CREATECOLORSPACEW' Record Handling (MS16-055) Microsoft Windows - 'gdi32.dll' Multiple 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055) Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext Apple Mac OSX Kernel - Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleMuxControl.kext Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl Apple Mac OSX Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource Apple Mac OSX Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in IOAudioEngine Apple Mac OSX Kernel - Null Pointer Dereference in AppleMuxControl.kext Apple Mac OSX Kernel - Null Pointer Dereference in AppleGraphicsDeviceControl Apple Mac OSX Kernel - NULL Dereference in IOAccelSharedUserClient2::page_off_resource Apple Mac OSX Kernel - NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value Apple Mac OSX Kernel - Null Pointer Dereference in IOAudioEngine Apple OS X/iOS - mach_ports_register Multiple Memory Safety Issues Apple OS X/iOS - 'mach_ports_register' Multiple Memory Safety Exploits Linux Kernel 3.10.0-327/4.8.0-22 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference Linux Kernel 4.8.0-22/3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference Microsoft MsMpEng - Remotely Exploitable Use-After-Free due to Design Issue in GC Engine Microsoft MsMpEng - Remote Use-After-Free Due to Design Issue in GC Engine Microsoft Windows Kernel - 'win32k.sys' Multiple Issues 'NtGdiGetDIBitsInternal' System Call Microsoft Windows Kernel - 'win32k.sys' Multiple 'NtGdiGetDIBitsInternal' System Call Mandrake Linux 8.2 /usr/mail - Local Exploit Mandrake Linux 8.2 - '/usr/mail' Local Exploit RedHat 6.2 /sbin/restore - Exploit RedHat 6.2 - '/sbin/restore' Privilege Escalation dump 0.4b15 (RedHat 6.2) - Exploit dump 0.4b15 (RedHat 6.2) - Privilege Escalation xsoldier 0.96 (RedHat 6.2) - Exploit Pine (Local Message Grabber) - Exploit xsoldier 0.96 (RedHat 6.2) - Buffer Overflow Pine (Local Message Grabber) - Local Message Read Seyon 2.1 rev. 4b i586-Linux - Exploit Seyon 2.1 rev. 4b i586-Linux (RedHat 4.0/5.1) - Overflow glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - Exploit glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - File Read suid_perl 5.001 - Exploit suid_perl 5.001 - Command Execution Sendmail 8.11.x (Linux/i386) - Exploit Sendmail 8.11.x (Linux/i386) - Privilege Escalation Microsoft Excel - Unspecified Remote Code Execution Microsoft Excel - Remote Code Execution Microsoft Word 2000 - Unspecified Code Execution Microsoft Word 2000 - Code Execution IBM AIX 5.3 sp6 - capture Terminal Sequence Privilege Escalation IBM AIX 5.3 sp6 - pioout Arbitrary Library Loading Privilege Escalation IBM AIX 5.3 SP6 - Capture Terminal Sequence Privilege Escalation IBM AIX 5.3 SP6 - 'pioout' Arbitrary Library Loading Privilege Escalation IBM AIX 5.3 libc - MALLOCDEBUG File Overwrite IBM AIX 5.3 - 'libc' MALLOCDEBUG File Overwrite Easy RM to MP3 Converter 2.7.3.700 - Exploit Easy RM to MP3 Converter 2.7.3.700 - Buffer Overflow Easy RM to MP3 27.3.700 (Windows XP SP3) - Exploit Easy RM to MP3 27.3.700 (Windows XP SP3) - Overflow Adobe Reader and Acrobat - Exploit Adobe Reader / Acrobat - '.PDF' File Overflow Mini-stream Ripper (Windows XP SP2/SP3) - Exploit Mini-stream Ripper (Windows XP SP2/SP3) - Local Overflow DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) Winamp 5.572 - Exploit (SEH) Winamp 5.572 - Overflow (SEH) ZipScan 2.2c - Exploit (SEH) ZipScan 2.2c - Overflow (SEH) Local Glibc shared library (.so) 2.11.1 - Exploit (Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation Local Glibc Shared Library (.so) 2.11.1 - Code Execution ReiserFS (Linux Kernel 2.6.34-rc3 / RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation SyncBack Freeware 3.2.20.0 - Exploit SyncBack Freeware 3.2.20.0 - Overflow (SEH) Mediacoder 0.7.3.4672 - Exploit (SEH) Mediacoder 0.7.3.4672 - Overflow (SEH) MP3 Workstation 9.2.1.1.2 - Exploit (SEH) MP3 Workstation 9.2.1.1.2 - Overflow (SEH) DJ Studio Pro 8.1.3.2.1 - Exploit (SEH) DJ Studio Pro 8.1.3.2.1 - Overflow (SEH) MP3 Workstation 9.2.1.1.2 - Exploit (SEH) (Metasploit) MP3 Workstation 9.2.1.1.2 - Overflow (SEH) (Metasploit) iworkstation 9.3.2.1.4 - Exploit (SEH) iworkstation 9.3.2.1.4 - Overflow (SEH) Nokia MultiMedia Player 1.0 - Exploit (SEH Unicode) Nokia MultiMedia Player 1.0 - Overflow (SEH Unicode) POP Peeper 3.7 - Exploit (SEH) POP Peeper 3.7 - Overflow (SEH) DVD X Player 5.5 Pro - SEH + ASLR + DEP Bypass DVD X Player 5.5 Pro - Overflow (SEH + ASLR + DEP Bypass) DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) (Metasploit) DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) (Metasploit) BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass BlazeVideo HDTV Player 6.6 Professional - Overflow (SEH + ASLR + DEP Bypass) Slackware Linux 3.4 - 'liloconfig-color' Temporary file Slackware Linux 3.4 - 'makebootdisk' Temporary file Slackware Linux 3.4 - 'liloconfig-color' Temporary File Slackware Linux 3.4 - 'makebootdisk' Temporary File Slackware Linux 3.4 - 'netconfig' Temporary file Slackware Linux 3.4 - 'pkgtool' Temporary file Slackware Linux 3.4 - 'netconfig' Temporary File Slackware Linux 3.4 - 'pkgtool' Temporary File Debian suidmanager 0.18 - Command Execution BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Exploit HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Exploit Slackware Linux 3.5 - Missing /etc/group Privilege Escalation BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Buffer Overrun HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Change File Permission Slackware Linux 3.5 - '/etc/group' Privilege Escalation Sun Solaris 2.6 power management - Exploit Sun Solaris 2.6 - power management Exploit DataLynx suGuard 1.0 - Exploit Sun Solaris 2.5.1 PAM & unix_scheme - Exploit Solaris 2.5.1 ffbconfig - Exploit Solaris 2.5.1 chkey - Exploit Solaris 2.5.1 Ping - Exploit SGI IRIX 6.4 ioconfig - Exploit DataLynx suGuard 1.0 - Privilege Escalation Sun Solaris 2.5.1 PAM / unix_scheme - 'passwd' Privilege Escalation Solaris 2.5.1 - 'ffbconfig' Exploit Solaris 2.5.1 - 'chkey' Exploit Solaris 2.5.1 - 'Ping' Exploit SGI IRIX 6.4 - 'ioconfig' Exploit BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (1) BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (2) BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - 'xlock' Exploit (1) BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - '/usr/bin/X11/xlock' Privilege Escalation (2) Solaris 2.5.1 automount - Exploit Solaris 2.5.1 - 'automount' Exploit BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Exploit Sun Solaris 7.0 dtprintinfo - Buffer Overflow Sun Solaris 7.0 lpset - Buffer Overflow BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Privilege Escalation Sun Solaris 7.0 - '/usr/dt/bin/dtprintinfo' Buffer Overflow Sun Solaris 7.0 - '/usr/bin/lpset' Buffer Overflow IBM Remote Control Software 1.0 - Exploit IBM Remote Control Software 1.0 - Code Execution Xcmail 0.99.6 - Exploit Xcmail 0.99.6 - Buffer Overflow Sun Solaris 7.0 ff.core - Exploit S.u.S.E. 5.2 lpc - Exploit Sun Solaris 7.0 - 'ff.core' Exploit S.u.S.E. 5.2 - 'lpc' Exploit SGI IRIX 6.2 cdplayer - Exploit SGI IRIX 6.2 - 'cdplayer' Exploit SGI IRIX 5.3 Cadmin - Exploit SGI IRIX 6.0.1 colorview - Exploit SGI IRIX 5.3 - 'Cadmin' Exploit SGI IRIX 6.0.1 - 'colorview' Exploit SGI IRIX 6.3 df - Exploit SGI IRIX 6.4 - datman/cdman Exploit SGI IRIX 6.3 - 'df' Exploit SGI IRIX 6.4 - datman/cdman Exploit RedHat Linux 2.1 - abuse.console Exploit SGI IRIX 6.2 fsdump - Exploit RedHat Linux 5.1 xosview - Exploit Slackware Linux 3.1 - Buffer Overflow RedHat Linux 2.1 - 'abuse.console' Exploit SGI IRIX 6.2 - 'fsdump' Exploit RedHat Linux 5.1 - xosview Slackware Linux 3.1 - '/usr/X11/bin/SuperProbe' Buffer Overflow IBM AIX 4.3 infod - Exploit IBM AIX 4.3 - 'infod' Exploit IBM AIX 4.2.1 snap - Insecure Temporary File Creation IBM AIX 4.2.1 - 'snap' Insecure Temporary File Creation SGI IRIX 6.4 inpview - Exploit RedHat Linux 5.0 msgchk - Exploit IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation IBM AIX 4.2 ping - Buffer Overflow IBM AIX 4.2 lchangelv - Buffer Overflow SGI IRIX 6.4 - 'inpview' Exploit RedHat Linux 5.0 - 'msgchk' Exploit IBM AIX 4.2.1 - '/usr/bin/portmir' Buffer Overflow / Insecure Temporary File Creation IBM AIX 4.2 - 'ping' Buffer Overflow IBM AIX 4.2 - '/usr/sbin/lchangelv' Buffer Overflow RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 mailx - Exploit (1) RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' Exploit (1) SGI IRIX 6.4 netprint - Exploit SGI IRIX 6.4 - 'netprint' Exploit SGI IRIX 5.3/6.2 ordist - Exploit SGI IRIX 5.3/6.2 - 'ordist' Exploit SGI IRIX 5.3 pkgadjust - Exploit SGI IRIX 5.3 - 'pkgadjust' Exploit Sun Solaris 7.0 procfs - Exploit IBM AIX 3.2.5 - IFS Exploit IBM AIX 4.2.1 lquerypv - Exploit IBM AIX 3.2.5 - 'IFS' Exploit IBM AIX 4.2.1 - 'lquerypv' File Read SGI IRIX 6.3 pset - Exploit SGI IRIX 6.4 rmail - Exploit SGI IRIX 6.3 - 'pset' Exploit SGI IRIX 6.4 - 'rmail' Exploit SGI IRIX 5.2/5.3 serial_ports - Exploit SGI IRIX 6.4 suid_exec - Exploit SGI IRIX 5.1/5.2 sgihelp - Exploit SGI IRIX 6.4 startmidi - Exploit SGI IRIX 5.2/5.3 - 'serial_ports' Exploit SGI IRIX 6.4 - 'suid_exec' Exploit SGI IRIX 5.1/5.2- 'sgihelp' Exploit SGI IRIX 6.4 - 'startmidi' Exploit SGI IRIX 6.4 xfsdump - Exploit SGI IRIX 6.4 - 'xfsdump' Exploit IBM AIX 4.3.1 adb - Exploit IBM AIX 4.3.1 - 'adb' Denial of Service Apple At Ease 5.0 - Exploit Samba < 2.0.5 - Exploit Apple At Ease 5.0 - Information Disclosure Samba < 2.0.5 - Overflow NetBSD 1.4 / OpenBSD 2.5 /Solaris 7.0 profil(2) - Exploit NetBSD 1.4 / OpenBSD 2.5 / Solaris 7.0 - 'profil(2)' Modify The Internal Data Space Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 espeaker - Local Buffer Overflow Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 - 'espeaker' Local Buffer Overflow HP-UX 10.20 newgrp - Exploit HP-UX 10.20 newgrp - Privilege Escalation BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (2) BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - '/usr/bin/lpr' Buffer Overrun Privilege Escalation (2) BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon Exploit BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (1) FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (2) xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (1) xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (2) Solaris 7.0 kcms_configure - Exploit Solaris 7.0 - 'kcms_configure Exploit Windowmaker wmmon 1.0 b2 - Exploit Windowmaker wmmon 1.0 b2 - Command Execution Oracle8i Standard Edition 8.1.5 for Linux Installer - Exploit Oracle8i Standard Edition 8.1.5 for Linux Installer - Privilege Escalation Standard & Poors ComStock 4.2.4 - Exploit Standard & Poors ComStock 4.2.4 - Command Execution KDE 1.1.2 KApplication configfile - Exploit (1) KDE 1.1.2 KApplication configfile - Exploit (2) KDE 1.1.2 KApplication configfile - Exploit (3) KDE 1.1.2 KApplication configfile - Privilege Escalation (1) KDE 1.1.2 KApplication configfile - Privilege Escalation (2) KDE 1.1.2 KApplication configfile - Privilege Escalation (3) BSD 'mailx' 8.1.1-10 - Buffer Overflow (2) mailx 8.1.1-10 (BSD/Slackware) - Buffer Overflow (2) Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - fld Input File Overflow Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - '/usr/bin/fld' Input File Overflow IRIX 6.5.x - GR_OSView Buffer Overflow SGI IRIX 6.2 libgl.so - Buffer Overflow IRIX 6.5.x - dmplay Buffer Overflow IRIX 6.2/6.3 lpstat - Buffer Overflow IRIX 6.5.x - inpview Race Condition IRIX 6.5.x - '/usr/sbin/gr_osview' Buffer Overflow SGI IRIX 6.2 - 'libgl.so' Buffer Overflow IRIX 6.5.x - '/usr/sbin/dmplay' Buffer Overflow IRIX 6.2/6.3 - '/bin/lpstat' Buffer Overflow IRIX 6.5.x - '/usr/lib/InPerson/inpview' Race Condition IRIX 5.3/6.x - mail Exploit IRIX 5.3/6.x - '/usr/bin/mail' Buffer Overflow Libc locale - Exploit (1) Libc locale - Exploit (2) Libc locale - Privilege Escalation (1) Libc locale - Privilege Escalation (2) GNOME esound 0.2.19 - Unix Domain Socket Race Condition Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell redirection Race Condition Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell Redirection Race Condition IBM AIX 4.x - setsenv Buffer Overflow IBM AIX 4.3 digest - Buffer Overflow IBM AIX 4.x - enq Buffer Overflow IBM AIX 4.3.x - piobe Buffer Overflow IBM AIX 4.x - '/usr/bin/setsenv' Buffer Overflow IBM AIX 4.3 - '/usr/lib/lpd/digest' Buffer Overflow IBM AIX 4.x - 'enq' Buffer Overflow IBM AIX 4.3.x - '/usr/lib/lpd/piobe' Buffer Overflow SGI IRIX 6.5 / Solaris 7.0/8 - CDE dtsession Buffer Overflow SGI IRIX 6.5 / Solaris 7.0/8 CDE - '/usr/dt/bin/dtsession' Buffer Overflow AIX 4.2/4.3 - piomkapqd Buffer Overflow AIX 4.2/4.3 - '/usr/lib/lpd/pio/etc/piomkapqd' Buffer Overflow (Linux Kernel 2.4.17-8) User-Mode Linux - Memory Access Privilege Escalation User-Mode Linux (Linux Kernel 2.4.17-8) - Memory Access Privilege Escalation (Linux Kernel) Grsecurity Kernel Patch 1.9.4 - Memory Protection Grsecurity Kernel Patch 1.9.4 (Linux Kernel) - Memory Protection QNX RTOS 6.1 - phlocale Environment Variable Buffer Overflow QNX RTOS 6.1 - PKG-Installer Buffer Overflow QNX RTOS 6.1 - '/usr/photon/bin/phlocale' Environment Variable Buffer Overflow QNX RTOS 6.1 - 'PKG-Installer' Buffer Overflow NCMedia Sound Editor Pro 7.5.1 - SEH + DEP Bypass NCMedia Sound Editor Pro 7.5.1 - Overflow (SEH + DEP Bypass) AFD 1.2.x - Working Directory Local Buffer Overflow AFD 1.2.x - Working Directory Local Buffer Overflow Privilege Escalation IBM AIX 4.3.x/5.1 - ERRPT Local Buffer Overflow IBM AIX 4.3.x/5.1 - 'ERRPT' Local Buffer Overflow HP-UX 10.x - rs.F3000 Unspecified Unauthorized Access HP-UX 10.x - rs.F3000 Unauthorized Access Leksbot 1.2 - Multiple Unspecified Vulnerabilities Leksbot 1.2 - Multiple Vulnerabilities IBM AIX 4.3.x/5.1 - LSMCODE Environment Variable Local Buffer Overflow IBM AIX 4.3.x/5.1 - 'LSMCODE' Environment Variable Local Buffer Overflow IBM UniVerse 10.0.0.9 - uvadmsh Privilege Escalation IBM UniVerse 10.0.0.9 - 'uvadmsh' Privilege Escalation ViRobot Linux Server 2.0 - Overflow (Linux Kernel 2.6) Samba 2.2.8 (Debian / Mandrake) - Share Privilege Escalation Samba 2.2.8 (Linux Kernel 2.6 / Debian / Mandrake) - Share Privilege Escalation Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (1) Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (2) Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (3) Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (1) Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (2) Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (3) Nvidia Display Driver Service (Nsvr) - Exploit Nvidia Display Driver Service (Nsvr) - Buffer Overflow IBM AIX 5.3 - GetShell and GetCommand File Enumeration IBM AIX 5.3 - GetShell and GetCommand Partial File Disclosure IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Enumeration IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Disclosure Apple 2.0.4 - Safari Unspecified Local Apple 2.0.4 - Safari Local Exploit Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities IBM AIX 6.1.8 libodm - Arbitrary File Write IBM AIX 6.1.8 - 'libodm' Arbitrary File Write Apple iOS 4.0.2 - Networking Packet Filter Rules Privilege Escalation VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow VeryPDF HTML Converter 2.0 - Buffer Overflow (SEH/ToLower() Bypass) Symantec Encryption Desktop 10 - Buffer Overflow Privilege Escalation QEMU (Gentoo) - Local Priv Escalation QEMU (Gentoo) - Privilege Escalation Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation Apache Tomcat 8/7/6 (RedHat Based Distros) - Privilege Escalation RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock) RedStar 3.0 Server - 'BEAM' / 'RSSMON' Command Injection (Shellshock) Microsoft WordPerfect Document Converter - Exploit (MS03-036) Microsoft WordPerfect Document Converter (Windows NT4 Workstation SP5/SP6 French) - File Template Buffer Overflow (MS03-036) CA BrightStor ARCserve Backup - Exploiter Tool CA