Commit graph

4 commits

Author SHA1 Message Date
Offensive Security
d304cc3d3e DB: 2017-11-24
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00
Offensive Security
4b39f0d26d DB: 2017-11-16
23 new exploits

VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (1)
VideoLAN VLC Media Player 0.8.6a - Denial of Service (1)

Microsoft Windows Explorer - '.AVI' Unspecified Denial of Service
Microsoft Windows Explorer - '.AVI' File Denial of Service

Microsoft Windows Explorer - Unspecified '.ANI' File Denial of Service
Microsoft Windows Explorer - '.ANI' File Denial of Service

Microsoft Windows Explorer - Unspecified '.doc' File Denial of Service
Microsoft Windows Explorer - '.doc' File Denial of Service

CDBurnerXP 4.2.4.1351 - Local Crash (Denial of Service)

Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Unspecified Vulnerabilities
Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Multiple Vulnerabilities

iPhone / iTouch FtpDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service
iPhone / iTouch FtpDisc 1.0 - Buffer Overflow / Denial of Service

Aladdin eToken PKI Client 4.5 - Virtual File Handling Unspecified Memory Corruption (PoC)
Aladdin eToken PKI Client 4.5 - Virtual File Handling Memory Corruption (PoC)

Webby WebServer - SEH Control (PoC)
Webby WebServer - Overflow (SEH) (PoC)

Quick 'n Easy FTP Server Lite 3.1 - Exploit
Quick 'n Easy FTP Server Lite 3.1 - Denial of Service

Subtitle Translation Wizard 3.0.0 - Exploit (SEH) (PoC)
Subtitle Translation Wizard 3.0.0 - Overflow (SEH) (PoC)

FFDshow - SEH Exception Leading to Null Pointer on Read
FFDshow - Overflow (SEH) Exception Leading to Null Pointer on Read

Microsoft Internet Explorer - MSHTML Findtext Processing Issue
Microsoft Internet Explorer - MSHTML Findtext Processing Exploit

Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption
Oreans WinLicense 2.1.8.0 - XML File Handling Memory Corruption
Debian suidmanager 0.18 - Exploit
AMD K6 Processor - Exploit
Apple Personal Web Sharing 1.1 - Remote Denial of Service
AMD K6 Processor - Denial of Service

Sun Solaris 7.0 - 'procfs' Denial of Service

S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - identd Denial of Service
S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - 'identd' Denial of Service

Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - rpc.lockd Remote Denial of Service
Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - 'rpc.lockd' Remote Denial of Service

D-Link DIR605L - Denial of Service

RedHat Linux 6.1 i386 - Tmpwatch Recursive Write Denial of Service

(Linux Kernel) ReiserFS 3.5.28 - Code Execution / Denial of Service
ReiserFS 3.5.28 (Linux Kernel) - Code Execution / Denial of Service

IBM AIX 4.3.3/5.1/5.2 libIM - Buffer Overflow
IBM AIX 4.3.3/5.1/5.2 - 'libIM' Buffer Overflow

xfstt 1.2/1.4 - Unspecified Memory Disclosure
xfstt 1.2/1.4 - Memory Disclosure

ViRobot Linux Server 2.0 - Exploit

Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities
Linux Kernel 2.4.x/2.6.x - Multiple ISO9660 Filesystem Handling Vulnerabilities

IBM AIX 5.x - Invscout Local Buffer Overflow
IBM AIX 5.x - 'Invscout' Local Buffer Overflow

Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Unspecified Buffer Overflow
Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Buffer Overflow

Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption (MS06-012)
Microsoft Excel 95/97/2000/2002/2003/2004 - Memory Corruption (MS06-012)

IBM Tivoli Directory Server 6.0 - Unspecified LDAP Memory Corruption
IBM Tivoli Directory Server 6.0 - LDAP Memory Corruption

Quake 3 Engine - CL_ParseDownload Remote Buffer Overflow
Quake 3 Engine - 'CL_ParseDownload' Remote Buffer Overflow

Zabbix 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities
Zabbix 1.1.2 - Multiple Remote Code Execution Vulnerabilities

VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (2)
VideoLAN VLC Media Player 0.8.6a - Denial of Service (2)

Sun Solaris 10 - ICMP Unspecified Remote Denial of Service
Sun Solaris 10 - ICMP Remote Denial of Service

Mozilla Firefox 2.0.0.2 - Unspecified GIF Handling Denial of Service
Mozilla Firefox 2.0.0.2 - '.GIF' Handling Denial of Service

Progress WebSpeed 3.0/3.1 - Denial of Service

GStreamer 0.10.15 - Multiple Unspecified Remote Denial of Service Vulnerabilities
GStreamer 0.10.15 - Multiple Remote Denial of Service Vulnerabilities
Wireshark 0.99.8 - X.509sat Dissector Unspecified Denial of Service
Wireshark 0.99.8 - LDAP Dissector Unspecified Denial of Service
Wireshark 0.99.8 - SCCP Dissector Decode As Feature Unspecified Denial of Service
Wireshark 0.99.8 - X.509sat Dissector Denial of Service
Wireshark 0.99.8 - LDAP Dissector Denial of Service
Wireshark 0.99.8 - SCCP Dissector Decode As Feature Denial of Service
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (1)
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (2)
Nokia Lotus Notes Connector - 'lnresobject.dll' Unspecified Remote Denial of Service
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (1)
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (2)
Nokia Lotus Notes Connector - 'lnresobject.dll' Remote Denial of Service
Wireshark 1.2.1 - OpcUa Dissector Unspecified Resource Exhaustion (Denial of Service)
Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Unspecified Remote Denial of Service
Wireshark 1.2.1 - GSM A RR Dissector packet.c Unspecified Remote Denial of Service
Wireshark 1.2.1 - OpcUa Dissector Resource Exhaustion (Denial of Service)
Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Remote Denial of Service
Wireshark 1.2.1 - GSM A RR Dissector packet.c Remote Denial of Service

Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities
Opera Web Browser < 11.60 - Denial of Service / Multiple Vulnerabilities

SmallFTPd - Unspecified Denial of Service
SmallFTPd - Denial of Service

Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Exploitable Kernel NULL Dereference
Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Kernel NULL Dereference

Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference
Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Kernel NULL Dereference

Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference
Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient NULL Dereference
Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF CREATECOLORSPACEW' Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple 'EMF CREATECOLORSPACEW' Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055)

Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Apple Mac OSX Kernel - Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleMuxControl.kext
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl
Apple Mac OSX Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource
Apple Mac OSX Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in IOAudioEngine
Apple Mac OSX Kernel - Null Pointer Dereference in AppleMuxControl.kext
Apple Mac OSX Kernel - Null Pointer Dereference in AppleGraphicsDeviceControl
Apple Mac OSX Kernel - NULL Dereference in IOAccelSharedUserClient2::page_off_resource
Apple Mac OSX Kernel - NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
Apple Mac OSX Kernel - Null Pointer Dereference in IOAudioEngine

Apple OS X/iOS - mach_ports_register Multiple Memory Safety Issues
Apple OS X/iOS - 'mach_ports_register' Multiple Memory Safety Exploits

Linux Kernel 3.10.0-327/4.8.0-22 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference
Linux Kernel 4.8.0-22/3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference

Microsoft MsMpEng - Remotely Exploitable Use-After-Free due to Design Issue in GC Engine
Microsoft MsMpEng - Remote Use-After-Free Due to Design Issue in GC Engine

Microsoft Windows Kernel - 'win32k.sys' Multiple Issues 'NtGdiGetDIBitsInternal' System Call
Microsoft Windows Kernel - 'win32k.sys' Multiple 'NtGdiGetDIBitsInternal' System Call

Mandrake Linux 8.2 /usr/mail - Local Exploit
Mandrake Linux 8.2 - '/usr/mail' Local Exploit

RedHat 6.2 /sbin/restore - Exploit
RedHat 6.2 - '/sbin/restore' Privilege Escalation

dump 0.4b15 (RedHat 6.2) - Exploit
dump 0.4b15 (RedHat 6.2) - Privilege Escalation
xsoldier 0.96 (RedHat 6.2) - Exploit
Pine (Local Message Grabber) - Exploit
xsoldier 0.96 (RedHat 6.2) - Buffer Overflow
Pine (Local Message Grabber) - Local Message Read

Seyon 2.1 rev. 4b i586-Linux - Exploit
Seyon 2.1 rev. 4b i586-Linux (RedHat 4.0/5.1) - Overflow

glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - Exploit
glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - File Read

suid_perl 5.001 - Exploit
suid_perl 5.001 - Command Execution

Sendmail 8.11.x (Linux/i386) - Exploit
Sendmail 8.11.x (Linux/i386) - Privilege Escalation

Microsoft Excel - Unspecified Remote Code Execution
Microsoft Excel - Remote Code Execution

Microsoft Word 2000 - Unspecified Code Execution
Microsoft Word 2000 - Code Execution
IBM AIX 5.3 sp6 - capture Terminal Sequence Privilege Escalation
IBM AIX 5.3 sp6 - pioout Arbitrary Library Loading Privilege Escalation
IBM AIX 5.3 SP6 - Capture Terminal Sequence Privilege Escalation
IBM AIX 5.3 SP6 - 'pioout' Arbitrary Library Loading Privilege Escalation

IBM AIX 5.3 libc - MALLOCDEBUG File Overwrite
IBM AIX 5.3 - 'libc' MALLOCDEBUG File Overwrite

Easy RM to MP3 Converter 2.7.3.700 - Exploit
Easy RM to MP3 Converter 2.7.3.700 - Buffer Overflow

Easy RM to MP3 27.3.700 (Windows XP SP3) - Exploit
Easy RM to MP3 27.3.700 (Windows XP SP3) - Overflow

Adobe Reader and Acrobat - Exploit
Adobe Reader / Acrobat - '.PDF' File Overflow

Mini-stream Ripper (Windows XP SP2/SP3) - Exploit
Mini-stream Ripper (Windows XP SP2/SP3) - Local Overflow

DJ Studio Pro 5.1.6.5.2 - Exploit (SEH)
DJ Studio Pro 5.1.6.5.2 - Overflow (SEH)

Winamp 5.572 - Exploit (SEH)
Winamp 5.572 - Overflow (SEH)

ZipScan 2.2c - Exploit (SEH)
ZipScan 2.2c - Overflow (SEH)
Local Glibc shared library (.so) 2.11.1 - Exploit
(Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation
Local Glibc Shared Library (.so) 2.11.1 - Code Execution
ReiserFS (Linux Kernel 2.6.34-rc3 / RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation

SyncBack Freeware 3.2.20.0 - Exploit
SyncBack Freeware 3.2.20.0 - Overflow (SEH)

Mediacoder 0.7.3.4672 - Exploit (SEH)
Mediacoder 0.7.3.4672 - Overflow (SEH)

MP3 Workstation 9.2.1.1.2 - Exploit (SEH)
MP3 Workstation 9.2.1.1.2 - Overflow (SEH)

DJ Studio Pro 8.1.3.2.1 - Exploit (SEH)
DJ Studio Pro 8.1.3.2.1 - Overflow (SEH)

MP3 Workstation 9.2.1.1.2 - Exploit (SEH) (Metasploit)
MP3 Workstation 9.2.1.1.2 - Overflow (SEH) (Metasploit)

iworkstation 9.3.2.1.4 - Exploit (SEH)
iworkstation 9.3.2.1.4 - Overflow (SEH)

Nokia MultiMedia Player 1.0 - Exploit (SEH Unicode)
Nokia MultiMedia Player 1.0 - Overflow (SEH Unicode)

POP Peeper 3.7 - Exploit (SEH)
POP Peeper 3.7 - Overflow (SEH)

DVD X Player 5.5 Pro - SEH + ASLR + DEP Bypass
DVD X Player 5.5 Pro - Overflow (SEH + ASLR + DEP Bypass)

DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) (Metasploit)
DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) (Metasploit)

BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass
BlazeVideo HDTV Player 6.6 Professional - Overflow (SEH + ASLR + DEP Bypass)
Slackware Linux 3.4 - 'liloconfig-color' Temporary file
Slackware Linux 3.4 - 'makebootdisk' Temporary file
Slackware Linux 3.4 - 'liloconfig-color' Temporary File
Slackware Linux 3.4 - 'makebootdisk' Temporary File
Slackware Linux 3.4 - 'netconfig' Temporary file
Slackware Linux 3.4 - 'pkgtool' Temporary file
Slackware Linux 3.4 - 'netconfig' Temporary File
Slackware Linux 3.4 - 'pkgtool' Temporary File

Debian suidmanager 0.18 - Command Execution
BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Exploit
HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Exploit
Slackware Linux 3.5 - Missing /etc/group Privilege Escalation
BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Buffer Overrun
HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Change File Permission
Slackware Linux 3.5 - '/etc/group' Privilege Escalation

Sun Solaris 2.6 power management - Exploit
Sun Solaris 2.6 - power management Exploit
DataLynx suGuard 1.0 - Exploit
Sun Solaris 2.5.1 PAM & unix_scheme - Exploit
Solaris 2.5.1 ffbconfig - Exploit
Solaris 2.5.1 chkey - Exploit
Solaris 2.5.1 Ping - Exploit
SGI IRIX 6.4 ioconfig - Exploit
DataLynx suGuard 1.0 - Privilege Escalation
Sun Solaris 2.5.1 PAM / unix_scheme - 'passwd' Privilege Escalation
Solaris 2.5.1 - 'ffbconfig' Exploit
Solaris 2.5.1 - 'chkey' Exploit
Solaris 2.5.1 - 'Ping' Exploit
SGI IRIX 6.4 - 'ioconfig' Exploit
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (1)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (2)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - 'xlock' Exploit (1)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - '/usr/bin/X11/xlock' Privilege Escalation (2)

Solaris 2.5.1 automount - Exploit
Solaris 2.5.1 - 'automount' Exploit
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Exploit
Sun Solaris 7.0 dtprintinfo - Buffer Overflow
Sun Solaris 7.0 lpset - Buffer Overflow
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Privilege Escalation
Sun Solaris 7.0 - '/usr/dt/bin/dtprintinfo' Buffer Overflow
Sun Solaris 7.0 - '/usr/bin/lpset' Buffer Overflow

IBM Remote Control Software 1.0 - Exploit
IBM Remote Control Software 1.0 - Code Execution

Xcmail 0.99.6 - Exploit
Xcmail 0.99.6 - Buffer Overflow
Sun Solaris 7.0 ff.core - Exploit
S.u.S.E. 5.2 lpc - Exploit
Sun Solaris 7.0 - 'ff.core' Exploit
S.u.S.E. 5.2 - 'lpc' Exploit

SGI IRIX 6.2 cdplayer - Exploit
SGI IRIX 6.2 - 'cdplayer' Exploit
SGI IRIX 5.3 Cadmin - Exploit
SGI IRIX 6.0.1 colorview - Exploit
SGI IRIX 5.3 - 'Cadmin' Exploit
SGI IRIX 6.0.1 - 'colorview' Exploit
SGI IRIX 6.3 df - Exploit
SGI IRIX 6.4 - datman/cdman Exploit
SGI IRIX 6.3 - 'df' Exploit
SGI IRIX 6.4 - datman/cdman Exploit
RedHat Linux 2.1 - abuse.console Exploit
SGI IRIX 6.2 fsdump - Exploit
RedHat Linux 5.1 xosview - Exploit
Slackware Linux 3.1 - Buffer Overflow
RedHat Linux 2.1 - 'abuse.console' Exploit
SGI IRIX 6.2 - 'fsdump' Exploit
RedHat Linux 5.1 - xosview
Slackware Linux 3.1 - '/usr/X11/bin/SuperProbe' Buffer Overflow

IBM AIX 4.3 infod - Exploit
IBM AIX 4.3 - 'infod' Exploit

IBM AIX 4.2.1 snap - Insecure Temporary File Creation
IBM AIX 4.2.1 - 'snap' Insecure Temporary File Creation
SGI IRIX 6.4 inpview - Exploit
RedHat Linux 5.0 msgchk - Exploit
IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation
IBM AIX 4.2 ping - Buffer Overflow
IBM AIX 4.2 lchangelv - Buffer Overflow
SGI IRIX 6.4 - 'inpview' Exploit
RedHat Linux 5.0 - 'msgchk' Exploit
IBM AIX 4.2.1 - '/usr/bin/portmir' Buffer Overflow / Insecure Temporary File Creation
IBM AIX 4.2 - 'ping' Buffer Overflow
IBM AIX 4.2 - '/usr/sbin/lchangelv' Buffer Overflow

RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 mailx - Exploit (1)
RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' Exploit (1)

SGI IRIX 6.4 netprint - Exploit
SGI IRIX 6.4 - 'netprint' Exploit

SGI IRIX 5.3/6.2 ordist - Exploit
SGI IRIX 5.3/6.2 - 'ordist' Exploit

SGI IRIX 5.3 pkgadjust - Exploit
SGI IRIX 5.3 - 'pkgadjust' Exploit

Sun Solaris 7.0 procfs - Exploit
IBM AIX 3.2.5 - IFS Exploit
IBM AIX 4.2.1 lquerypv - Exploit
IBM AIX 3.2.5 - 'IFS' Exploit
IBM AIX 4.2.1 - 'lquerypv' File Read
SGI IRIX 6.3 pset - Exploit
SGI IRIX 6.4 rmail - Exploit
SGI IRIX 6.3 - 'pset' Exploit
SGI IRIX 6.4 - 'rmail' Exploit
SGI IRIX 5.2/5.3 serial_ports - Exploit
SGI IRIX 6.4 suid_exec - Exploit
SGI IRIX 5.1/5.2 sgihelp - Exploit
SGI IRIX 6.4 startmidi - Exploit
SGI IRIX 5.2/5.3 - 'serial_ports' Exploit
SGI IRIX 6.4 - 'suid_exec' Exploit
SGI IRIX 5.1/5.2- 'sgihelp' Exploit
SGI IRIX 6.4 - 'startmidi' Exploit

SGI IRIX 6.4 xfsdump - Exploit
SGI IRIX 6.4 - 'xfsdump' Exploit

IBM AIX 4.3.1 adb - Exploit
IBM AIX 4.3.1 - 'adb' Denial of Service
Apple At Ease 5.0 - Exploit
Samba < 2.0.5 - Exploit
Apple At Ease 5.0 - Information Disclosure
Samba < 2.0.5 - Overflow

NetBSD 1.4 / OpenBSD 2.5 /Solaris 7.0 profil(2) - Exploit
NetBSD 1.4 / OpenBSD 2.5 / Solaris 7.0 - 'profil(2)' Modify The Internal Data Space

Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 espeaker - Local Buffer Overflow
Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 - 'espeaker' Local Buffer Overflow

HP-UX 10.20 newgrp - Exploit
HP-UX 10.20 newgrp - Privilege Escalation

BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (2)
BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - '/usr/bin/lpr' Buffer Overrun Privilege Escalation (2)

BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon Exploit
BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon
FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (1)
FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (2)
xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (1)
xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (2)

Solaris 7.0 kcms_configure - Exploit
Solaris 7.0 - 'kcms_configure Exploit

Windowmaker wmmon 1.0 b2 - Exploit
Windowmaker wmmon 1.0 b2 - Command Execution

Oracle8i Standard Edition 8.1.5 for Linux Installer - Exploit
Oracle8i Standard Edition 8.1.5 for Linux Installer - Privilege Escalation

Standard & Poors ComStock 4.2.4 - Exploit
Standard & Poors ComStock 4.2.4 - Command Execution
KDE 1.1.2 KApplication configfile - Exploit (1)
KDE 1.1.2 KApplication configfile - Exploit (2)
KDE 1.1.2 KApplication configfile - Exploit (3)
KDE 1.1.2 KApplication configfile - Privilege Escalation (1)
KDE 1.1.2 KApplication configfile - Privilege Escalation (2)
KDE 1.1.2 KApplication configfile - Privilege Escalation (3)

BSD 'mailx' 8.1.1-10 - Buffer Overflow (2)
mailx 8.1.1-10 (BSD/Slackware) - Buffer Overflow (2)

Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - fld Input File Overflow
Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - '/usr/bin/fld' Input File Overflow
IRIX 6.5.x - GR_OSView Buffer Overflow
SGI IRIX 6.2 libgl.so - Buffer Overflow
IRIX 6.5.x - dmplay Buffer Overflow
IRIX 6.2/6.3 lpstat - Buffer Overflow
IRIX 6.5.x - inpview Race Condition
IRIX 6.5.x - '/usr/sbin/gr_osview' Buffer Overflow
SGI IRIX 6.2 - 'libgl.so' Buffer Overflow
IRIX 6.5.x - '/usr/sbin/dmplay' Buffer Overflow
IRIX 6.2/6.3 - '/bin/lpstat' Buffer Overflow
IRIX 6.5.x - '/usr/lib/InPerson/inpview' Race Condition

IRIX 5.3/6.x - mail Exploit
IRIX 5.3/6.x - '/usr/bin/mail' Buffer Overflow
Libc locale - Exploit (1)
Libc locale - Exploit (2)
Libc locale - Privilege Escalation (1)
Libc locale - Privilege Escalation (2)

