Offensive Security
|
dfa43e82f0
|
DB: 2017-11-17
137 new exploits
Apache 2.x - Memory Leak Exploit
Apache 2.x - Memory Leak
Cisco IOS - using hping Remote Denial of Service
Microsoft Windows - ASN.1 'LSASS.exe' Remote Exploit (MS04-007)
Microsoft Windows - ASN.1 'LSASS.exe' Remote Denial of Service (MS04-007)
Slackware Linux - '/usr/bin/ppp-off' Insecure /tmp Call Exploit
HP-UX 11.00/10.20 crontab - Overwrite Files Exploit
Slackware Linux - '/usr/bin/ppp-off' Insecure /tmp Call
HP-UX 11.00/10.20 crontab - Overwrite Files
Solaris 2.7/2.8 Catman - Local Insecure tmp Symlink Exploit
SunOS 5.7 Catman - Local Insecure tmp Symlink Clobber Exploit
RedHat 6.1/6.2 - TTY Flood Users Exploit
Solaris 2.7/2.8 Catman - Local Insecure tmp Symlink
SunOS 5.7 Catman - Local Insecure tmp Symlink Clobber
RedHat 6.1/6.2 - TTY Flood Users
Solaris 2.6 / 7 / 8 - Lock Users Out of mailx Exploit
ProFTPd 1.2.0 rc2 - Memory Leakage Exploit
Solaris 2.6 / 7 / 8 - Lock Users Out of mailx
ProFTPd 1.2.0 rc2 - Memory Leakage
Cisco (Multiple Products) - Automated Exploit Tool
Cisco (Multiple Products) - Automated Tool
TCP Connection Reset - Remote Denial of Service
Microsoft Internet Explorer - Overly Trusted Location Cache Exploit
Microsoft Internet Explorer - Overly Trusted Location Cache
Microsoft Windows - JPEG Processing Buffer Overrun Exploit (MS04-028)
Microsoft Windows - JPEG Processing Buffer Overrun (MS04-028)
Quake 3 Engine - Infostring Crash and Shutdown Exploit
Quake 3 Engine - Infostring Crash and Shutdown
Microsoft Windows - 'SMB' Transaction Response Handling Exploit (MS05-011)
Microsoft Windows - 'SMB' Transaction Response Handling (MS05-011)
MultiTheftAuto 0.5 patch 1 - Server Crash / MOTD Deletion Exploit
MultiTheftAuto 0.5 patch 1 - Server Crash / MOTD Deletion
netPanzer 0.8 rev 952 - 'frameNum' Server Terminiation Exploit
netPanzer 0.8 rev 952 - 'frameNum' Server Terminiation
VMware 5.5.1 - COM Object Arbitrary Partition Table Delete Exploit
VMware 5.5.1 - COM Object Arbitrary Partition Table Delete
KDE libkhtml 3.5 < 4.2.0 - Unhandled HTML Parse Exception Exploit
KDE libkhtml 3.5 < 4.2.0 - Unhandled HTML Parse Exception
eIQnetworks Network Security Analyzer - Null Pointer Dereference Exploit
eIQnetworks Network Security Analyzer - Null Pointer Dereference
Microsoft Internet Explorer 6 - 'mshtml.dll' Null Pointer Dereference Exploit
Microsoft Internet Explorer 6 - 'mshtml.dll' Null Pointer Dereference
PHP 5.2.6 - 'sleep()' Local Memory Exhaust Exploit
PHP 5.2.6 - 'sleep()' Local Memory Exhaust
Ruby 1.9 - regex engine Remote Socket Memory Leak Exploit
Ruby 1.9 - regex engine Remote Socket Memory Leak
Ultra Office - ActiveX Control Arbitrary File Corruption Exploit
Ultra Office - ActiveX Control Arbitrary File Corruption
Flock Social Web Browser 1.2.5 - 'loop' Remote Denial of Service
Microsoft Windows - GDI+ '.ICO' Remote Division By Zero Exploit
Microsoft Windows - GDI+ '.ICO' Remote Division By Zero
Microsoft Windows Vista - Access Violation from Limited Account Exploit (Blue Screen of Death)
Microsoft Windows Vista - Access Violation from Limited Account (Blue Screen of Death)
Novell Groupwise 8.0 - Malformed RCPT Command Off-by-One Exploit
Novell Groupwise 8.0 - Malformed RCPT Command Off-by-One
Mozilla Firefox - unclamped loop Denial of Service
Zortam MP3 Player 1.50 - '.m3u' Integer Division by Zero Exploit
Zortam MP3 Player 1.50 - '.m3u' Integer Division by Zero
Firebird SQL - op_connect_request main listener shutdown Exploit
Firebird SQL - op_connect_request main listener shutdown
Kaspersky 2010 - Remote Memory Corruption / Denial of Service (PoC)
VirtualDJ Trial 6.0.6 'New Year Edition' - '.m3u' Exploit
Sagem Routers - Remote Reset Exploit
Sagem Routers - Remote Reset
TopDownloads MP3 Player 1.0 - '.m3u' Crash Exploit
TopDownloads MP3 Player 1.0 - '.m3u' Crash
Optimal Archive 1.38 - '.zip' File Exploit (SEH) (PoC)
Optimal Archive 1.38 - '.zip' File (SEH) (PoC)