BrightStor ARCserve Backup - Overflow NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - Exploit NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - File Write CDBurnerXP 4.2.4.1351 - Exploit PeerCast 0.1216 - Exploit (Metasploit) PeerCast 0.1216 - Stack Overflow (Metasploit) BigAnt Server 2.52 - Exploit (SEH) BigAnt Server 2.52 - Overflow (SEH) NetTransport Download Manager 2.90.510 - Exploit NetTransport Download Manager 2.90.510 - Overflow (SEH) File Sharing Wizard 1.5.0 - Exploit (SEH) File Sharing Wizard 1.5.0 - Overflow (SEH) Real Player 12.0.0.879 - Exploit Sun Java Web Server 7.0 u7 - Exploit (DEP Bypass) Real Player 12.0.0.879 - Code Execution Sun Java Web Server 7.0 u7 - Overflow (DEP Bypass) IBM AIX 5l FTPd - Remote DES Hash Exploit IBM AIX 5l - 'FTPd' Remote DES Hash Exploit Microsoft Data Access Components - Exploit (MS11-002) Microsoft Data Access Components - Overflow (PoC) (MS11-002) FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit) FileCOPA FTP Server (Pre 18 Jul Version) - 'LIST' Buffer Overflow (Metasploit) Viscom Software Movie Player Pro SDK ActiveX 6.8 - Exploit (Metasploit) Viscom Software Movie Player Pro SDK ActiveX 6.8 - Stack-Based Buffer Overflow (Metasploit) Apple Personal Web Sharing 1.1 - Exploit id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Exploit id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Command Execution Metainfo Sendmail 2.0/2.5 & MetaIP 3.1 - Exploit Metainfo Sendmail 2.0/2.5 / MetaIP 3.1 - Upload / Execute Read Scripts IBM AIX 3.2/4.1 & SCO Unixware 7.1.1 & SGI IRIX 5.3 & Sun Solaris 2.5.1 - Exploit IBM AIX 3.2/4.1 / SCO Unixware 7.1.1 / SGI IRIX 5.3 / Sun Solaris 2.5.1 - Privilege Escalation HP HP-UX 10.34 rlpdaemon - Exploit HP HP-UX 10.34 rlpdaemon - Remote Overflow Ray Chan WWW Authorization Gateway 0.1 - Exploit Ray Chan WWW Authorization Gateway 0.1 - Command Execution Solaris 7.0 Coredump - Exploit Solaris 7.0 - 'Coredump' File Write IBM Scalable POWERparallel (SP) 2.0 sdrd - Exploit SGI IRIX 6.2 cgi-bin wrap - Exploit IBM Scalable POWERparallel (SP) 2.0 - 'sdrd' File Read SGI IRIX 6.2 - cgi-bin wrap Exploit SGI IRIX 6.5.2 nsd - Exploit SGI IRIX 6.5.2 - 'nsd'' Exploit IBM AIX 3.2.5 - login(1) Exploit IBM AIX 3.2.5 - 'login(1)' Exploit Compaq Java Applet for Presario SpawnApp - Exploit Compaq Java Applet for Presario SpawnApp - Code Execution Network Security Wizards Dragon-Fire IDS 1.0 - Exploit Network Security Wizards Dragon-Fire IDS 1.0 - Command Execution Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Exploit Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Information Disclosure IBM AIX 4.3.2 ftpd - Remote Buffer Overflow IBM AIX 4.3.2 - 'ftpd' Remote Buffer Overflow glFTPd 1.17.2 - Exploit glFTPd 1.17.2 - Code Execution Netopia R-series routers 4.6.2 - Exploit Netopia R-series Routers 4.6.2 - Modifying SNMP Tables Sun Java Web Server 1.1.3/2.0 Servlets - Exploit Sun Java Web Server 1.1.3/2.0 Servlets - information Disclosure IPFilter 3.x - Fragment Rule Bypass CGIWrap 2.x/3.x - Cross-Site Scripting AIX 4.1/4.2 - pdnsd Buffer Overflow AIX 4.1/4.2 - 'pdnsd' Buffer Overflow RedHat Linux 7.0 Apache - Remote 'Username' Enumeration RedHat Linux 7.0 Apache - Remote Username Enumeration Hylafax 4.1.x - HFaxD Unspecified Format String Hylafax 4.1.x - HFaxD Format String EZMeeting 3.x - 'EZNet.exe' Long HTTP Request Remote Buffer Overflow LHA 1.x - Multiple extract_one Buffer Overflow Vulnerabilities LHA 1.x - 'extract_one' Multiple Buffer Overflow Vulnerabilities Ethereal 0.x - Multiple Unspecified iSNS / SMB / SNMP Protocol Dissector Vulnerabilities Ethereal 0.x - Multiple iSNS / SMB / SNMP Protocol Dissector Vulnerabilities Oracle 9i - Multiple Unspecified Vulnerabilities Oracle 9i - Multiple Vulnerabilities File ELF 4.x - Header Unspecified Buffer Overflow File ELF 4.x - Header Buffer Overflow Microsoft PowerPoint 2003 - 'mso.dll' .PPT Processing Unspecified Code Execution Microsoft PowerPoint 2003 - 'powerpnt.exe' Unspecified Issue Microsoft PowerPoint 2003 - 'mso.dll' '.PPT' Processing Code Execution Microsoft PowerPoint 2003 - 'powerpnt.exe' Exploit CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Unspecified Arbitrary File Manipulation CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Unspecified Replay Attack CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Arbitrary File Manipulation CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Replay Attack Microsoft Internet Explorer 6 - Unspecified Code Execution (1) Microsoft Internet Explorer 6 - Unspecified Code Execution (2) Microsoft Internet Explorer 6 - Code Execution (1) Microsoft Internet Explorer 6 - Code Execution (2) GNU Tar 1.1x - GNUTYPE_NAMES Directory Traversal GNU Tar 1.1x - 'GNUTYPE_NAMES' Directory Traversal TFTP Server TFTPDWin 0.4.2 - Unspecified Directory Traversal TFTP Server TFTPDWin 0.4.2 - Directory Traversal Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Exploit Multiple CA Service Management Products - Unspecified Remote Command Execution Multiple CA Service Management Products - Remote Command Execution NovaStor NovaNET 12 - 'DtbClsLogin()' Remote Stack Buffer Overflow Bash - Environment Variables Code Injection (Shellshock) Bash - Environment Variables Command Injection (Shellshock) OpenVPN 2.2.29 - Remote Exploit (Shellshock) OpenVPN 2.2.29 - Remote Command Injection (Shellshock) Postfix SMTP 4.2.x < 4.2.48 - Remote Exploit (Shellshock) Apache mod_cgi - Remote Exploit (Shellshock) Postfix SMTP 4.2.x < 4.2.48 - Remote Command Injection (Shellshock) Apache mod_cgi - Remote Command Injection (Shellshock) Poison Ivy 2.3.2 - Unspecified Remote Buffer Overflow Poison Ivy 2.3.2 - Remote Buffer Overflow Samba 3.5.11/3.6.3 - Unspecified Remote Code Execution Samba 3.5.11/3.6.3 - Remote Code Execution Advantech Switch - Bash Environment Variable Code Injection (Shellshock) (Metasploit) Advantech Switch - Bash Environment Variable Command Injection (Shellshock) (Metasploit) Cisco UCS Manager 2.1(1b) - Remote Exploit (Shellshock) Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock) IPFire - Bash Environment Variable Injection (Shellshock) (Metasploit) IPFire - Bash Environment Variable Command Injection (Shellshock) (Metasploit) TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock) TrendMicro InterScan Web Security Virtual Appliance - Remote Command Injection (Shellshock) Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remotely Exploitable Type Confusion Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remote Type Confusion Poll It CGI 2.0 - Exploit Poll It CGI 2.0 - Multiple Vulnerabilities DreamPoll 3.1 - Exploit DreamPoll 3.1 - SQL Injection WordPress Plugin WP-Cumulus 1.20 - Exploit WordPress Plugin WP-Cumulus 1.20 - Full Path Disclosure / Cross-Site Scripting Public Media Manager - Exploit Public Media Manager - Remote File Inclusion Joomla! Component com_adagency - Exploit Joomla! Component com_adagency - Local File Inclusion File Upload Manager 1.3 - Exploit File Upload Manager 1.3 - Web Shell File Upload Joomla! Component com_caddy - Exploit Renista CMS - Exploit Renista CMS - SQL Injection BtiTracker 1.3.x < 1.4.x - Exploit BtiTracker 1.3.x < 1.4.x - SQL Injection WordPress Plugin Cimy Counter - Exploit WordPress Plugin Cimy Counter - Full Path Disclosure / Redirector / Cross-Site Scripting / HTTP Response Spitting Belkin F5D7234-4 v5 G Wireless Router - Exploit Belkin F5D7234-4 v5 G Wireless Router - Remote Hash Exposed WhatsApp Status Changer 0.2 - Exploit WhatsApp - Remote Change Status MySimpleNews 1.0 - Remotely Readable Administrator Password MySimpleNews 1.0 - Remote Readable Administrator Password SquirrelMail 1.2.11 - Exploit SquirrelMail 1.2.11 - Multiple Vulnerabilities D-Link DCS-936L Network Camera - Cross-Site Request Forgery Yappa-ng 1.x/2.x - Unspecified Remote File Inclusion Yappa-ng 1.x/2.x - Unspecified Cross-Site Scripting Yappa-ng 1.x/2.x - Remote File Inclusion Yappa-ng 1.x/2.x - Cross-Site Scripting Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities Aenovo - Multiple Cross-Site Scripting Vulnerabilities Codegrrl - 'Protection.php' Unspecified Code Execution Codegrrl - 'Protection.php' Code Execution Red Mombin 0.7 - 'index.php' Unspecified Cross-Site Scripting Red Mombin 0.7 - 'process_login.php' Unspecified Cross-Site Scripting Red Mombin 0.7 - 'index.php' Cross-Site Scripting Red Mombin 0.7 - 'process_login.php' Cross-Site Scripting A-Blog 1.0 - Unspecified Cross-Site Scripting A-Blog 1.0 - Cross-Site Scripting Liens_Dynamiques 2.1 - Multiple Unspecified Cross-Site Scripting Vulnerabilities Liens_Dynamiques 2.1 - Multiple Cross-Site Scripting Vulnerabilities WordPress Plugin Akismet 2.1.3 - Unspecified WordPress Plugin Akismet 2.1.3 - Exploit SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Unspecified Remote Command Execution Vulnerabilities SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Remote Command Execution Vulnerabilities UPC Ireland Cisco EPC 2425 Router / Horizon Box - Exploit UPC Ireland Cisco EPC 2425 Router / Horizon Box - WPA-PSK Handshake Information Korean GHBoard - 'Component/upload.jsp' Unspecified Arbitrary File Upload Korean GHBoard - 'Component/upload.jsp' Arbitrary File Upload MyPHP Forum 3.0 - 'search.php' Multiple Unspecified SQL Injections MyPHP Forum 3.0 - 'search.php' Multiple SQL Injections Zoph 0.7.2.1 - Unspecified SQL Injection Zoph 0.7.2.1 - SQL Injection Joomla! Component FreiChat 1.0/2.x - Unspecified HTML Injection Joomla! Component FreiChat 1.0/2.x - HTML Injection Bash CGI - Remote Code Execution (Shellshock) (Metasploit) Bash CGI - Remote Command Injection (Shellshock) (Metasploit) PHP < 5.6.2 - 'disable_functions()' Bypass Exploit (Shellshock) PHP < 5.6.2 - 'disable_functions()' Bypass Command Injection (Shellshock) Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Unspecified Security Vulnerabilities Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Security Vulnerabilities Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Unspecified Security Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Security Exploit Netsweeper 4.0.8 - Authentication Bypass Issue Netsweeper 4.0.8 - Authentication Bypass SimpleInvoices invoices Module - Unspecified Customer Field Cross-Site Scripting SimpleInvoices invoices Module - Customer Field Cross-Site Scripting Bugzilla 4.2 - Tabular Reports Unspecified Cross-Site Scripting Bugzilla 4.2 - Tabular Reports Cross-Site Scripting iScripts AutoHoster - 'main_smtp.php' Unspecified Traversal iScripts AutoHoster - 'main_smtp.php' Traversal Exploit Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Issues Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Exploits Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Exploit (Shellshock) Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock) NUUO NVRmini 2 3.0.8 - Remote Code Execution (Shellshock) NUUO NVRmini 2 3.0.8 - Remote Command Injection (Shellshock) Squid Analysis Report Generator 2.3.10 - Remote Code Execution	2017-11-16 10:02:26 +00:00
Offensive Security	c7b4bfd8e6	DB: 2017-08-23 23 new exploits Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation (MS17-017) Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation (MS17-017) Disk Pulse Enterprise 9.9.16 - 'Import Command' Buffer Overflow Disk Savvy Enterprise 9.9.14 - 'Import Command' Buffer Overflow VX Search Enterprise 9.9.12 - 'Import Command' Buffer Overflow Microsoft Windows - Escalate UAC Protection Bypass (Via COM Handler Hijack) (Metasploit) IBM OpenAdmin Tool - SOAP welcomeServer PHP Code Execution (Metasploit) BSD - Passive Connection Shellcode (124 bytes) BSD - Reverse TCP /bin/sh Shell (127.0.0.1:31337/TCP) Shellcode (124 bytes) BSD/x86 - setuid(0) then execve /bin/sh Shellcode (30 bytes) BSD/x86 - Bind Shell 31337/TCP + setuid(0) Shellcode (94 bytes) BSD/x86 - execve /bin/sh multiplatform Shellcode (27 bytes) BSD/x86 - execve /bin/sh setuid (0) Shellcode (29 bytes) BSD/x86 - Bind Shell 31337/TCP Shellcode (83 bytes) BSD/x86 - Bind Random Port Shellcode (143 bytes) BSD/x86 - setuid(0) + execve /bin/sh Shellcode (30 bytes) BSD/x86 - Bind TCP Shell (31337/TCP) + setuid(0) Shellcode (94 bytes) BSD/x86 - execve /bin/sh Shellcode (27 bytes) BSD/x86 - execve /bin/sh + setuid(0) Shellcode (29 bytes) BSD/x86 - Bind TCP Shell (31337/TCP) Shellcode (83 bytes) BSD/x86 - Bind TCP Shell (Random Port) Shellcode (143 bytes) BSD/x86 - execve /bin/sh Crypt Shellcode (49 bytes) BSD/x86 - execve /bin/sh ENCRYPT* Shellcode (57 bytes) BSD/x86 - Connect torootteam.host.sk:2222 Shellcode (93 bytes) BSD/x86 - cat /etc/master.passwd \| mail [email] Shellcode (92 bytes) BSD/x86 - execve /bin/sh Encoded Shellcode (49 bytes) BSD/x86 - execve /bin/sh Encoded Shellcode (57 bytes) BSD/x86 - Reverse TCP Shell (torootteam.host.sk:2222/TCP) Shellcode (93 bytes) BSD/x86 - execve /bin/cat /etc/master.passwd \| mail [email] Shellcode (92 bytes) BSDi/x86 - execve /bin/sh toupper evasion Shellcode (97 bytes) FreeBSD i386 & AMD64 - Execve /bin/sh Shellcode (Anti-Debugging) (140 bytes) BSDi/x86 - execve /bin/sh ToUpper Encoded Shellcode (97 bytes) FreeBSD x86 / x64 - execve /bin/sh Anti-Debugging Shellcode (140 bytes) FreeBSD/x86 - connect back.send.exit /etc/passwd Shellcode (112 bytes) FreeBSD/x86 - kill all processes Shellcode (12 bytes) FreeBSD/x86 - rev connect + recv + jmp + return results Shellcode (90 bytes) FreeBSD/x86 - /bin/cat /etc/master.passwd Null-Free Shellcode (65 bytes) FreeBSD/x86 - Reverse /bin/sh Shell (127.0.0.1:8000) Shellcode (89 bytes) FreeBSD/x86 - setuid(0); execve(ipf -Fa); Shellcode (57 bytes) FreeBSD/x86 - /bin/sh Encrypted Shellcode (48 bytes) FreeBSD/x86 - Reverse TCP cat /etc/passwd (192.168.1.33:8000/TCP) Shellcode (112 bytes) FreeBSD/x86 - Kill All Processes Shellcode (12 bytes) FreeBSD/x86 - ConnectBack (172.17.0.9:8000/TCP) + Receive Shellcode + JMP + Return Results Null-Free Shellcode (90 bytes) FreeBSD/x86 - execve /bin/cat /etc/master.passwd Null-Free Shellcode (65 bytes) FreeBSD/x86 - Reverse TCP /bin/sh Shell (127.0.0.1:8000) Null-Free Shellcode (89 bytes) FreeBSD/x86 - setuid(0); + execve(ipf -Fa); Shellcode (57 bytes) FreeBSD/x86 - execve /bin/sh Encoded Shellcode (48 bytes) FreeBSD/x86 - execve /bin/sh Shellcode (2) (23 bytes) FreeBSD/x86 - execve /bin/sh Shellcode (23 bytes) FreeBSD/x86 - kldload /tmp/o.o Shellcode (74 bytes) FreeBSD/x86 - Load Kernel Module (/sbin/kldload /tmp/o.o) Shellcode (74 bytes) FreeBSD/x86 - Connect Port 31337 Shellcode (102 bytes) FreeBSD/x86 - Reverse TCP /bin/sh Shell (127.0.0.1:31337/TCP) Shellcode (102 bytes) Linux/x86 - Bind Shellcode (Generator) Windows XP SP1 - Bind Shellcode (Generator) (Generator) - /bin/sh Polymorphic With Printable ASCII Characters Shellcode Linux/x86 - cmd Null-Free Shellcode (Generator) (Generator) - Alphanumeric Shellcode (Encoder/Decoder) Linux/x86 - Bind TCP Shellcode (Generator) Windows XP SP1 - Bind TCP Shell Shellcode (Generator) Linux - execve /bin/sh Polymorphic With Printable ASCII Characters Shellcode (Generator) Linux/x86 - Command Null-Free Shellcode (Generator) Windows - Reverse TCP Shell (127.0.0.1:123/TCP) Alphanumeric Shellcode (Encoder/Decoder) (Generator) Win32 - Multi-Format Encoding Tool Shellcode (Generator) iOS - Version-independent Shellcode Cisco IOS - Connectback 21/TCP Shellcode Windows x86 - Multi-Format Encoding Tool Shellcode (Generator) iOS Version-independent - Null-Free Shellcode Cisco IOS - New TTY / Privilege Level To 15 / Reverse Virtual Terminal Shell (21/TCP) Shellcode Linux/x86-64 - Flush IPTables Rules Shellcode (84 bytes) Linux/x86-64 - Reverse TCP Semi-Stealth Shell Shellcode (88+ bytes) (Generator) Linux/MIPS (Linksys WRT54G/GL) - Bind 4919/TCP Shellcode (276 bytes) Linux/x86-64 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (84 bytes) Linux/x86-64 - Reverse TCP Semi-Stealth /bin/bash Shell Shellcode (88+ bytes) (Generator) Linux/MIPS (Linksys WRT54G/GL) - Bind TCP /bin/sh Shell (4919/TCP) Shellcode (276 bytes) Linux/PPC - connect back (192.168.1.1:31337) execve /bin/sh Shellcode (240 