GNOME esound 0.2.19 - Unix Domain Socket Race Condition

Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell redirection Race Condition
Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell Redirection Race Condition
IBM AIX 4.x - setsenv Buffer Overflow
IBM AIX 4.3 digest - Buffer Overflow
IBM AIX 4.x - enq Buffer Overflow
IBM AIX 4.3.x - piobe Buffer Overflow
IBM AIX 4.x - '/usr/bin/setsenv' Buffer Overflow
IBM AIX 4.3 - '/usr/lib/lpd/digest' Buffer Overflow
IBM AIX 4.x - 'enq' Buffer Overflow
IBM AIX 4.3.x - '/usr/lib/lpd/piobe' Buffer Overflow

SGI IRIX 6.5 / Solaris 7.0/8 - CDE dtsession Buffer Overflow
SGI IRIX 6.5 / Solaris 7.0/8 CDE - '/usr/dt/bin/dtsession' Buffer Overflow

AIX 4.2/4.3 - piomkapqd Buffer Overflow
AIX 4.2/4.3 - '/usr/lib/lpd/pio/etc/piomkapqd' Buffer Overflow

(Linux Kernel 2.4.17-8) User-Mode Linux - Memory Access Privilege Escalation
User-Mode Linux (Linux Kernel 2.4.17-8) - Memory Access Privilege Escalation

(Linux Kernel) Grsecurity Kernel Patch 1.9.4 - Memory Protection
Grsecurity Kernel Patch 1.9.4 (Linux Kernel) - Memory Protection
QNX RTOS 6.1 - phlocale Environment Variable Buffer Overflow
QNX RTOS 6.1 - PKG-Installer Buffer Overflow
QNX RTOS 6.1 - '/usr/photon/bin/phlocale' Environment Variable Buffer Overflow
QNX RTOS 6.1 - 'PKG-Installer' Buffer Overflow

NCMedia Sound Editor Pro 7.5.1 - SEH + DEP Bypass
NCMedia Sound Editor Pro 7.5.1 - Overflow (SEH + DEP Bypass)

AFD 1.2.x - Working Directory Local Buffer Overflow
AFD 1.2.x - Working Directory Local Buffer Overflow Privilege Escalation

IBM AIX 4.3.x/5.1 - ERRPT Local Buffer Overflow
IBM AIX 4.3.x/5.1 - 'ERRPT' Local Buffer Overflow

HP-UX 10.x - rs.F3000 Unspecified Unauthorized Access
HP-UX 10.x - rs.F3000 Unauthorized Access

Leksbot 1.2 - Multiple Unspecified Vulnerabilities
Leksbot 1.2 - Multiple Vulnerabilities

IBM AIX 4.3.x/5.1 - LSMCODE Environment Variable Local Buffer Overflow
IBM AIX 4.3.x/5.1 - 'LSMCODE' Environment Variable Local Buffer Overflow

IBM UniVerse 10.0.0.9 - uvadmsh Privilege Escalation
IBM UniVerse 10.0.0.9 - 'uvadmsh' Privilege Escalation

ViRobot Linux Server 2.0 - Overflow

(Linux Kernel 2.6) Samba 2.2.8 (Debian / Mandrake) - Share Privilege Escalation
Samba 2.2.8 (Linux Kernel 2.6 / Debian / Mandrake) - Share Privilege Escalation
Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (1)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (2)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (3)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (1)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (2)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (3)

Nvidia Display Driver Service (Nsvr) - Exploit
Nvidia Display Driver Service (Nsvr) - Buffer Overflow
IBM AIX 5.3 - GetShell and GetCommand File Enumeration
IBM AIX 5.3 - GetShell and GetCommand Partial File Disclosure
IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Enumeration
IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Disclosure

Apple 2.0.4 - Safari Unspecified Local
Apple 2.0.4 - Safari Local Exploit

Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities

IBM AIX 6.1.8 libodm - Arbitrary File Write
IBM AIX 6.1.8 - 'libodm' Arbitrary File Write

Apple iOS 4.0.2 - Networking Packet Filter Rules Privilege Escalation

VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow
VeryPDF HTML Converter 2.0 - Buffer Overflow (SEH/ToLower() Bypass)

Symantec Encryption Desktop 10 - Buffer Overflow Privilege Escalation

QEMU (Gentoo) - Local Priv Escalation
QEMU (Gentoo) - Privilege Escalation

Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation
Apache Tomcat 8/7/6 (RedHat Based Distros) - Privilege Escalation

RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock)
RedStar 3.0 Server - 'BEAM' / 'RSSMON' Command Injection (Shellshock)

Microsoft WordPerfect Document Converter - Exploit (MS03-036)
Microsoft WordPerfect Document Converter (Windows NT4 Workstation SP5/SP6 French) - File Template Buffer Overflow (MS03-036)

CA BrightStor ARCserve Backup - Exploiter Tool
CA BrightStor ARCserve Backup - Overflow

NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - Exploit
NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - File Write

CDBurnerXP 4.2.4.1351 - Exploit

PeerCast 0.1216 - Exploit (Metasploit)
PeerCast 0.1216 - Stack Overflow (Metasploit)

BigAnt Server 2.52 - Exploit (SEH)
BigAnt Server 2.52 - Overflow (SEH)

NetTransport Download Manager 2.90.510 - Exploit
NetTransport Download Manager 2.90.510 - Overflow (SEH)

File Sharing Wizard 1.5.0 - Exploit (SEH)
File Sharing Wizard 1.5.0 - Overflow (SEH)
Real Player 12.0.0.879 - Exploit
Sun Java Web Server 7.0 u7 - Exploit (DEP Bypass)
Real Player 12.0.0.879 - Code Execution
Sun Java Web Server 7.0 u7 - Overflow (DEP Bypass)

IBM AIX 5l FTPd - Remote DES Hash Exploit
IBM AIX 5l - 'FTPd' Remote DES Hash Exploit

Microsoft Data Access Components - Exploit (MS11-002)
Microsoft Data Access Components - Overflow (PoC) (MS11-002)

FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit)
FileCOPA FTP Server (Pre 18 Jul Version) - 'LIST' Buffer Overflow (Metasploit)

Viscom Software Movie Player Pro SDK ActiveX 6.8 - Exploit (Metasploit)
Viscom Software Movie Player Pro SDK ActiveX 6.8 - Stack-Based Buffer Overflow (Metasploit)

Apple Personal Web Sharing 1.1 - Exploit
id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Exploit
id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Command Execution

Metainfo Sendmail 2.0/2.5 & MetaIP 3.1 - Exploit
Metainfo Sendmail 2.0/2.5 / MetaIP 3.1 -  Upload / Execute Read Scripts

IBM AIX 3.2/4.1 & SCO Unixware 7.1.1 & SGI IRIX 5.3 & Sun Solaris 2.5.1 - Exploit
IBM AIX 3.2/4.1 / SCO Unixware 7.1.1 / SGI IRIX 5.3 / Sun Solaris 2.5.1 - Privilege Escalation

HP HP-UX 10.34 rlpdaemon - Exploit
HP HP-UX 10.34 rlpdaemon - Remote Overflow

Ray Chan WWW Authorization Gateway 0.1 - Exploit
Ray Chan WWW Authorization Gateway 0.1 - Command Execution

Solaris 7.0 Coredump - Exploit
Solaris 7.0 - 'Coredump' File Write
IBM Scalable POWERparallel (SP) 2.0 sdrd - Exploit
SGI IRIX 6.2 cgi-bin wrap - Exploit
IBM Scalable POWERparallel (SP) 2.0 - 'sdrd' File Read
SGI IRIX 6.2 - cgi-bin wrap Exploit

SGI IRIX 6.5.2 nsd - Exploit
SGI IRIX 6.5.2 - 'nsd'' Exploit

IBM AIX 3.2.5 - login(1) Exploit
IBM AIX 3.2.5 - 'login(1)' Exploit

Compaq Java Applet for Presario SpawnApp - Exploit
Compaq Java Applet for Presario SpawnApp - Code Execution

Network Security Wizards Dragon-Fire IDS 1.0 - Exploit
Network Security Wizards Dragon-Fire IDS 1.0 - Command Execution

Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Exploit
Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Information Disclosure

IBM AIX 4.3.2 ftpd - Remote Buffer Overflow
IBM AIX 4.3.2 - 'ftpd' Remote Buffer Overflow

glFTPd 1.17.2 - Exploit
glFTPd 1.17.2 - Code Execution

Netopia R-series routers 4.6.2 - Exploit
Netopia R-series Routers 4.6.2 - Modifying SNMP Tables

Sun Java Web Server 1.1.3/2.0 Servlets - Exploit
Sun Java Web Server 1.1.3/2.0 Servlets - information Disclosure

IPFilter 3.x - Fragment Rule Bypass

CGIWrap 2.x/3.x - Cross-Site Scripting

AIX 4.1/4.2 - pdnsd Buffer Overflow
AIX 4.1/4.2 - 'pdnsd' Buffer Overflow

RedHat Linux 7.0 Apache - Remote 'Username' Enumeration
RedHat Linux 7.0 Apache - Remote Username Enumeration

Hylafax 4.1.x - HFaxD Unspecified Format String
Hylafax 4.1.x - HFaxD Format String

EZMeeting 3.x - 'EZNet.exe' Long HTTP Request Remote Buffer Overflow

LHA 1.x - Multiple extract_one Buffer Overflow Vulnerabilities
LHA 1.x - 'extract_one' Multiple Buffer Overflow Vulnerabilities

Ethereal 0.x - Multiple Unspecified iSNS / SMB / SNMP Protocol Dissector Vulnerabilities
Ethereal 0.x - Multiple iSNS / SMB / SNMP Protocol Dissector Vulnerabilities

Oracle 9i - Multiple Unspecified Vulnerabilities
Oracle 9i - Multiple Vulnerabilities

File ELF 4.x - Header Unspecified Buffer Overflow
File ELF 4.x - Header Buffer Overflow
Microsoft PowerPoint 2003 - 'mso.dll' .PPT Processing Unspecified Code Execution
Microsoft PowerPoint 2003 - 'powerpnt.exe' Unspecified Issue
Microsoft PowerPoint 2003 - 'mso.dll' '.PPT' Processing Code Execution
Microsoft PowerPoint 2003 - 'powerpnt.exe' Exploit
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Unspecified Arbitrary File Manipulation
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Unspecified Replay Attack
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Arbitrary File Manipulation
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Replay Attack
Microsoft Internet Explorer 6 - Unspecified Code Execution (1)
Microsoft Internet Explorer 6 - Unspecified Code Execution (2)
Microsoft Internet Explorer 6 - Code Execution (1)
Microsoft Internet Explorer 6 - Code Execution (2)

GNU Tar 1.1x - GNUTYPE_NAMES Directory Traversal
GNU Tar 1.1x - 'GNUTYPE_NAMES' Directory Traversal

TFTP Server TFTPDWin 0.4.2 - Unspecified Directory Traversal
TFTP Server TFTPDWin 0.4.2 - Directory Traversal

Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified
Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Exploit

Multiple CA Service Management Products - Unspecified Remote Command Execution
Multiple CA Service Management Products - Remote Command Execution

NovaStor NovaNET 12 - 'DtbClsLogin()' Remote Stack Buffer Overflow

Bash - Environment Variables Code Injection (Shellshock)
Bash - Environment Variables Command Injection (Shellshock)

OpenVPN 2.2.29 - Remote Exploit (Shellshock)
OpenVPN 2.2.29 - Remote Command Injection (Shellshock)
Postfix SMTP 4.2.x < 4.2.48 - Remote Exploit (Shellshock)
Apache mod_cgi - Remote Exploit (Shellshock)
Postfix SMTP 4.2.x < 4.2.48 - Remote Command Injection (Shellshock)
Apache mod_cgi - Remote Command Injection (Shellshock)

Poison Ivy 2.3.2 - Unspecified Remote Buffer Overflow
Poison Ivy 2.3.2 - Remote Buffer Overflow

Samba 3.5.11/3.6.3 - Unspecified Remote Code Execution
Samba 3.5.11/3.6.3 - Remote Code Execution

Advantech Switch - Bash Environment Variable Code Injection (Shellshock) (Metasploit)
Advantech Switch - Bash Environment Variable Command Injection (Shellshock) (Metasploit)

Cisco UCS Manager 2.1(1b) - Remote Exploit (Shellshock)
Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock)

IPFire - Bash Environment Variable Injection (Shellshock) (Metasploit)
IPFire - Bash Environment Variable Command Injection (Shellshock) (Metasploit)

TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock)
TrendMicro InterScan Web Security Virtual Appliance - Remote Command Injection (Shellshock)

Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remotely Exploitable Type Confusion
Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remote Type Confusion

Poll It CGI 2.0 - Exploit
Poll It CGI 2.0 - Multiple Vulnerabilities

DreamPoll 3.1 - Exploit
DreamPoll 3.1 - SQL Injection

WordPress Plugin WP-Cumulus 1.20 - Exploit
WordPress Plugin WP-Cumulus 1.20 - Full Path Disclosure / Cross-Site Scripting

Public Media Manager - Exploit
Public Media Manager - Remote File Inclusion

Joomla! Component com_adagency - Exploit
Joomla! Component com_adagency - Local File Inclusion

File Upload Manager 1.3 - Exploit
File Upload Manager 1.3 - Web Shell File Upload

Joomla! Component com_caddy - Exploit

Renista CMS - Exploit
Renista CMS - SQL Injection

BtiTracker 1.3.x < 1.4.x - Exploit
BtiTracker 1.3.x < 1.4.x - SQL Injection

WordPress Plugin Cimy Counter - Exploit
WordPress Plugin Cimy Counter - Full Path Disclosure / Redirector / Cross-Site Scripting / HTTP Response Spitting

Belkin F5D7234-4 v5 G Wireless Router - Exploit
Belkin F5D7234-4 v5 G Wireless Router - Remote Hash Exposed

WhatsApp Status Changer 0.2 - Exploit
WhatsApp - Remote Change Status

MySimpleNews 1.0 - Remotely Readable Administrator Password
MySimpleNews 1.0 - Remote Readable Administrator Password

SquirrelMail 1.2.11 - Exploit
SquirrelMail 1.2.11 - Multiple Vulnerabilities

D-Link DCS-936L Network Camera - Cross-Site Request Forgery
Yappa-ng 1.x/2.x - Unspecified Remote File Inclusion
Yappa-ng 1.x/2.x - Unspecified Cross-Site Scripting
Yappa-ng 1.x/2.x - Remote File Inclusion
Yappa-ng 1.x/2.x - Cross-Site Scripting

Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities
Aenovo - Multiple Cross-Site Scripting Vulnerabilities

Codegrrl - 'Protection.php' Unspecified Code Execution
Codegrrl - 'Protection.php' Code Execution
Red Mombin 0.7 - 'index.php' Unspecified Cross-Site Scripting
Red Mombin 0.7 - 'process_login.php' Unspecified Cross-Site Scripting
Red Mombin 0.7 - 'index.php' Cross-Site Scripting
Red Mombin 0.7 - 'process_login.php' Cross-Site Scripting

A-Blog 1.0 - Unspecified Cross-Site Scripting
A-Blog 1.0 - Cross-Site Scripting

Liens_Dynamiques 2.1 - Multiple Unspecified Cross-Site Scripting Vulnerabilities
Liens_Dynamiques 2.1 - Multiple Cross-Site Scripting Vulnerabilities

WordPress Plugin Akismet 2.1.3 - Unspecified
WordPress Plugin Akismet 2.1.3 - Exploit

SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Unspecified Remote Command Execution Vulnerabilities
SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Remote Command Execution Vulnerabilities

UPC Ireland Cisco EPC 2425 Router / Horizon Box - Exploit
UPC Ireland Cisco EPC 2425 Router / Horizon Box - WPA-PSK Handshake Information

Korean GHBoard - 'Component/upload.jsp' Unspecified Arbitrary File Upload
Korean GHBoard - 'Component/upload.jsp' Arbitrary File Upload

MyPHP Forum 3.0 - 'search.php' Multiple Unspecified SQL Injections
MyPHP Forum 3.0 - 'search.php' Multiple SQL Injections

Zoph 0.7.2.1 - Unspecified SQL Injection
Zoph 0.7.2.1 - SQL Injection

Joomla! Component FreiChat 1.0/2.x - Unspecified HTML Injection
Joomla! Component FreiChat 1.0/2.x - HTML Injection

Bash CGI - Remote Code Execution (Shellshock) (Metasploit)
Bash CGI - Remote Command Injection (Shellshock) (Metasploit)

PHP < 5.6.2 - 'disable_functions()' Bypass Exploit (Shellshock)
PHP < 5.6.2 - 'disable_functions()' Bypass Command Injection (Shellshock)

Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Unspecified Security Vulnerabilities
Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Security Vulnerabilities

Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Unspecified Security
Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Security Exploit

Netsweeper 4.0.8 - Authentication Bypass Issue
Netsweeper 4.0.8 - Authentication Bypass

SimpleInvoices invoices Module - Unspecified Customer Field Cross-Site Scripting
SimpleInvoices invoices Module - Customer Field Cross-Site Scripting

Bugzilla 4.2 - Tabular Reports Unspecified Cross-Site Scripting
Bugzilla 4.2 - Tabular Reports Cross-Site Scripting

iScripts AutoHoster - 'main_smtp.php' Unspecified Traversal
iScripts AutoHoster - 'main_smtp.php' Traversal Exploit

Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Issues
Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Exploits

Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Exploit (Shellshock)
Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock)

NUUO NVRmini 2 3.0.8 - Remote Code Execution (Shellshock)
NUUO NVRmini 2 3.0.8 - Remote Command Injection (Shellshock)

Squid Analysis Report Generator 2.3.10 - Remote Code Execution
2017-11-16 10:02:26 +00:00
Offensive Security
c7b4bfd8e6 DB: 2017-08-23
23 new exploits

Microsoft Windows 7 SP1 x86 -  GDI Palette Objects Local Privilege Escalation (MS17-017)
Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation (MS17-017)
Disk Pulse Enterprise 9.9.16 - 'Import Command' Buffer Overflow
Disk Savvy Enterprise 9.9.14 - 'Import Command' Buffer Overflow
VX Search Enterprise 9.9.12 - 'Import Command' Buffer Overflow
Microsoft Windows - Escalate UAC Protection Bypass (Via COM Handler Hijack) (Metasploit)

IBM OpenAdmin Tool - SOAP welcomeServer PHP Code Execution (Metasploit)

BSD - Passive Connection Shellcode (124 bytes)
BSD - Reverse TCP /bin/sh Shell (127.0.0.1:31337/TCP) Shellcode (124 bytes)
BSD/x86 - setuid(0) then execve /bin/sh Shellcode (30 bytes)
BSD/x86 - Bind Shell  31337/TCP + setuid(0) Shellcode (94 bytes)
BSD/x86 - execve /bin/sh multiplatform Shellcode (27 bytes)
BSD/x86 - execve /bin/sh setuid (0) Shellcode (29 bytes)
BSD/x86 - Bind Shell 31337/TCP Shellcode (83 bytes)
BSD/x86 - Bind Random Port Shellcode (143 bytes)
BSD/x86 - setuid(0) + execve /bin/sh Shellcode (30 bytes)
BSD/x86 - Bind TCP Shell (31337/TCP) + setuid(0) Shellcode (94 bytes)
BSD/x86 - execve /bin/sh Shellcode (27 bytes)
BSD/x86 - execve /bin/sh + setuid(0) Shellcode (29 bytes)
BSD/x86 - Bind TCP Shell (31337/TCP) Shellcode (83 bytes)
BSD/x86 - Bind TCP Shell (Random Port) Shellcode (143 bytes)
BSD/x86 - execve /bin/sh Crypt Shellcode (49 bytes)
BSD/x86 - execve /bin/sh ENCRYPT* Shellcode (57 bytes)
BSD/x86 - Connect torootteam.host.sk:2222 Shellcode (93 bytes)
BSD/x86 - cat /etc/master.passwd | mail [email] Shellcode (92 bytes)
BSD/x86 - execve /bin/sh Encoded Shellcode (49 bytes)
BSD/x86 - execve /bin/sh Encoded Shellcode (57 bytes)
BSD/x86 - Reverse TCP Shell (torootteam.host.sk:2222/TCP) Shellcode (93 bytes)
BSD/x86 - execve /bin/cat /etc/master.passwd | mail [email] Shellcode (92 bytes)
BSDi/x86 - execve /bin/sh toupper evasion Shellcode (97 bytes)
FreeBSD i386 & AMD64 - Execve /bin/sh Shellcode (Anti-Debugging) (140 bytes)
BSDi/x86 - execve /bin/sh ToUpper Encoded Shellcode (97 bytes)
FreeBSD x86 / x64 - execve /bin/sh Anti-Debugging Shellcode (140 bytes)
FreeBSD/x86 - connect back.send.exit /etc/passwd Shellcode (112 bytes)
FreeBSD/x86 - kill all processes Shellcode (12 bytes)
FreeBSD/x86 - rev connect + recv + jmp + return results Shellcode (90 bytes)
FreeBSD/x86 - /bin/cat /etc/master.passwd Null-Free Shellcode (65 bytes)
FreeBSD/x86 - Reverse /bin/sh Shell (127.0.0.1:8000) Shellcode (89 bytes)
FreeBSD/x86 - setuid(0); execve(ipf -Fa); Shellcode (57 bytes)
FreeBSD/x86 - /bin/sh Encrypted Shellcode (48 bytes)
FreeBSD/x86 - Reverse TCP cat /etc/passwd (192.168.1.33:8000/TCP) Shellcode (112 bytes)
FreeBSD/x86 - Kill All Processes Shellcode (12 bytes)
FreeBSD/x86 - ConnectBack (172.17.0.9:8000/TCP) + Receive Shellcode + JMP + Return Results Null-Free Shellcode (90 bytes)
FreeBSD/x86 - execve /bin/cat /etc/master.passwd Null-Free Shellcode (65 bytes)
FreeBSD/x86 - Reverse TCP /bin/sh Shell (127.0.0.1:8000) Null-Free Shellcode (89 bytes)
FreeBSD/x86 - setuid(0); + execve(ipf -Fa); Shellcode (57 bytes)
FreeBSD/x86 - execve /bin/sh Encoded Shellcode (48 bytes)