bytes) Linux/PPC - Reverse TCP /bin/sh Shell (192.168.1.1:31337/TCP) Shellcode (240 bytes) Linux/SPARC - Bind 8975/TCP Shellcode (284 bytes) Linux/SPARC - Bind TCP Shell (8975/TCP) Null-Free Shellcode (284 bytes) Linux/x86 - killall5 polymorphic Shellcode (61 bytes) Linux/x86 - /bin/sh Polymorphic Shellcode (48 bytes) Linux/x86 - Bind 4444/TCP Shellcode (XOR Encoded) (152 bytes) Linux/x86 - reboot() polymorphic Shellcode (57 bytes) Linux/x86 - chmod(_/etc/shadow__666) Polymorphic Shellcode (54 bytes) Linux/x86 - setreuid(geteuid()_geteuid())_execve(_/bin/sh__0_0) Shellcode (34 bytes) Linux/x86 - Bind 8000/TCP + Execve Iptables -F Shellcode (176 bytes) Linux/x86 - Bind 8000/TCP + Add Root User Shellcode (225+ bytes) Linux/x86 - Bind 8000/TCP ASM Code Linux Shellcode (179 bytes) Linux/x86 - killall5 Polymorphic Shellcode (61 bytes) Linux/x86 - execve /bin/sh Polymorphic Shellcode (48 bytes) Linux/x86 - Bind TCP /bin/sh Shell (4444/TCP) XOR Encoded Shellcode (152 bytes) Linux/x86 - reboot() Polymorphic Shellcode (57 bytes) Linux/x86 - chmod 666 /etc/shadow Polymorphic Shellcode (54 bytes) Linux/x86 - setreuid(geteuid()_ geteuid()) + execve(_/bin/sh__0_0) Shellcode (34 bytes) Linux/x86 - Bind TCP Shell (8000/TCP) + Flush IPTables Rules (/sbin/iptables -F) Shellcode (176 bytes) Linux/x86 - Bind TCP Shell (8000/TCP) + Add Root User Shellcode (225+ bytes) Linux/x86 - Bind TCP /bin/sh Shell (8000/TCP) Shellcode (179 bytes) Linux/x86 - Serial port shell binding + busybox Launching Shellcode (82 bytes) Linux/x86 - Serial Port Shell Binding (/dev/ttyS0) + busybox Launching Null-Free Shellcode (82 bytes) Linux/x86 - chmod(_/etc/shadow__666) + exit(0) Shellcode (30 bytes) Linux/x86 - chmod 666 /etc/shadow + exit(0) Shellcode (30 bytes) Linux/x86 - Shellcode Obfuscator (Generator) Linux/x86 - Shellcode Obfuscator Null-Free (Generator) Linux/x86 - setuid(0) + execve(/bin/sh_0_0) Shellcode (28 bytes) Linux/x86 - setresuid(0_0_0) /bin/sh Shellcode (35 bytes) Linux/x86 - setuid(0) + execve(/bin/sh_0_0) Null-Free Shellcode (28 bytes) Linux/x86 - setresuid(0_0_0) + /bin/sh Shellcode (35 bytes) Linux/x86 - Reverse TCP /etc/shadow (8192/TCP) Shellcode (155 bytes) Linux/x86 - Reverse TCP cat /etc/shadow (8192/TCP) Shellcode (155 bytes) Linux/x86 - setuid(0) . setgid(0) . aslr_off Shellcode (79 bytes) Linux/x86 - setuid(0) + setgid(0) + aslr_off (Disable ASLR Security) Shellcode (79 bytes) Linux/x86 - /sbin/iptables -F Shellcode (40 bytes) Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (40 bytes) Linux/x86 - /sbin/ipchains -F Shellcode (40 bytes) Linux/x86 - Flush IPChains Rules (/sbin/ipchains -F) Shellcode (40 bytes) Linux/x86 - HTTP/1.x GET_ Downloads + execve() Shellcode (111+ bytes) Linux/x86 - executes command after setreuid Shellcode (49+ bytes) Linux/x86 - HTTP/1.x GET + Downloads + execve() Null-Free Shellcode (111+ bytes) Linux/x86 - setreuid + executes command (49+ bytes) Linux/x86 - Bind 31337/TCP + setuid Shellcode (96 bytes) Linux/x86 - Bind 2707/TCP Shellcode (84 bytes) Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) + setuid Shellcode (96 bytes) Linux/x86 - Bind TCP Shell (2707/TCP) Shellcode (84 bytes) Linux/x86 - Bind 31337/TCP SET_PORT() Shellcode (100 bytes) Linux/x86 - Reverse TCP Shell (192.168.13.22:31337) Shellcode (82 bytes) (Generator) Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) Shellcode (100 bytes) Linux/x86 - Reverse TCP /bin/sh Shell (192.168.13.22:31337) Shellcode (82 bytes) (Generator) Linux/x86 - Reverse TCP XOR Encoded Shell (127.0.0.1:80/TCP) Shellcode (371 bytes) Linux/x86 - Reverse TCP Shell (127.0.0.1:80/TCP) XOR Encoded Shellcode (371 bytes) Linux/x86 - /tmp/swr to SWAP restore Shellcode (109 bytes) Linux/x86 - Read SWAP write to /tmp/swr Shellcode (109 bytes) Linux/x86 - Bind TCP Password (gotfault) Shell (64713/TCP) Shellcode (166 bytes) Linux/x86 - Bind 64713/TCP Shellcode (86 bytes) Linux/x86 - Bind TCP /bin/sh Password (gotfault) Shell (64713/TCP) Shellcode (166 bytes) Linux/x86 - Bind TCP /bin/sh Shell (64713/TCP) Shellcode (86 bytes) Linux/x86 - setreuid(0_0) execve(_/bin/sh__ [_/bin/sh__ NULL]) Shellcode (33 bytes) Linux/x86 - setreuid(0_0) + execve(_/bin/sh__ [_/bin/sh__ NULL]) Shellcode (33 bytes) Linux/x86 - TCP Proxy Shellcode (236 bytes) Linux/x86 - TCP Proxy Null-Free Shellcode (236 bytes) Linux/x86 - execve /bin/sh xored for Intel x86 CPUID Shellcode (41 bytes) Linux/x86 - execve /bin/sh Shellcode (+1 Encoded) (39 bytes) Linux/x86 - Add User (xtz) To /etc/passwd Shellcode (59 bytes) Linux/x86 - anti-debug trick (INT 3h trap) + execve /bin/sh Shellcode (39 bytes) Linux/x86 - Bind /bin/sh to 31337/TCP Shellcode (80 bytes) Linux/x86 - Bind /bin/sh to 31337/TCP + fork() Shellcode (98 bytes) Linux/x86 (Intel x86 CPUID) - execve /bin/sh XORED Encoded Shellcode (41 bytes) Linux/x86 - execve /bin/sh Shellcode +1 Encoded (39 bytes) Linux/x86 - Add Root User (xtz) To /etc/passwd Shellcode (59 bytes) Linux/x86 - Anti-Debug Trick (INT 3h trap) + execve /bin/sh Shellcode (39 bytes) Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) Shellcode (80 bytes) Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) + fork() Shellcode (98 bytes) Linux/x86 - chmod(/etc/shadow_ 0666) + exit() Shellcode (32 bytes) Linux/x86 - chmod 0666 /etc/shadow + exit() Shellcode (32 bytes) Linux/x86 - Reverse TCP Shell Shellcode (90 bytes) (Generator) Linux/x86 - Reverse TCP Shell Shellcode (90 bytes) (Generator) Linux/x86 - read(0_buf_2541); chmod(buf_4755); Shellcode (23 bytes) Linux/x86 - write(0__Hello core!\n__12); (with optional 7 byte exit) Shellcode (36 bytes) Linux/x86 - snoop /dev/dsp Shellcode (172 bytes) Linux/x86 - /bin/sh Standard Opcode Array Payload Shellcode (21 bytes) Linux/x86 - read(0_buf_2541); + chmod(buf_4755); Shellcode (23 bytes) Linux/x86 - write(0__Hello core!\n__12); Exit Shellcode (36/43 bytes) Linux/x86 - snoop /dev/dsp Null-Free Shellcode (172 bytes) Linux/x86 - execve /bin/sh Standard Opcode Array Payload Shellcode (21 bytes) Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (23 bytes) Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (27 bytes) Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (45 bytes) Linux/x86 - chroot + standart Shellcode (66 bytes) Linux/x86 - execve /bin/sh sysenter Opcode Array Payload Shellcode (23 bytes) Linux/x86 - execve /bin/sh sysenter Opcode Array Payload Shellcode (27 bytes) Linux/x86 - execve /bin/sh sysenter Opcode Array Payload Shellcode (45 bytes) Linux/x86 - Break chroot (../ 20x Loop) + execve /bin/sh Shellcode (66 bytes) Linux/x86 - setreuid/execve Shellcode (31 bytes) Linux/x86 - Alphanumeric Shellcode (64 bytes) Linux/x86 - Alphanumeric using IMUL Method Shellcode (88 bytes) Linux/x86 - setreuid + execve Shellcode (31 bytes) Linux/x86 - Alphanumeric Encoded Shellcode (64 bytes) Linux/x86 - Alphanumeric Encoder (IMUL Method) Shellcode (88 bytes) Linux/x86 - Bind 5074/TCP (ToUpper Encoded) Shellcode (226 bytes) Linux/x86 - Add User (t00r) Anti-IDS Shellcode (116 bytes) Linux/x86 - Bind TCP Shell (5074/TCP) ToUpper Encoded Shellcode (226 bytes) Linux/x86 - Add Root User (t00r) Anti-IDS Shellcode (116 bytes) Linux/x86 - iptables -F Shellcode (45 bytes) Linux/x86 - iptables -F Shellcode (58 bytes) Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (45 bytes) Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (58 bytes) Linux/x86 - connect Shellcode (120 bytes) Linux/x86 - Reverse TCP /bin/sh Shell Shellcode (120 bytes) Linux/x86 - cp /bin/sh /tmp/katy ; chmod 4555 katy Shellcode (126 bytes) Linux/x86 - cp /bin/sh /tmp/katy ; + chmod 4555 katy Shellcode (126 bytes) Linux/x86 - execve /bin/sh setreuid(12_12) Shellcode (50 bytes) Linux/x86 - Bind 5074/TCP Shellcode (92 bytes) Linux/x86 - Bind 5074/TCP + fork() Shellcode (130 bytes) Linux/x86 - Add User (t00r) Shellcode (82 bytes) Linux/x86 - Add User Shellcode (104 bytes) Linux/x86 - break chroot Shellcode (34 bytes) Linux/x86 - break chroot Shellcode (46 bytes) Linux/x86 - break chroot execve /bin/sh Shellcode (80 bytes) Linux/x86 - execve /bin/sh + setreuid(12_12) Shellcode (50 bytes) Linux/x86 - Bind TCP Shell (5074/TCP) Shellcode (92 bytes) Linux/x86 - Bind TCP Shell (5074/TCP) + fork() Shellcode (130 bytes) Linux/x86 - Add Root User (t00r) Shellcode (82 bytes) Linux/x86 - Add Root User Shellcode (104 bytes) Linux/x86 - Break chroot (../ 10x Loop) Shellcode (34 bytes) Linux/x86 - Break chroot (../ 10x Loop) Shellcode (46 bytes) Linux/x86 - Break chroot + execve /bin/sh Shellcode (80 bytes) Linux/x86 - execve /bin/sh (XOR Encoded) Shellcode (55 bytes) Linux/x86 - execve /bin/sh XOR Encoded Shellcode (55 bytes) Linux/x86 - chroot()/execve() code Shellcode (80 bytes) Linux/x86 - Add User (z) Shellcode (70 bytes) Linux/x86 - break chroot setuid(0) + /bin/sh Shellcode (132 bytes) Linux/x86-64 - Bind 4444/TCP Shellcode (132 bytes) Linux/x86 - Add Root User (z) Shellcode (70 bytes) Linux/x86 - setreuid(0_ 0) + Break chroot (mkdir/chdir/chroot _../_) + execve /bin/sh Shellcode (132 bytes) Linux/x86-64 - Bind TCP Shell (4444/TCP) Shellcode (132 bytes) Linux PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (99 bytes) OSX PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (121 bytes) Linux/x86 & Unix/SPARC & IRIX/MIPS - execve /bin/sh Shellcode (141 bytes) Linux/x86 & Unix/SPARC - execve /bin/sh Shellcode (80 bytes) Linux/x86 & bsd/x86 - execve /bin/sh Shellcode (38 bytes) Linux/PPC / Linux/x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (99 bytes) OSX/PPC / OSX/x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (121 bytes) Linux/x86 / Unix/SPARC / IRIX/MIPS - execve /bin/sh Shellcode (141 bytes) Linux/x86 / Unix/SPARC - execve /bin/sh Shellcode (80 bytes) BSD/x86 / Linux/x86 - execve /bin/sh Shellcode (38 bytes) NetBSD/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); Shellcode (29 bytes) NetBSD/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); Shellcode (30 bytes) NetBSD/x86 - setreuid(0_ 0); + execve(_/bin//sh__ ..._ NULL); Shellcode (29 bytes) NetBSD/x86 - setreuid(0_ 0); + execve(_/bin//sh__ ..._ NULL); Shellcode (30 bytes) OpenBSD/x86 - Bind 6969/TCP Shellcode (148 bytes) OpenBSD/x86 - Add user _w00w00_ Shellcode (112 bytes) OSX/PPC - sync()_ reboot() Shellcode (32 bytes) OpenBSD/x86 - Bind TCP Shell (6969/TCP) Shellcode (148 bytes) OpenBSD/x86 - Add Root User (w00w00) Shellcode (112 bytes) OSX/PPC - sync() + reboot() Shellcode (32 bytes) OSX/PPC - Add user _r00t_ Shellcode (219 bytes) OSX/PPC - Add Root User (r00t) Shellcode (219 bytes) Solaris/SPARC - executes command after setreuid Shellcode (92+ bytes) Solaris/SPARC - Reverse TCP XNOR Encoded Shell (44434/TCP) Shellcode (600 bytes) (Generator) Solaris/SPARC - setreuid/execve Shellcode (56 bytes) Solaris/SPARC - Bind 6666/TCP Shellcode (240 bytes) Solaris/SPARC - setreuid + executes command Shellcode (92+ bytes) Solaris/SPARC - Reverse TCP Shell (44434/TCP) XNOR Encoded Shellcode (600 bytes) (Generator) Solaris/SPARC - setreuid + execve Shellcode (56 bytes) Solaris/SPARC - Bind TCP Shell (6666/TCP) Shellcode (240 bytes) Solaris/SPARC - Bind 6789/TCP Shellcode (228 bytes) Solaris/SPARC - Reverse TCP Shell (192.168.1.4:5678/TCP) Shellcode (204 bytes) Solaris/SPARC - Bind Shellcode (240 bytes) Solaris/x86 - Bind TCP Shellcode (Generator) Solaris/SPARC - Bind TCP /bin/sh (6789/TCP) Shellcode (228 bytes) Solaris/SPARC - Reverse TCP /bin/sh Shell (192.168.1.4:5678/TCP) Shellcode (204 bytes) Solaris/SPARC - Bind TCP Shell Shellcode (240 bytes) Solaris/x86 - Bind TCP Shellcode (Generator) Windows 5.0 < 7.0 x86 - Bind Shell 28876/TCP Null-Free Shellcode Win32/XP SP2 (EN) - cmd.exe Shellcode (23 bytes) Win32 - SEH Omelet Shellcode Win32 - Bind 23/TCP Winexec Telnet Shellcode (111 bytes) Win32 - PEB!NtGlobalFlags Shellcode (14 bytes) Win32 XP SP2 (FR) - Sellcode cmd.exe Shellcode (32 bytes) Win32/XP SP2 - cmd.exe Shellcode (57 bytes) Win32 - PEB 'Kernel32.dll' ImageBase Finder Alphanumeric Shellcode (67 bytes) Win32 - PEB 'Kernel32.dll' ImageBase Finder (ASCII Printable) Shellcode (49 bytes) Win32 - ConnectBack + Download A File + Save + Execute Shellcode Win32 - Download File + Execute Shellcode (Browsers Edition) (Generator) (275+ bytes) Win32 - Download File + Execute Shellcode (192 bytes) Win32 - Download File + Execute Shellcode (124 bytes) Win32/NT/XP - IsDebuggerPresent Shellcode (39 bytes) Win32 SP1/SP2 - Beep Shellcode (35 bytes) Win32/XP SP2 - Pop up message box Shellcode (110 bytes) Win32 - WinExec() Command Parameter Shellcode (104+ bytes) Win32 - Download File + Execute Shellcode (226+ bytes) Windows NT/2000/XP (Russian) - Add User 'slim' Shellcode (318 bytes) Windows 5.0 < 7.0 x86 - Bind TCP Shell (28876/TCP) Null-Free Shellcode Windows XP SP2 x86 (English) - cmd.exe Shellcode (23 bytes) Windows x86 - SEH Omelet Shellcode Windows x86 - Add Administrator User (GAZZA/123456) + Start Telnet Service Shellcode (111 bytes) Windows x86 - PEB!NtGlobalFlags Shellcode (14 bytes) Windows XP SP2 x86 (French) - Sellcode cmd.exe Shellcode (32 bytes) Windows XP SP2 x86 - cmd.exe Shellcode (57 bytes) Windows x86 - PEB _Kernel32.dll_ ImageBase Finder Alphanumeric Shellcode (67 bytes) Windows x86 - PEB _Kernel32.dll_ ImageBase Finder (ASCII Printable) Shellcode (49 bytes) Windows x86 - ConnectBack + Download A File + Save + Execute Shellcode Windows x86 - Download File + Execute Shellcode (Browsers Edition) (275+ bytes) (Generator) Windows x86 - Download File + Execute Shellcode (192 bytes) Windows x86 - Download File + Execute Shellcode (124 bytes) Windows NT/XP x86 - IsDebuggerPresent Shellcode (39 bytes) Windows SP1/SP2 x86 - Beep Shellcode (35 bytes) Windows XP SP2 x86 - Pop up message box Shellcode (110 bytes) Windows x86 - WinExec() Command Parameter Shellcode (104+ bytes) Windows x86 - Download File + Execute Shellcode (226+ bytes) Windows NT/2000/XP (Russian) - Add Administartor User (slim/shady) Shellcode (318 bytes) Windows XP/2000/2003 - Reverse TCP Shell (127.0.0.1:53) Shellcode (275 bytes) (Generator) Windows XP/2000/2003 - Reverse TCP Shell (127.0.0.1:53) Shellcode (275 bytes) (Generator) Windows XP - Download File + Execute Shellcode Windows XP SP1 - Bind 58821/TCP Shellcode (116 bytes) Windows XP - Download File + Execute Null-Free Shellcode Windows XP SP1 - Bind TCP Shell (58821/TCP) Shellcode (116 bytes) Win64 - (URLDownloadToFileA) Download + Execute Shellcode (218+ bytes) Windows x64 - (URLDownloadToFileA) Download + Execute Shellcode (218+ bytes) Linux/x86 - setuid(0) + cat /etc/shadow Shellcode (49 bytes) Linux/x86 - chmod(/etc/shadow_ 0666) + exit() Shellcode (33 bytes) Linux/x86 - setuid(0) + /bin/cat /etc/shadow Shellcode (49 bytes) Linux/x86 - chmod 0666 /etc/shadow + exit() Shellcode (33 bytes) Linux/x86 - overwrite MBR on /dev/sda with _LOL!' Shellcode (43 bytes) Win32 XP SP3 - ShellExecuteA Shellcode Linux/x86 - Pverwrite MBR on /dev/sda with _LOL!' Shellcode (43 bytes) Windows XP SP3 x86 - ShellExecuteA Shellcode Win32 XP SP3 - Add Firewall Rule to Allow 445/TCP Traffic Shellcode FreeBSD/x86 - Bind 1337/TCP Shellcode (167 bytes) Win32/XP SP2 - calc.exe Shellcode (45 bytes) Windows XP SP3 x86 - Add Firewall Rule to Allow 445/TCP Traffic Shellcode FreeBSD/x86 - Bind TCP /bin/sh Shell (1337/TCP) Shellcode (167 bytes) Windows XP SP2 x86 - calc.exe Shellcode (45 bytes) Win32/XP SP2 (EN + AR) - cmd.exe Shellcode (23 bytes) Windows XP SP2 x86 (English / Arabic) - cmd.exe Shellcode (23 bytes) Linux/x86 - break chroot Shellcode (79 bytes) Linux/x86 - setuid + Break chroot (mkdir/chdir/chroot _..._) + execve /bin/sh Shellcode (79 bytes) Linux/x86 - Append '/etc/passwd' + exit() Shellcode (107 bytes) Linux/x86 - Add Root User (toor) To /etc/passwd + exit() Shellcode (107 bytes) Win32 XP SP2 (FR) - calc Shellcode (19 bytes) Windows XP SP2 x86 (French) - calc Shellcode (19 bytes) Linux/x86 - bin/cat /etc/passwd Shellcode (43 bytes) Win32 XP SP3 (English) - cmd.exe Shellcode (26 bytes) Win32 XP SP2 (Turkish) - cmd.exe Shellcode (26 bytes) Linux/x86 - /bin/sh Shellcode (8 bytes) Linux/x86 - execve /bin/cat /etc/passwd Shellcode (43 bytes) Windows XP SP3 x86 (English) - cmd.exe Shellcode (26 bytes) Windows XP SP2 x86 (Turkish) - cmd.exe Shellcode (26 bytes) Linux/x86 - execve /bin/sh Shellcode (8 bytes) Linux/x86 - disabled modsecurity Shellcode (64 bytes) Win32 - JITed Stage-0 Shellcode Win32 - JITed exec notepad Shellcode Windows XP Professional SP2 (ITA) - calc.exe Shellcode (36 bytes) Win32 - Mini HardCode WinExec&ExitProcess Shellcode (16 bytes) Linux/x86 - Disabled modsecurity Shellcode (64 bytes) Windows x86 - JITed Stage-0 Shellcode Windows x86 - JITed exec notepad Shellcode Windows XP Professional SP2 (Italian) - calc.exe Shellcode (36 bytes) Windows XP SP2 x86 - write.exe + ExitProcess WinExec Shellcode (16 bytes) Win32/XP SP3 (RU) - WinExec+ExitProcess cmd Shellcode (12 bytes) Win32 - MessageBox Shellcode (Metasploit) Windows XP SP3 x86 (Russia) - cmd + ExitProcess WinExec Shellcode (12 bytes) Windows x86 - MessageBox Shellcode (Metasploit) Linux/x86 - Bind nc -lvve/bin/sh -p13377 Shellcode Linux/x86 - chmod(_/etc/shadow__ 0666) Shellcode (36 bytes) Linux/x86 - Bind Netcat Shell (13377/TCP) Shellcode Linux/x86 - chmod 0666 /etc/shadow Shellcode (36 bytes) Linux/x86 - chmod(_/etc/shadow__ 0777) Shellcode (33 bytes) Linux/x86 - chmod(_/etc/shadow__ 0777) Shellcode (29 bytes) Linux - write() + exit(0) Shellcode (Genearator With Customizable Text) Linux/x86 - chmod 0777 /etc/shadow Shellcode (33 bytes) Linux/x86 - chmod 0777 /etc/shadow Shellcode (29 bytes) Linux - write() + exit(0) Shellcode (Generator) Linux/x86 - Sends 'Phuck3d!' To All Terminals Shellcode (60 bytes) Linux/x86 - Sends _Phuck3d!