FreeBSD/x86 - execve /bin/sh Shellcode (2) (23 bytes)
FreeBSD/x86 - execve /bin/sh Shellcode (23 bytes)

FreeBSD/x86 - kldload /tmp/o.o Shellcode (74 bytes)
FreeBSD/x86 - Load Kernel Module (/sbin/kldload /tmp/o.o) Shellcode (74 bytes)

FreeBSD/x86 - Connect Port 31337 Shellcode (102 bytes)
FreeBSD/x86 - Reverse TCP /bin/sh Shell (127.0.0.1:31337/TCP) Shellcode (102 bytes)
Linux/x86 - Bind Shellcode (Generator)
Windows XP SP1 - Bind Shellcode (Generator)
(Generator) - /bin/sh Polymorphic With Printable ASCII Characters Shellcode
Linux/x86 - cmd Null-Free Shellcode (Generator)
(Generator) - Alphanumeric Shellcode (Encoder/Decoder)
Linux/x86 - Bind TCP Shellcode (Generator)
Windows XP SP1 - Bind TCP Shell Shellcode (Generator)
Linux - execve /bin/sh Polymorphic With Printable ASCII Characters Shellcode (Generator)
Linux/x86 - Command Null-Free Shellcode (Generator)
Windows - Reverse TCP Shell (127.0.0.1:123/TCP) Alphanumeric Shellcode (Encoder/Decoder) (Generator)
Win32 - Multi-Format Encoding Tool Shellcode (Generator)
iOS - Version-independent Shellcode
Cisco IOS - Connectback 21/TCP Shellcode
Windows x86 - Multi-Format Encoding Tool Shellcode (Generator)
iOS Version-independent - Null-Free Shellcode
Cisco IOS - New TTY / Privilege Level To 15 / Reverse Virtual Terminal Shell (21/TCP) Shellcode
Linux/x86-64 - Flush IPTables Rules Shellcode (84 bytes)
Linux/x86-64 - Reverse TCP Semi-Stealth Shell  Shellcode (88+ bytes)  (Generator)
Linux/MIPS (Linksys WRT54G/GL) - Bind 4919/TCP Shellcode (276 bytes)
Linux/x86-64 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (84 bytes)
Linux/x86-64 - Reverse TCP Semi-Stealth /bin/bash Shell Shellcode (88+ bytes) (Generator)
Linux/MIPS (Linksys WRT54G/GL) - Bind TCP /bin/sh Shell (4919/TCP) Shellcode (276 bytes)

Linux/PPC - connect back (192.168.1.1:31337) execve /bin/sh Shellcode (240 bytes)
Linux/PPC - Reverse TCP /bin/sh Shell (192.168.1.1:31337/TCP) Shellcode (240 bytes)

Linux/SPARC - Bind 8975/TCP Shellcode (284 bytes)
Linux/SPARC - Bind TCP Shell (8975/TCP) Null-Free Shellcode (284 bytes)
Linux/x86 - killall5 polymorphic Shellcode (61 bytes)
Linux/x86 - /bin/sh Polymorphic Shellcode (48 bytes)
Linux/x86 - Bind 4444/TCP Shellcode (XOR Encoded) (152 bytes)
Linux/x86 - reboot() polymorphic Shellcode (57 bytes)
Linux/x86 - chmod(_/etc/shadow__666) Polymorphic Shellcode (54 bytes)
Linux/x86 - setreuid(geteuid()_geteuid())_execve(_/bin/sh__0_0) Shellcode (34 bytes)
Linux/x86 - Bind 8000/TCP + Execve Iptables -F Shellcode (176 bytes)
Linux/x86 - Bind 8000/TCP + Add Root User Shellcode (225+ bytes)
Linux/x86 - Bind 8000/TCP ASM Code Linux Shellcode (179 bytes)
Linux/x86 - killall5 Polymorphic Shellcode (61 bytes)
Linux/x86 - execve /bin/sh Polymorphic Shellcode (48 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (4444/TCP) XOR Encoded Shellcode (152 bytes)
Linux/x86 - reboot() Polymorphic Shellcode (57 bytes)
Linux/x86 - chmod 666 /etc/shadow Polymorphic Shellcode (54 bytes)
Linux/x86 - setreuid(geteuid()_ geteuid()) + execve(_/bin/sh__0_0) Shellcode (34 bytes)
Linux/x86 - Bind TCP Shell (8000/TCP) + Flush IPTables Rules (/sbin/iptables -F) Shellcode (176 bytes)
Linux/x86 - Bind TCP Shell (8000/TCP) + Add Root User Shellcode (225+ bytes)
Linux/x86 - Bind TCP /bin/sh Shell (8000/TCP) Shellcode (179 bytes)

Linux/x86 - Serial port shell binding + busybox Launching Shellcode (82 bytes)
Linux/x86 - Serial Port Shell Binding (/dev/ttyS0) + busybox Launching Null-Free Shellcode (82 bytes)

Linux/x86 - chmod(_/etc/shadow__666) + exit(0) Shellcode (30 bytes)
Linux/x86 - chmod 666 /etc/shadow + exit(0) Shellcode (30 bytes)

Linux/x86 - Shellcode Obfuscator (Generator)
Linux/x86 - Shellcode Obfuscator Null-Free (Generator)
Linux/x86 - setuid(0) + execve(/bin/sh_0_0) Shellcode (28 bytes)
Linux/x86 - setresuid(0_0_0) /bin/sh Shellcode (35 bytes)
Linux/x86 - setuid(0) + execve(/bin/sh_0_0) Null-Free Shellcode (28 bytes)
Linux/x86 - setresuid(0_0_0) + /bin/sh Shellcode (35 bytes)

Linux/x86 - Reverse TCP /etc/shadow (8192/TCP) Shellcode (155 bytes)
Linux/x86 - Reverse TCP cat /etc/shadow (8192/TCP) Shellcode (155 bytes)

Linux/x86 - setuid(0) . setgid(0) . aslr_off Shellcode (79 bytes)
Linux/x86 - setuid(0) + setgid(0) + aslr_off (Disable ASLR Security) Shellcode (79 bytes)

Linux/x86 - /sbin/iptables -F Shellcode (40 bytes)
Linux/x86 - Flush IPTables Rules (/sbin/iptables -F)  Shellcode (40 bytes)

Linux/x86 - /sbin/ipchains -F Shellcode (40 bytes)
Linux/x86 - Flush IPChains Rules (/sbin/ipchains -F) Shellcode (40 bytes)
Linux/x86 - HTTP/1.x GET_ Downloads + execve() Shellcode (111+ bytes)
Linux/x86 - executes command after setreuid Shellcode (49+ bytes)
Linux/x86 - HTTP/1.x GET + Downloads + execve() Null-Free Shellcode (111+ bytes)
Linux/x86 - setreuid + executes command (49+ bytes)
Linux/x86 - Bind 31337/TCP + setuid Shellcode (96 bytes)
Linux/x86 - Bind 2707/TCP Shellcode (84 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) + setuid Shellcode (96 bytes)
Linux/x86 - Bind TCP Shell (2707/TCP) Shellcode (84 bytes)
Linux/x86 - Bind 31337/TCP SET_PORT() Shellcode (100 bytes)
Linux/x86 - Reverse TCP Shell (192.168.13.22:31337) Shellcode (82 bytes)  (Generator)
Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) Shellcode (100 bytes)
Linux/x86 - Reverse TCP /bin/sh Shell (192.168.13.22:31337) Shellcode (82 bytes) (Generator)

Linux/x86 - Reverse TCP XOR Encoded Shell (127.0.0.1:80/TCP) Shellcode (371 bytes)
Linux/x86 - Reverse TCP Shell (127.0.0.1:80/TCP) XOR Encoded Shellcode (371 bytes)

Linux/x86 - /tmp/swr to SWAP restore Shellcode (109 bytes)
Linux/x86 - Read SWAP write to /tmp/swr Shellcode (109 bytes)
Linux/x86 - Bind TCP Password (gotfault) Shell (64713/TCP) Shellcode (166 bytes)
Linux/x86 - Bind 64713/TCP Shellcode (86 bytes)
Linux/x86 - Bind TCP /bin/sh Password (gotfault) Shell (64713/TCP) Shellcode (166 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (64713/TCP) Shellcode (86 bytes)

Linux/x86 - setreuid(0_0) execve(_/bin/sh__ [_/bin/sh__ NULL]) Shellcode (33 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/sh__ [_/bin/sh__ NULL]) Shellcode (33 bytes)

Linux/x86 - TCP Proxy Shellcode (236 bytes)
Linux/x86 - TCP Proxy Null-Free Shellcode (236 bytes)
Linux/x86 - execve /bin/sh xored for Intel x86 CPUID Shellcode (41 bytes)
Linux/x86 - execve /bin/sh Shellcode (+1 Encoded) (39 bytes)
Linux/x86 - Add User (xtz) To /etc/passwd Shellcode (59 bytes)
Linux/x86 - anti-debug trick (INT 3h trap) + execve /bin/sh Shellcode (39 bytes)
Linux/x86 - Bind /bin/sh to 31337/TCP Shellcode (80 bytes)
Linux/x86 - Bind /bin/sh to 31337/TCP + fork() Shellcode (98 bytes)
Linux/x86 (Intel x86 CPUID) - execve /bin/sh XORED Encoded Shellcode (41 bytes)
Linux/x86 - execve /bin/sh Shellcode +1 Encoded (39 bytes)
Linux/x86 - Add Root User (xtz) To /etc/passwd Shellcode (59 bytes)
Linux/x86 - Anti-Debug Trick (INT 3h trap) + execve /bin/sh Shellcode (39 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) Shellcode (80 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) + fork() Shellcode (98 bytes)

Linux/x86 - chmod(/etc/shadow_ 0666) + exit() Shellcode (32 bytes)
Linux/x86 - chmod 0666 /etc/shadow + exit() Shellcode (32 bytes)

Linux/x86 - Reverse  TCP Shell Shellcode (90 bytes)  (Generator)
Linux/x86 - Reverse TCP Shell Shellcode (90 bytes) (Generator)
Linux/x86 - read(0_buf_2541); chmod(buf_4755); Shellcode (23 bytes)
Linux/x86 - write(0__Hello core!\n__12); (with optional 7 byte exit) Shellcode (36 bytes)
Linux/x86 - snoop /dev/dsp Shellcode (172 bytes)
Linux/x86 - /bin/sh Standard Opcode Array Payload Shellcode (21 bytes)
Linux/x86 - read(0_buf_2541); + chmod(buf_4755); Shellcode (23 bytes)
Linux/x86 - write(0__Hello core!\n__12); Exit Shellcode (36/43 bytes)
Linux/x86 - snoop /dev/dsp Null-Free Shellcode (172 bytes)
Linux/x86 - execve /bin/sh Standard Opcode Array Payload Shellcode (21 bytes)
Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (23 bytes)
Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (27 bytes)
Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (45 bytes)
Linux/x86 - chroot + standart Shellcode (66 bytes)
Linux/x86 - execve /bin/sh sysenter Opcode Array Payload Shellcode (23 bytes)
Linux/x86 - execve /bin/sh sysenter Opcode Array Payload Shellcode (27 bytes)
Linux/x86 - execve /bin/sh sysenter Opcode Array Payload Shellcode (45 bytes)
Linux/x86 - Break chroot (../ 20x Loop) + execve /bin/sh Shellcode (66 bytes)
Linux/x86 - setreuid/execve Shellcode (31 bytes)
Linux/x86 - Alphanumeric Shellcode (64 bytes)
Linux/x86 - Alphanumeric using IMUL Method Shellcode (88 bytes)
Linux/x86 - setreuid + execve Shellcode (31 bytes)
Linux/x86 - Alphanumeric Encoded Shellcode (64 bytes)
Linux/x86 - Alphanumeric Encoder (IMUL Method) Shellcode (88 bytes)
Linux/x86 - Bind 5074/TCP (ToUpper Encoded) Shellcode (226 bytes)
Linux/x86 - Add User (t00r) Anti-IDS Shellcode (116 bytes)
Linux/x86 - Bind TCP Shell (5074/TCP) ToUpper Encoded Shellcode (226 bytes)
Linux/x86 - Add Root User (t00r) Anti-IDS Shellcode (116 bytes)
Linux/x86 - iptables -F Shellcode (45 bytes)
Linux/x86 - iptables -F Shellcode (58 bytes)
Linux/x86 - Flush IPTables Rules (/sbin/iptables -F)  Shellcode (45 bytes)
Linux/x86 - Flush IPTables Rules (/sbin/iptables -F)  Shellcode (58 bytes)

Linux/x86 - connect Shellcode (120 bytes)
Linux/x86 - Reverse TCP /bin/sh Shell Shellcode (120 bytes)

Linux/x86 - cp /bin/sh /tmp/katy ; chmod 4555 katy Shellcode (126 bytes)
Linux/x86 - cp /bin/sh /tmp/katy ; + chmod 4555 katy Shellcode (126 bytes)
Linux/x86 - execve /bin/sh setreuid(12_12) Shellcode (50 bytes)
Linux/x86 - Bind 5074/TCP Shellcode (92 bytes)
Linux/x86 - Bind 5074/TCP + fork() Shellcode (130 bytes)
Linux/x86 - Add User (t00r) Shellcode (82 bytes)
Linux/x86 - Add User Shellcode (104 bytes)
Linux/x86 - break chroot Shellcode (34 bytes)
Linux/x86 - break chroot Shellcode (46 bytes)
Linux/x86 - break chroot execve /bin/sh Shellcode (80 bytes)
Linux/x86 - execve /bin/sh + setreuid(12_12) Shellcode (50 bytes)
Linux/x86 - Bind TCP Shell (5074/TCP) Shellcode (92 bytes)
Linux/x86 - Bind TCP Shell (5074/TCP) + fork() Shellcode (130 bytes)
Linux/x86 - Add Root User (t00r) Shellcode (82 bytes)
Linux/x86 - Add Root User Shellcode (104 bytes)
Linux/x86 - Break chroot (../ 10x Loop) Shellcode (34 bytes)
Linux/x86 - Break chroot (../ 10x Loop) Shellcode (46 bytes)
Linux/x86 - Break chroot + execve /bin/sh Shellcode (80 bytes)

Linux/x86 - execve /bin/sh (XOR Encoded) Shellcode (55 bytes)
Linux/x86 - execve /bin/sh XOR Encoded Shellcode (55 bytes)

Linux/x86 - chroot()/execve() code Shellcode (80 bytes)
Linux/x86 - Add User (z) Shellcode (70 bytes)
Linux/x86 - break chroot setuid(0) + /bin/sh Shellcode (132 bytes)
Linux/x86-64 - Bind 4444/TCP Shellcode (132 bytes)
Linux/x86 - Add Root User (z) Shellcode (70 bytes)
Linux/x86 - setreuid(0_ 0) + Break chroot (mkdir/chdir/chroot _../_) + execve /bin/sh Shellcode (132 bytes)
Linux/x86-64 - Bind TCP Shell (4444/TCP) Shellcode (132 bytes)
Linux PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (99 bytes)
OSX PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (121 bytes)
Linux/x86 & Unix/SPARC & IRIX/MIPS - execve /bin/sh Shellcode (141 bytes)
Linux/x86 & Unix/SPARC - execve /bin/sh Shellcode (80 bytes)
Linux/x86 & bsd/x86 - execve /bin/sh Shellcode (38 bytes)
Linux/PPC / Linux/x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (99 bytes)
OSX/PPC / OSX/x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (121 bytes)
Linux/x86 / Unix/SPARC / IRIX/MIPS - execve /bin/sh Shellcode (141 bytes)
Linux/x86 / Unix/SPARC - execve /bin/sh Shellcode (80 bytes)
BSD/x86 / Linux/x86 - execve /bin/sh Shellcode (38 bytes)
NetBSD/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); Shellcode (29 bytes)
NetBSD/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); Shellcode (30 bytes)
NetBSD/x86 - setreuid(0_ 0); + execve(_/bin//sh__ ..._ NULL); Shellcode (29 bytes)
NetBSD/x86 - setreuid(0_ 0); + execve(_/bin//sh__ ..._ NULL); Shellcode (30 bytes)
OpenBSD/x86 - Bind 6969/TCP Shellcode (148 bytes)
OpenBSD/x86 - Add user _w00w00_ Shellcode (112 bytes)
OSX/PPC - sync()_ reboot() Shellcode (32 bytes)
OpenBSD/x86 - Bind TCP Shell (6969/TCP) Shellcode (148 bytes)
OpenBSD/x86 - Add Root User (w00w00) Shellcode (112 bytes)
OSX/PPC - sync() + reboot() Shellcode (32 bytes)

OSX/PPC - Add user _r00t_ Shellcode (219 bytes)
OSX/PPC - Add Root User (r00t) Shellcode (219 bytes)
Solaris/SPARC - executes command after setreuid Shellcode (92+ bytes)
Solaris/SPARC -  Reverse TCP XNOR Encoded Shell (44434/TCP) Shellcode (600 bytes) (Generator)
Solaris/SPARC - setreuid/execve Shellcode (56 bytes)
Solaris/SPARC - Bind 6666/TCP Shellcode (240 bytes)
Solaris/SPARC - setreuid + executes command Shellcode (92+ bytes)
Solaris/SPARC - Reverse TCP Shell (44434/TCP) XNOR Encoded Shellcode (600 bytes) (Generator)
Solaris/SPARC - setreuid + execve Shellcode (56 bytes)
Solaris/SPARC - Bind TCP Shell (6666/TCP) Shellcode (240 bytes)
Solaris/SPARC - Bind 6789/TCP Shellcode (228 bytes)
Solaris/SPARC - Reverse TCP Shell (192.168.1.4:5678/TCP) Shellcode (204 bytes)
Solaris/SPARC - Bind Shellcode (240 bytes)
Solaris/x86 - Bind TCP Shellcode (Generator)
Solaris/SPARC - Bind TCP /bin/sh (6789/TCP) Shellcode (228 bytes)
Solaris/SPARC - Reverse TCP /bin/sh Shell (192.168.1.4:5678/TCP) Shellcode (204 bytes)
Solaris/SPARC - Bind TCP Shell Shellcode (240 bytes)
Solaris/x86 - Bind TCP Shellcode (Generator)
Windows 5.0 < 7.0 x86 - Bind Shell 28876/TCP Null-Free Shellcode
Win32/XP SP2 (EN) - cmd.exe Shellcode (23 bytes)
Win32 - SEH Omelet Shellcode
Win32 - Bind 23/TCP Winexec Telnet Shellcode (111 bytes)
Win32 - PEB!NtGlobalFlags Shellcode (14 bytes)
Win32 XP SP2 (FR) - Sellcode cmd.exe Shellcode (32 bytes)
Win32/XP SP2 - cmd.exe Shellcode (57 bytes)
Win32 - PEB 'Kernel32.dll' ImageBase Finder Alphanumeric Shellcode (67 bytes)
Win32 - PEB 'Kernel32.dll' ImageBase Finder (ASCII Printable) Shellcode (49 bytes)
Win32 - ConnectBack + Download A File + Save + Execute Shellcode
Win32 - Download File + Execute Shellcode (Browsers Edition) (Generator) (275+ bytes)
Win32 - Download File + Execute Shellcode (192 bytes)
Win32 - Download File + Execute Shellcode (124 bytes)
Win32/NT/XP - IsDebuggerPresent Shellcode (39 bytes)
Win32 SP1/SP2 - Beep Shellcode (35 bytes)
Win32/XP SP2 - Pop up message box Shellcode (110 bytes)
Win32 - WinExec() Command Parameter Shellcode (104+ bytes)
Win32 - Download File + Execute Shellcode (226+ bytes)
Windows NT/2000/XP (Russian) - Add User 'slim' Shellcode (318 bytes)
Windows 5.0 < 7.0 x86 - Bind TCP Shell (28876/TCP) Null-Free Shellcode
Windows XP SP2 x86 (English) - cmd.exe Shellcode (23 bytes)
Windows x86 - SEH Omelet Shellcode
Windows x86 - Add Administrator User (GAZZA/123456) + Start Telnet Service Shellcode (111 bytes)
Windows x86 - PEB!NtGlobalFlags Shellcode (14 bytes)
Windows XP SP2 x86 (French) - Sellcode cmd.exe Shellcode (32 bytes)
Windows XP SP2 x86 - cmd.exe Shellcode (57 bytes)
Windows x86 - PEB _Kernel32.dll_ ImageBase Finder Alphanumeric Shellcode (67 bytes)
Windows x86 - PEB _Kernel32.dll_ ImageBase Finder (ASCII Printable) Shellcode (49 bytes)
Windows x86 - ConnectBack + Download A File + Save + Execute Shellcode
Windows x86 - Download File + Execute Shellcode (Browsers Edition) (275+ bytes) (Generator)
Windows x86 - Download File + Execute Shellcode (192 bytes)
Windows x86 - Download File + Execute Shellcode (124 bytes)
Windows NT/XP x86 - IsDebuggerPresent Shellcode (39 bytes)
Windows SP1/SP2 x86 - Beep Shellcode (35 bytes)
Windows XP SP2 x86 - Pop up message box Shellcode (110 bytes)
Windows x86 - WinExec() Command Parameter Shellcode (104+ bytes)
Windows x86 - Download File + Execute Shellcode (226+ bytes)
Windows NT/2000/XP (Russian) - Add Administartor User (slim/shady) Shellcode (318 bytes)