_ To All Terminals Shellcode (60 bytes) Windows XP SP2 (FR) - Download File + Execute Shellcode Windows XP SP2 (French) - Download File + Execute Shellcode Linux/x86 - Disable randomize stack addresse Shellcode (106 bytes) Linux/x86 - Disable ASLR Security Shellcode Shellcode (106 bytes) Linux/x86 - setuid(0) + chmod(_/etc/shadow__ 0666) Polymorphic Shellcode (61 bytes) Linux/x86 - change mode 0777 of '/etc/shadow' with sys_chmod syscall Shellcode (39 bytes) Linux/x86 - setuid(0) + chmod 0666 /etc/shadow Polymorphic Shellcode (61 bytes) Linux/x86 - (sys_chmod syscall) chmod 0777 /etc/shadow Shellcode (39 bytes) Linux/x86 - change mode 0777 of '/etc/passwd' with sys_chmod syscall Shellcode (39 bytes) Linux/x86 - (sys_chmod syscall) chmod 0777 /etc/passwd Shellcode (39 bytes) Linux/x86 - Reverse Netcat Shell (8080/TCP) Shellcode (76 bytes) Linux/x86 - Reverse Netcat Shell (8080/TCP) Shellcode (76 bytes) Solaris/x86 - Sync() & reboot() + exit(0) Shellcode (48 bytes) Solaris/x86 - Sync() + reboot() + exit(0) Shellcode (48 bytes) Linux/x86 - Bind 31337/TCP + setreuid (0_0) Polymorphic Shellcode (131 bytes) Linux/x86-64 - setuid(0) + chmod (_/etc/passwd__ 0777) & exit(0) Shellcode (63 bytes) Linux/x86 - Bind TCP Shell (31337/TCP) + setreuid(0_0) Polymorphic Shellcode (131 bytes) Linux/x86-64 - setuid(0) + chmod 0777 /etc/passwd + exit(0) Shellcode (63 bytes) Windows XP SP3 (SPA) - URLDownloadToFileA + CreateProcessA + ExitProcess Shellcode (176+ bytes) Windows XP SP3 (Spanish) - URLDownloadToFileA + CreateProcessA + ExitProcess Shellcode (176+ bytes) Windows - WinExec cmd.exe + ExitProcess Shellcode (195 bytes) Windows - cmd.exe + ExitProcess WinExec Shellcode (195 bytes) Linux/x86 - /bin/sh Polymorphic Shellcode (116 bytes) Linux/ARM - chmod(_/etc/shadow__ 0777) polymorphic Shellcode (84 bytes) Linux/ARM - chmod(_/etc/shadow__ 0777) Shellcode (35 bytes) Linux/x86 - execve /bin/sh Polymorphic Shellcode (116 bytes) Linux/ARM - chmod 0777 /etc/shadow Polymorphic Shellcode (84 bytes) Linux/ARM - chmod 0777 /etc/shadow Shellcode (35 bytes) Linux/ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL); (XOR 88 encoded) Polymorphic Shellcode (78 bytes) Linux/x86 - Bind Shell 64533 Shellcode (97 bytes) Linux/ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL); XOR 88 Encoded Polymorphic Shellcode (78 bytes) Linux/x86 - Bind TCP /bin/sh Shell (64533/TCP) Shellcode (97 bytes) Linux - setreuid(0_0) execve(_/bin/sh__NULL_NULL) XOR Encoded Shellcode (62 bytes) Safari 4.0.5 - 5.0.0 (Windows XP/7) - JavaScript JITed exec calc (ASLR/DEP Bypass) Shellcode Linux - Bind 6778/TCP (XOR Encoded) Polymorphic Shellcode (125 bytes) Linux - Bind Shell (nc -lp 31337 -e /bin//sh) Polymorphic Shellcode (91 bytes) ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL) Polymorphic Shellcode (Generator) Linux - setreuid(0_0) + execve(_/bin/sh__NULL_NULL) XOR Encoded Shellcode (62 bytes) Safari 4.0.5 < 5.0.0 (Windows XP/7) - JavaScript JITed exec calc (ASLR/DEP Bypass) Null-Free Shellcode Linux - Bind TCP Shell (6778/TCP) XOR Encoded Polymorphic Shellcode (125 bytes) Linux - Bind Netcat Shell (31337/TCP) Polymorphic Shellcode (91 bytes) ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL) Polymorphic Shellcode (Generator) Win32 - Write-to-file Shellcode (278 bytes) Windows x86 - Write-to-file Null-Free Shellcode (278 bytes) Linux/x86 - Bind Shell Netcat 8080/TCP Shellcode (75 bytes) Linux/x86 - /bin/sh Polymorphic Null-Free Shellcode (46 bytes) Windows XP SP3 English - MessageBoxA Shellcode (87 bytes) BSD/x86 - Bind Shell 2525/TCP Shellcode (167 bytes) Win32 - Checksum Routine Shellcode (18 bytes) Linux/x86 - Bind Netcat (/bin/nc) /bin/sh Shell (8080/TCP) Shellcode (75 bytes) Linux/x86 - execve /bin/sh Polymorphic Null-Free Shellcode (46 bytes) Windows XP SP3 (English) - MessageBoxA Shellcode (87 bytes) BSD/x86 - Bind TCP Shell (2525/TCP) Shellcode (167 bytes) Windows x86 - Checksum Routine Shellcode (18 bytes) Win32/XP SP3 (TR) - Add Administrator 'zrl' Shellcode (127 bytes) Windows XP SP3 x86 (Turkish) - Add Administrator User (zrl/123456) Shellcode (127 bytes) Win32/XP Professional SP3 (EN) x86 - Add New Local Administrator 'secuid0' Shellcode (113 bytes) Win32 - Add New Local Administrator 'secuid0' Shellcode (326 bytes) Windows XP Professional SP3 (English) x86 - Add Local Administrator User (secuid0/m0nk) Shellcode (113 bytes) Windows x86 - Add Local Administrator User (secuid0/m0nk) Shellcode (326 bytes) ARM - Bind Connect (68/UDP) + Reverse Shell (192.168.0.1:67/UDP) Shellcode ARM - Loader Port 0x1337 Shellcode ARM - ifconfig eth0 and Assign Address 192.168.0.2 Shellcode ARM - Bind (68/UDP) + Reverse Shell (192.168.0.1:67/UDP) Shellcode ARM - Loader (0x1337/TCP) Shellcode ARM - ifconfig eth0 192.168.0.2 up Shellcode ARM - Create a New User with UID 0 Shellcode (Metasploit) (Generator) (66+ bytes) Win32 - Speaking 'You got pwned!' Shellcode FreeBSD/x86 - connect back Shellcode (81 bytes) BSD/x86 - Bind Shell 31337/TCP + fork Shellcode (111 bytes) Win32 - eggsearch Shellcode (33 bytes) Linux/SuperH (sh4) - setuid(0) + chmod(_/etc/shadow__ 0666) + exit(0) Shellcode (43 bytes) Linux/x86 - Bind Shell Netcat 6666/TCP Shellcode (69 bytes) OSX/Intel (x86-64) - Reverse TCP Shell (FFFFFFFF:4444/TCP) Shellcode (131 bytes) Windows - WinExec Add New Local Administrator 'RubberDuck' + ExitProcess Shellcode (279 bytes) Linux/x86 - ASLR deactivation Shellcode (83 bytes) Windows - Download File + Execute via DNS (IPv6) Shellcode (Generator) (Metasploit) Linux/x86 - Reverse TCP SSL Shell (localhost:8080) Shellcode (422 bytes) ARM - Add Root User Shellcode (Metasploit) (66+ bytes) (Generator) Windows 5.0 < 7.0 x86 - Speaking _You got pwned!_ Null-Free Shellcode FreeBSD/x86 - Reverse TCP /bin/sh Shell (127.0.0.1:1337/TCP) Shellcode (81 bytes) (Generator) BSD/x86 - Bind TCP Shell (31337/TCP) + fork Shellcode (111 bytes) Windows x86 - eggsearch Shellcode (33 bytes) Linux/SuperH (sh4) - setuid(0) + chmod 0666 /etc/shadow + exit(0) Shellcode (43 bytes) Linux/x86 - Bind Netcat (/usr/bin/netcat) /bin/sh Shell (6666/TCP) + Polymorphic XOR Encoded Shellcode (69 bytes) OSX/Intel (x86-64) - Reverse TCP /bin/sh Shell (FFFFFFFF:4444/TCP) Shellcode (131 bytes) Windows - Add Local Administrator User (RubberDuck/mudbath) + ExitProcess WinExec Shellcode (279 bytes) Linux/x86 - Disable ASLR Security Shellcode (83 bytes) Windows - Download File + Execute via DNS (IPv6) Shellcode (Generator) (Metasploit) Linux/x86 - Reverse TCP SSL Shell (localhost:8080) Shellcode (422 bytes) Win32/PerfectXp-pc1/SP3 (TR) - Add Administrator 'kpss' Shellcode (112 bytes) Linux/x86 - Egghunter Shellcode (29 bytes) Windows PerfectXp-pc1/SP3 x86 (Turkish) - Add Administrator User (kpss/12345) Shellcode (112 bytes) Linux/x86 - Egghunter Null-Free Shellcode (29 bytes) Linux/MIPS - XOR Encoder Shellcode (Generator) (60 bytes) Linux/SuperH (sh4) - setuid(0) ; execve(_/bin/sh__ NULL_ NULL) Shellcode (27 bytes) Linux/MIPS - XOR Encoder Shellcode (60 bytes) (Generator) Linux/SuperH (sh4) - setuid(0); + execve(_/bin/sh__ NULL_ NULL) Shellcode (27 bytes) Linux/MIPS - Add User(UID 0) (rOOt/'pwn3d) Shellcode (164 bytes) Linux/MIPS - Add Root User (rOOt/pwn3d) Shellcode (164 bytes) Linux/MIPS - Connectback Shellcode (port 0x7a69) (168 bytes) Linux/MIPS - Reverse TCP Shell (0x7a69/TCP) Shellcode (168 bytes) Linux/x86 - setuid(0) + setgid(0) + Add User (iph) To /etc/passwd Polymorphic Shellcode Linux/x86 - setuid(0) + setgid(0) + Add Root User (iph) To /etc/passwd Polymorphic Shellcode Linux/x86-64 - Add User (t0r/Winner) Shellcode (189 bytes) Linux/x86-64 - Add Root User (t0r/Winner) Shellcode (189 bytes) Linux/ARM (Raspberry Pi) - Reverse TCP Shell (10.1.1.2:0x1337/TCP) Shellcode (72 bytes) Linux/ARM (Raspberry Pi) - Reverse TCP /bin/sh Shell (10.1.1.2:0x1337/TCP) Shellcode (72 bytes) Linux/ARM (Raspberry Pi) - chmod(_/etc/shadow__ 0777) Shellcode (41 bytes) Linux/ARM (Raspberry Pi) - chmod 0777 /etc/shadow Shellcode (41 bytes) Windows XP Professional SP3 - Full ROP calc Shellcode (428 bytes) Windows x64 - Bind TCP Shell Shellcode (508 bytes) Windows XP Professional SP3 - calc Full ROP Shellcode (428 bytes) Windows x64 - Bind TCP Shell (4444/TCP) Shellcode (508 bytes) Cisco ASA - Authentication Bypass 'EXTRABACON' (Improved Shellcode) (69 bytes) Cisco ASA - Authentication Bypass _EXTRABACON_ (Improved Shellcode) (69 bytes) Windows RT ARM - Bind Shell 4444/TCP Shellcode Windows RT ARM - Bind TCP Shell (4444/TCP) Shellcode Windows - Messagebox Shellcode (113 bytes) Linux/MIPS (Little Endian) - Reverse TCP Shell (192.168.1.177:31337/TCP) Shellcode (200 bytes) Windows 7 x86 - Bind Shell 4444/TCP Shellcode (357 Bytes) Windows - Add Administrator 'BroK3n' Shellcode (194 bytes) Windows - Messagebox Null-FreeShellcode (113 bytes) Linux/MIPS (Little Endian) - Reverse TCP /bin/sh Shell (192.168.1.177:31337/TCP) Shellcode (200 bytes) Windows 7 x86 - Bind TCP Shell (4444/TCP) Shellcode (357 Bytes) Windows - Add Administrator User (BroK3n/BroK3n) Null-Free Shellcode (194 bytes) Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add New Root User (ALI/ALI) + Execute /bin/sh Shellcode (378 bytes) Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add New Root User (ALI/ALI) + setreuid + Execute /bin/bash Obfuscated Shellcode (521 bytes) Linux/x86-64 - Reverse TCP Shell (127.1.1.1:6969/TCP) Shellcode (139 bytes) Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add Root User (ALI/ALI) + Execute /bin/sh Shellcode (378 bytes) Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add Root User (ALI/ALI) + setreuid + Execute /bin/bash Obfuscated Shellcode (521 bytes) Linux/x86-64 - Reverse TCP /bin/bash Shell (127.1.1.1:6969/TCP) Shellcode (139 bytes) Linux/x86-64 - Bind TCP Password (Z~r0) Shell (4444/TCP) Shellcode (81/96 bytes) Linux/x86-64 - Reverse TCP Password (Z~r0) Shell (127.0.0.1:4444/TCP) Shellcode (77-85/90-98 bytes) Windows x86 - Add Administrator 'ALI' + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes) Windows x64 - Add Administrator 'ALI' + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes) Linux/x86-64 - Bind TCP /bin/sh Shell (4444/TCP) + Password (Z~r0) Null-Free Shellcode (81/96 bytes) Linux/x86-64 - Reverse TCP Password (Z~r0) /bin/sh Shell (127.0.0.1:4444/TCP) Null-Free + Null-Mask Shellcode (77-85/90-98 bytes) Windows x86 - Add Administrator User (ALI/ALI) + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes) Windows x64 - Add Administrator User (ALI/ALI) + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes) Windows XP x86-64 - Download File + Execute Shellcode (Generator) Linux/MIPS (Little Endian) - Chmod 666 /etc/shadow Shellcode (55 bytes) Linux/MIPS (Little Endian) - Chmod 666 /etc/passwd Shellcode (55 bytes) Windows XP x86-64 - Download File + Execute Shellcode (Generator) Linux/MIPS (Little Endian) - chmod 666 /etc/shadow Shellcode (55 bytes) Linux/MIPS (Little Endian) - chmod 666 /etc/passwd Shellcode (55 bytes) Linux/x86 - execve(_/bin/sh_) (ROT13 Encoded) Shellcode (68 bytes) Linux/x86 - chmod 0777 /etc/shadow obfuscated Shellcode (84 bytes) Linux/x86 - execve(_/bin/sh_) ROT13 Encoded Shellcode (68 bytes) Linux/x86 - chmod 0777 /etc/shadow Obfuscated Shellcode (84 bytes) Linux/x86 - Reverse TCP Shell (192.168.1.133:33333) Shellcode (72 bytes) Linux/x86 - Bind Shell 33333/TCP Shellcode (96 bytes) Linux/x86 - Disable ASLR Shellcode (84 bytes) Linux/x86 - Reverse TCP /bin/sh Shell (192.168.1.133:33333) Shellcode (72 bytes) Linux/x86 - Bind TCP /bin/sh Shell (33333/TCP) Shellcode (96 bytes) Linux/x86 - Disable ASLR Security Shellcode (84 bytes) Linux/x86 - Typewriter Shellcode (Generator) Linux/x86 - Create 'my.txt' Working Directory Shellcode (37 bytes) Linux/x86 - Typewriter Shellcode (Generator) Linux/x86 - Create _my.txt_ In Working Directory Shellcode (37 bytes) Win32/XP SP3 - Create ('file.txt') Shellcode (83 bytes) Win32/XP SP3 - Restart computer Shellcode (57 bytes) Linux/x86 - custom execve Shellcode (Encoder/Decoder) (Generator) Windows XP SP3 x86 - Create (_file.txt_) Shellcode (83 bytes) Windows XP SP3 x86 - Restart Computer Shellcode (57 bytes) Linux/x86 - Custom execve Shellcode (Encoder/Decoder) (Generator) Linux/x86 - Bind Shell /bin/nc -le /bin/sh -vp 17771 Shellcode (58 bytes) Linux/x86 - Bind Netcat (/bin/nc) /bin/sh Shell (17771/TCP) Shellcode (58 bytes) Linux/x86 - chmod() 777 /etc/shadow + exit() Shellcode (33 bytes) Linux/x86 - execve /bin/sh Shellcode (2) (21 bytes) Linux/x86 - chmod 777 /etc/shadow + exit() Shellcode (33 bytes) Linux/x86 - execve /bin/sh Shellcode (21 bytes) Linux/x86 - Bind Shell Netcat 5555/TCP Shellcode (60 bytes) Linux/x86-64 - execve(/bin/sh) Shellcode (30 bytes) Linux/x86 - Bind Netcat Shell (5555/TCP) Shellcode (60 bytes) Linux/x86-64 - execve(/bin/sh) Null-Free Shellcode (30 bytes) Linux/x86 - chmod('/etc/passwd'_0777) Shellcode (42 bytes) Linux/x86 - chmod('/etc/gshadow') Shellcode (37 bytes) Linux/x86 - chmod('/etc/shadow'_'0777') Shellcode (42 bytes) Linux/x86 - exec('/bin/dash') Shellcode (45 bytes) Linux/x86 - chmod 0777 /etc/passwd Shellcode (42 bytes) Linux/x86 - chmod /etc/gshadow Shellcode (37 bytes) Linux/x86 - chmod 0777 /etc/shadow Shellcode (42 bytes) Linux/x86 - exec(_/bin/dash_) Shellcode (45 bytes) Linux/x86 - /bin/sh (ROT7 Encoded) Shellcode Win32/XP SP3 (TR) - MessageBox Shellcode (24 bytes) Linux/x86 - execve /bin/sh ROT7 Encoded Shellcode Windows XP SP3 x86 (Turkish) - MessageBox Shellcode (24 bytes) Windows x86 - user32!MessageBox 'Hello World!' Null-Free Shellcode (199 bytes) Linux/x86 - /bin/sh (ROL/ROR Encoded) Shellcode Windows x86 - user32!MessageBox _Hello World!_ Null-Free Shellcode (199 bytes) Linux/x86 - execve /bin/sh ROL/ROR Encoded Shellcode OSX/x86-64 - /bin/sh Null-Free Shellcode (34 bytes) Mainframe/System Z - Bind Shell 12345/TCP Shellcode (2488 bytes) OSX/x86-64 - execve /bin/sh Null-Free Shellcode (34 bytes) Mainframe/System Z - Bind TCP Shell (12345/TCP) Null-Free Shellcode (2488 bytes) Linux/x86 - Create file with permission 7775 + exit Shellcode (Generator) Linux/x86 - Create File With Permission 7775 + exit Shellcode (Generator) OSX/x86-64 - Bind 4444/TCP Null-free Shellcode (144 bytes) Linux/x86-64 - /bin/sh Shellcode (34 bytes) Google Android - Telnetd Port 1035 with Parameters Shellcode (248 bytes) OSX/x86-64 - Bind TCP /bin/sh Shell (4444/TCP) Null-Free Shellcode (144 bytes) Linux/x86-64 - execve /bin/sh Shellcode (34 bytes) Google Android - Bind Telnetd Shell (1035/TCP) + Environment / Parameters Shellcode (248 bytes) Linux/x86-64 - Bind TCP Password (1234) Shell (31173/TCP) Shellcode (92 bytes) Linux/x86-64 - Bind TCP /bin/sh Password (1234) Shell (31173/TCP) Shellcode (92 bytes) Windows XP < 10 - WinExec Null-Free Shellcode (Generator) (Python) Linux/x86-64 - Bind 4444/TCP Shellcode (103 bytes) Linux/x86-64 - Bind TCP Password (hack) Shell (4444/TCP) Shellcode (162 bytes) Windows XP < 10 - WinExec Null-Free Shellcode (Generator) Linux/x86-64 - Bind TCP /bin/sh Shell (4444/TCP) Null-Free Shellcode (103 bytes) Linux/x86-64 - Bind TCP /bin/sh Password (hack) Shell (4444/TCP) Null-Free Shellcode (162 bytes) Linux/x86-64 - Reverse TCP Password (hack) Shell (127.0.0.1:4444/TCP) Shellcode (151 bytes) Linux/x86-64 - Reverse TCP Password (hack) /bin/sh Shell (127.0.0.1:4444/TCP) Null-Free Shellcode (151 bytes) Linux/x86-64 - execve (xor/not/div Encoded) Shellcode (54 bytes) Linux/x86-64 - execve XOR/NOT/DIV Encoded Shellcode (54 bytes) Linux x86/x86-64 - Bind 4444/TCP Shellcode (251 bytes) Linux x86/x86-64 - Bind Shell (4444/TCP) Shellcode (251 bytes) Linux/x86-64 - Reverse TCP Password (hack) Polymorphic Shell (127.0.0.1:4444/TCP) Shellcode (122 bytes) Linux/x86-64 - Reverse TCP Password (hack) Polymorphic Shell (127.0.0.1:4444/TCP) Shellcode (135 bytes) Linux/x86-64 - Reverse TCP Password (hack) /bin/sh Shell (127.0.0.1:4444/TCP) Polymorphic Shellcode (122 bytes) Linux/x86-64 - Reverse TCP Password (hack) Shell (127.0.0.1:4444/TCP) Polymorphic Shellcode (135 bytes) Linux/ARM - Connect back to 10.0.0.10:1337 with /bin/sh Shellcode (95 bytes) Linux/ARM - Reverse TCP /bin/sh Shell (10.0.0.10:1337/TCP) Shellcode (95 bytes) Linux/x86-64 - Bind 5600/TCP Shellcode (81 bytes) Linux/x86-64 - Bind TCP Shell (5600/TCP) Shellcode (81 bytes) Linux/x86-64 - Bind 5600/TCP Shellcode (86 bytes) Linux/x86-64 - Bind TCP Shell (5600/TCP) Shellcode (86 bytes) Linux/x86 - Reverse TCP Shell (::ffff:192.168.64.129:1472/TCP) (IPv6) Shellcode (159 bytes) Linux/x86 - Bind 1472/TCP Shell (IPv6) Shellcode (1250 bytes) Linux/x86 - Reverse TCP /bin/sh Shell (::ffff:192.168.64.129:1472/TCP) (IPv6) Shellcode (159 bytes) Linux/x86 - Bind TCP /bin/sh Shell (1472/TCP) (IPv6) Shellcode (1250 bytes) Win32 .Net Framework - Execute Native x86 Shellcode Linux/x86-64 - Bind 1472/TCP Shell (IPv6) Shellcode (199 bytes) Linux/x86-64 - Reverse TCP Shell (192.168.209.131:1472/TCP) (IPv6) Shellcode (203 bytes) Windows .Net Framework x86 - Execute Native x86 Shellcode Linux/x86-64 - Bind TCP /bin/sh Shell (1472/TCP) (IPv6) Shellcode (199 bytes) Linux/x86-64 - Reverse TCP /bin/sh Shell (192.168.209.131:1472/TCP) (IPv6) Shellcode (203 bytes) Linux/x86 - Bind Shell 1234/TCP (Configurable Port) Shellcode (87 bytes) Linux/x86 - Bind TCP /bin/sh Shell (1234/TCP) Shellcode (87 bytes) (Generator) Linux/x86 - Bind Shell 4444/TCP Shellcode (656 bytes) Linux/x86-64 - execve (XOR Encoded) Shellcode (84 bytes) Linux/Windows/BSD x86-64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes) Linux/x86 - Bind TCP /bin/bash Shell (4444/TCP) Shellcode (656 bytes) Linux/x86-64 - execve XOR Encoded Shellcode (84 bytes) BSD / Linux / Windows x86/x86-64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes) Linux/x86 - Bind Shell /bin/nc -le /bin/sh -vp13337 Shellcode (56 bytes) Linux/x86 - Bind Netcat (/bin/nc) /bin/sh Shell (13337/TCP) Shellcode (56 bytes) Linux/x86 - /bin/sh + ASLR Bruteforce Shellcode Linux/x86-64 - /etc/passwd File Sender Shellcode (164 bytes) Linux/x86-64 - Bind Netcat Shellcode (64 bytes) Linux/x86 - Bind Shell 4444/TCP Shellcode (98 bytes) Linux/x86-64 - Bind Ncat (4442/TCP) Shell / SSL / Multi-Channel (4444/TCP-4447/TCP) / Persistant / Fork / IPv4/6 / Password Shellcode (176 bytes) Linux/x86 - Reverse TCP Shell (192.168.227.129:4444) Shellcode (75 bytes) Linux/x86-64 - Reverse TCP Shell (10.1.1.4/TCP) / Continuously Probing via Socket / Port-Range (391-399) / Password (la crips) Shellcode (172 bytes) Linux/x86 - execve /bin/sh + ASLR Bruteforce Shellcode Linux/x86-64 - Reverse TCP cat /etc/passwd (192.168.86.128:1472/TCP) Shellcode (164 bytes) Linux/x86-64 - Bind Netcat Shell Null-Free Shellcode (64 bytes) Linux/x86 - Bind TCP /bin/sh Shell (4444/TCP) Shellcode (98 bytes) Linux/x86-64 - Bind Ncat Shell (4442/TCP) / SSL / Multi-Channel (4444-4447/TCP) / Persistant / Fork / IPv4/6 / Password Null-Free Shellcode (176 bytes) Linux/x86 - Reverse TCP /bin/sj Shell (192.168.227.129:4444) Shellcode (75 bytes) Linux/x86-64 - Reverse TCP Shell (10.1.1.4/TCP) / Continuously Probing via Socket / Port-Range (391-399) / Password (la crips) Null-Free Shellcode (172 bytes) Linux/x86-64 - Bind TCP (4442/TCP) Shell / Syscall Persistent / Multi-Terminal (4444/TCP-4447/TCP) / Password (la crips) / Daemon Shellcode (83/148/177 bytes) Linux/CRISv32 - Axis Communication Connect Back Shellcode (189 bytes) Linux/x86-64 - Bind TCP Shell (4442/TCP) / Syscall Persistent / Multi-Terminal (4444-4447/TCP) / Password (la crips) / Daemon Shellcode (83/148/177 bytes) Linux/CRISv32 - Axis Communication - Reverse TCP /bin/sh Shell (192.168.57.1:443/TCP) Shellcode (189 bytes) Linux/x86 - Bind Netcat 98/TCP + UDP Shellcode (44/52 bytes) Linux/x86 - Bind zsh 9090/TCP Shellcode (96 bytes) Linux/x86 - Reverse TCP ZSH (127.255.255.254:9090/TCP) Shellcode (80 bytes) Linux/x86 - Bind Netcat Shell (98/TCP + UDP) Shellcode (44/52 bytes) Linux/x86 - Bind TCP /bin/zsh Shell (9090/TCP) Shellcode (96 bytes) Linux/x86 - Reverse TCP /bin/zsh Shell (127.255.255.254:9090/TCP) Shellcode (80 bytes) Windows x64 - WinExec() Shellcode (93 bytes) Windows x64 - cmd.exe WinExec() Shellcode (93 bytes) Linux/x86-64 - /bin/sh -c reboot Shellcode (89 bytes) Linux/x86-64 - execve /bin/sh -c reboot Shellcode (89 bytes) Linux/x86 - Reverse Netcat + mkfifo (-e option disabled) Shell (localhost:9999) Shellcode (180 bytes) Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode (72 bytes) Linux/x86 - Reverse Netcat + mkfifo (-e option disabled) Shell (localhost:9999) Shellcode (180 bytes) Linux/x86 - execve /bin/bash -c Arbitrary Command Execution Null-Free Shellcode (72 bytes) Linux/x86-64 - Bind 5600/TCP - Shellcode (87 bytes) Linux/x86-64 - Bind TCP Shell (5600/TCP) Shellcode (87 bytes) Linux - Reverse TCP Multi/Dual Mode Shell Shellcode (Genearator) (129 bytes) Linux/x86 - Reverse TCP Alphanumeric Staged Shell (127.0.0.1:4444/TCP) Shellcode (103 bytes) Linux - Bind Shell Dual/Multi Mode Shellcode (156 bytes) Linux - Reverse TCP Multi/Dual Mode Shell Shellcode (129 bytes) (Generator) Linux/x86 - Reverse TCP /bin/sh Alphanumeric Staged Shell (127.0.0.1:4444/TCP) Shellcode (103 bytes) Linux - Bind TCP Dual/Multi Mode Shell Shellcode (156 bytes) Linux/x86-64 - Reverse TCP Shell (127.0.0.1:4444/TCP) Shellcode (65 bytes) Linux/x86-64 - Reverse TCP /bin/sh Shell (127.0.0.1:4444/TCP) Shellcode (65 bytes) Windows x86 - Executable Directory Search Shellcode (130 bytes) Windows x86 - Executable Directory Search Null-Free Shellcode (130 bytes) Linux/x86-64 - Flush IPTables Polymorphic Shellcode (47 bytes) Linux/x86-64 - Flush IPTables Rules (/sbin/iptables -F) Polymorphic Shellcode (47 bytes) Linux/x86-64 - Reverse Netcat Polymorphic Shell (127.0.0.1:1234) Shellcode (106 bytes) Linux/x86-64 - Reverse Netcat Shell (127.0.0.1:1234) Polymorphic Shellcode (106 bytes) Linux/x86 - Bind Shell Shellcode (44 bytes) Linux/x86 - Bind TCP /bin/sh Random Port Shell Shellcode (44 bytes) Linux/x86 - Reverse TCP Shell (127.1.1.1:11111/TCP) Shellcode (67 bytes) Linux/x86 - Reverse /bin/bash Shell (192.168.3.119:54321) Shellcode (110 bytes) Linux/x86 - Reverse TCP Shell (127.1.1.1:11111/TCP) Null-Free Shellcode (67 bytes) Linux/x86 - Reverse TCP /bin/bash Shell (192.168.3.119:54321) Shellcode (110 bytes) Linux/x86 - Disable ASLR Shellcode (80 bytes) Linux/x86-64 - Reverse TCP Shell (::1:1472/TCP) (IPv6) Shellcode (113 bytes) Linux/x86 - Disable ASLR Security Shellcode (80 bytes) Linux/x86-64 - Reverse TCP Shell (::1:1472/TCP) (IPv6) Null-Free Shellcode (113 bytes) Linux/x86-64 - /bin/sh Shellcode (31 bytes) Linux/x86 - execve(/bin/sh) setuid(0) setgid(0) (XOR Encoded) Shellcode (66 bytes) Linux/x86-64 - execve /bin/sh Shellcode (31 bytes) Linux/x86 - execve(/bin/sh) + setuid(0) + setgid(0) XOR Encoded Shellcode (66 bytes) Linux/x86 - Reverse UDP Shell (127.0.0.1:53/UDP) Shellcode (668 bytes) Linux/x86 - Bind Shell 4444/TCP Shellcode (75 bytes) Linux/x86 - Reverse UDP /bin/sh Shell (127.0.0.1:53/UDP) Shellcode (668 bytes) Linux/x86 - Bind TCP /bin/sh Shell (4444/TCP) Null-Free Shellcode (75 bytes) Linux x86 - /bin/sh Shellcode (24 bytes) Linux x86 - execve /bin/sh Shellcode (24 bytes) Linux/x86_64 - kill All Processes Shellcode (19 bytes) Linux/x86_64 - Kill All Processes Shellcode (19 bytes) Php Cloud mining Script - Authentication Bypass (Bitcoin / Dogecoin) PHP Cloud Mining Script - Authentication Bypass	2017-08-23 05:01:29 +00:00
Offensive Security	47d7100c18	DB: 2016-03-21 1 new exploits IRIX Multiple Buffer Overflow Exploits (LsD) IRIX - Multiple Buffer Overflow Exploits (LsD) Oracle Database PL/SQL Statement Multiple SQL Injection Exploits Oracle Database PL/SQL Statement - Multiple SQL Injection Exploits Wordpress <= 1.5.1.2 - xmlrpc Interface SQL Injection Exploit WordPress <= 1.5.1.2 - xmlrpc Interface SQL Injection Exploit Wordpress <= 1.5.1.3 - Remote Code Execution (0Day) WordPress <= 1.5.1.3 - Remote Code Execution (0Day) Wordpress <= 1.5.1.3 - Remote Code Execution eXploit (metasploit) WordPress <= 1.5.1.3 - Remote Code Execution eXploit (metasploit) Barracuda Spam Firewall < 3.1.18 Command Execution Exploit (meta) Barracuda Spam Firewall < 3.1.18 Command Execution Exploit (Metasploit) HP-UX FTP Server Preauthentication Directory Listing Exploit (meta) Microsoft Windows IIS - SA WebAgent 5.2/5.3 Redirect Overflow Exploit (meta) HP-UX <= 11.11 lpd Remote Command Execution Exploit (meta) CA Unicenter 3.1 CAM log_security() Stack Overflow Exploit (meta) HP-UX FTP Server Preauthentication Directory Listing Exploit (Metasploit) Microsoft Windows IIS - SA WebAgent 5.2/5.3 Redirect Overflow Exploit (Metasploit) HP-UX <= 11.11 lpd Remote Command Execution Exploit (Metasploit) CA Unicenter 3.1 CAM log_security() Stack Overflow Exploit (Metasploit) Snort <= 2.4.2 BackOrifice Remote Buffer Overflow Exploit (meta) Snort <= 2.4.2 BackOrifice Remote Buffer Overflow Exploit (Metasploit) WzdFTPD <= 0.5.4 (SITE) Remote Command Execution Exploit (meta) WzdFTPD <= 0.5.4 (SITE) Remote Command Execution Exploit (Metasploit) Golden FTP Server <= 1.92 - (APPE) Remote Overflow Exploit (meta) Golden FTP Server <= 1.92 - (APPE) Remote Overflow Exploit (Metasploit) Windows XP/2003 Metafile Escape() Code Execution Exploit (meta) Windows XP/2003 Metafile Escape() Code Execution Exploit (Metasploit) Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit (meta) Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit (Metasploit) Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (meta) Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (Metasploit) SoftiaCom WMailserver 1.0 SMTP Remote Buffer Overflow Exploit (meta) SoftiaCom WMailserver 1.0 SMTP Remote Buffer Overflow Exploit (Metasploit) Microsoft Windows Media Player 9 - Plugin Overflow Exploit (MS06-006) (meta) Microsoft Windows Media Player 9 - Plugin Overflow Exploit (MS06-006) (Metasploit) Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit (meta) Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit (Metasploit) PeerCast <= 0.1216 - Remote Buffer Overflow Exploit (Win32) (meta) PeerCast <= 0.1216 - Remote Buffer Overflow Exploit (Win32) (Metasploit) PuTTy.exe <= 0.53 - (validation) Remote Buffer Overflow Exploit (meta) PuTTy.exe <= 0.53 - (validation) Remote Buffer Overflow Exploit (Metasploit) RealVNC 4.1.0 - 4.1.1 - (Null Authentication) Auth Bypass Exploit (meta) RealVNC 4.1.0 - 4.1.1 - (Null Authentication) Auth Bypass Exploit (Metasploit) CesarFTP 0.99g - (MKD) Remote Buffer Overflow Exploit (meta) CesarFTP 0.99g - (MKD) Remote Buffer Overflow Exploit (Metasploit) TWiki <= 4.0.4 (Configure Script) Remote Code Execution Exploit (meta) TWiki <= 4.0.4 (Configure Script) Remote Code Execution Exploit (Metasploit) Omni-NFS Server 5.2 (nfsd.exe) Remote Stack Overflow Exploit (meta) OpenLDAP 2.2.29 - Remote Denial of Service Exploit (meta) Omni-NFS Server 5.2 (nfsd.exe) Remote Stack Overflow Exploit (Metasploit) OpenLDAP 2.2.29 - Remote Denial of Service Exploit (Metasploit) Broadcom Wireless Driver Probe Response SSID Overflow Exploit (meta) D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Exploit (meta) Broadcom Wireless Driver Probe Response SSID Overflow Exploit (Metasploit) D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Exploit (Metasploit) VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (meta) VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (Metasploit) Wordpress 2.0.5 - Trackback UTF-7 - Remote SQL Injection Exploit WordPress 2.0.5 - Trackback UTF-7 - Remote SQL Injection Exploit Berlios GPSD <= 2.7 - Remote Format String Exploit (meta) Berlios GPSD <= 2.7 - Remote Format String Exploit (Metasploit) FileCOPA FTP Server <= 1.01 (LIST) Remote BoF Exploit (meta) FileCOPA FTP Server <= 1.01 (LIST) Remote BoF Exploit (Metasploit) Wordpress <= 2.0.6 - wp-trackback.php Remote SQL Injection Exploit WordPress <= 2.0.6 - wp-trackback.php Remote SQL Injection Exploit 3Com TFTP Service <= 2.0.1 - Remote Buffer Overflow Exploit (meta) 3Com TFTP Service <= 2.0.1 - Remote Buffer Overflow Exploit (Metasploit) Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit (meta) Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit (Metasploit) IPSwitch WS-FTP 5.05 (XMD5) Remote Buffer Overflow Exploit (meta) IPSwitch WS-FTP 5.05 (XMD5) Remote Buffer Overflow Exploit (Metasploit) NaviCOPA Web Server 2.01 - Remote Buffer Overflow Exploit (meta) NaviCOPA Web Server 2.01 - Remote Buffer Overflow Exploit (Metasploit) Wordpress 2.1.2 - (xmlrpc) Remote SQL Injection Exploit WordPress 2.1.2 - (xmlrpc) Remote SQL Injection Exploit AOL SuperBuddy ActiveX Control Remote Code Execution Exploit (meta) AOL SuperBuddy ActiveX Control Remote Code Execution Exploit (Metasploit) Wordpress plugin wp-Table <= 1.43 - (inc_dir) RFI Vulnerability Wordpress plugin wordTube <= 1.43 - (wpPATH) RFI Vulnerability WordPress plugin wp-Table <= 1.43 - (inc_dir) RFI Vulnerability WordPress plugin wordTube <= 1.43 - (wpPATH) RFI Vulnerability Wordpress plugin myflash <= 1.00 - (wppath) RFI Vulnerability WordPress plugin myflash <= 1.00 - (wppath) RFI Vulnerability Wordpress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit WordPress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit SNMPc <= 7.0.18 - Remote Denial of Service Exploit (meta) SNMPc <= 7.0.18 - Remote Denial of Service Exploit (Metasploit) Wordpress 2.2 - (xmlrpc.php) Remote SQL Injection Exploit WordPress 2.2 - (xmlrpc.php) Remote SQL Injection Exploit CCProxy <= 6.2 - Telnet Proxy Ping Overflow Exploit (meta) CCProxy <= 6.2 - Telnet Proxy Ping Overflow Exploit (Metasploit) Wordpress Multiple Versions - Pwnpress Exploitation Tookit (0.2pub) WordPress Multiple Versions - Pwnpress Exploitation Tookit (0.2pub) eIQnetworks ESA SEARCHREPORT Remote Overflow Exploit (meta) eIQnetworks ESA SEARCHREPORT Remote Overflow Exploit (Metasploit) Wordpress Plugin PictPress <= 0.91 - Remote File Disclosure Vulnerability WordPress Plugin PictPress <= 0.91 - Remote File Disclosure Vulnerability Wordpress <= 2.3.1 - Charset Remote SQL Injection Vulnerability WordPress <= 2.3.1 - Charset Remote SQL Injection Vulnerability Wordpress Plugin Wp-FileManager 1.2 - Remote Upload Vulnerability WordPress Plugin Wp-FileManager 1.2 - Remote Upload Vulnerability Wordpress plugin WP-Forum 1.7.4 - Remote SQL Injection Vulnerability WordPress plugin WP-Forum 1.7.4 - Remote SQL Injection Vulnerability Wordpress Plugin WP-Cal 0.3 - editevent.php SQL Injection Vulnerability Wordpress plugin fGallery 2.4.1 - fimrss.php SQL