Windows XP/2000/2003 - Reverse TCP Shell (127.0.0.1:53) Shellcode (275 bytes)  (Generator)
Windows XP/2000/2003 - Reverse TCP Shell (127.0.0.1:53) Shellcode (275 bytes) (Generator)
Windows XP - Download File + Execute Shellcode
Windows XP SP1 - Bind 58821/TCP Shellcode (116 bytes)
Windows XP - Download File + Execute Null-Free Shellcode
Windows XP SP1 - Bind TCP Shell (58821/TCP) Shellcode (116 bytes)

Win64 - (URLDownloadToFileA) Download + Execute Shellcode (218+ bytes)
Windows x64 - (URLDownloadToFileA) Download + Execute Shellcode (218+ bytes)
Linux/x86 - setuid(0) + cat /etc/shadow Shellcode (49 bytes)
Linux/x86 - chmod(/etc/shadow_ 0666) + exit() Shellcode (33 bytes)
Linux/x86 - setuid(0) + /bin/cat /etc/shadow Shellcode (49 bytes)
Linux/x86 - chmod 0666 /etc/shadow + exit() Shellcode (33 bytes)
Linux/x86 - overwrite MBR on /dev/sda with _LOL!' Shellcode (43 bytes)
Win32 XP SP3 - ShellExecuteA Shellcode
Linux/x86 - Pverwrite MBR on /dev/sda with _LOL!' Shellcode (43 bytes)
Windows XP SP3 x86 - ShellExecuteA Shellcode
Win32 XP SP3 - Add Firewall Rule to Allow 445/TCP Traffic Shellcode
FreeBSD/x86 - Bind 1337/TCP Shellcode (167 bytes)
Win32/XP SP2 - calc.exe Shellcode (45 bytes)
Windows XP SP3 x86 - Add Firewall Rule to Allow 445/TCP Traffic Shellcode
FreeBSD/x86 - Bind TCP /bin/sh Shell (1337/TCP) Shellcode (167 bytes)
Windows XP SP2 x86 - calc.exe Shellcode (45 bytes)

Win32/XP SP2 (EN + AR) - cmd.exe Shellcode (23 bytes)
Windows XP SP2 x86 (English / Arabic) - cmd.exe Shellcode (23 bytes)

Linux/x86 - break chroot Shellcode (79 bytes)
Linux/x86 - setuid + Break chroot (mkdir/chdir/chroot _..._) + execve /bin/sh Shellcode (79 bytes)

Linux/x86 - Append '/etc/passwd' + exit() Shellcode (107 bytes)
Linux/x86 - Add Root User (toor) To /etc/passwd + exit() Shellcode (107 bytes)

Win32 XP SP2 (FR) - calc Shellcode (19 bytes)
Windows XP SP2 x86 (French) - calc Shellcode (19 bytes)
Linux/x86 - bin/cat /etc/passwd Shellcode (43 bytes)
Win32 XP SP3 (English) - cmd.exe Shellcode (26 bytes)
Win32 XP SP2 (Turkish) - cmd.exe Shellcode (26 bytes)
Linux/x86 - /bin/sh Shellcode (8 bytes)
Linux/x86 - execve /bin/cat /etc/passwd Shellcode (43 bytes)
Windows XP SP3 x86 (English) - cmd.exe Shellcode (26 bytes)
Windows XP SP2 x86 (Turkish) - cmd.exe Shellcode (26 bytes)
Linux/x86 - execve /bin/sh Shellcode (8 bytes)
Linux/x86 - disabled modsecurity Shellcode (64 bytes)
Win32 - JITed Stage-0 Shellcode
Win32 - JITed exec notepad Shellcode
Windows XP Professional SP2 (ITA) - calc.exe Shellcode (36 bytes)
Win32 - Mini HardCode WinExec&ExitProcess Shellcode (16 bytes)
Linux/x86 - Disabled modsecurity Shellcode (64 bytes)
Windows x86 - JITed Stage-0 Shellcode
Windows x86 - JITed exec notepad Shellcode
Windows XP Professional SP2 (Italian) - calc.exe Shellcode (36 bytes)
Windows XP SP2 x86 - write.exe + ExitProcess WinExec Shellcode (16 bytes)
Win32/XP SP3 (RU) - WinExec+ExitProcess cmd Shellcode (12 bytes)
Win32 - MessageBox Shellcode (Metasploit)
Windows XP SP3 x86 (Russia) - cmd + ExitProcess WinExec Shellcode (12 bytes)
Windows x86 - MessageBox Shellcode (Metasploit)
Linux/x86 - Bind nc -lvve/bin/sh -p13377 Shellcode
Linux/x86 - chmod(_/etc/shadow__ 0666) Shellcode (36 bytes)
Linux/x86 - Bind Netcat Shell (13377/TCP) Shellcode
Linux/x86 - chmod 0666 /etc/shadow Shellcode (36 bytes)
Linux/x86 - chmod(_/etc/shadow__ 0777) Shellcode (33 bytes)
Linux/x86 - chmod(_/etc/shadow__ 0777) Shellcode (29 bytes)
Linux - write() + exit(0) Shellcode (Genearator With Customizable Text)
Linux/x86 - chmod  0777 /etc/shadow Shellcode (33 bytes)
Linux/x86 - chmod 0777 /etc/shadow Shellcode (29 bytes)
Linux - write() + exit(0) Shellcode (Generator)

Linux/x86 - Sends 'Phuck3d!' To All Terminals Shellcode (60 bytes)
Linux/x86 - Sends _Phuck3d!_ To All Terminals Shellcode (60 bytes)

Windows XP SP2 (FR) - Download File + Execute Shellcode
Windows XP SP2 (French) - Download File + Execute Shellcode

Linux/x86 - Disable randomize stack addresse Shellcode (106 bytes)
Linux/x86 -  Disable ASLR Security Shellcode Shellcode (106 bytes)
Linux/x86 - setuid(0) + chmod(_/etc/shadow__ 0666) Polymorphic Shellcode (61 bytes)
Linux/x86 - change mode 0777 of '/etc/shadow' with sys_chmod syscall Shellcode (39 bytes)
Linux/x86 - setuid(0) + chmod 0666 /etc/shadow Polymorphic Shellcode (61 bytes)
Linux/x86 - (sys_chmod syscall) chmod 0777 /etc/shadow Shellcode (39 bytes)

Linux/x86 - change mode 0777 of '/etc/passwd' with sys_chmod syscall Shellcode (39 bytes)
Linux/x86 - (sys_chmod syscall) chmod 0777 /etc/passwd Shellcode (39 bytes)

Linux/x86 - Reverse  Netcat Shell (8080/TCP) Shellcode (76 bytes)
Linux/x86 - Reverse Netcat Shell (8080/TCP) Shellcode (76 bytes)

Solaris/x86 - Sync() & reboot() + exit(0) Shellcode (48 bytes)
Solaris/x86 - Sync() + reboot() + exit(0) Shellcode (48 bytes)
Linux/x86 - Bind 31337/TCP + setreuid (0_0) Polymorphic Shellcode (131 bytes)
Linux/x86-64 - setuid(0) + chmod (_/etc/passwd__ 0777) & exit(0) Shellcode (63 bytes)
Linux/x86 - Bind TCP Shell (31337/TCP) + setreuid(0_0) Polymorphic Shellcode (131 bytes)
Linux/x86-64 - setuid(0) + chmod 0777 /etc/passwd + exit(0) Shellcode (63 bytes)

Windows XP SP3 (SPA) - URLDownloadToFileA + CreateProcessA + ExitProcess Shellcode (176+ bytes)
Windows XP SP3 (Spanish) - URLDownloadToFileA + CreateProcessA + ExitProcess Shellcode (176+ bytes)

Windows - WinExec cmd.exe + ExitProcess Shellcode (195 bytes)
Windows - cmd.exe + ExitProcess WinExec Shellcode (195 bytes)
Linux/x86 - /bin/sh Polymorphic Shellcode (116 bytes)
Linux/ARM - chmod(_/etc/shadow__ 0777) polymorphic Shellcode (84 bytes)
Linux/ARM - chmod(_/etc/shadow__ 0777) Shellcode (35 bytes)
Linux/x86 - execve /bin/sh Polymorphic Shellcode (116 bytes)
Linux/ARM - chmod 0777 /etc/shadow Polymorphic Shellcode (84 bytes)
Linux/ARM - chmod 0777 /etc/shadow Shellcode (35 bytes)
Linux/ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL); (XOR 88 encoded) Polymorphic Shellcode (78 bytes)
Linux/x86 - Bind Shell 64533 Shellcode (97 bytes)
Linux/ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL); XOR 88 Encoded Polymorphic Shellcode (78 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (64533/TCP) Shellcode (97 bytes)
Linux - setreuid(0_0) execve(_/bin/sh__NULL_NULL) XOR Encoded Shellcode (62 bytes)
Safari 4.0.5 - 5.0.0 (Windows XP/7) - JavaScript JITed exec calc (ASLR/DEP Bypass) Shellcode
Linux - Bind 6778/TCP (XOR Encoded) Polymorphic Shellcode (125 bytes)
Linux - Bind Shell (nc -lp 31337 -e /bin//sh) Polymorphic Shellcode (91 bytes)
ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL) Polymorphic Shellcode (Generator)
Linux - setreuid(0_0) + execve(_/bin/sh__NULL_NULL) XOR Encoded Shellcode (62 bytes)
Safari 4.0.5 < 5.0.0 (Windows XP/7) - JavaScript JITed exec calc (ASLR/DEP Bypass) Null-Free Shellcode
Linux - Bind TCP Shell (6778/TCP) XOR Encoded Polymorphic Shellcode (125 bytes)
Linux - Bind Netcat Shell (31337/TCP) Polymorphic Shellcode (91 bytes)
ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL) Polymorphic Shellcode (Generator)

Win32 - Write-to-file Shellcode (278 bytes)
Windows x86 - Write-to-file Null-Free Shellcode (278 bytes)
Linux/x86 - Bind Shell Netcat 8080/TCP Shellcode (75 bytes)
Linux/x86 - /bin/sh Polymorphic Null-Free Shellcode (46 bytes)
Windows XP SP3 English - MessageBoxA Shellcode (87 bytes)
BSD/x86 - Bind Shell 2525/TCP Shellcode (167 bytes)
Win32 - Checksum Routine Shellcode (18 bytes)
Linux/x86 - Bind Netcat (/bin/nc) /bin/sh Shell (8080/TCP) Shellcode (75 bytes)
Linux/x86 - execve /bin/sh Polymorphic Null-Free Shellcode (46 bytes)
Windows XP SP3 (English) - MessageBoxA Shellcode (87 bytes)
BSD/x86 - Bind TCP Shell (2525/TCP) Shellcode (167 bytes)
Windows x86 - Checksum Routine Shellcode (18 bytes)

Win32/XP SP3 (TR) - Add Administrator 'zrl' Shellcode (127 bytes)
Windows XP SP3 x86 (Turkish) - Add Administrator User (zrl/123456) Shellcode (127 bytes)
Win32/XP Professional SP3 (EN) x86 - Add New Local Administrator 'secuid0' Shellcode (113 bytes)
Win32 - Add New Local Administrator 'secuid0' Shellcode (326 bytes)
Windows XP Professional SP3 (English) x86 - Add Local Administrator User (secuid0/m0nk) Shellcode (113 bytes)
Windows x86 - Add Local Administrator User (secuid0/m0nk) Shellcode (326 bytes)
ARM - Bind Connect (68/UDP) + Reverse Shell (192.168.0.1:67/UDP) Shellcode
ARM - Loader Port 0x1337 Shellcode
ARM - ifconfig eth0 and Assign Address 192.168.0.2 Shellcode
ARM - Bind (68/UDP) + Reverse Shell (192.168.0.1:67/UDP) Shellcode
ARM - Loader (0x1337/TCP) Shellcode
ARM - ifconfig eth0 192.168.0.2 up Shellcode
ARM - Create a New User with UID 0 Shellcode (Metasploit) (Generator) (66+ bytes)
Win32 - Speaking 'You got pwned!' Shellcode
FreeBSD/x86 - connect back Shellcode (81 bytes)
BSD/x86 - Bind Shell 31337/TCP + fork Shellcode (111 bytes)
Win32 - eggsearch Shellcode (33 bytes)
Linux/SuperH (sh4) - setuid(0) + chmod(_/etc/shadow__ 0666) + exit(0) Shellcode (43 bytes)
Linux/x86 - Bind Shell Netcat 6666/TCP Shellcode (69 bytes)
OSX/Intel (x86-64) - Reverse TCP Shell (FFFFFFFF:4444/TCP) Shellcode (131 bytes)
Windows - WinExec Add New Local Administrator 'RubberDuck' + ExitProcess Shellcode (279 bytes)
Linux/x86 - ASLR deactivation Shellcode (83 bytes)
Windows - Download File + Execute via DNS (IPv6) Shellcode (Generator) (Metasploit)
Linux/x86 - Reverse  TCP SSL Shell (localhost:8080) Shellcode (422 bytes)
ARM - Add Root User Shellcode (Metasploit) (66+ bytes) (Generator)
Windows 5.0 < 7.0 x86 - Speaking _You got pwned!_ Null-Free Shellcode
FreeBSD/x86 - Reverse TCP /bin/sh Shell (127.0.0.1:1337/TCP) Shellcode (81 bytes) (Generator)
BSD/x86 - Bind TCP Shell (31337/TCP) + fork Shellcode (111 bytes)
Windows x86 - eggsearch Shellcode (33 bytes)
Linux/SuperH (sh4) - setuid(0) + chmod 0666 /etc/shadow + exit(0) Shellcode (43 bytes)
Linux/x86 - Bind Netcat (/usr/bin/netcat) /bin/sh Shell (6666/TCP) + Polymorphic XOR Encoded Shellcode (69 bytes)
OSX/Intel (x86-64) - Reverse TCP /bin/sh Shell (FFFFFFFF:4444/TCP) Shellcode (131 bytes)
Windows - Add Local Administrator User (RubberDuck/mudbath) + ExitProcess WinExec Shellcode (279 bytes)
Linux/x86 - Disable ASLR Security Shellcode (83 bytes)
Windows - Download File + Execute via DNS (IPv6) Shellcode (Generator) (Metasploit)
Linux/x86 - Reverse TCP SSL Shell (localhost:8080) Shellcode (422 bytes)
Win32/PerfectXp-pc1/SP3 (TR) - Add Administrator 'kpss' Shellcode (112 bytes)
Linux/x86 - Egghunter Shellcode (29 bytes)
Windows PerfectXp-pc1/SP3 x86 (Turkish) - Add Administrator User (kpss/12345) Shellcode (112 bytes)
Linux/x86 - Egghunter Null-Free Shellcode (29 bytes)
Linux/MIPS - XOR Encoder Shellcode (Generator) (60 bytes)
Linux/SuperH (sh4) - setuid(0) ; execve(_/bin/sh__ NULL_ NULL) Shellcode (27 bytes)
Linux/MIPS - XOR Encoder Shellcode (60 bytes) (Generator)
Linux/SuperH (sh4) - setuid(0); + execve(_/bin/sh__ NULL_ NULL) Shellcode (27 bytes)

Linux/MIPS - Add User(UID 0) (rOOt/'pwn3d) Shellcode (164 bytes)
Linux/MIPS - Add Root User (rOOt/pwn3d) Shellcode (164 bytes)

Linux/MIPS - Connectback Shellcode (port 0x7a69) (168 bytes)
Linux/MIPS - Reverse TCP Shell (0x7a69/TCP) Shellcode (168 bytes)

Linux/x86 - setuid(0) + setgid(0) + Add User (iph) To /etc/passwd Polymorphic Shellcode
Linux/x86 - setuid(0) + setgid(0) + Add Root User (iph) To /etc/passwd Polymorphic Shellcode

Linux/x86-64 - Add User (t0r/Winner) Shellcode (189 bytes)
Linux/x86-64 - Add Root User (t0r/Winner) Shellcode (189 bytes)

Linux/ARM (Raspberry Pi) - Reverse TCP Shell (10.1.1.2:0x1337/TCP) Shellcode (72 bytes)
Linux/ARM (Raspberry Pi) - Reverse TCP /bin/sh Shell (10.1.1.2:0x1337/TCP) Shellcode (72 bytes)

Linux/ARM (Raspberry Pi) - chmod(_/etc/shadow__ 0777) Shellcode (41 bytes)
Linux/ARM (Raspberry Pi) - chmod 0777 /etc/shadow Shellcode (41 bytes)
Windows XP Professional SP3 - Full ROP calc Shellcode (428 bytes)
Windows x64 - Bind TCP Shell Shellcode (508 bytes)
Windows XP Professional SP3 - calc Full ROP Shellcode (428 bytes)
Windows x64 - Bind TCP Shell (4444/TCP) Shellcode (508 bytes)

Cisco ASA - Authentication Bypass 'EXTRABACON' (Improved Shellcode) (69 bytes)
Cisco ASA - Authentication Bypass _EXTRABACON_ (Improved Shellcode) (69 bytes)

Windows RT ARM - Bind Shell 4444/TCP Shellcode
Windows RT ARM - Bind TCP Shell (4444/TCP) Shellcode
Windows - Messagebox Shellcode (113 bytes)
Linux/MIPS (Little Endian) - Reverse TCP Shell (192.168.1.177:31337/TCP) Shellcode (200 bytes)
Windows 7 x86 - Bind Shell 4444/TCP Shellcode (357 Bytes)
Windows - Add Administrator 'BroK3n' Shellcode (194 bytes)
Windows - Messagebox Null-FreeShellcode (113 bytes)
Linux/MIPS (Little Endian) - Reverse TCP /bin/sh Shell (192.168.1.177:31337/TCP) Shellcode (200 bytes)
Windows 7 x86 - Bind TCP Shell (4444/TCP) Shellcode (357 Bytes)
Windows - Add Administrator User (BroK3n/BroK3n) Null-Free Shellcode (194 bytes)
Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add New Root User (ALI/ALI) + Execute /bin/sh Shellcode (378 bytes)
Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add New Root User (ALI/ALI) + setreuid + Execute /bin/bash Obfuscated Shellcode (521 bytes)
Linux/x86-64 - Reverse TCP Shell (127.1.1.1:6969/TCP) Shellcode (139 bytes)
Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add Root User (ALI/ALI) + Execute /bin/sh Shellcode (378 bytes)
Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add Root User (ALI/ALI) + setreuid + Execute /bin/bash Obfuscated Shellcode (521 bytes)
Linux/x86-64 - Reverse TCP /bin/bash Shell (127.1.1.1:6969/TCP) Shellcode (139 bytes)
Linux/x86-64 - Bind TCP Password (Z~r0) Shell (4444/TCP) Shellcode (81/96 bytes)
Linux/x86-64 - Reverse TCP Password (Z~r0) Shell (127.0.0.1:4444/TCP) Shellcode (77-85/90-98 bytes)
Windows x86 - Add Administrator 'ALI' + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes)
Windows x64 - Add Administrator 'ALI' + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes)
Linux/x86-64 - Bind TCP /bin/sh Shell (4444/TCP) + Password (Z~r0) Null-Free Shellcode (81/96 bytes)
Linux/x86-64 - Reverse TCP Password (Z~r0) /bin/sh Shell (127.0.0.1:4444/TCP) Null-Free + Null-Mask Shellcode (77-85/90-98 bytes)
Windows x86 - Add Administrator User (ALI/ALI) + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes)
Windows x64 - Add Administrator User (ALI/ALI) + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes)
Windows XP x86-64 - Download File + Execute Shellcode (Generator)
Linux/MIPS (Little Endian) - Chmod 666 /etc/shadow Shellcode (55 bytes)
Linux/MIPS (Little Endian) - Chmod 666 /etc/passwd Shellcode (55 bytes)
Windows XP x86-64 - Download File + Execute Shellcode (Generator)
Linux/MIPS (Little Endian) - chmod 666 /etc/shadow Shellcode (55 bytes)
Linux/MIPS (Little Endian) - chmod 666 /etc/passwd Shellcode (55 bytes)
Linux/x86 - execve(_/bin/sh_) (ROT13 Encoded) Shellcode (68 bytes)
Linux/x86 - chmod 0777 /etc/shadow obfuscated Shellcode (84 bytes)
Linux/x86 - execve(_/bin/sh_) ROT13 Encoded Shellcode (68 bytes)
Linux/x86 - chmod 0777 /etc/shadow Obfuscated Shellcode (84 bytes)
Linux/x86 - Reverse TCP Shell (192.168.1.133:33333) Shellcode (72 bytes)
Linux/x86 - Bind Shell 33333/TCP Shellcode (96 bytes)
Linux/x86 - Disable ASLR Shellcode (84 bytes)
Linux/x86 - Reverse TCP /bin/sh Shell (192.168.1.133:33333) Shellcode (72 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (33333/TCP) Shellcode (96 bytes)
Linux/x86 - Disable ASLR Security Shellcode (84 bytes)
Linux/x86 - Typewriter Shellcode (Generator)
Linux/x86 - Create 'my.txt' Working Directory Shellcode (37 bytes)
Linux/x86 - Typewriter Shellcode (Generator)
Linux/x86 - Create _my.txt_ In Working Directory Shellcode (37 bytes)
Win32/XP SP3 - Create ('file.txt') Shellcode (83 bytes)
Win32/XP SP3 - Restart computer Shellcode (57 bytes)
Linux/x86 - custom execve Shellcode (Encoder/Decoder) (Generator)
Windows XP SP3 x86 - Create (_file.txt_) Shellcode (83 bytes)
Windows XP SP3 x86 - Restart Computer Shellcode (57 bytes)
Linux/x86 - Custom execve Shellcode (Encoder/Decoder) (Generator)