Injection Vulnerability WordPress Plugin WP-Cal 0.3 - editevent.php SQL Injection Vulnerability WordPress plugin fGallery 2.4.1 - fimrss.php SQL Injection Vulnerability Wordpress Plugin Adserve 0.2 - adclick.php SQL Injection Exploit WordPress Plugin Adserve 0.2 - adclick.php SQL Injection Exploit Wordpress Plugin WassUp 1.4.3 - (spy.php to_date) SQL Injection Exploit WordPress Plugin WassUp 1.4.3 - (spy.php to_date) SQL Injection Exploit Wordpress Plugin Wordspew - Remote SQL Injection Vulnerability WordPress Plugin Wordspew - Remote SQL Injection Vulnerability Wordpress Plugin st_newsletter - Remote SQL Injection Vulnerability WordPress Plugin st_newsletter - Remote SQL Injection Vulnerability Wordpress MU < 1.3.2 - active_plugins option Code Execution Exploit WordPress MU < 1.3.2 - active_plugins option Code Execution Exploit Wordpress Plugin Simple Forum 2.0-2.1 - SQL Injection Vulnerability Wordpress Plugin Simple Forum 1.10-1.11 - SQL Injection Vulnerability WordPress Plugin Simple Forum 2.0-2.1 - SQL Injection Vulnerability WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection Vulnerability Wordpress Photo album Remote - SQL Injection Vulnerability WordPress Photo album Remote - SQL Injection Vulnerability Wordpress Plugin Sniplets 1.1.2 - (RFI/XSS/RCE) Multiple Vulnerabilities WordPress Plugin Sniplets 1.1.2 - (RFI/XSS/RCE) Multiple Vulnerabilities Wordpress Plugin Download - (dl_id) SQL Injection Vulnerability WordPress Plugin Download - (dl_id) SQL Injection Vulnerability Sun Solaris <= 10 - rpc.ypupdated Remote Root Exploit (meta) Sun Solaris <= 10 - rpc.ypupdated Remote Root Exploit (Metasploit) Intel Centrino ipw2200BG Wireless Driver Remote BoF Exploit (meta) Intel Centrino ipw2200BG Wireless Driver Remote BoF Exploit (Metasploit) Wordpress Plugin Spreadsheet <= 0.6 - SQL Injection Vulnerability WordPress Plugin Spreadsheet <= 0.6 - SQL Injection Vulnerability HP StorageWorks NSI Double Take Remote Overflow Exploit (meta) HP StorageWorks NSI Double Take Remote Overflow Exploit (Metasploit) BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (meta) BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (Metasploit) Wordpress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit WordPress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit CitectSCADA ODBC Server Remote Stack Buffer Overflow Exploit (meta) CitectSCADA ODBC Server Remote Stack Buffer Overflow Exploit (Metasploit) Wordpress 2.6.1 - SQL Column Truncation Vulnerability WordPress 2.6.1 - SQL Column Truncation Vulnerability Wordpress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit WordPress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit Microsoft Windows - WRITE_ANDX SMB command handling Kernel DoS (meta) Microsoft Windows - WRITE_ANDX SMB command handling Kernel DoS (Metasploit) WonderWare SuiteLink 2.0 - Remote Denial of Service Exploit (meta) WonderWare SuiteLink 2.0 - Remote Denial of Service Exploit (Metasploit) ICONICS Vessel / Gauge / Switch 8.02.140 - ActiveX BoF Exploit (meta) ICONICS Vessel / Gauge / Switch 8.02.140 - ActiveX BoF Exploit (Metasploit) Wordpress Plugin st_newsletter - (stnl_iframe.php) SQL Injection Vuln WordPress Plugin st_newsletter - (stnl_iframe.php) SQL Injection Vuln PumpKIN TFTP Server 2.7.2.0 - Denial of Service Exploit (meta) PumpKIN TFTP Server 2.7.2.0 - Denial of Service Exploit (Metasploit) Wordpress Plugin e-Commerce <= 3.4 - Arbitrary File Upload Exploit WordPress Plugin e-Commerce <= 3.4 - Arbitrary File Upload Exploit GE Fanuc Real Time Information Portal 2.6 writeFile() API Exploit (meta) GE Fanuc Real Time Information Portal 2.6 writeFile() API Exploit (Metasploit) GE Proficy Real Time Information Portal Credentials Leak Sniffer (meta) GE Proficy Real Time Information Portal Credentials Leak Sniffer (Metasploit) Wordpress Plugin Page Flip Image Gallery <= 0.2.2 - Remote FD Vuln WordPress Plugin Page Flip Image Gallery <= 0.2.2 - Remote FD Vuln Wordpress plugin WP-Forum 1.7.8 - Remote SQL Injection Vulnerability WordPress plugin WP-Forum 1.7.8 - Remote SQL Injection Vulnerability OpenHelpDesk 1.0.100 eval() Code Execution Exploit (meta) OpenHelpDesk 1.0.100 eval() Code Execution Exploit (Metasploit) Oracle 10g MDSYS.SDO_TOPO_DROP_FTBL SQL Injection Exploit (meta) Oracle 10g MDSYS.SDO_TOPO_DROP_FTBL SQL Injection Exploit (Metasploit) Wordpress MU < 2.7 - 'HOST' HTTP Header XSS Vulnerability WordPress MU < 2.7 - 'HOST' HTTP Header XSS Vulnerability Wordpress Plugin fMoblog 2.1 - (id) SQL Injection Vulnerability WordPress Plugin fMoblog 2.1 - (id) SQL Injection Vulnerability VirtueMart <= 1.1.2 - Remote SQL Injection Exploit (meta) VirtueMart <= 1.1.2 - Remote SQL Injection Exploit (Metasploit) ASP Product Catalog 1.0 (XSS/DD) Multiple Remote Exploits ASP Product Catalog 1.0 - (XSS/DD) Multiple Remote Exploits 32bit FTP - (PASV) Reply Client Remote Overflow Exploit (meta) 32bit FTP - (PASV) Reply Client Remote Overflow Exploit (Metasploit) Wordpress Plugin Lytebox - (wp-lytebox) Local File Inclusion Vulnerability WordPress Plugin Lytebox - (wp-lytebox) Local File Inclusion Vulnerability Apple iTunes 8.1.1 - (ITMS) Multiple Protocol Handler BoF Exploit (meta) Apple iTunes 8.1.1 - (ITMS) Multiple Protocol Handler BoF Exploit (Metasploit) Green Dam 3.17 URL Processing Buffer Overflow Exploit (meta) Green Dam 3.17 URL Processing Buffer Overflow Exploit (Metasploit) HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos (meta) HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos (Metasploit) Wordpress 2.8.1 - (url) Remote Cross-Site Scripting Exploit WordPress 2.8.1 - (url) Remote Cross-Site Scripting Exploit Cisco WLC 4402 - Basic Auth Remote Denial of Service (meta) Cisco WLC 4402 - Basic Auth Remote Denial of Service (Metasploit) Wordpress <= 2.8.3 - Remote Admin Reset Password Vulnerability WordPress <= 2.8.3 - Remote Admin Reset Password Vulnerability Wordpress Plugin WP-Syntax <= 0.9.1 - Remote Command Execution WordPress Plugin WP-Syntax <= 0.9.1 - Remote Command Execution ProFTP 2.9 (welcome message) Remote Buffer Overflow Exploit (meta) ProFTP 2.9 (welcome message) Remote Buffer Overflow Exploit (Metasploit) Cerberus FTP 3.0.1 (ALLO) Remote Overflow DoS Exploit (meta) Cerberus FTP 3.0.1 (ALLO) Remote Overflow DoS Exploit (Metasploit) SIDVault 2.0e Windows Remote Buffer Overflow Exploit (meta) SIDVault 2.0e Windows Remote Buffer Overflow Exploit (Metasploit) Wordpress Image Manager Plugins - Shell Upload Vulnerability WordPress Image Manager Plugins - Shell Upload Vulnerability HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (Meta) HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (Metasploit) Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (meta) Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (Metasploit) gAlan 0.2.1 - Universal Buffer Overflow Exploit (meta) gAlan 0.2.1 - Universal Buffer Overflow Exploit (Metasploit) Audio Workstation 6.4.2.4.3 pls Buffer Overflow (meta) Audio Workstation 6.4.2.4.3 pls Buffer Overflow (Metasploit) Eureka Email 2.2q ERR Remote Buffer Overflow Exploit (meta) Eureka Email 2.2q ERR Remote Buffer Overflow Exploit (Metasploit) Media Jukebox 8.0.400 (seh) Buffer Overflow Exploit (meta) Media Jukebox 8.0.400 (seh) Buffer Overflow Exploit (Metasploit) Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (Meta) Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (Metasploit) Wordpress <= 2.9 - DoS (0day) WordPress <= 2.9 - DoS (0day) Wordpress Events Plugin - SQL Injection Vulnerability WordPress Events Plugin - SQL Injection Vulnerability PlayMeNow 7.3 & 7.4 - Buffer Overflow (meta) PlayMeNow 7.3 & 7.4 - Buffer Overflow (Metasploit) Soritong 1.0 - Universal BOF-SEH (META) Soritong 1.0 - Universal BOF-SEH (Metasploit) Audiotran 1.4.1 (PLS File) Stack Overflow (meta) Audiotran 1.4.1 (PLS File) Stack Overflow (Metasploit) AOL 9.5 Phobos.Playlist 'Import()' Buffer Overflow Exploit (Meta) AOL 9.5 Phobos.Playlist 'Import()' Buffer Overflow Exploit (Metasploit) Hyleos ChemView 1.9.5.1 - ActiveX Control Buffer Overflow Exploit (meta) Hyleos ChemView 1.9.5.1 - ActiveX Control Buffer Overflow Exploit (Metasploit) Easy FTP Server 1.7.0.2 - CWD Remote BoF (MSF Module) Easy FTP Server 1.7.0.2 - CWD Remote BoF (Metasploit) Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta) Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (Metasploit) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (meta) (Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit) Wordpress Plugin NextGEN Gallery <= 1.5.1 - XSS Vulnerability WordPress Plugin NextGEN Gallery <= 1.5.1 - XSS Vulnerability Winamp 5.572 - whatsnew.txt SEH (meta) Winamp 5.572 - whatsnew.txt SEH (Metasploit) WM Downloader 3.0.0.9 - Buffer Overflow (Meta) WM Downloader 3.0.0.9 - Buffer Overflow (Metasploit) TFTPGUI 1.4.5 - Long Transport Mode Overflow DoS (Meta) TFTPGUI 1.4.5 - Long Transport Mode Overflow DoS (Metasploit) IDEAL Migration 4.5.1 - Buffer Overflow Exploit (Meta) IDEAL Migration 4.5.1 - Buffer Overflow Exploit (Metasploit) BlazeDVD 6.0 - Buffer Overflow Exploit (Meta) BlazeDVD 6.0 - Buffer Overflow Exploit (Metasploit) Simple:Press Wordpress Plugin 4.3.0 - SQL Injection Vulnerability Simple:Press WordPress Plugin 4.3.0 - SQL Injection Vulnerability Wordpress Firestats - Remote Configuration File Download WordPress Firestats - Remote Configuration File Download MoreAmp SEH Buffer Overflow (meta) MoreAmp SEH Buffer Overflow (Metasploit) Hero DVD - Buffer Overflow Exploit (meta) Hero DVD - Buffer Overflow Exploit (Metasploit) Easy FTP Server 1.7.0.11 - LIST Command Remote BoF Exploit (Post Auth) - (meta) Easy FTP Server 1.7.0.11 - LIST Command Remote BoF Exploit (Post Auth) - (Metasploit) Wordpress Events Manager Extended Plugin - Persistent XSS Vulnerability WordPress Events Manager Extended Plugin - Persistent XSS Vulnerability Novell iPrint Client ActiveX Control call-back-url Buffer Overflow Exploit (meta) Novell iPrint Client ActiveX Control call-back-url Buffer Overflow Exploit (Metasploit) MP3 Workstation 9.2.1.1.2 - SEH Exploit (MSF) MP3 Workstation 9.2.1.1.2 - SEH Exploit (Metasploit) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (MSF) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) Wordpress Event Registration Plugin 5.32 - SQL Injection Vulnerability WordPress Event Registration Plugin 5.32 - SQL Injection Vulnerability Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (msf) Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit) TFTPUtil GUI 1.4.5 - DoS (Meta) TFTPUtil GUI 1.4.5 - DoS (Metasploit) Wordpress do_trackbacks() function - SQL Injection Vulnerability WordPress do_trackbacks() function - SQL Injection Vulnerability Create a New User with UID 0 - ARM (Meta) Create a New User with UID 0 - ARM (Metasploit) Comment Rating 2.9.23 Wordpress Plugin - Multiple Vulnerabilities Comment Rating 2.9.23 WordPress Plugin - Multiple Vulnerabilities Z-Vote 1.1 Wordpress Plugin - SQL Injection Vulnerability Z-Vote 1.1 WordPress Plugin - SQL Injection Vulnerability GigPress 2.1.10 Wordpress Plugin - Stored XSS Vulnerability Relevanssi 2.7.2 Wordpress Plugin - Stored XSS Vulnerability GigPress 2.1.10 WordPress Plugin - Stored XSS Vulnerability Relevanssi 2.7.2 WordPress Plugin - Stored XSS Vulnerability Wordpress Plugin Forum Server 1.6.5 - SQL Injection Vulnerability IWantOneButton 3.0.1 Wordpress Plugin - Multiple Vulnerabilities WordPress Plugin Forum Server 1.6.5 - SQL Injection Vulnerability IWantOneButton 3.0.1 WordPress Plugin - Multiple Vulnerabilities jQuery Mega Menu 1.0 Wordpress Plugin - Local File Inclusion OPS Old Post Spinner 2.2.1 Wordpress Plugin - LFI Vulnerability jQuery Mega Menu 1.0 WordPress Plugin - Local File Inclusion OPS Old Post Spinner 2.2.1 WordPress Plugin - LFI Vulnerability PHP Speedy <= 0.5.2 Wordpress Plugin - (admin_container.php) Remote Code Execution Exploit PHP Speedy <= 0.5.2 WordPress Plugin - (admin_container.php) Remote Code Execution Exploit GRAND Flash Album Gallery 0.55 Wordpress Plugin - Multiple Vulnerabilities GRAND Flash Album Gallery 0.55 WordPress Plugin - Multiple Vulnerabilities Wordpress plugin BackWPup - Remote and Local Code Execution Vulnerability WordPress plugin BackWPup - Remote and Local Code Execution Vulnerability Wordpress Plugin Custom Pages 0.5.0.1 - LFI Vulnerability WordPress Plugin Custom Pages 0.5.0.1 - LFI Vulnerability Microsoft Word 2003 - Record Parsing Buffer Overflow (meta) (MS09-027) Microsoft Word 2003 - Record Parsing Buffer Overflow (Metasploit) (MS09-027) Wordpress Plugin Is-human <= 1.4.2 - Remote Command Execution Vulnerability WordPress Plugin Is-human <= 1.4.2 - Remote Command Execution Vulnerability Wordpress Beer Recipes Plugin 1.0 - XSS WordPress Beer Recipes Plugin 1.0 - XSS Word List Builder 1.0 - Buffer Overflow Exploit (MSF) Word List Builder 1.0 - Buffer Overflow Exploit (Metasploit) Wordtrainer 3.0 - (.ord) Buffer Overflow Vulnerability (MSF) Wordtrainer 3.0 - (.ord) Buffer Overflow Vulnerability (Metasploit) Freefloat FTP Server Buffer Overflow Vulnerability (MSF) CoolPlayer Portable 2.19.2 - Buffer Overflow (MSF) Freefloat FTP Server Buffer Overflow Vulnerability (Metasploit) CoolPlayer Portable 2.19.2 - Buffer Overflow (Metasploit) Freefloat FTP Server MKD Buffer Overflow (MSF) Freefloat FTP Server MKD Buffer Overflow (Metasploit) FreeFloat FTP Server REST Buffer Overflow (MSF) FreeFloat FTP Server REST Buffer Overflow (Metasploit) Joomla 1.5 com_virtuemart <= 1.1.7 - Blind time-based SQL Injection (MSF) Joomla 1.5 com_virtuemart <= 1.1.7 - Blind time-based SQL Injection (Metasploit) Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (MSF) (0day) Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (Metasploit) (0day) ABBS Audio Media Player 3.0 - Buffer Overflow Exploit (MSF) ABBS Electronic Flashcards 2.1 - Buffer Overflow Exploit (MSF) ABBS Audio Media Player 3.0 - Buffer Overflow Exploit (Metasploit) ABBS Electronic Flashcards 2.1 - Buffer Overflow Exploit (Metasploit) FreeAmp 2.0.7 - (.fat) Buffer Overflow Exploit (MSF) FreeAmp 2.0.7 - (.fat) Buffer Overflow Exploit (Metasploit) Wordpress Plugin E-commerce <= 3.8.4 - SQL Injection Exploit WordPress Plugin E-commerce <= 3.8.4 - SQL Injection Exploit Wordpress Plugin Symposium <= 0.64 - SQL Injection Vulnerability WordPress Plugin Symposium <= 0.64 - SQL Injection Vulnerability Wordpress Plugin DS FAQ <= 1.3.2 - SQL Injection Vulnerability Wordpress Plugin Forum <= 1.7.8 - SQL Injection Vulnerability WordPress Plugin DS FAQ <= 1.3.2 - SQL Injection Vulnerability WordPress Plugin Forum <= 1.7.8 - SQL Injection Vulnerability Solarftp 2.1.2 - PASV Buffer Overflow Exploit (MSF) Solarftp 2.1.2 - PASV Buffer Overflow Exploit (Metasploit) Wordpress Plugin audio gallery playlist <= 0.12 - SQL Injection WordPress Plugin audio gallery playlist <= 0.12 - SQL Injection Wordpress grapefile plugin <= 1.1 - Arbitrary File Upload WordPress grapefile plugin <= 1.1 - Arbitrary File Upload Wordpress Plugin Bannerize <= 2.8.6 - SQL Injection WordPress Plugin Bannerize <= 2.8.6 - SQL Injection Wordpress 1 Flash Gallery Plugin - Arbiraty File Upload Exploit (MSF) WordPress 1 Flash Gallery Plugin - Arbiraty File Upload Exploit (Metasploit) BisonFTP Server <= 3.5 - Remote Buffer Overflow Exploit (MSF) BisonFTP Server <= 3.5 - Remote Buffer Overflow Exploit (Metasploit) Wordpress Event Registration plugin <= 5.44 - SQL Injection Vulnerability WordPress Event Registration plugin <= 5.44 - SQL Injection Vulnerability Wordpress Plugin Forum Server <= 1.7 - SQL Injection Vulnerability WordPress Plugin Forum Server <= 1.7 - SQL Injection Vulnerability Wordpress Plugin e-Commerce <= 3.8.6 - SQL Injection Vulnerability WordPress Plugin e-Commerce <= 3.8.6 - SQL Injection Vulnerability Wordpress TheCartPress Plugin 1.1.1 - Remote File Inclusion Wordpress AllWebMenus Plugin 1.1.3 - Remote File Inclusion Wordpress WPEasyStats Plugin 1.8 - Remote File Inclusion Wordpress Annonces Plugin 1.2.0.0 - Remote File Inclusion Wordpress Livesig Plugin 0.4 - Remote File Inclusion