Linux/x86 - Bind Shell /bin/nc -le /bin/sh -vp 17771 Shellcode (58 bytes)
Linux/x86 - Bind Netcat (/bin/nc) /bin/sh Shell (17771/TCP) Shellcode (58 bytes)
Linux/x86 - chmod() 777 /etc/shadow + exit() Shellcode (33 bytes)
Linux/x86 - execve /bin/sh Shellcode (2) (21 bytes)
Linux/x86 - chmod 777 /etc/shadow + exit() Shellcode (33 bytes)
Linux/x86 - execve /bin/sh Shellcode (21 bytes)
Linux/x86 - Bind Shell Netcat 5555/TCP Shellcode (60 bytes)
Linux/x86-64 - execve(/bin/sh) Shellcode (30 bytes)
Linux/x86 - Bind Netcat Shell (5555/TCP) Shellcode (60 bytes)
Linux/x86-64 - execve(/bin/sh) Null-Free Shellcode (30 bytes)
Linux/x86 - chmod('/etc/passwd'_0777) Shellcode (42 bytes)
Linux/x86 - chmod('/etc/gshadow') Shellcode (37 bytes)
Linux/x86 - chmod('/etc/shadow'_'0777') Shellcode (42 bytes)
Linux/x86 - exec('/bin/dash') Shellcode (45 bytes)
Linux/x86 - chmod 0777 /etc/passwd Shellcode (42 bytes)
Linux/x86 - chmod /etc/gshadow Shellcode (37 bytes)
Linux/x86 - chmod 0777 /etc/shadow Shellcode (42 bytes)
Linux/x86 - exec(_/bin/dash_) Shellcode (45 bytes)
Linux/x86 - /bin/sh (ROT7 Encoded) Shellcode
Win32/XP SP3 (TR) - MessageBox Shellcode (24 bytes)
Linux/x86 - execve /bin/sh ROT7 Encoded Shellcode
Windows XP SP3 x86 (Turkish) - MessageBox Shellcode (24 bytes)
Windows x86 - user32!MessageBox 'Hello World!' Null-Free Shellcode (199 bytes)
Linux/x86 - /bin/sh (ROL/ROR Encoded) Shellcode
Windows x86 - user32!MessageBox _Hello World!_ Null-Free Shellcode (199 bytes)
Linux/x86 - execve /bin/sh ROL/ROR Encoded Shellcode
OSX/x86-64 - /bin/sh Null-Free Shellcode (34 bytes)
Mainframe/System Z - Bind Shell 12345/TCP Shellcode (2488 bytes)
OSX/x86-64 - execve /bin/sh Null-Free Shellcode (34 bytes)
Mainframe/System Z - Bind TCP Shell (12345/TCP) Null-Free Shellcode (2488 bytes)

Linux/x86 - Create file with permission 7775 + exit Shellcode (Generator)
Linux/x86 - Create File With Permission 7775 + exit Shellcode (Generator)
OSX/x86-64 - Bind 4444/TCP Null-free Shellcode (144 bytes)
Linux/x86-64 - /bin/sh Shellcode (34 bytes)
Google Android - Telnetd Port 1035 with Parameters Shellcode (248 bytes)
OSX/x86-64 - Bind TCP /bin/sh Shell (4444/TCP) Null-Free Shellcode (144 bytes)
Linux/x86-64 - execve /bin/sh Shellcode (34 bytes)
Google Android - Bind Telnetd Shell (1035/TCP) + Environment / Parameters Shellcode (248 bytes)

Linux/x86-64 - Bind TCP Password (1234) Shell (31173/TCP) Shellcode (92 bytes)
Linux/x86-64 - Bind TCP /bin/sh Password (1234) Shell (31173/TCP) Shellcode (92 bytes)
Windows XP < 10 - WinExec Null-Free Shellcode (Generator) (Python)
Linux/x86-64 - Bind 4444/TCP Shellcode (103 bytes)
Linux/x86-64 - Bind TCP Password (hack) Shell (4444/TCP) Shellcode (162 bytes)
Windows XP < 10 - WinExec Null-Free Shellcode (Generator)
Linux/x86-64 - Bind TCP /bin/sh Shell (4444/TCP) Null-Free Shellcode (103 bytes)
Linux/x86-64 - Bind TCP /bin/sh Password (hack) Shell (4444/TCP) Null-Free Shellcode (162 bytes)

Linux/x86-64 - Reverse TCP Password (hack) Shell (127.0.0.1:4444/TCP) Shellcode (151 bytes)
Linux/x86-64 - Reverse TCP Password (hack) /bin/sh Shell (127.0.0.1:4444/TCP) Null-Free Shellcode (151 bytes)

Linux/x86-64 - execve (xor/not/div Encoded) Shellcode (54 bytes)
Linux/x86-64 - execve XOR/NOT/DIV Encoded Shellcode (54 bytes)

Linux x86/x86-64 - Bind 4444/TCP Shellcode (251 bytes)
Linux x86/x86-64 - Bind Shell (4444/TCP) Shellcode (251 bytes)
Linux/x86-64 - Reverse TCP Password (hack) Polymorphic Shell (127.0.0.1:4444/TCP) Shellcode (122 bytes)
Linux/x86-64 - Reverse TCP Password (hack) Polymorphic Shell (127.0.0.1:4444/TCP) Shellcode (135 bytes)
Linux/x86-64 - Reverse TCP Password (hack) /bin/sh Shell (127.0.0.1:4444/TCP) Polymorphic Shellcode (122 bytes)
Linux/x86-64 - Reverse TCP Password (hack) Shell (127.0.0.1:4444/TCP) Polymorphic Shellcode (135 bytes)

Linux/ARM - Connect back to 10.0.0.10:1337 with /bin/sh Shellcode (95 bytes)
Linux/ARM - Reverse TCP /bin/sh Shell (10.0.0.10:1337/TCP) Shellcode (95 bytes)

Linux/x86-64 - Bind 5600/TCP Shellcode (81 bytes)
Linux/x86-64 - Bind TCP Shell (5600/TCP) Shellcode (81 bytes)

Linux/x86-64 - Bind 5600/TCP Shellcode (86 bytes)
Linux/x86-64 - Bind TCP Shell (5600/TCP) Shellcode (86 bytes)
Linux/x86 - Reverse TCP Shell (::ffff:192.168.64.129:1472/TCP) (IPv6) Shellcode (159 bytes)
Linux/x86 - Bind 1472/TCP Shell (IPv6) Shellcode (1250 bytes)
Linux/x86 - Reverse TCP /bin/sh Shell (::ffff:192.168.64.129:1472/TCP) (IPv6) Shellcode (159 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (1472/TCP) (IPv6) Shellcode (1250 bytes)
Win32 .Net Framework - Execute Native x86 Shellcode
Linux/x86-64 - Bind 1472/TCP Shell (IPv6) Shellcode (199 bytes)
Linux/x86-64 - Reverse TCP Shell (192.168.209.131:1472/TCP) (IPv6) Shellcode (203 bytes)
Windows .Net Framework x86 - Execute Native x86 Shellcode
Linux/x86-64 - Bind TCP /bin/sh Shell (1472/TCP) (IPv6) Shellcode (199 bytes)
Linux/x86-64 - Reverse TCP /bin/sh Shell (192.168.209.131:1472/TCP) (IPv6) Shellcode (203 bytes)

Linux/x86 - Bind Shell 1234/TCP (Configurable Port) Shellcode (87 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (1234/TCP) Shellcode (87 bytes) (Generator)
Linux/x86 - Bind Shell 4444/TCP Shellcode (656 bytes)
Linux/x86-64 - execve (XOR Encoded) Shellcode (84 bytes)
Linux/Windows/BSD x86-64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes)
Linux/x86 - Bind TCP /bin/bash Shell (4444/TCP) Shellcode (656 bytes)
Linux/x86-64 - execve XOR Encoded Shellcode (84 bytes)
BSD / Linux / Windows x86/x86-64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes)

Linux/x86 - Bind Shell /bin/nc -le /bin/sh -vp13337 Shellcode (56 bytes)
Linux/x86 - Bind Netcat (/bin/nc) /bin/sh Shell (13337/TCP) Shellcode (56 bytes)
Linux/x86 - /bin/sh + ASLR Bruteforce Shellcode
Linux/x86-64 - /etc/passwd File Sender Shellcode (164 bytes)
Linux/x86-64 - Bind Netcat Shellcode (64 bytes)
Linux/x86 - Bind Shell 4444/TCP Shellcode (98 bytes)
Linux/x86-64 - Bind Ncat (4442/TCP) Shell / SSL / Multi-Channel (4444/TCP-4447/TCP) / Persistant / Fork / IPv4/6 / Password Shellcode (176 bytes)
Linux/x86 - Reverse TCP Shell (192.168.227.129:4444) Shellcode (75 bytes)
Linux/x86-64 - Reverse TCP Shell (10.1.1.4/TCP) / Continuously Probing via Socket / Port-Range (391-399) / Password (la crips) Shellcode (172 bytes)
Linux/x86 - execve /bin/sh + ASLR Bruteforce Shellcode
Linux/x86-64 - Reverse TCP cat /etc/passwd (192.168.86.128:1472/TCP) Shellcode (164 bytes)
Linux/x86-64 - Bind Netcat Shell Null-Free Shellcode (64 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (4444/TCP) Shellcode (98 bytes)
Linux/x86-64 - Bind Ncat Shell (4442/TCP) / SSL / Multi-Channel (4444-4447/TCP) / Persistant / Fork / IPv4/6 / Password Null-Free Shellcode (176 bytes)
Linux/x86 - Reverse TCP /bin/sj Shell (192.168.227.129:4444) Shellcode (75 bytes)
Linux/x86-64 - Reverse TCP Shell (10.1.1.4/TCP) / Continuously Probing via Socket / Port-Range (391-399) / Password (la crips) Null-Free Shellcode (172 bytes)
Linux/x86-64 - Bind TCP (4442/TCP) Shell / Syscall Persistent / Multi-Terminal (4444/TCP-4447/TCP) / Password (la crips) / Daemon Shellcode (83/148/177 bytes)
Linux/CRISv32 - Axis Communication Connect Back Shellcode (189 bytes)
Linux/x86-64 - Bind TCP Shell (4442/TCP) / Syscall Persistent / Multi-Terminal (4444-4447/TCP) / Password (la crips) / Daemon Shellcode (83/148/177 bytes)
Linux/CRISv32 - Axis Communication - Reverse TCP /bin/sh Shell (192.168.57.1:443/TCP) Shellcode (189 bytes)
Linux/x86 - Bind Netcat 98/TCP + UDP Shellcode (44/52 bytes)
Linux/x86 - Bind zsh 9090/TCP Shellcode (96 bytes)
Linux/x86 - Reverse TCP ZSH (127.255.255.254:9090/TCP) Shellcode (80 bytes)
Linux/x86 - Bind Netcat Shell (98/TCP + UDP) Shellcode (44/52 bytes)
Linux/x86 - Bind TCP /bin/zsh Shell (9090/TCP) Shellcode (96 bytes)
Linux/x86 - Reverse TCP /bin/zsh Shell (127.255.255.254:9090/TCP) Shellcode (80 bytes)

Windows x64 - WinExec() Shellcode (93 bytes)
Windows x64 - cmd.exe WinExec() Shellcode (93 bytes)

Linux/x86-64 - /bin/sh -c reboot Shellcode (89 bytes)
Linux/x86-64 - execve /bin/sh -c reboot Shellcode (89 bytes)
Linux/x86 - Reverse Netcat + mkfifo  (-e option disabled) Shell (localhost:9999) Shellcode (180 bytes)
Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode (72 bytes)
Linux/x86 - Reverse Netcat + mkfifo (-e option disabled) Shell (localhost:9999) Shellcode (180 bytes)
Linux/x86 - execve /bin/bash -c Arbitrary Command Execution Null-Free Shellcode (72 bytes)

Linux/x86-64 - Bind 5600/TCP - Shellcode (87 bytes)
Linux/x86-64 - Bind TCP Shell (5600/TCP) Shellcode (87 bytes)
Linux - Reverse TCP Multi/Dual Mode Shell Shellcode (Genearator) (129 bytes)
Linux/x86 - Reverse TCP Alphanumeric Staged Shell (127.0.0.1:4444/TCP) Shellcode (103 bytes)
Linux - Bind Shell Dual/Multi Mode Shellcode (156 bytes)
Linux - Reverse TCP Multi/Dual Mode Shell Shellcode (129 bytes) (Generator)
Linux/x86 - Reverse TCP /bin/sh Alphanumeric Staged Shell (127.0.0.1:4444/TCP) Shellcode (103 bytes)
Linux - Bind TCP Dual/Multi Mode Shell Shellcode (156 bytes)

Linux/x86-64 - Reverse TCP Shell (127.0.0.1:4444/TCP) Shellcode (65 bytes)
Linux/x86-64 - Reverse TCP /bin/sh Shell (127.0.0.1:4444/TCP) Shellcode (65 bytes)

Windows x86 - Executable Directory Search Shellcode (130 bytes)
Windows x86 - Executable Directory Search Null-Free Shellcode (130 bytes)

Linux/x86-64 - Flush IPTables Polymorphic Shellcode (47 bytes)
Linux/x86-64 - Flush IPTables Rules (/sbin/iptables -F) Polymorphic Shellcode (47 bytes)

Linux/x86-64 - Reverse Netcat Polymorphic Shell (127.0.0.1:1234) Shellcode (106 bytes)
Linux/x86-64 - Reverse Netcat Shell (127.0.0.1:1234) Polymorphic Shellcode (106 bytes)

Linux/x86 - Bind Shell Shellcode (44 bytes)
Linux/x86 - Bind TCP /bin/sh Random Port Shell Shellcode (44 bytes)
Linux/x86 - Reverse TCP Shell (127.1.1.1:11111/TCP) Shellcode (67 bytes)
Linux/x86 - Reverse /bin/bash Shell (192.168.3.119:54321) Shellcode (110 bytes)
Linux/x86 - Reverse TCP Shell (127.1.1.1:11111/TCP) Null-Free Shellcode (67 bytes)
Linux/x86 - Reverse TCP /bin/bash Shell (192.168.3.119:54321) Shellcode (110 bytes)
Linux/x86 - Disable ASLR Shellcode (80 bytes)
Linux/x86-64 - Reverse TCP Shell (::1:1472/TCP) (IPv6) Shellcode (113 bytes)
Linux/x86 - Disable ASLR Security Shellcode (80 bytes)
Linux/x86-64 - Reverse TCP Shell (::1:1472/TCP) (IPv6) Null-Free Shellcode (113 bytes)
Linux/x86-64 - /bin/sh Shellcode (31 bytes)
Linux/x86 - execve(/bin/sh) setuid(0) setgid(0) (XOR Encoded) Shellcode (66 bytes)
Linux/x86-64 - execve /bin/sh Shellcode (31 bytes)
Linux/x86 - execve(/bin/sh) + setuid(0) + setgid(0) XOR Encoded Shellcode (66 bytes)
Linux/x86 - Reverse UDP Shell (127.0.0.1:53/UDP) Shellcode (668 bytes)
Linux/x86 - Bind Shell 4444/TCP Shellcode (75 bytes)
Linux/x86 - Reverse UDP /bin/sh Shell (127.0.0.1:53/UDP) Shellcode (668 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (4444/TCP) Null-Free Shellcode (75 bytes)

Linux x86 - /bin/sh Shellcode (24 bytes)
Linux x86 - execve /bin/sh Shellcode (24 bytes)

Linux/x86_64 - kill All Processes Shellcode (19 bytes)
Linux/x86_64 - Kill All Processes Shellcode (19 bytes)

Php Cloud mining Script - Authentication Bypass
(Bitcoin / Dogecoin) PHP Cloud Mining Script - Authentication Bypass
2017-08-23 05:01:29 +00:00
Offensive Security
47d7100c18 DB: 2016-03-21
1 new exploits

IRIX Multiple Buffer Overflow Exploits (LsD)
IRIX - Multiple Buffer Overflow Exploits (LsD)

Oracle Database PL/SQL Statement Multiple SQL Injection Exploits
Oracle Database PL/SQL Statement - Multiple SQL Injection Exploits

Wordpress <= 1.5.1.2 - xmlrpc Interface SQL Injection Exploit
WordPress <= 1.5.1.2 - xmlrpc Interface SQL Injection Exploit

Wordpress <= 1.5.1.3 - Remote Code Execution (0Day)
WordPress <= 1.5.1.3 - Remote Code Execution (0Day)

Wordpress <= 1.5.1.3 - Remote Code Execution eXploit (metasploit)
WordPress <= 1.5.1.3 - Remote Code Execution eXploit (metasploit)

Barracuda Spam Firewall < 3.1.18 Command Execution Exploit (meta)
Barracuda Spam Firewall < 3.1.18 Command Execution Exploit (Metasploit)
HP-UX FTP Server Preauthentication Directory Listing Exploit (meta)
Microsoft Windows IIS - SA WebAgent 5.2/5.3 Redirect Overflow Exploit (meta)
HP-UX <= 11.11 lpd Remote Command Execution Exploit (meta)
CA Unicenter 3.1 CAM log_security() Stack Overflow Exploit (meta)
HP-UX FTP Server Preauthentication Directory Listing Exploit (Metasploit)
Microsoft Windows IIS - SA WebAgent 5.2/5.3 Redirect Overflow Exploit (Metasploit)
HP-UX <= 11.11 lpd Remote Command Execution Exploit (Metasploit)
CA Unicenter 3.1 CAM log_security() Stack Overflow Exploit (Metasploit)

Snort <= 2.4.2 BackOrifice Remote Buffer Overflow Exploit (meta)
Snort <= 2.4.2 BackOrifice Remote Buffer Overflow Exploit (Metasploit)

WzdFTPD <= 0.5.4 (SITE) Remote Command Execution Exploit (meta)
WzdFTPD <= 0.5.4 (SITE) Remote Command Execution Exploit (Metasploit)

Golden FTP Server <= 1.92 - (APPE) Remote Overflow Exploit (meta)
Golden FTP Server <= 1.92 - (APPE) Remote Overflow Exploit (Metasploit)

Windows XP/2003 Metafile Escape() Code Execution Exploit (meta)
Windows XP/2003 Metafile Escape() Code Execution Exploit (Metasploit)

Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit (meta)
Sami FTP Server 2.0.1 - Remote Buffer Overflow Exploit (Metasploit)

Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (meta)
Winamp <= 5.12 - (.pls) Remote Buffer Overflow Exploit (Metasploit)

SoftiaCom WMailserver 1.0 SMTP Remote Buffer Overflow Exploit (meta)
SoftiaCom WMailserver 1.0 SMTP Remote Buffer Overflow Exploit (Metasploit)

Microsoft Windows Media Player 9 - Plugin Overflow Exploit (MS06-006) (meta)
Microsoft Windows Media Player 9 - Plugin Overflow Exploit (MS06-006) (Metasploit)

Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit (meta)
Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit (Metasploit)

PeerCast <= 0.1216 - Remote Buffer Overflow Exploit (Win32) (meta)
PeerCast <= 0.1216 - Remote Buffer Overflow Exploit (Win32) (Metasploit)

PuTTy.exe <= 0.53 - (validation) Remote Buffer Overflow Exploit (meta)
PuTTy.exe <= 0.53 - (validation) Remote Buffer Overflow Exploit (Metasploit)

RealVNC 4.1.0 - 4.1.1 - (Null Authentication) Auth Bypass Exploit (meta)
RealVNC 4.1.0 - 4.1.1 - (Null Authentication) Auth Bypass Exploit (Metasploit)

CesarFTP 0.99g - (MKD) Remote Buffer Overflow Exploit (meta)
CesarFTP 0.99g - (MKD) Remote Buffer Overflow Exploit (Metasploit)

TWiki <= 4.0.4 (Configure Script) Remote Code Execution Exploit (meta)
TWiki <= 4.0.4 (Configure Script) Remote Code Execution Exploit (Metasploit)
Omni-NFS Server 5.2 (nfsd.exe) Remote Stack Overflow Exploit (meta)
OpenLDAP 2.2.29 - Remote Denial of Service Exploit (meta)
Omni-NFS Server 5.2 (nfsd.exe) Remote Stack Overflow Exploit (Metasploit)
OpenLDAP 2.2.29 - Remote Denial of Service Exploit (Metasploit)
Broadcom Wireless Driver Probe Response SSID Overflow Exploit (meta)
D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Exploit (meta)
Broadcom Wireless Driver Probe Response SSID Overflow Exploit (Metasploit)
D-Link DWL-G132 Wireless Driver Beacon Rates Overflow Exploit (Metasploit)

VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (meta)
VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (Metasploit)

Wordpress 2.0.5 - Trackback UTF-7 - Remote SQL Injection Exploit
WordPress 2.0.5 - Trackback UTF-7 - Remote SQL Injection Exploit

Berlios GPSD <= 2.7 - Remote Format String Exploit (meta)
Berlios GPSD <= 2.7 - Remote Format String Exploit (Metasploit)

FileCOPA FTP Server <= 1.01 (LIST) Remote BoF Exploit (meta)
FileCOPA FTP Server <= 1.01 (LIST) Remote BoF Exploit (Metasploit)

Wordpress <= 2.0.6 - wp-trackback.php Remote SQL Injection Exploit
WordPress <= 2.0.6 - wp-trackback.php Remote SQL Injection Exploit

3Com TFTP Service <= 2.0.1 - Remote Buffer Overflow Exploit (meta)
3Com TFTP Service <= 2.0.1 - Remote Buffer Overflow Exploit (Metasploit)

Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit (meta)
Imail 8.10-8.12 (RCPT TO) Remote Buffer Overflow Exploit (Metasploit)

IPSwitch WS-FTP 5.05 (XMD5) Remote Buffer Overflow Exploit (meta)
IPSwitch WS-FTP 5.05 (XMD5) Remote Buffer Overflow Exploit (Metasploit)

NaviCOPA Web Server 2.01 - Remote Buffer Overflow Exploit (meta)
NaviCOPA Web Server 2.01 - Remote Buffer Overflow Exploit (Metasploit)

Wordpress 2.1.2 - (xmlrpc) Remote SQL Injection Exploit
WordPress 2.1.2 - (xmlrpc) Remote SQL Injection Exploit

AOL SuperBuddy ActiveX Control Remote Code Execution Exploit (meta)
AOL SuperBuddy ActiveX Control Remote Code Execution Exploit (Metasploit)
Wordpress plugin wp-Table <= 1.43 - (inc_dir) RFI Vulnerability
Wordpress plugin wordTube <= 1.43 - (wpPATH) RFI Vulnerability
WordPress plugin wp-Table <= 1.43 - (inc_dir) RFI Vulnerability
WordPress plugin wordTube <= 1.43 - (wpPATH) RFI Vulnerability

Wordpress plugin myflash <= 1.00 - (wppath) RFI Vulnerability
WordPress plugin myflash <= 1.00 - (wppath) RFI Vulnerability

Wordpress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit
WordPress 2.1.3 - admin-ajax.php SQL Injection Blind Fishing Exploit

SNMPc <= 7.0.18 - Remote Denial of Service Exploit (meta)
SNMPc <= 7.0.18 - Remote Denial of Service Exploit (Metasploit)

Wordpress 2.2 - (xmlrpc.php) Remote SQL Injection Exploit
WordPress 2.2 - (xmlrpc.php) Remote SQL Injection Exploit

CCProxy <= 6.2 - Telnet Proxy Ping Overflow Exploit (meta)
CCProxy <= 6.2 - Telnet Proxy Ping Overflow Exploit (Metasploit)

Wordpress Multiple Versions - Pwnpress Exploitation Tookit (0.2pub)
WordPress Multiple Versions - Pwnpress Exploitation Tookit (0.2pub)

eIQnetworks ESA SEARCHREPORT Remote Overflow Exploit (meta)
eIQnetworks ESA SEARCHREPORT Remote Overflow Exploit (Metasploit)

Wordpress Plugin PictPress <= 0.91 - Remote File Disclosure Vulnerability
WordPress Plugin PictPress <= 0.91 - Remote File Disclosure Vulnerability

Wordpress <= 2.3.1 - Charset Remote SQL Injection Vulnerability
WordPress <= 2.3.1 - Charset Remote SQL Injection Vulnerability

Wordpress Plugin Wp-FileManager 1.2 - Remote Upload Vulnerability
WordPress Plugin Wp-FileManager 1.2 - Remote Upload Vulnerability

Wordpress plugin WP-Forum 1.7.4 - Remote SQL Injection Vulnerability
WordPress plugin WP-Forum 1.7.4 - Remote SQL Injection Vulnerability
Wordpress Plugin WP-Cal 0.3 - editevent.php SQL Injection Vulnerability
Wordpress plugin fGallery 2.4.1 - fimrss.php SQL Injection Vulnerability
WordPress Plugin WP-Cal 0.3 - editevent.php SQL Injection Vulnerability
WordPress plugin fGallery 2.4.1 - fimrss.php SQL Injection Vulnerability

Wordpress Plugin Adserve 0.2 - adclick.php SQL Injection Exploit
WordPress Plugin Adserve 0.2 - adclick.php SQL Injection Exploit

Wordpress Plugin WassUp 1.4.3 - (spy.php to_date) SQL Injection Exploit
WordPress Plugin WassUp 1.4.3 - (spy.php to_date) SQL Injection Exploit

Wordpress Plugin Wordspew - Remote SQL Injection Vulnerability
WordPress Plugin Wordspew - Remote SQL Injection Vulnerability

Wordpress Plugin st_newsletter - Remote SQL Injection Vulnerability
WordPress Plugin st_newsletter - Remote SQL Injection Vulnerability

Wordpress MU < 1.3.2 - active_plugins option Code Execution Exploit
WordPress MU < 1.3.2 - active_plugins option Code Execution Exploit
Wordpress Plugin Simple Forum 2.0-2.1 - SQL Injection Vulnerability
Wordpress Plugin Simple Forum 1.10-1.11 - SQL Injection Vulnerability
WordPress Plugin Simple Forum 2.0-2.1 - SQL Injection Vulnerability
WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection Vulnerability

Wordpress Photo album Remote - SQL Injection Vulnerability
WordPress Photo album Remote - SQL Injection Vulnerability

Wordpress Plugin Sniplets 1.1.2 - (RFI/XSS/RCE) Multiple Vulnerabilities
WordPress Plugin Sniplets 1.1.2 - (RFI/XSS/RCE) Multiple Vulnerabilities

Wordpress Plugin Download - (dl_id) SQL Injection Vulnerability
WordPress Plugin Download - (dl_id) SQL Injection Vulnerability

Sun Solaris <= 10 - rpc.ypupdated Remote Root Exploit (meta)
Sun Solaris <= 10 - rpc.ypupdated Remote Root Exploit (Metasploit)

Intel Centrino ipw2200BG Wireless Driver Remote BoF Exploit (meta)
Intel Centrino ipw2200BG Wireless Driver Remote BoF Exploit (Metasploit)

Wordpress Plugin Spreadsheet <= 0.6 - SQL Injection Vulnerability
WordPress Plugin Spreadsheet <= 0.6 - SQL Injection Vulnerability

HP StorageWorks NSI Double Take Remote Overflow Exploit (meta)
HP StorageWorks NSI Double Take Remote Overflow Exploit (Metasploit)

BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (meta)
BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (Metasploit)

Wordpress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit
WordPress Plugin Download Manager 0.2 - Arbitrary File Upload Exploit

CitectSCADA ODBC Server Remote Stack Buffer Overflow Exploit (meta)
CitectSCADA ODBC Server Remote Stack Buffer Overflow Exploit (Metasploit)

Wordpress 2.6.1 - SQL Column Truncation Vulnerability
WordPress 2.6.1 - SQL Column Truncation Vulnerability

Wordpress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit
WordPress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit

Microsoft Windows - WRITE_ANDX SMB command handling Kernel DoS (meta)
Microsoft Windows - WRITE_ANDX SMB command handling Kernel DoS (Metasploit)

WonderWare SuiteLink 2.0 - Remote Denial of Service Exploit (meta)
WonderWare SuiteLink 2.0 - Remote Denial of Service Exploit (Metasploit)

ICONICS Vessel / Gauge / Switch 8.02.140 - ActiveX BoF Exploit (meta)
ICONICS Vessel / Gauge / Switch 8.02.140 - ActiveX BoF Exploit (Metasploit)

Wordpress Plugin st_newsletter - (stnl_iframe.php) SQL Injection Vuln
WordPress Plugin st_newsletter - (stnl_iframe.php) SQL Injection Vuln

PumpKIN TFTP Server 2.7.2.0 - Denial of Service Exploit (meta)
PumpKIN TFTP Server 2.7.2.0 - Denial of Service Exploit (Metasploit)

Wordpress Plugin e-Commerce <= 3.4 - Arbitrary File Upload Exploit
WordPress Plugin e-Commerce <= 3.4 - Arbitrary File Upload Exploit

GE Fanuc Real Time Information Portal 2.6 writeFile() API Exploit (meta)
GE Fanuc Real Time Information Portal 2.6 writeFile() API Exploit (Metasploit)

GE Proficy Real Time Information Portal Credentials Leak Sniffer (meta)
GE Proficy Real Time Information Portal Credentials Leak Sniffer (Metasploit)

Wordpress Plugin Page Flip Image Gallery <= 0.2.2 - Remote FD Vuln
WordPress Plugin Page Flip Image Gallery <= 0.2.2 - Remote FD Vuln

Wordpress plugin WP-Forum 1.7.8 - Remote SQL Injection Vulnerability
WordPress plugin WP-Forum 1.7.8 - Remote SQL Injection Vulnerability

OpenHelpDesk 1.0.100 eval() Code Execution Exploit (meta)
OpenHelpDesk 1.0.100 eval() Code Execution Exploit (Metasploit)

Oracle 10g MDSYS.SDO_TOPO_DROP_FTBL SQL Injection Exploit (meta)
Oracle 10g MDSYS.SDO_TOPO_DROP_FTBL SQL Injection Exploit (Metasploit)

Wordpress MU < 2.7 - 'HOST' HTTP Header XSS Vulnerability
WordPress MU < 2.7 - 'HOST' HTTP Header XSS Vulnerability

Wordpress Plugin fMoblog 2.1 - (id) SQL Injection Vulnerability
WordPress Plugin fMoblog 2.1 - (id) SQL Injection Vulnerability

VirtueMart <= 1.1.2 - Remote SQL Injection Exploit (meta)
VirtueMart <= 1.1.2 - Remote SQL Injection Exploit (Metasploit)

ASP Product Catalog 1.0 (XSS/DD) Multiple Remote Exploits
ASP Product Catalog 1.0 - (XSS/DD) Multiple Remote Exploits

32bit FTP - (PASV) Reply Client Remote Overflow Exploit (meta)
32bit FTP - (PASV) Reply Client Remote Overflow Exploit (Metasploit)

Wordpress Plugin Lytebox - (wp-lytebox) Local File Inclusion Vulnerability
WordPress Plugin Lytebox - (wp-lytebox) Local File Inclusion Vulnerability

Apple iTunes 8.1.1 - (ITMS) Multiple Protocol Handler BoF Exploit (meta)
Apple iTunes 8.1.1 - (ITMS) Multiple Protocol Handler BoF Exploit (Metasploit)

Green Dam 3.17 URL Processing Buffer Overflow Exploit (meta)
Green Dam 3.17 URL Processing Buffer Overflow Exploit (Metasploit)

HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos (meta)
HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos (Metasploit)

Wordpress 2.8.1 - (url) Remote Cross-Site Scripting Exploit
WordPress 2.8.1 - (url) Remote Cross-Site Scripting Exploit

Cisco WLC 4402 - Basic Auth Remote Denial of Service (meta)
Cisco WLC 4402 - Basic Auth Remote Denial of Service (Metasploit)

Wordpress <= 2.8.3 - Remote Admin Reset Password Vulnerability
WordPress <= 2.8.3 - Remote Admin Reset Password Vulnerability

Wordpress Plugin WP-Syntax <= 0.9.1 - Remote Command Execution
WordPress Plugin WP-Syntax <= 0.9.1 - Remote Command Execution

ProFTP 2.9 (welcome message) Remote Buffer Overflow Exploit (meta)
ProFTP 2.9 (welcome message) Remote Buffer Overflow Exploit (Metasploit)

Cerberus FTP 3.0.1 (ALLO) Remote Overflow DoS Exploit (meta)
Cerberus FTP 3.0.1 (ALLO) Remote Overflow DoS Exploit (Metasploit)

SIDVault 2.0e Windows Remote Buffer Overflow Exploit (meta)
SIDVault 2.0e Windows Remote Buffer Overflow Exploit (Metasploit)

Wordpress Image Manager Plugins - Shell Upload Vulnerability
WordPress Image Manager Plugins - Shell Upload Vulnerability

HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (Meta)
HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (Metasploit)

Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (meta)
Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (Metasploit)

gAlan 0.2.1 - Universal Buffer Overflow Exploit (meta)
gAlan 0.2.1 - Universal Buffer Overflow Exploit (Metasploit)

Audio Workstation 6.4.2.4.3 pls Buffer Overflow (meta)
Audio Workstation 6.4.2.4.3 pls Buffer Overflow (Metasploit)

Eureka Email 2.2q ERR Remote Buffer Overflow Exploit (meta)
Eureka Email 2.2q ERR Remote Buffer Overflow Exploit (Metasploit)

Media Jukebox 8.0.400 (seh) Buffer Overflow Exploit (meta)
Media Jukebox 8.0.400 (seh) Buffer Overflow Exploit (Metasploit)

Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (Meta)
Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (Metasploit)

Wordpress <= 2.9 - DoS (0day)
WordPress <= 2.9 - DoS (0day)

Wordpress Events Plugin - SQL Injection Vulnerability
WordPress Events Plugin - SQL Injection Vulnerability

PlayMeNow 7.3 & 7.4 - Buffer Overflow (meta)
PlayMeNow 7.3 & 7.4 - Buffer Overflow (Metasploit)

Soritong 1.0 - Universal BOF-SEH (META)
Soritong 1.0 - Universal BOF-SEH (Metasploit)

Audiotran 1.4.1 (PLS File) Stack Overflow (meta)
Audiotran 1.4.1 (PLS File) Stack Overflow (Metasploit)

AOL 9.5 Phobos.Playlist 'Import()' Buffer Overflow Exploit (Meta)
AOL 9.5 Phobos.Playlist 'Import()' Buffer Overflow Exploit (Metasploit)

Hyleos ChemView 1.9.5.1 - ActiveX Control Buffer Overflow Exploit (meta)
Hyleos ChemView 1.9.5.1 - ActiveX Control Buffer Overflow Exploit (Metasploit)

Easy FTP Server 1.7.0.2 - CWD Remote BoF (MSF Module)
Easy FTP Server 1.7.0.2 - CWD Remote BoF (Metasploit)

Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta)
Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (Metasploit)

(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (meta)
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Pre-Authentication Buffer Overflow (Metasploit)

Wordpress Plugin NextGEN Gallery <= 1.5.1 - XSS Vulnerability
WordPress Plugin NextGEN Gallery <= 1.5.1 - XSS Vulnerability

Winamp 5.572 - whatsnew.txt SEH (meta)
Winamp 5.572 - whatsnew.txt SEH (Metasploit)

WM Downloader 3.0.0.9 - Buffer Overflow (Meta)
WM Downloader 3.0.0.9 - Buffer Overflow (Metasploit)

TFTPGUI 1.4.5 - Long Transport Mode Overflow DoS (Meta)
TFTPGUI 1.4.5 - Long Transport Mode Overflow DoS (Metasploit)

IDEAL Migration 4.5.1 - Buffer Overflow Exploit (Meta)
IDEAL Migration 4.5.1 - Buffer Overflow Exploit (Metasploit)

BlazeDVD 6.0 - Buffer Overflow Exploit (Meta)
BlazeDVD 6.0 - Buffer Overflow Exploit (Metasploit)

Simple:Press Wordpress Plugin 4.3.0 - SQL Injection Vulnerability
Simple:Press WordPress Plugin 4.3.0 - SQL Injection Vulnerability

Wordpress Firestats - Remote Configuration File Download
WordPress Firestats - Remote Configuration File Download

MoreAmp SEH Buffer Overflow (meta)
MoreAmp SEH Buffer Overflow (Metasploit)

Hero DVD - Buffer Overflow Exploit (meta)
Hero DVD - Buffer Overflow Exploit (Metasploit)

Easy FTP Server 1.7.0.11 - LIST Command Remote BoF Exploit (Post Auth) - (meta)
Easy FTP Server 1.7.0.11 - LIST Command Remote BoF Exploit (Post Auth) - (Metasploit)

Wordpress Events Manager Extended Plugin - Persistent XSS Vulnerability
WordPress Events Manager Extended Plugin - Persistent XSS Vulnerability

Novell iPrint Client ActiveX Control call-back-url Buffer Overflow Exploit (meta)
Novell iPrint Client ActiveX Control call-back-url Buffer Overflow Exploit (Metasploit)

MP3 Workstation 9.2.1.1.2 - SEH Exploit (MSF)
MP3 Workstation 9.2.1.1.2 - SEH Exploit (Metasploit)

Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (MSF)
Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit)

Wordpress Event Registration Plugin 5.32 - SQL Injection Vulnerability
WordPress Event Registration Plugin 5.32 - SQL Injection Vulnerability

Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (msf)
Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit)

TFTPUtil GUI 1.4.5 - DoS (Meta)
TFTPUtil GUI 1.4.5 - DoS (Metasploit)

Wordpress do_trackbacks() function - SQL Injection Vulnerability
WordPress do_trackbacks() function - SQL Injection Vulnerability

Create a New User with UID 0 - ARM (Meta)
Create a New User with UID 0 - ARM (Metasploit)

Comment Rating 2.9.23 Wordpress Plugin - Multiple Vulnerabilities
Comment Rating 2.9.23 WordPress Plugin - Multiple Vulnerabilities

Z-Vote 1.1 Wordpress Plugin - SQL Injection Vulnerability
Z-Vote 1.1 WordPress Plugin - SQL Injection Vulnerability
GigPress 2.1.10 Wordpress Plugin - Stored XSS Vulnerability
Relevanssi 2.7.2 Wordpress Plugin - Stored XSS Vulnerability
GigPress 2.1.10 WordPress Plugin - Stored XSS Vulnerability
Relevanssi 2.7.2 WordPress Plugin - Stored XSS Vulnerability
Wordpress Plugin Forum Server 1.6.5 - SQL Injection Vulnerability
IWantOneButton 3.0.1 Wordpress Plugin - Multiple Vulnerabilities
WordPress Plugin Forum Server 1.6.5 - SQL Injection Vulnerability
IWantOneButton 3.0.1 WordPress Plugin - Multiple Vulnerabilities
jQuery Mega Menu 1.0 Wordpress Plugin - Local File Inclusion
OPS Old Post Spinner 2.2.1 Wordpress Plugin - LFI Vulnerability
jQuery Mega Menu 1.0 WordPress Plugin - Local File Inclusion
OPS Old Post Spinner 2.2.1 WordPress Plugin - LFI Vulnerability

PHP Speedy <= 0.5.2 Wordpress Plugin - (admin_container.php) Remote Code Execution Exploit
PHP Speedy <= 0.5.2 WordPress Plugin - (admin_container.php) Remote Code Execution Exploit

GRAND Flash Album Gallery 0.55 Wordpress Plugin - Multiple Vulnerabilities
GRAND Flash Album Gallery 0.55 WordPress Plugin - Multiple Vulnerabilities

Wordpress plugin BackWPup - Remote and Local Code Execution Vulnerability
WordPress plugin BackWPup - Remote and Local Code Execution Vulnerability

Wordpress Plugin Custom Pages 0.5.0.1 - LFI Vulnerability
WordPress Plugin Custom Pages 0.5.0.1 - LFI Vulnerability

Microsoft Word 2003 - Record Parsing Buffer Overflow (meta) (MS09-027)
Microsoft Word 2003 - Record Parsing Buffer Overflow (Metasploit) (MS09-027)

Wordpress Plugin Is-human <= 1.4.2 - Remote Command Execution Vulnerability
WordPress Plugin Is-human <= 1.4.2 - Remote Command Execution Vulnerability

Wordpress Beer Recipes Plugin 1.0 - XSS
WordPress Beer Recipes Plugin 1.0 - XSS

Word List Builder 1.0 - Buffer Overflow Exploit (MSF)
Word List Builder 1.0 - Buffer Overflow Exploit (Metasploit)