Wordpress Disclosure Policy Plugin 1.0 - Remote File Inclusion Wordpress Mailing List Plugin 1.3.2 - Remote File Inclusion Wordpress Zingiri Web Shop Plugin 2.2.0 - Remote File Inclusion Wordpress Mini Mail Dashboard Widget Plugin 1.36 - Remote File Inclusion Wordpress Relocate Upload Plugin 0.14 - Remote File Inclusion WordPress TheCartPress Plugin 1.1.1 - Remote File Inclusion WordPress AllWebMenus Plugin 1.1.3 - Remote File Inclusion WordPress WPEasyStats Plugin 1.8 - Remote File Inclusion WordPress Annonces Plugin 1.2.0.0 - Remote File Inclusion WordPress Livesig Plugin 0.4 - Remote File Inclusion WordPress Disclosure Policy Plugin 1.0 - Remote File Inclusion WordPress Mailing List Plugin 1.3.2 - Remote File Inclusion WordPress Zingiri Web Shop Plugin 2.2.0 - Remote File Inclusion WordPress Mini Mail Dashboard Widget Plugin 1.36 - Remote File Inclusion WordPress Relocate Upload Plugin 0.14 - Remote File Inclusion Multiple Wordpress Plugin - timthumb.php Vulnerabilites Multiple WordPress Plugin - timthumb.php Vulnerabilites ScriptFTP 3.3 - Remote Buffer Overflow (MSF) ScriptFTP 3.3 - Remote Buffer Overflow (Metasploit) Wordpress Plugin Bannerize <= 2.8.7 - SQL Injection Vulnerability WordPress Plugin Bannerize <= 2.8.7 - SQL Injection Vulnerability Wordpress Plugin Photo Album Plus <= 4.1.1 - SQL Injection Vulnerability WordPress Plugin Photo Album Plus <= 4.1.1 - SQL Injection Vulnerability Wordpress Plugin Glossary - SQL Injection WordPress Plugin Glossary - SQL Injection Wordpress Zingiri Plugin <= 2.2.3 - (ajax_save_name.php) Remote Code Execution WordPress Zingiri Plugin <= 2.2.3 - (ajax_save_name.php) Remote Code Execution Wordpress UPM-POLLS Plugin 1.0.4 - Blind SQL Injection WordPress UPM-POLLS Plugin 1.0.4 - Blind SQL Injection Wordpress Mailing List Plugin - Arbitrary File Download WordPress Mailing List Plugin - Arbitrary File Download Wordpress Kish Guest Posting Plugin 1.0 - Arbitrary File Upload WordPress Kish Guest Posting Plugin 1.0 - Arbitrary File Upload Wordpress Age Verification Plugin <= 0.4 - Open Redirect WordPress Age Verification Plugin <= 0.4 - Open Redirect Wordpress Count-per-day plugin - Multiple Vulnerabilities WordPress Count-per-day plugin - Multiple Vulnerabilities Wordpress <= 3.3.1 - Multiple Vulnerabilities WordPress <= 3.3.1 - Multiple Vulnerabilities Sysax Multi Server 5.50 - Create Folder Remote Code Execution BoF (MSF Module) Sysax Multi Server 5.50 - Create Folder Remote Code Execution BoF (Metasploit) DJ Studio Pro 5.1.6.5.2 SEH Exploit MSF DJ Studio Pro 5.1.6.5.2 - SEH Exploit (Metasploit) Sysax 5.53 SSH Username Buffer Overflow (msf) Sysax 5.53 SSH Username Buffer Overflow (Metasploit) RM Downloader 3.1.3.3.2010.06.26 - (.m3u) Buffer Overflow (MSF) RM Downloader 3.1.3.3.2010.06.26 - (.m3u) Buffer Overflow (Metasploit) Buddypress plugin of Wordpress - Remote SQL Injection Buddypress plugin of WordPress - Remote SQL Injection Wordpress Zingiri Web Shop Plugin <= 2.4.0 - Multiple XSS Vulnerabilities WordPress Zingiri Web Shop Plugin <= 2.4.0 - Multiple XSS Vulnerabilities Wordpress 3.3.1 - Multiple CSRF Vulnerabilities WordPress 3.3.1 - Multiple CSRF Vulnerabilities Wordpress Zingiri Web Shop Plugin <= 2.4.2 - Persistent XSS WordPress Zingiri Web Shop Plugin <= 2.4.2 - Persistent XSS Wordpress WP-Property Plugin 1.35.0 - Arbitrary File Upload Wordpress Plugin Marketplace Plugin 1.5.0 - 1.6.1 - Arbitrary File Upload Wordpress Google Maps via Store Locator Plugin 2.7.1 - 3.0.1 - Multiple Vulnerabilities Wordpress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload Wordpress Foxypress Plugin 0.4.1.1 - 0.4.2.1 - Arbitrary File Upload WordPress WP-Property Plugin 1.35.0 - Arbitrary File Upload WordPress Plugin Marketplace Plugin 1.5.0 - 1.6.1 - Arbitrary File Upload WordPress Google Maps via Store Locator Plugin 2.7.1 - 3.0.1 - Multiple Vulnerabilities WordPress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload WordPress Foxypress Plugin 0.4.1.1 - 0.4.2.1 - Arbitrary File Upload Wordpress Asset Manager Plugin 0.2 - Arbitrary File Upload Wordpress Font Uploader Plugin 1.2.4 - Arbitrary File Upload WordPress Asset Manager Plugin 0.2 - Arbitrary File Upload WordPress Font Uploader Plugin 1.2.4 - Arbitrary File Upload Wordpress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload Wordpress Gallery Plugin 3.06 - Arbitrary File Upload WordPress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload WordPress Gallery Plugin 3.06 - Arbitrary File Upload Wordpress Front File Manager Plugin 0.1 - Arbitrary File Upload Wordpress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure Vulnerability WordPress Front File Manager Plugin 0.1 - Arbitrary File Upload WordPress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure Vulnerability Wordpress Front End Upload 0.5.3 - Arbitrary File Upload Wordpress Omni Secure Files Plugin 0.1.13 - Arbitrary File Upload Wordpress PICA Photo Gallery Plugin 1.0 - Remote File Disclosure WordPress Front End Upload 0.5.3 - Arbitrary File Upload WordPress Omni Secure Files Plugin 0.1.13 - Arbitrary File Upload WordPress PICA Photo Gallery Plugin 1.0 - Remote File Disclosure Wordpress Plugin: Newsletter 1.5 - Remote File Disclosure Vulnerability Wordpress RBX Gallery Plugin 2.1 - Arbitrary File Upload Wordpress Simple Download Button Shortcode Plugin 1.0 - Remote File Disclosure Wordpress Thinkun Remind Plugin 1.1.3 - Remote File Disclosure Wordpress Tinymce Thumbnail Gallery Plugin 1.0.7 - Remote File Disclosure Wordpress wpStoreCart Plugin 2.5.27-2.5.29 - Arbitrary File Upload WordPress Plugin: Newsletter 1.5 - Remote File Disclosure Vulnerability WordPress RBX Gallery Plugin 2.1 - Arbitrary File Upload WordPress Simple Download Button Shortcode Plugin 1.0 - Remote File Disclosure WordPress Thinkun Remind Plugin 1.1.3 - Remote File Disclosure WordPress Tinymce Thumbnail Gallery Plugin 1.0.7 - Remote File Disclosure WordPress wpStoreCart Plugin 2.5.27-2.5.29 - Arbitrary File Upload Wordpress Content Flow 3D Plugin 1.0.0 - Arbitrary File Upload WordPress Content Flow 3D Plugin 1.0.0 - Arbitrary File Upload Wordpress wp-gpx-map 1.1.21 - Arbitrary File Upload Vulnerability WordPress wp-gpx-map 1.1.21 - Arbitrary File Upload Vulnerability Wordpress User Meta 1.1.1 - Arbitrary File Upload Vulnerability Wordpress Top Quark Architecture 2.10 - Arbitrary File Upload Vulnerability Wordpress SfBrowser 1.4.5 - Arbitrary File Upload Vulnerability Wordpress Pica Photo Gallery 1.0 - Arbitrary File Upload Vulnerability Wordpress Mac Photo Gallery 2.7 - Arbitrary File Upload Wordpress drag and drop file upload 0.1 - Arbitrary File Upload Vulnerability Wordpress Custom Content Type Manager 0.9.5.13-pl - Arbitrary File Upload Vulnerability WordPress User Meta 1.1.1 - Arbitrary File Upload Vulnerability WordPress Top Quark Architecture 2.10 - Arbitrary File Upload Vulnerability WordPress SfBrowser 1.4.5 - Arbitrary File Upload Vulnerability WordPress Pica Photo Gallery 1.0 - Arbitrary File Upload Vulnerability WordPress Mac Photo Gallery 2.7 - Arbitrary File Upload WordPress drag and drop file upload 0.1 - Arbitrary File Upload Vulnerability WordPress Custom Content Type Manager 0.9.5.13-pl - Arbitrary File Upload Vulnerability Wordpress Automatic Plugin 2.0.3 - SQL Injection WordPress Automatic Plugin 2.0.3 - SQL Injection Wordpress Fancy Gallery Plugin 1.2.4 - Arbitrary File Upload WordPress Fancy Gallery Plugin 1.2.4 - Arbitrary File Upload UoW imapd 10.234/12.264 LSUB Buffer Overflow (meta) UoW imapd 10.234/12.264 COPY Buffer Overflow (meta) UoW imapd 10.234/12.264 LSUB Buffer Overflow (Metasploit) UoW imapd 10.234/12.264 COPY Buffer Overflow (Metasploit) Wordpress Diary/Notebook Site5 Theme Email Spoofing WordPress Diary/Notebook Site5 Theme Email Spoofing Wordpress Plugin Effective Lead Management 3.0.0 - Persistent XSS WordPress Plugin Effective Lead Management 3.0.0 - Persistent XSS Wordpress Plugin ThreeWP Email Reflector 1.13 - Stored XSS WordPress Plugin ThreeWP Email Reflector 1.13 - Stored XSS Symantec Web Gateway <= 5.0.3.18 - Arbitrary Password Change (MSF) Symantec Web Gateway <= 5.0.3.18 - Arbitrary Password Change (Metasploit) Solaris 2.6/7.0/8 snmpXdmid Buffer Overflow Vulnerability (msf) Solaris 2.6/7.0/8 snmpXdmid Buffer Overflow Vulnerability (Metasploit) Wordpress Count per Day Plugin 3.2.3 - XSS Vulnerability WordPress Count per Day Plugin 3.2.3 - XSS Vulnerability Wordpress HD Webplayer 1.1 - SQL Injection Vulnerability WordPress HD Webplayer 1.1 - SQL Injection Vulnerability Wordpress Plugin spider calendar - Multiple Vulnerabilities WordPress Plugin spider calendar - Multiple Vulnerabilities FireStorm Professional Real Estate Wordpress Plugin 2.06.01 - SQL Injection Vulnerability FireStorm Professional Real Estate WordPress Plugin 2.06.01 - SQL Injection Vulnerability ManageEngine Security Manager Plus <= 5.5 build 5505 - Remote SYSTEM SQLi (MSF) ManageEngine Security Manager Plus <= 5.5 build 5505 - Remote SYSTEM SQLi (Metasploit) Wordpress Easy Webinar Plugin - Blind SQL Injection Vulnerability WordPress Easy Webinar Plugin - Blind SQL Injection Vulnerability Wordpress bbpress Plugin - Multiple Vulnerabilities WordPress bbpress Plugin - Multiple Vulnerabilities Wordpress All Video Gallery 1.1 - SQL Injection Vulnerability WordPress All Video Gallery 1.1 - SQL Injection Vulnerability Wordpress Spider Catalog 1.1 - HTML Code Injection and Cross-Site scripting WordPress Spider Catalog 1.1 - HTML Code Injection and Cross-Site scripting Wordpress Facebook Survey 1.0 - SQL Injection Vulnerability WordPress Facebook Survey 1.0 - SQL Injection Vulnerability Wordpress 0.6/0.7 Blog.Header.PHP - SQL Injection Vulnerabilities WordPress 0.6/0.7 Blog.Header.PHP - SQL Injection Vulnerabilities Portable phpMyAdmin Wordpress Plugin - Authentication Bypass Portable phpMyAdmin WordPress Plugin - Authentication Bypass Cisco IOS 12 MSFC2 Malformed Layer 2 Frame Denial of Service Vulnerability Cisco IOS 12 MSFC2 - Malformed Layer 2 Frame Denial of Service Vulnerability BlazeDVD 6.1 PLF Exploit DEP/ASLR Bypass (MSF) BlazeDVD 6.1 PLF Exploit DEP/ASLR Bypass (Metasploit) Jenkins CI Script Console Command Execution MSF Module Jenkins CI Script Console - Command Execution (Metasploit) Wordpress plugin Ripe HD FLV Player - SQL Injection Vulnerability WordPress plugin Ripe HD FLV Player - SQL Injection Vulnerability Wordpress Developer Formatter - CSRF Vulnerability WordPress Developer Formatter - CSRF Vulnerability Wordpress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities WordPress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities Wordpress 1.2 - Wp-login.PHP HTTP Response Splitting Vulnerability WordPress 1.2 - Wp-login.PHP HTTP Response Splitting Vulnerability Wordpress Mathjax Latex Plugin 1.1 - CSRF Vulnerability WordPress Mathjax Latex Plugin 1.1 - CSRF Vulnerability Wordpress FuneralPress Plugin 1.1.6 - Persistent XSS WordPress FuneralPress Plugin 1.1.6 - Persistent XSS Wordpress W3 Total Cache - PHP Code Execution WordPress W3 Total Cache - PHP Code Execution Wordpress wp-FileManager - Arbitrary File Download Vulnerability WordPress wp-FileManager - Arbitrary File Download Vulnerability Wordpress 1.5 - Post.PHP Cross-Site Scripting Vulnerability WordPress 1.5 - Post.PHP Cross-Site Scripting Vulnerability Wordpress User Role Editor Plugin 3.12 - CSRF Vulnerability Wordpress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities Wordpress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities WordPress User Role Editor Plugin 3.12 - CSRF Vulnerability WordPress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities WordPress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities Wordpress WP-SendSms Plugin 1.0 - Multiple Vulnerabilities WordPress WP-SendSms Plugin 1.0 - Multiple Vulnerabilities AudioCoder (.lst) - Buffer Overflow (msf) AudioCoder (.lst) - Buffer Overflow (Metasploit) Wordpress Spicy Blogroll Plugin - File Inclusion Vulnerability WordPress Spicy Blogroll Plugin - File Inclusion Vulnerability PCMan FTP Server 2.0.7 - Remote Exploit (msf) PCMan FTP Server 2.0.7 - Remote Exploit (Metasploit) HP Data Protector CMD Install Service Vulnerability (msf) HP Data Protector CMD Install Service Vulnerability (Metasploit) Wordpress Plugin Better WP Security - Stored XSS WordPress Plugin Better WP Security - Stored XSS Wordpress Booking Calendar 4.1.4 - CSRF Vulnerability WordPress Booking Calendar 4.1.4 - CSRF Vulnerability Wordpress Usernoise Plugin 3.7.8 - Persistent XSS Vulnerability WordPress Usernoise Plugin 3.7.8 - Persistent XSS Vulnerability Wordpress Hms Testimonials Plugin 2.0.10 - Multiple Vulnerabilities WordPress Hms Testimonials Plugin 2.0.10 - Multiple Vulnerabilities Wordpress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities WordPress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities Wordpress ThinkIT Plugin 0.1 - Multiple Vulnerabilities WordPress ThinkIT Plugin 0.1 - Multiple Vulnerabilities freeFTPd 1.0.10 PASS Command SEH Overflow (msf) freeFTPd 1.0.10 PASS Command SEH Overflow (Metasploit) PCMAN FTP 2.07 STOR Command - Stack Overflow Exploit (MSF) PCMAN FTP 2.07 STOR Command - Stack Overflow Exploit (Metasploit) Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability WordPress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability WP-DB Backup For Wordpress 1.6/1.7 Edit.PHP - Directory Traversal Vulnerability WP-DB Backup For WordPress 1.6/1.7 Edit.PHP - Directory Traversal Vulnerability Western Digital Arkeia Remote Code Execution (msf module) Western Digital Arkeia Remote Code Execution (Metasploit) Wordpress Lazy SEO plugin 1.1.9 - Shell Upload Vulnerability WordPress Lazy SEO plugin 1.1.9 - Shell Upload Vulnerability Wordpress NOSpamPTI Plugin - Blind SQL Injection WordPress NOSpamPTI Plugin - Blind SQL Injection Wordpress Quick Contact Form Plugin 6.0 - Persistent XSS WordPress Quick Contact Form Plugin 6.0 - Persistent XSS Wordpress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities WordPress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities Dexs PM System Wordpress Plugin - Authenticated Persistent XSS (0day) Dexs PM System WordPress Plugin - Authenticated Persistent XSS (0day) Wordpress Plugin Realty - Blind SQL Injection WordPress Plugin Realty - Blind SQL Injection Wordpress 1.x/2.0.x - Template.PHP HTML Injection Vulnerability WordPress 1.x/2.0.x - Template.PHP HTML Injection Vulnerability Wordpress Highlight Premium Theme - CSRF File Upload Vulnerability WordPress Highlight Premium Theme - CSRF File Upload Vulnerability Wordpress 2.1.1 - Post.PHP Cross-Site Scripting Vulnerability WordPress 2.1.1 - Post.PHP Cross-Site Scripting Vulnerability Wordpress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities WordPress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities Wordpress 1.x/2.0.x - Templates.PHP Cross-Site Scripting Vulnerability WordPress 1.x/2.0.x - Templates.PHP Cross-Site Scripting Vulnerability Wordpress Euclid Theme 1.x.x - CSRF Vulnerability Wordpress Dimension Theme - CSRF Vulnerability Wordpress Amplus Theme - CSRF Vulnerability Wordpress Make A Statement (MaS) Theme - CSRF Vulnerability WordPress Euclid Theme 1.x.x - CSRF Vulnerability WordPress Dimension Theme - CSRF Vulnerability WordPress Amplus Theme - CSRF Vulnerability WordPress Make A Statement (MaS) Theme - CSRF Vulnerability Wordpress Download Manager Free & Pro 2.5.8 - Persistent Cross-Site Scripting WordPress Download Manager Free & Pro 2.5.8 - Persistent Cross-Site Scripting Wordpress Orange Themes - CSRF File Upload Vulnerability WordPress Orange Themes - CSRF File Upload Vulnerability Wordpress Formcraft Plugin - SQL Injection Vulnerability WordPress Formcraft Plugin - SQL Injection Vulnerability Wordpress page-flip-image-gallery Plugins - Remote File Upload WordPress page-flip-image-gallery Plugins - Remote File Upload Wordpress Persuasion Theme 2.x - Arbitrary File Download and File Deletion Exploit WordPress Persuasion Theme 2.x - Arbitrary File Download and File