Wordtrainer 3.0 - (.ord) Buffer Overflow Vulnerability (MSF)
Wordtrainer 3.0 - (.ord) Buffer Overflow Vulnerability (Metasploit)
Freefloat FTP Server Buffer Overflow Vulnerability (MSF)
CoolPlayer Portable 2.19.2 - Buffer Overflow (MSF)
Freefloat FTP Server Buffer Overflow Vulnerability (Metasploit)
CoolPlayer Portable 2.19.2 - Buffer Overflow (Metasploit)

Freefloat FTP Server MKD Buffer Overflow (MSF)
Freefloat FTP Server MKD Buffer Overflow (Metasploit)

FreeFloat FTP Server REST Buffer Overflow (MSF)
FreeFloat FTP Server REST Buffer Overflow (Metasploit)

Joomla 1.5 com_virtuemart <= 1.1.7 - Blind time-based SQL Injection (MSF)
Joomla 1.5 com_virtuemart <= 1.1.7 - Blind time-based SQL Injection (Metasploit)

Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (MSF) (0day)
Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (Metasploit) (0day)
ABBS Audio Media Player 3.0 - Buffer Overflow Exploit (MSF)
ABBS Electronic Flashcards 2.1 - Buffer Overflow Exploit (MSF)
ABBS Audio Media Player 3.0 - Buffer Overflow Exploit (Metasploit)
ABBS Electronic Flashcards 2.1 - Buffer Overflow Exploit (Metasploit)

FreeAmp 2.0.7 - (.fat) Buffer Overflow Exploit (MSF)
FreeAmp 2.0.7 - (.fat) Buffer Overflow Exploit (Metasploit)

Wordpress Plugin E-commerce <= 3.8.4 - SQL Injection Exploit
WordPress Plugin E-commerce <= 3.8.4 - SQL Injection Exploit

Wordpress Plugin Symposium <= 0.64 - SQL Injection Vulnerability
WordPress Plugin Symposium <= 0.64 - SQL Injection Vulnerability
Wordpress Plugin DS FAQ <= 1.3.2 - SQL Injection Vulnerability
Wordpress Plugin Forum <= 1.7.8 - SQL Injection Vulnerability
WordPress Plugin DS FAQ <= 1.3.2 - SQL Injection Vulnerability
WordPress Plugin Forum <= 1.7.8 - SQL Injection Vulnerability

Solarftp 2.1.2 - PASV Buffer Overflow Exploit (MSF)
Solarftp 2.1.2 - PASV Buffer Overflow Exploit (Metasploit)

Wordpress Plugin audio gallery playlist <= 0.12 - SQL Injection
WordPress Plugin audio gallery playlist <= 0.12 - SQL Injection

Wordpress grapefile plugin <= 1.1 - Arbitrary File Upload
WordPress grapefile plugin <= 1.1 - Arbitrary File Upload

Wordpress Plugin Bannerize <= 2.8.6 - SQL Injection
WordPress Plugin Bannerize <= 2.8.6 - SQL Injection

Wordpress 1 Flash Gallery Plugin - Arbiraty File Upload Exploit (MSF)
WordPress 1 Flash Gallery Plugin - Arbiraty File Upload Exploit (Metasploit)

BisonFTP Server <= 3.5 - Remote Buffer Overflow Exploit (MSF)
BisonFTP Server <= 3.5 - Remote Buffer Overflow Exploit (Metasploit)

Wordpress Event Registration plugin <= 5.44 - SQL Injection Vulnerability
WordPress Event Registration plugin <= 5.44 - SQL Injection Vulnerability

Wordpress Plugin Forum Server <= 1.7 - SQL Injection Vulnerability
WordPress Plugin Forum Server <= 1.7 - SQL Injection Vulnerability

Wordpress Plugin e-Commerce <= 3.8.6 - SQL Injection Vulnerability
WordPress Plugin e-Commerce <= 3.8.6 - SQL Injection Vulnerability
Wordpress TheCartPress Plugin 1.1.1 - Remote File Inclusion
Wordpress AllWebMenus Plugin 1.1.3 - Remote File Inclusion
Wordpress WPEasyStats Plugin 1.8 - Remote File Inclusion
Wordpress Annonces Plugin 1.2.0.0 - Remote File Inclusion
Wordpress Livesig Plugin 0.4 - Remote File Inclusion
Wordpress Disclosure Policy Plugin 1.0 - Remote File Inclusion
Wordpress Mailing List Plugin 1.3.2 - Remote File Inclusion
Wordpress Zingiri Web Shop Plugin 2.2.0 - Remote File Inclusion
Wordpress Mini Mail Dashboard Widget Plugin 1.36 - Remote File Inclusion
Wordpress Relocate Upload Plugin 0.14 - Remote File Inclusion
WordPress TheCartPress Plugin 1.1.1 - Remote File Inclusion
WordPress AllWebMenus Plugin 1.1.3 - Remote File Inclusion
WordPress WPEasyStats Plugin 1.8 - Remote File Inclusion
WordPress Annonces Plugin 1.2.0.0 - Remote File Inclusion
WordPress Livesig Plugin 0.4 - Remote File Inclusion
WordPress Disclosure Policy Plugin 1.0 - Remote File Inclusion
WordPress Mailing List Plugin 1.3.2 - Remote File Inclusion
WordPress Zingiri Web Shop Plugin 2.2.0 - Remote File Inclusion
WordPress Mini Mail Dashboard Widget Plugin 1.36 - Remote File Inclusion
WordPress Relocate Upload Plugin 0.14 - Remote File Inclusion

Multiple Wordpress Plugin - timthumb.php Vulnerabilites
Multiple WordPress Plugin - timthumb.php Vulnerabilites

ScriptFTP 3.3 - Remote Buffer Overflow (MSF)
ScriptFTP 3.3 - Remote Buffer Overflow (Metasploit)

Wordpress Plugin Bannerize <= 2.8.7 - SQL Injection Vulnerability
WordPress Plugin Bannerize <= 2.8.7 - SQL Injection Vulnerability

Wordpress Plugin Photo Album Plus <= 4.1.1 - SQL Injection Vulnerability
WordPress Plugin Photo Album Plus <= 4.1.1 - SQL Injection Vulnerability

Wordpress Plugin Glossary - SQL Injection
WordPress Plugin Glossary - SQL Injection

Wordpress Zingiri Plugin <= 2.2.3 - (ajax_save_name.php) Remote Code Execution
WordPress Zingiri Plugin <= 2.2.3 - (ajax_save_name.php) Remote Code Execution

Wordpress UPM-POLLS Plugin 1.0.4 - Blind SQL Injection
WordPress UPM-POLLS Plugin 1.0.4 - Blind SQL Injection

Wordpress Mailing List Plugin - Arbitrary File Download
WordPress Mailing List Plugin - Arbitrary File Download

Wordpress Kish Guest Posting Plugin 1.0 - Arbitrary File Upload
WordPress Kish Guest Posting Plugin 1.0 - Arbitrary File Upload

Wordpress Age Verification Plugin <= 0.4 - Open Redirect
WordPress Age Verification Plugin <= 0.4 - Open Redirect

Wordpress Count-per-day plugin - Multiple Vulnerabilities
WordPress Count-per-day plugin - Multiple Vulnerabilities

Wordpress <= 3.3.1 - Multiple Vulnerabilities
WordPress <= 3.3.1 - Multiple Vulnerabilities

Sysax Multi Server 5.50 - Create Folder Remote Code Execution BoF (MSF Module)
Sysax Multi Server 5.50 - Create Folder Remote Code Execution BoF (Metasploit)

DJ Studio Pro 5.1.6.5.2 SEH Exploit MSF
DJ Studio Pro 5.1.6.5.2 - SEH Exploit (Metasploit)

Sysax 5.53 SSH Username Buffer Overflow (msf)
Sysax 5.53 SSH Username Buffer Overflow (Metasploit)

RM Downloader 3.1.3.3.2010.06.26 - (.m3u) Buffer Overflow (MSF)
RM Downloader 3.1.3.3.2010.06.26 - (.m3u) Buffer Overflow (Metasploit)

Buddypress plugin of Wordpress - Remote SQL Injection
Buddypress plugin of WordPress - Remote SQL Injection

Wordpress Zingiri Web Shop Plugin <= 2.4.0 - Multiple XSS Vulnerabilities
WordPress Zingiri Web Shop Plugin <= 2.4.0 - Multiple XSS Vulnerabilities

Wordpress 3.3.1 - Multiple CSRF Vulnerabilities
WordPress 3.3.1 - Multiple CSRF Vulnerabilities

Wordpress Zingiri Web Shop Plugin <= 2.4.2 - Persistent XSS
WordPress Zingiri Web Shop Plugin <= 2.4.2 - Persistent XSS
Wordpress WP-Property Plugin 1.35.0 - Arbitrary File Upload
Wordpress Plugin Marketplace Plugin 1.5.0 - 1.6.1 - Arbitrary File Upload
Wordpress Google Maps via Store Locator Plugin 2.7.1 - 3.0.1 - Multiple Vulnerabilities
Wordpress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload
Wordpress Foxypress Plugin 0.4.1.1 - 0.4.2.1 - Arbitrary File Upload
WordPress WP-Property Plugin 1.35.0 - Arbitrary File Upload
WordPress Plugin Marketplace Plugin 1.5.0 - 1.6.1 - Arbitrary File Upload
WordPress Google Maps via Store Locator Plugin 2.7.1 - 3.0.1 - Multiple Vulnerabilities
WordPress HTML5 AV Manager Plugin 0.2.7 - Arbitrary File Upload
WordPress Foxypress Plugin 0.4.1.1 - 0.4.2.1 - Arbitrary File Upload
Wordpress Asset Manager Plugin 0.2 - Arbitrary File Upload
Wordpress Font Uploader Plugin 1.2.4 - Arbitrary File Upload
WordPress Asset Manager Plugin 0.2 - Arbitrary File Upload
WordPress Font Uploader Plugin 1.2.4 - Arbitrary File Upload
Wordpress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload
Wordpress Gallery Plugin 3.06 - Arbitrary File Upload
WordPress MM Forms Community Plugin 2.2.6 - Arbitrary File Upload
WordPress Gallery Plugin 3.06 - Arbitrary File Upload
Wordpress Front File Manager Plugin 0.1 - Arbitrary File Upload
Wordpress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure Vulnerability
WordPress Front File Manager Plugin 0.1 - Arbitrary File Upload
WordPress Easy Contact Forms Export Plugin 1.1.0 - Information Disclosure Vulnerability
Wordpress Front End Upload 0.5.3 - Arbitrary File Upload
Wordpress Omni Secure Files Plugin 0.1.13 - Arbitrary File Upload
Wordpress PICA Photo Gallery Plugin 1.0 - Remote File Disclosure
WordPress Front End Upload 0.5.3 - Arbitrary File Upload
WordPress Omni Secure Files Plugin 0.1.13 - Arbitrary File Upload
WordPress PICA Photo Gallery Plugin 1.0 - Remote File Disclosure
Wordpress Plugin: Newsletter 1.5 - Remote File Disclosure Vulnerability
Wordpress RBX Gallery Plugin 2.1 - Arbitrary File Upload
Wordpress Simple Download Button Shortcode Plugin 1.0 - Remote File Disclosure
Wordpress Thinkun Remind Plugin 1.1.3 - Remote File Disclosure
Wordpress Tinymce Thumbnail Gallery Plugin 1.0.7 - Remote File Disclosure
Wordpress wpStoreCart Plugin 2.5.27-2.5.29 - Arbitrary File Upload
WordPress Plugin: Newsletter 1.5 - Remote File Disclosure Vulnerability
WordPress RBX Gallery Plugin 2.1 - Arbitrary File Upload
WordPress Simple Download Button Shortcode Plugin 1.0 - Remote File Disclosure
WordPress Thinkun Remind Plugin 1.1.3 - Remote File Disclosure
WordPress Tinymce Thumbnail Gallery Plugin 1.0.7 - Remote File Disclosure
WordPress wpStoreCart Plugin 2.5.27-2.5.29 - Arbitrary File Upload

Wordpress Content Flow 3D Plugin 1.0.0 - Arbitrary File Upload
WordPress Content Flow 3D Plugin 1.0.0 - Arbitrary File Upload

Wordpress wp-gpx-map 1.1.21 - Arbitrary File Upload Vulnerability
WordPress wp-gpx-map 1.1.21 - Arbitrary File Upload Vulnerability
Wordpress User Meta 1.1.1 - Arbitrary File Upload Vulnerability
Wordpress Top Quark Architecture 2.10 - Arbitrary File Upload Vulnerability
Wordpress SfBrowser 1.4.5 - Arbitrary File Upload Vulnerability
Wordpress Pica Photo Gallery 1.0 - Arbitrary File Upload Vulnerability
Wordpress Mac Photo Gallery 2.7 - Arbitrary File Upload
Wordpress drag and drop file upload 0.1 - Arbitrary File Upload Vulnerability
Wordpress Custom Content Type Manager 0.9.5.13-pl - Arbitrary File Upload Vulnerability
WordPress User Meta 1.1.1 - Arbitrary File Upload Vulnerability
WordPress Top Quark Architecture 2.10 - Arbitrary File Upload Vulnerability
WordPress SfBrowser 1.4.5 - Arbitrary File Upload Vulnerability
WordPress Pica Photo Gallery 1.0 - Arbitrary File Upload Vulnerability
WordPress Mac Photo Gallery 2.7 - Arbitrary File Upload
WordPress drag and drop file upload 0.1 - Arbitrary File Upload Vulnerability
WordPress Custom Content Type Manager 0.9.5.13-pl - Arbitrary File Upload Vulnerability

Wordpress Automatic Plugin 2.0.3 - SQL Injection
WordPress Automatic Plugin 2.0.3 - SQL Injection

Wordpress Fancy Gallery Plugin 1.2.4 - Arbitrary File Upload
WordPress Fancy Gallery Plugin 1.2.4 - Arbitrary File Upload
UoW imapd 10.234/12.264 LSUB Buffer Overflow (meta)
UoW imapd 10.234/12.264 COPY Buffer Overflow (meta)
UoW imapd 10.234/12.264 LSUB Buffer Overflow (Metasploit)
UoW imapd 10.234/12.264 COPY Buffer Overflow (Metasploit)

Wordpress Diary/Notebook Site5 Theme Email Spoofing
WordPress Diary/Notebook Site5 Theme Email Spoofing

Wordpress Plugin Effective Lead Management 3.0.0 - Persistent XSS
WordPress Plugin Effective Lead Management 3.0.0 - Persistent XSS

Wordpress Plugin ThreeWP Email Reflector 1.13 - Stored XSS
WordPress Plugin ThreeWP Email Reflector 1.13 - Stored XSS

Symantec Web Gateway <= 5.0.3.18 - Arbitrary Password Change (MSF)
Symantec Web Gateway <= 5.0.3.18 - Arbitrary Password Change (Metasploit)

Solaris 2.6/7.0/8 snmpXdmid Buffer Overflow Vulnerability (msf)
Solaris 2.6/7.0/8 snmpXdmid Buffer Overflow Vulnerability (Metasploit)

Wordpress Count per Day Plugin 3.2.3 - XSS Vulnerability
WordPress Count per Day Plugin 3.2.3 - XSS Vulnerability

Wordpress HD Webplayer 1.1 - SQL Injection Vulnerability
WordPress HD Webplayer 1.1 - SQL Injection Vulnerability

Wordpress Plugin spider calendar - Multiple Vulnerabilities
WordPress Plugin spider calendar - Multiple Vulnerabilities

FireStorm Professional Real Estate Wordpress Plugin 2.06.01 - SQL Injection Vulnerability
FireStorm Professional Real Estate WordPress Plugin 2.06.01 - SQL Injection Vulnerability

ManageEngine Security Manager Plus <= 5.5 build 5505 - Remote SYSTEM SQLi (MSF)
ManageEngine Security Manager Plus <= 5.5 build 5505 - Remote SYSTEM SQLi (Metasploit)

Wordpress Easy Webinar Plugin - Blind SQL Injection Vulnerability
WordPress Easy Webinar Plugin - Blind SQL Injection Vulnerability

Wordpress bbpress Plugin - Multiple Vulnerabilities
WordPress bbpress Plugin - Multiple Vulnerabilities

Wordpress All Video Gallery 1.1 - SQL Injection Vulnerability
WordPress All Video Gallery 1.1 - SQL Injection Vulnerability

Wordpress Spider Catalog 1.1 - HTML Code Injection and Cross-Site scripting
WordPress Spider Catalog 1.1 - HTML Code Injection and Cross-Site scripting

Wordpress Facebook Survey 1.0 - SQL Injection Vulnerability
WordPress Facebook Survey 1.0 - SQL Injection Vulnerability

Wordpress 0.6/0.7 Blog.Header.PHP - SQL Injection Vulnerabilities
WordPress 0.6/0.7 Blog.Header.PHP - SQL Injection Vulnerabilities

Portable phpMyAdmin Wordpress Plugin - Authentication Bypass
Portable phpMyAdmin WordPress Plugin - Authentication Bypass

Cisco IOS 12 MSFC2 Malformed Layer 2 Frame Denial of Service Vulnerability
Cisco IOS 12 MSFC2 - Malformed Layer 2 Frame Denial of Service Vulnerability

BlazeDVD 6.1 PLF Exploit DEP/ASLR Bypass (MSF)
BlazeDVD 6.1 PLF Exploit DEP/ASLR Bypass (Metasploit)

Jenkins CI Script Console Command Execution MSF Module
Jenkins CI Script Console - Command Execution (Metasploit)

Wordpress plugin Ripe HD FLV Player - SQL Injection Vulnerability
WordPress plugin Ripe HD FLV Player - SQL Injection Vulnerability

Wordpress Developer Formatter - CSRF Vulnerability
WordPress Developer Formatter - CSRF Vulnerability

Wordpress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities
WordPress Comment Rating Plugin 2.9.32 - Multiple Vulnerabilities

Wordpress 1.2 - Wp-login.PHP HTTP Response Splitting Vulnerability
WordPress 1.2 - Wp-login.PHP HTTP Response Splitting Vulnerability

Wordpress Mathjax Latex Plugin 1.1 - CSRF Vulnerability
WordPress Mathjax Latex Plugin 1.1 - CSRF Vulnerability

Wordpress FuneralPress Plugin 1.1.6 - Persistent XSS
WordPress FuneralPress Plugin 1.1.6 - Persistent XSS

Wordpress W3 Total Cache - PHP Code Execution
WordPress W3 Total Cache - PHP Code Execution

Wordpress wp-FileManager - Arbitrary File Download Vulnerability
WordPress wp-FileManager - Arbitrary File Download Vulnerability

Wordpress 1.5 - Post.PHP Cross-Site Scripting Vulnerability
WordPress 1.5 - Post.PHP Cross-Site Scripting Vulnerability
Wordpress User Role Editor Plugin 3.12 - CSRF Vulnerability
Wordpress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities
Wordpress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities
WordPress User Role Editor Plugin 3.12 - CSRF Vulnerability
WordPress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities
WordPress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities

Wordpress WP-SendSms Plugin 1.0 - Multiple Vulnerabilities
WordPress WP-SendSms Plugin 1.0 - Multiple Vulnerabilities

AudioCoder (.lst) - Buffer Overflow (msf)
AudioCoder (.lst) - Buffer Overflow (Metasploit)

Wordpress Spicy Blogroll Plugin - File Inclusion Vulnerability
WordPress Spicy Blogroll Plugin - File Inclusion Vulnerability

PCMan FTP Server 2.0.7 - Remote Exploit (msf)
PCMan FTP Server 2.0.7 - Remote Exploit (Metasploit)

HP Data Protector CMD Install Service Vulnerability (msf)
HP Data Protector CMD Install Service Vulnerability (Metasploit)

Wordpress Plugin Better WP Security - Stored XSS
WordPress Plugin Better WP Security - Stored XSS

Wordpress Booking Calendar 4.1.4 - CSRF Vulnerability
WordPress Booking Calendar 4.1.4 - CSRF Vulnerability

Wordpress Usernoise Plugin 3.7.8 - Persistent XSS Vulnerability
WordPress Usernoise Plugin 3.7.8 - Persistent XSS Vulnerability

Wordpress Hms Testimonials Plugin 2.0.10 - Multiple Vulnerabilities
WordPress Hms Testimonials Plugin 2.0.10 - Multiple Vulnerabilities

Wordpress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities
WordPress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities

Wordpress ThinkIT Plugin 0.1 - Multiple Vulnerabilities
WordPress ThinkIT Plugin 0.1 - Multiple Vulnerabilities

freeFTPd 1.0.10 PASS Command SEH Overflow (msf)
freeFTPd 1.0.10 PASS Command SEH Overflow (Metasploit)

PCMAN FTP 2.07 STOR Command - Stack Overflow Exploit (MSF)
PCMAN FTP 2.07 STOR Command - Stack Overflow Exploit (Metasploit)

Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability
WordPress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability

WP-DB Backup For Wordpress 1.6/1.7 Edit.PHP - Directory Traversal Vulnerability
WP-DB Backup For WordPress 1.6/1.7 Edit.PHP - Directory Traversal Vulnerability

Western Digital Arkeia Remote Code Execution (msf module)
Western Digital Arkeia Remote Code Execution (Metasploit)