Deletion Exploit Wordpress Dandelion Theme - Arbitry File Upload WordPress Dandelion Theme - Arbitry File Upload Wordpress Frontend Upload Plugin - Arbitrary File Upload Wordpress Buddypress Plugin 1.9.1 - Privilege Escalation WordPress Frontend Upload Plugin - Arbitrary File Upload WordPress Buddypress Plugin 1.9.1 - Privilege Escalation Wordpress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities WordPress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities Wordpress AdRotate Plugin 3.9.4 - (clicktracker.php track param) SQL Injection WordPress AdRotate Plugin 3.9.4 - (clicktracker.php track param) SQL Injection Wordpress VideoWhisper 4.27.3 - Multiple Vulnerabilities WordPress VideoWhisper 4.27.3 - Multiple Vulnerabilities Gold MP4 Player 3.3 - Universal SEH Exploit (MSF) Gold MP4 Player 3.3 - Universal SEH Exploit (Metasploit) Wordpress Ajax Pagination Plugin 1.1 - Local File Inclusion WordPress Ajax Pagination Plugin 1.1 - Local File Inclusion Wordpress XCloner Plugin 3.1.0 - CSRF Vulnerability WordPress XCloner Plugin 3.1.0 - CSRF Vulnerability Wordpress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities Wordpress Twitget Plugin 3.3.1 - Multiple Vulnerabilities WordPress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities WordPress Twitget Plugin 3.3.1 - Multiple Vulnerabilities Wordpress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload WordPress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload Wordpress iMember360 Plugin 3.8.012 - 3.9.001 - Multiple Vulnerabilities WordPress iMember360 Plugin 3.8.012 - 3.9.001 - Multiple Vulnerabilities Wireshark CAPWAP Dissector - Denial of Service (msf) Wireshark CAPWAP Dissector - Denial of Service (Metasploit) Wordpress Participants Database 1.5.4.8 - SQL Injection WordPress Participants Database 1.5.4.8 - SQL Injection Wordpress TimThumb 2.8.13 WebShot - Remote Code Execution (0day) WordPress TimThumb 2.8.13 WebShot - Remote Code Execution (0day) Wordpress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities WordPress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities Serenity Audio Player 3.2.3 - (.m3u) Buffer Overflow Vulnerability (meta) Serenity Audio Player 3.2.3 - (.m3u) Buffer Overflow Vulnerability (Metasploit) Wordpress MailPoet - (wysija-newsletters) Unauthenticated File Upload WordPress MailPoet - (wysija-newsletters) Unauthenticated File Upload Gigya Socialize Plugin 1.0/1.1.x for Wordpress - Cross-Site Scripting Vulnerability Gigya Socialize Plugin 1.0/1.1.x for WordPress - Cross-Site Scripting Vulnerability Wordpress Plugin Gallery Objects 0.4 - SQL Injection WordPress Plugin Gallery Objects 0.4 - SQL Injection Wordpress WP BackupPlus - Database And Files Backup Download (0day) WordPress WP BackupPlus - Database And Files Backup Download (0day) Wordpress Video Gallery Plugin 2.5 - Multiple Vulnerabilities WordPress Video Gallery Plugin 2.5 - Multiple Vulnerabilities Disqus for Wordpress 2.7.5 - Admin Stored CSRF and XSS Disqus for WordPress 2.7.5 - Admin Stored CSRF and XSS Wordpress Huge-IT Image Gallery 1.0.1 - Authenticated SQL Injection WordPress Huge-IT Image Gallery 1.0.1 - Authenticated SQL Injection Wordpress Plugins Premium Gallery Manager - Unauthenticated Configuration Access Vulnerability WordPress Plugins Premium Gallery Manager - Unauthenticated Configuration Access Vulnerability Wordpress Like Dislike Counter 1.2.3 Plugin - SQL Injection Vulnerability WordPress Like Dislike Counter 1.2.3 Plugin - SQL Injection Vulnerability Wordpress Bulk Delete Users by Email Plugin 1.0 - CSRF WordPress Bulk Delete Users by Email Plugin 1.0 - CSRF Wordpress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities WordPress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities Wordpress Slideshow Gallery 1.4.6 - Shell Upload (Python Exploit) WordPress Slideshow Gallery 1.4.6 - Shell Upload (Python Exploit) Wordpress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities WordPress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities GNU bash Environment Variable Command Injection (MSF) GNU bash Environment Variable Command Injection (Metasploit) Wordpress All In One WP Security Plugin 3.8.2 - SQL Injection WordPress All In One WP Security Plugin 3.8.2 - SQL Injection All In One Wordpress Firewall 3.8.3 - Persistent XSS Vulnerability All In One WordPress Firewall 3.8.3 - Persistent XSS Vulnerability Bash - CGI RCE (MSF) Shellshock Exploit Bash - CGI RCE (Metasploit) Shellshock Exploit Wordpress InfusionSoft Plugin - Upload Vulnerability WordPress InfusionSoft Plugin - Upload Vulnerability Creative Contact Form (Wordpress 0.9.7 and Joomla 2.0.0) - Shell Upload Vulnerability Creative Contact Form (WordPress 0.9.7 and Joomla 2.0.0) - Shell Upload Vulnerability Wordpress CP Multi View Event Calendar 1.01 - SQL Injection WordPress CP Multi View Event Calendar 1.01 - SQL Injection XCloner Wordpress/Joomla! Plugin - Multiple Vulnerabilities XCloner WordPress/Joomla! Plugin - Multiple Vulnerabilities Another Wordpress Classifieds Plugin - SQL Injection Another WordPress Classifieds Plugin - SQL Injection Wordpress SP Client Document Manager Plugin 2.4.1 - SQL Injection WordPress SP Client Document Manager Plugin 2.4.1 - SQL Injection Microsoft Internet Explorer < 11 - OLE Automation Array Remote Code Execution (MSF) Microsoft Internet Explorer < 11 - OLE Automation Array Remote Code Execution (Metasploit) Wordpress CM Download Manager Plugin 2.0.0 - Code Injection WordPress CM Download Manager Plugin 2.0.0 - Code Injection Wordpress wpDataTables Plugin 1.5.3 - SQL Injection Vulnerability Wordpress wpDataTables Plugin 1.5.3 - Unauthenticated Shell Upload Vulnerability WordPress wpDataTables Plugin 1.5.3 - SQL Injection Vulnerability WordPress wpDataTables Plugin 1.5.3 - Unauthenticated Shell Upload Vulnerability Wordpress Google Document Embedder 2.5.14 - SQL Injection WordPress Google Document Embedder 2.5.14 - SQL Injection Wordpress DB Backup Plugin - Arbitrary File Download WordPress DB Backup Plugin - Arbitrary File Download Wordpress Plugin Slider Revolution 3.0.95 /Showbiz Pro 1.7.1 - Shell Upload Exploit WordPress Plugin Slider Revolution 3.0.95 /Showbiz Pro 1.7.1 - Shell Upload Exploit Wordpress < 4.0.1 - Denial of Service WordPress < 4.0.1 - Denial of Service Wordpress Nextend Facebook Connect Plugin 1.4.59 - XSS Vulnerability WordPress Nextend Facebook Connect Plugin 1.4.59 - XSS Vulnerability CodeArt Google MP3 Player Wordpress Plugin - File Disclosure Download CodeArt Google MP3 Player WordPress Plugin - File Disclosure Download Wordpress Ajax Store Locator 1.2 - Arbitrary File Download WordPress Ajax Store Locator 1.2 - Arbitrary File Download Wordpress Plugin Symposium 14.10 - SQL Injection WordPress Plugin Symposium 14.10 - SQL Injection Wordpress Download Manager 2.7.4 - Remote Code Execution Vulnerability WordPress Download Manager 2.7.4 - Remote Code Execution Vulnerability Wordpress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit WordPress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit Live Wire 2.3.1 For Wordpress - Multiple Security Vulnerabilities Live Wire 2.3.1 For WordPress - Multiple Security Vulnerabilities The Gazette Edition 2.9.4 For Wordpress - Multiple Security Vulnerabilities The Gazette Edition 2.9.4 For WordPress - Multiple Security Vulnerabilities Wordpress Pie Register Plugin 2.0.13 - Privilege Escalation WordPress Pie Register Plugin 2.0.13 - Privilege Escalation Wordpress Cforms Plugin 14.7 - Remote Code Execution WordPress Cforms Plugin 14.7 - Remote Code Execution Wordpress Photo Gallery Plugin 1.2.5 - Unrestricted File Upload WordPress Photo Gallery Plugin 1.2.5 - Unrestricted File Upload Wordpress Video Gallery 2.7.0 - SQL Injection Vulnerability WordPress Video Gallery 2.7.0 - SQL Injection Vulnerability Wordpress Survey and Poll Plugin 1.1 - Blind SQL Injection WordPress Survey and Poll Plugin 1.1 - Blind SQL Injection Zabbix 2.0.5 - Cleartext ldap_bind_password Password Disclosure (MSF) Zabbix 2.0.5 - Cleartext ldap_bind_password Password Disclosure (Metasploit) Calculated Fields Form Wordpress Plugin <= 1.0.10 - Remote SQL Injection Vulnerability Calculated Fields Form WordPress Plugin <= 1.0.10 - Remote SQL Injection Vulnerability Wordpress Theme Photocrati 4.x.x - SQL Injection & XSS WordPress Theme Photocrati 4.x.x - SQL Injection & XSS Wordpress Theme DesignFolio Plus 1.2 - Arbitrary File Upload Vulnerability WordPress Theme DesignFolio Plus 1.2 - Arbitrary File Upload Vulnerability Wordpress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload WordPress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload Wordpress Marketplace 2.4.0 - Arbitrary File Download WordPress Marketplace 2.4.0 - Arbitrary File Download Wordpress Plugin Slider Revolution <= 4.1.4 - Arbitrary File Download vulnerability WordPress Plugin Slider Revolution <= 4.1.4 - Arbitrary File Download vulnerability Wordpress aspose-doc-exporter Plugin 1.0 - Arbitrary File Download Vulnerability WordPress aspose-doc-exporter Plugin 1.0 - Arbitrary File Download Vulnerability Wordpress Business Intelligence Plugin - SQL injection WordPress Business Intelligence Plugin - SQL injection Wordpress Video Gallery Plugin 2.8 - Multiple CSRF Vulnerabilities WordPress Video Gallery Plugin 2.8 - Multiple CSRF Vulnerabilities Wordpress WP Easy Slideshow Plugin 1.0.3 - Multiple Vulnerabilities Wordpress Simple Ads Manager Plugin - Multiple SQL Injection Wordpress Simple Ads Manager 2.5.94 - Arbitrary File Upload Wordpress Simple Ads Manager - Information Disclosure WordPress WP Easy Slideshow Plugin 1.0.3 - Multiple Vulnerabilities WordPress Simple Ads Manager Plugin - Multiple SQL Injection WordPress Simple Ads Manager 2.5.94 - Arbitrary File Upload WordPress Simple Ads Manager - Information Disclosure Wordpress Traffic Analyzer Plugin 3.4.2 - Blind SQL Injection WordPress Traffic Analyzer Plugin 3.4.2 - Blind SQL Injection Wordpress Windows Desktop and iPhone Photo Uploader Plugin Arbitrary File Upload WordPress Windows Desktop and iPhone Photo Uploader Plugin Arbitrary File Upload Wordpress Plugin 'WP Mobile Edition' 2.7 - Remote File Disclosure Vulnerability Wordpress Duplicator <= 0.5.14 - SQL Injection & CSRF WordPress Plugin 'WP Mobile Edition' 2.7 - Remote File Disclosure Vulnerability WordPress Duplicator <= 0.5.14 - SQL Injection & CSRF Wordpress N-Media Website Contact Form with File Upload 1.3.4 - Shell Upload Vulnerability WordPress N-Media Website Contact Form with File Upload 1.3.4 - Shell Upload Vulnerability Wordpress Video Gallery 2.8 - SQL Injection WordPress Video Gallery 2.8 - SQL Injection Wordpress Ajax Store Locator 1.2 - SQL Injection Vulnerability WordPress Ajax Store Locator 1.2 - SQL Injection Vulnerability Wordpress NEX-Forms < 3.0 - SQL Injection Vulnerability WordPress NEX-Forms < 3.0 - SQL Injection Vulnerability Wordpress Reflex Gallery Upload Vulnerability Wordpress N-Media Website Contact Form Upload Vulnerability Wordpress Creative Contact Form Upload Vulnerability Wordpress Work The Flow Upload Vulnerability WordPress Reflex Gallery Upload Vulnerability WordPress N-Media Website Contact Form Upload Vulnerability WordPress Creative Contact Form Upload Vulnerability WordPress Work The Flow Upload Vulnerability Ultimate Product Catalogue Wordpress Plugin - Unauthenticated SQLi Ultimate Product Catalogue Wordpress Plugin - Unauthenticated SQLi (2) Ultimate Product Catalogue WordPress Plugin - Unauthenticated SQLi Ultimate Product Catalogue WordPress Plugin - Unauthenticated SQLi (2) RM Downloader 2.7.5.400 - Local Buffer Overflow (MSF) RM Downloader 2.7.5.400 - Local Buffer Overflow (Metasploit) Wordpress Ultimate Product Catalogue 3.1.2 - Multiple Persistent XSS & CSRF & File Upload WordPress Ultimate Product Catalogue 3.1.2 - Multiple Persistent XSS & CSRF & File Upload Wordpress Freshmail Unauthenticated SQL Injection WordPress Freshmail Unauthenticated SQL Injection Wordpress N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion WordPress N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion Wordpress RevSlider File Upload and Execute Vulnerability WordPress RevSlider File Upload and Execute Vulnerability Wordpress Ad Inserter Plugin 1.5.2 - CSRF Vulnerability WordPress Ad Inserter Plugin 1.5.2 - CSRF Vulnerability Wordpress N-Media Website Contact Form with File Upload 1.3.4 - File Upload WordPress N-Media Website Contact Form with File Upload 1.3.4 - File Upload Wordpress History Collection <= 1.1.1 - Arbitrary File Download WordPress History Collection <= 1.1.1 - Arbitrary File Download Wordpress Video Gallery Plugin 2.8 Arbitrary Mail Relay WordPress Video Gallery Plugin 2.8 Arbitrary Mail Relay Wordpress MailChimp Subscribe Forms 1.1 Remote Code Execution Wordpress church_admin Plugin 0.800 Stored XSS WordPress MailChimp Subscribe Forms 1.1 Remote Code Execution WordPress church_admin Plugin 0.800 Stored XSS Wordpress Really Simple Guest Post <= 1.0.6 - File Include WordPress Really Simple Guest Post <= 1.0.6 - File Include Wordpress RobotCPA Plugin V5 - Local File Inclusion WordPress RobotCPA Plugin V5 - Local File Inclusion Wordpress Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities Wordpress Plugin 'WP Mobile Edition' - LFI Vulnerability WordPress Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities WordPress Plugin 'WP Mobile Edition' - LFI Vulnerability Wordpress S3Bubble Cloud Video With Adverts & Analytics 0.7 - Arbitrary File Download WordPress S3Bubble Cloud Video With Adverts & Analytics 0.7 - Arbitrary File Download Wordpress CP Image Store with Slideshow Plugin 1.0.5 Arbitrary File Download Wordpress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection WordPress CP Image Store with Slideshow Plugin 1.0.5 Arbitrary File Download WordPress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection Wordpress Finder 'order' Parameter Cross Site Scripting Vulnerability WordPress Finder 'order' Parameter Cross Site Scripting Vulnerability Wordpress Slideshow Plugin Multiple Cross Site Scripting Vulnerabilities WordPress Slideshow Plugin Multiple Cross Site Scripting Vulnerabilities Wordpress White-Label Framework 2.0.6 - XSS Vulnerability WordPress White-Label Framework 2.0.6 - XSS Vulnerability Wordpress Simple Gmail Login Plugin Stack Trace Information Disclosure Vulnerability WordPress Simple Gmail Login Plugin Stack Trace Information Disclosure Vulnerability Wordpress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability WordPress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability Wordpress Ajax Load More 2.8.1.1 - PHP Upload Vulnerability WordPress Ajax Load More 2.8.1.1 - PHP Upload Vulnerability Wordpress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities Wordpress Plugin Sell Download v1.0.16 - Local File Disclosure Wordpress Plugin TheCartPress v1.4.7 - Multiple Vulnerabilities WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities WordPress Plugin Sell Download v1.0.16 - Local File Disclosure WordPress Plugin TheCartPress v1.4.7 - Multiple Vulnerabilities Wordpress Plugin WP Easy Poll 1.1.3 - XSS and CSRF WordPress Plugin WP Easy Poll 1.1.3 - XSS and CSRF Siemens Simatic S7 1200 CPU Command Module (MSF) Siemens Simatic S7 1200 CPU Command Module (Metasploit) Wordpress Booking Calendar Contact Form Plugin <=1.1.23 - Unauthenticated SQL injection WordPress Booking Calendar Contact Form Plugin <=1.1.23 - Unauthenticated SQL injection Wordpress Booking Calendar Contact Form Plugin <=1.1.23 - Shortcode SQL Injection WordPress Booking Calendar Contact Form Plugin <=1.1.23 - Shortcode SQL Injection Wordpress Beauty & Clean Theme 1.0.8 - Arbitrary File Upload Vulnerability WordPress Beauty & Clean Theme 1.0.8 - Arbitrary File Upload Vulnerability Wordpress Site Import Plugin 1.0.1 - Local and Remote File Inclusion WordPress Site Import Plugin 1.0.1 - Local and Remote File Inclusion Wildfly - WEB-INF and META-INF Information Disclosure via Filter Restriction Bypass	2016-03-21 05:03:44 +00:00

4 commits