Wordpress Lazy SEO plugin 1.1.9 - Shell Upload Vulnerability
WordPress Lazy SEO plugin 1.1.9 - Shell Upload Vulnerability

Wordpress NOSpamPTI Plugin - Blind SQL Injection
WordPress NOSpamPTI Plugin - Blind SQL Injection

Wordpress Quick Contact Form Plugin 6.0 - Persistent XSS
WordPress Quick Contact Form Plugin 6.0 - Persistent XSS

Wordpress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities
WordPress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities

Dexs PM System Wordpress Plugin - Authenticated Persistent XSS (0day)
Dexs PM System WordPress Plugin - Authenticated Persistent XSS (0day)

Wordpress Plugin Realty - Blind SQL Injection
WordPress Plugin Realty - Blind SQL Injection

Wordpress 1.x/2.0.x - Template.PHP HTML Injection Vulnerability
WordPress 1.x/2.0.x - Template.PHP HTML Injection Vulnerability

Wordpress Highlight Premium Theme - CSRF File Upload Vulnerability
WordPress Highlight Premium Theme - CSRF File Upload Vulnerability

Wordpress 2.1.1 - Post.PHP Cross-Site Scripting Vulnerability
WordPress 2.1.1 - Post.PHP Cross-Site Scripting Vulnerability

Wordpress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities
WordPress 2.1.1 - Multiple Cross-Site Scripting Vulnerabilities

Wordpress 1.x/2.0.x - Templates.PHP Cross-Site Scripting Vulnerability
WordPress 1.x/2.0.x - Templates.PHP Cross-Site Scripting Vulnerability
Wordpress Euclid Theme 1.x.x - CSRF Vulnerability
Wordpress Dimension Theme - CSRF Vulnerability
Wordpress Amplus Theme - CSRF Vulnerability
Wordpress Make A Statement (MaS) Theme - CSRF Vulnerability
WordPress Euclid Theme 1.x.x - CSRF Vulnerability
WordPress Dimension Theme - CSRF Vulnerability
WordPress Amplus Theme - CSRF Vulnerability
WordPress Make A Statement (MaS) Theme - CSRF Vulnerability

Wordpress Download Manager Free & Pro 2.5.8 - Persistent Cross-Site Scripting
WordPress Download Manager Free & Pro 2.5.8 - Persistent Cross-Site Scripting

Wordpress Orange Themes - CSRF File Upload Vulnerability
WordPress Orange Themes - CSRF File Upload Vulnerability

Wordpress Formcraft Plugin - SQL Injection Vulnerability
WordPress Formcraft Plugin - SQL Injection Vulnerability

Wordpress page-flip-image-gallery Plugins - Remote File Upload
WordPress page-flip-image-gallery Plugins - Remote File Upload

Wordpress Persuasion Theme 2.x - Arbitrary File Download and File Deletion Exploit
WordPress Persuasion Theme 2.x - Arbitrary File Download and File Deletion Exploit

Wordpress Dandelion Theme - Arbitry File Upload
WordPress Dandelion Theme - Arbitry File Upload
Wordpress Frontend Upload Plugin - Arbitrary File Upload
Wordpress Buddypress Plugin 1.9.1 - Privilege Escalation
WordPress Frontend Upload Plugin - Arbitrary File Upload
WordPress Buddypress Plugin 1.9.1 - Privilege Escalation

Wordpress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities
WordPress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities

Wordpress AdRotate Plugin 3.9.4 - (clicktracker.php track param) SQL Injection
WordPress AdRotate Plugin 3.9.4 - (clicktracker.php track param) SQL Injection

Wordpress VideoWhisper 4.27.3 - Multiple Vulnerabilities
WordPress VideoWhisper 4.27.3 - Multiple Vulnerabilities

Gold MP4 Player 3.3 - Universal SEH Exploit (MSF)
Gold MP4 Player 3.3 - Universal SEH Exploit (Metasploit)

Wordpress Ajax Pagination Plugin 1.1 - Local File Inclusion
WordPress Ajax Pagination Plugin 1.1 - Local File Inclusion

Wordpress XCloner Plugin 3.1.0 - CSRF Vulnerability
WordPress XCloner Plugin 3.1.0 - CSRF Vulnerability
Wordpress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities
Wordpress Twitget Plugin 3.3.1 - Multiple Vulnerabilities
WordPress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities
WordPress Twitget Plugin 3.3.1 - Multiple Vulnerabilities

Wordpress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload
WordPress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload

Wordpress iMember360 Plugin 3.8.012 - 3.9.001 - Multiple Vulnerabilities
WordPress iMember360 Plugin 3.8.012 - 3.9.001 - Multiple Vulnerabilities

Wireshark CAPWAP Dissector - Denial of Service (msf)
Wireshark CAPWAP Dissector - Denial of Service (Metasploit)

Wordpress Participants Database 1.5.4.8 - SQL Injection
WordPress Participants Database 1.5.4.8 - SQL Injection

Wordpress TimThumb 2.8.13 WebShot - Remote Code Execution (0day)
WordPress TimThumb 2.8.13 WebShot - Remote Code Execution (0day)

Wordpress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities
WordPress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities

Serenity Audio Player 3.2.3 - (.m3u) Buffer Overflow Vulnerability (meta)
Serenity Audio Player 3.2.3 - (.m3u) Buffer Overflow Vulnerability (Metasploit)

Wordpress MailPoet - (wysija-newsletters) Unauthenticated File Upload
WordPress MailPoet - (wysija-newsletters) Unauthenticated File Upload

Gigya Socialize Plugin 1.0/1.1.x for Wordpress - Cross-Site Scripting Vulnerability
Gigya Socialize Plugin 1.0/1.1.x for WordPress - Cross-Site Scripting Vulnerability

Wordpress Plugin Gallery Objects 0.4 - SQL Injection
WordPress Plugin Gallery Objects 0.4 - SQL Injection

Wordpress WP BackupPlus - Database And Files Backup Download (0day)
WordPress WP BackupPlus - Database And Files Backup Download (0day)

Wordpress Video Gallery Plugin 2.5 - Multiple Vulnerabilities
WordPress Video Gallery Plugin 2.5 - Multiple Vulnerabilities

Disqus for Wordpress 2.7.5 - Admin Stored CSRF and XSS
Disqus for WordPress 2.7.5 - Admin Stored CSRF and XSS

Wordpress Huge-IT Image Gallery 1.0.1 - Authenticated SQL Injection
WordPress Huge-IT Image Gallery 1.0.1 - Authenticated SQL Injection

Wordpress Plugins Premium Gallery Manager - Unauthenticated Configuration Access Vulnerability
WordPress Plugins Premium Gallery Manager - Unauthenticated Configuration Access Vulnerability

Wordpress Like Dislike Counter 1.2.3 Plugin - SQL Injection Vulnerability
WordPress Like Dislike Counter 1.2.3 Plugin - SQL Injection Vulnerability

Wordpress Bulk Delete Users by Email Plugin 1.0 - CSRF
WordPress Bulk Delete Users by Email Plugin 1.0 - CSRF

Wordpress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities
WordPress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities

Wordpress Slideshow Gallery 1.4.6 - Shell Upload (Python Exploit)
WordPress Slideshow Gallery 1.4.6 - Shell Upload (Python Exploit)

Wordpress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities
WordPress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities

GNU bash Environment Variable Command Injection (MSF)
GNU bash Environment Variable Command Injection (Metasploit)

Wordpress All In One WP Security Plugin 3.8.2 - SQL Injection
WordPress All In One WP Security Plugin 3.8.2 - SQL Injection

All In One Wordpress Firewall 3.8.3 - Persistent XSS Vulnerability
All In One WordPress Firewall 3.8.3 - Persistent XSS Vulnerability

Bash - CGI RCE (MSF) Shellshock Exploit
Bash - CGI RCE (Metasploit) Shellshock Exploit

Wordpress InfusionSoft Plugin - Upload Vulnerability
WordPress InfusionSoft Plugin - Upload Vulnerability

Creative Contact Form (Wordpress 0.9.7 and Joomla 2.0.0) - Shell Upload Vulnerability
Creative Contact Form (WordPress 0.9.7 and Joomla 2.0.0) - Shell Upload Vulnerability

Wordpress CP Multi View Event Calendar 1.01 - SQL Injection
WordPress CP Multi View Event Calendar 1.01 - SQL Injection

XCloner Wordpress/Joomla! Plugin - Multiple Vulnerabilities
XCloner WordPress/Joomla! Plugin - Multiple Vulnerabilities

Another Wordpress Classifieds Plugin - SQL Injection
Another WordPress Classifieds Plugin - SQL Injection

Wordpress SP Client Document Manager Plugin 2.4.1 - SQL Injection
WordPress SP Client Document Manager Plugin 2.4.1 - SQL Injection

Microsoft Internet Explorer < 11 - OLE Automation Array Remote Code Execution (MSF)
Microsoft Internet Explorer < 11 - OLE Automation Array Remote Code Execution (Metasploit)

Wordpress CM Download Manager Plugin 2.0.0 - Code Injection
WordPress CM Download Manager Plugin 2.0.0 - Code Injection
Wordpress wpDataTables Plugin 1.5.3 - SQL Injection Vulnerability
Wordpress wpDataTables Plugin 1.5.3 - Unauthenticated Shell Upload Vulnerability
WordPress wpDataTables Plugin 1.5.3 - SQL Injection Vulnerability
WordPress wpDataTables Plugin 1.5.3 - Unauthenticated Shell Upload Vulnerability

Wordpress Google Document Embedder 2.5.14 - SQL Injection
WordPress Google Document Embedder 2.5.14 - SQL Injection

Wordpress DB Backup Plugin - Arbitrary File Download
WordPress DB Backup Plugin - Arbitrary File Download

Wordpress Plugin Slider Revolution 3.0.95 /Showbiz Pro 1.7.1 - Shell Upload Exploit
WordPress Plugin Slider Revolution 3.0.95 /Showbiz Pro 1.7.1 - Shell Upload Exploit

Wordpress < 4.0.1 - Denial of Service
WordPress < 4.0.1 - Denial of Service

Wordpress Nextend Facebook Connect Plugin 1.4.59 - XSS Vulnerability
WordPress Nextend Facebook Connect Plugin 1.4.59 - XSS Vulnerability

CodeArt Google MP3 Player Wordpress Plugin - File Disclosure Download
CodeArt Google MP3 Player WordPress Plugin - File Disclosure Download

Wordpress Ajax Store Locator 1.2 - Arbitrary File Download
WordPress Ajax Store Locator 1.2 - Arbitrary File Download

Wordpress Plugin Symposium 14.10 - SQL Injection
WordPress Plugin Symposium 14.10 - SQL Injection

Wordpress Download Manager 2.7.4 - Remote Code Execution Vulnerability
WordPress Download Manager 2.7.4 - Remote Code Execution Vulnerability

Wordpress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit
WordPress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit

Live Wire 2.3.1 For Wordpress - Multiple Security Vulnerabilities
Live Wire 2.3.1 For WordPress - Multiple Security Vulnerabilities

The Gazette Edition 2.9.4 For Wordpress - Multiple Security Vulnerabilities
The Gazette Edition 2.9.4 For WordPress - Multiple Security Vulnerabilities

Wordpress Pie Register Plugin 2.0.13 - Privilege Escalation
WordPress Pie Register Plugin 2.0.13 - Privilege Escalation

Wordpress Cforms Plugin 14.7 - Remote Code Execution
WordPress Cforms Plugin 14.7 - Remote Code Execution

Wordpress Photo Gallery Plugin 1.2.5 - Unrestricted File Upload
WordPress Photo Gallery Plugin 1.2.5 - Unrestricted File Upload

Wordpress Video Gallery 2.7.0 - SQL Injection Vulnerability
WordPress Video Gallery 2.7.0 - SQL Injection Vulnerability

Wordpress Survey and Poll Plugin 1.1 - Blind SQL Injection
WordPress Survey and Poll Plugin 1.1 - Blind SQL Injection

Zabbix 2.0.5 - Cleartext ldap_bind_password Password Disclosure (MSF)
Zabbix 2.0.5 - Cleartext ldap_bind_password Password Disclosure (Metasploit)

Calculated Fields Form Wordpress Plugin <= 1.0.10 - Remote SQL Injection Vulnerability
Calculated Fields Form WordPress Plugin <= 1.0.10 - Remote SQL Injection Vulnerability

Wordpress Theme Photocrati 4.x.x - SQL Injection & XSS
WordPress Theme Photocrati 4.x.x - SQL Injection & XSS

Wordpress Theme DesignFolio Plus 1.2 - Arbitrary File Upload Vulnerability
WordPress Theme DesignFolio Plus 1.2 - Arbitrary File Upload Vulnerability

Wordpress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload
WordPress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload

Wordpress Marketplace 2.4.0 - Arbitrary File Download
WordPress Marketplace 2.4.0 - Arbitrary File Download

Wordpress Plugin Slider Revolution <= 4.1.4 - Arbitrary File Download vulnerability
WordPress Plugin Slider Revolution <= 4.1.4 - Arbitrary File Download vulnerability

Wordpress aspose-doc-exporter Plugin 1.0 - Arbitrary File Download Vulnerability
WordPress aspose-doc-exporter Plugin 1.0 - Arbitrary File Download Vulnerability

Wordpress Business Intelligence Plugin - SQL injection
WordPress Business Intelligence Plugin - SQL injection

Wordpress Video Gallery Plugin 2.8 - Multiple CSRF Vulnerabilities
WordPress Video Gallery Plugin 2.8 - Multiple CSRF Vulnerabilities
Wordpress WP Easy Slideshow Plugin 1.0.3 - Multiple Vulnerabilities
Wordpress Simple Ads Manager Plugin - Multiple SQL Injection
Wordpress Simple Ads Manager 2.5.94 - Arbitrary File Upload
Wordpress Simple Ads Manager - Information Disclosure
WordPress WP Easy Slideshow Plugin 1.0.3 - Multiple Vulnerabilities
WordPress Simple Ads Manager Plugin - Multiple SQL Injection
WordPress Simple Ads Manager 2.5.94 - Arbitrary File Upload
WordPress Simple Ads Manager - Information Disclosure

Wordpress Traffic Analyzer Plugin 3.4.2 - Blind SQL Injection
WordPress Traffic Analyzer Plugin 3.4.2 - Blind SQL Injection

Wordpress Windows Desktop and iPhone Photo Uploader Plugin Arbitrary File Upload
WordPress Windows Desktop and iPhone Photo Uploader Plugin Arbitrary File Upload
Wordpress Plugin 'WP Mobile Edition' 2.7 - Remote File Disclosure Vulnerability
Wordpress Duplicator <= 0.5.14 - SQL Injection & CSRF
WordPress Plugin 'WP Mobile Edition' 2.7 - Remote File Disclosure Vulnerability
WordPress Duplicator <= 0.5.14 - SQL Injection & CSRF

Wordpress N-Media Website Contact Form with File Upload 1.3.4 - Shell Upload Vulnerability
WordPress N-Media Website Contact Form with File Upload 1.3.4 - Shell Upload Vulnerability

Wordpress Video Gallery 2.8 - SQL Injection
WordPress Video Gallery 2.8 - SQL Injection

Wordpress Ajax Store Locator 1.2 - SQL Injection Vulnerability
WordPress Ajax Store Locator 1.2 - SQL Injection Vulnerability

Wordpress NEX-Forms < 3.0 - SQL Injection Vulnerability
WordPress NEX-Forms < 3.0 - SQL Injection Vulnerability
Wordpress Reflex Gallery Upload Vulnerability
Wordpress N-Media Website Contact Form Upload Vulnerability
Wordpress Creative Contact Form Upload Vulnerability
Wordpress Work The Flow Upload Vulnerability
WordPress Reflex Gallery Upload Vulnerability
WordPress N-Media Website Contact Form Upload Vulnerability
WordPress Creative Contact Form Upload Vulnerability
WordPress Work The Flow Upload Vulnerability
Ultimate Product Catalogue Wordpress Plugin - Unauthenticated SQLi
Ultimate Product Catalogue Wordpress Plugin - Unauthenticated SQLi (2)
Ultimate Product Catalogue WordPress Plugin - Unauthenticated SQLi
Ultimate Product Catalogue WordPress Plugin - Unauthenticated SQLi (2)

RM Downloader 2.7.5.400 - Local Buffer Overflow (MSF)
RM Downloader 2.7.5.400 - Local Buffer Overflow (Metasploit)

Wordpress Ultimate Product Catalogue 3.1.2 - Multiple Persistent XSS & CSRF & File Upload
WordPress Ultimate Product Catalogue 3.1.2 - Multiple Persistent XSS & CSRF & File Upload

Wordpress Freshmail Unauthenticated SQL Injection
WordPress Freshmail Unauthenticated SQL Injection

Wordpress N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion
WordPress N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion

Wordpress RevSlider File Upload and Execute Vulnerability
WordPress RevSlider File Upload and Execute Vulnerability

Wordpress Ad Inserter Plugin 1.5.2 - CSRF Vulnerability
WordPress Ad Inserter Plugin 1.5.2 - CSRF Vulnerability

Wordpress N-Media Website Contact Form with File Upload 1.3.4 - File Upload
WordPress N-Media Website Contact Form with File Upload 1.3.4 - File Upload

Wordpress History Collection <= 1.1.1 - Arbitrary File Download
WordPress History Collection <= 1.1.1 - Arbitrary File Download

Wordpress Video Gallery Plugin 2.8 Arbitrary Mail Relay
WordPress Video Gallery Plugin 2.8 Arbitrary Mail Relay
Wordpress MailChimp Subscribe Forms 1.1 Remote Code Execution
Wordpress church_admin Plugin 0.800 Stored XSS
WordPress MailChimp Subscribe Forms 1.1 Remote Code Execution
WordPress church_admin Plugin 0.800 Stored XSS

Wordpress Really Simple Guest Post <= 1.0.6 - File Include
WordPress Really Simple Guest Post <= 1.0.6 - File Include

Wordpress RobotCPA Plugin V5 - Local File Inclusion
WordPress RobotCPA Plugin V5 - Local File Inclusion
Wordpress Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities
Wordpress Plugin 'WP Mobile Edition' - LFI Vulnerability
WordPress Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities
WordPress Plugin 'WP Mobile Edition' - LFI Vulnerability

Wordpress S3Bubble Cloud Video With Adverts & Analytics 0.7 - Arbitrary File Download
WordPress S3Bubble Cloud Video With Adverts & Analytics 0.7 - Arbitrary File Download
Wordpress CP Image Store with Slideshow Plugin 1.0.5 Arbitrary File Download
Wordpress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection
WordPress CP Image Store with Slideshow Plugin 1.0.5 Arbitrary File Download
WordPress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection

Wordpress Finder 'order' Parameter Cross Site Scripting Vulnerability
WordPress Finder 'order' Parameter Cross Site Scripting Vulnerability

Wordpress Slideshow Plugin Multiple Cross Site Scripting Vulnerabilities
WordPress Slideshow Plugin Multiple Cross Site Scripting Vulnerabilities

Wordpress White-Label Framework 2.0.6 - XSS Vulnerability
WordPress White-Label Framework 2.0.6 - XSS Vulnerability

Wordpress Simple Gmail Login Plugin Stack Trace Information Disclosure Vulnerability
WordPress Simple Gmail Login Plugin Stack Trace Information Disclosure Vulnerability

Wordpress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability
WordPress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability

Wordpress Ajax Load More 2.8.1.1 - PHP Upload Vulnerability
WordPress Ajax Load More 2.8.1.1 - PHP Upload Vulnerability
Wordpress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities
Wordpress Plugin Sell Download v1.0.16  - Local File Disclosure
Wordpress Plugin TheCartPress v1.4.7  - Multiple Vulnerabilities
WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities
WordPress Plugin Sell Download v1.0.16  - Local File Disclosure
WordPress Plugin TheCartPress v1.4.7  - Multiple Vulnerabilities

Wordpress Plugin WP Easy Poll 1.1.3 - XSS and CSRF
WordPress Plugin WP Easy Poll 1.1.3 - XSS and CSRF

Siemens Simatic S7 1200 CPU Command Module (MSF)
Siemens Simatic S7 1200 CPU Command Module (Metasploit)

Wordpress Booking Calendar Contact Form Plugin <=1.1.23 - Unauthenticated SQL injection
WordPress Booking Calendar Contact Form Plugin <=1.1.23 - Unauthenticated SQL injection

Wordpress Booking Calendar Contact Form Plugin <=1.1.23 - Shortcode SQL Injection
WordPress Booking Calendar Contact Form Plugin <=1.1.23 - Shortcode SQL Injection

Wordpress Beauty & Clean Theme 1.0.8 - Arbitrary File Upload Vulnerability
WordPress Beauty & Clean Theme 1.0.8 - Arbitrary File Upload Vulnerability

Wordpress Site Import Plugin 1.0.1 - Local and Remote File Inclusion
WordPress Site Import Plugin 1.0.1 - Local and Remote File Inclusion

Wildfly - WEB-INF and META-INF Information Disclosure via Filter Restriction Bypass
2016-03-21 05:03:44 +00:00