Aircrack-NG Tools svn r1675 - Remote Exploit
Aircrack-NG Tools svn r1675 - Remote Heap-Based Buffer Overflow
Apple Mac OSX 10.6 - HFS FileSystem Exploit (Denial of Service)
Apple Mac OSX 10.6 - HFS FileSystem (Denial of Service)
Motorola SB5101 Hax0rware Rajko HTTPd - Remote Exploit (PoC)
Motorola SB5101 Hax0rware Rajko HTTPd - Remote Denial of Service (PoC)
FreeBSD - 'mountnfs()' Exploit
FreeBSD - 'mountnfs()' Denial of Service
AoAAudioExtractor 2.0.0.0 - ActiveX (PoC) (SEH)
Microsoft Internet Explorer - MSHTML Findtext Processing Exploit
Microsoft Internet Explorer - MSHTML Findtext Processing
RedHat Linux - Stickiness of /tmp Exploit
RedHat Linux - Stickiness of /tmp
Microsoft Plug and Play Service - Overflow Exploit (MS05-039) (Metasploit)
Microsoft Plug and Play Service - Overflow (MS05-039) (Metasploit)
Linux 2.6.37-rc1 - serial_core TIOCGICOUNT Leak Exploit
Linux 2.6.37-rc1 - serial_core TIOCGICOUNT Leak
ZipWiz 2005 5.0 - '.zip' Buffer Corruption Exploit
ZipWiz 2005 5.0 - '.zip' Buffer Corruption
Simple HTTPd 1.42 - Denial of Servive Exploit
Simple HTTPd 1.42 - Denial of Servive
PeerBlock 1.1 - Blue Screen of Death Exploit
PeerBlock 1.1 - Blue Screen of Death
Spotify 0.8.2.610 - search func Memory Exhaustion Exploit
Spotify 0.8.2.610 - search func Memory Exhaustion
Microsoft Windows - 'afd.sys' Local Kernel Exploit (PoC) (MS11-046)
Microsoft Windows - 'afd.sys' Local Kernel (PoC) (MS11-046)
Digital Ultrix 4.0/4.1 - '/usr/bin/chroot' Exploit
SunOS 4.1.1 - '/usr/release/bin/makeinstall' Exploit
SunOS 4.1.1 - '/usr/release/bin/winstall' Exploit
SunOS 4.1.3 - kmem setgid /etc/crash Exploit
SunOS 4.1.3 - kmem setgid /etc/crash
Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA Exploit
Microsoft IIS 4.0 / Microsoft JET 3.5/3.5.1 Database Engine - VBA
Linux Kernel 2.0/2.1/2.2 - autofs Exploit
Linux Kernel 2.0/2.1/2.2 - 'autofs'
Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi Exploit
Apache 1.1 / NCSA httpd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi
Netscape Enterprise Server 3.6 SP2/FastTrack Server 2.0.1 - GET Exploit
Netscape Enterprise Server 3.6 SP2/FastTrack Server 2.0.1 - GET
D-Link DIR605L - Denial of Service
D-Link DIR-605L < 2.08 - Denial of Service
Microsoft Edge Chakra: JIT - 'Lowerer::LowerBoundCheck' Incorrect Integer Overflow Check
Microsoft Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (4)
Microsoft Internet Explorer 5/6 - Self-Referential Object Denial of Service
Kerio MailServer 5.6.3 subscribe Module - Overflow Exploit
Kerio MailServer 5.6.3 subscribe Module - Overflow
Kerio MailServer 5.6.3 list Module - Overflow Exploit
Kerio MailServer 5.6.3 do_map Module - Overflow Exploit
Kerio MailServer 5.6.3 list Module - Overflow
Kerio MailServer 5.6.3 do_map Module - Overflow
Microsoft Edge - 'Object.setPrototypeOf' Memory Corruption
Red-M Red-Alert 3.1 - Remote Exploit
Red-M Red-Alert 3.1 - Remote Denial of Service
Microsoft Windows Server 2000 - Multiple COM Object Instantiation Code Execution Vulnerabilities
Microsoft Internet Explorer 6 - Multiple COM Object Color Property Denial of Service Vulnerabilities
Microsoft Windows Server 2000 - Multiple COM Object Instantiation Code Execution Vulnerabilities
Microsoft Internet Explorer 6 - Multiple COM Object Color Property Denial of Service Vulnerabilities
Gold MP4 Player 3.3 - Universal Exploit (SEH) (Metasploit)
Gold MP4 Player 3.3 - Universal (SEH) (Metasploit)
WS10 Data Server - SCADA Exploit Overflow (PoC)
WS10 Data Server - SCADA Overflow (PoC)
Kaspersky AntiVirus - DEX File Format Memory Corruption
Kaspersky AntiVirus - '.DEX' File Format Memory Corruption
Avast! - JetDb::IsExploited4x Performs Unbounded Search on Input
Avast! - JetDb::Ised4x Performs Unbounded Search on Input
pdfium IsFlagSet (v8 memory management) - SIGSEGV Exploit
pdfium IsFlagSet (v8 memory management) - SIGSEGV
Apple OS X/iOS - 'mach_ports_register' Multiple Memory Safety Exploits
Apple OS X/iOS - 'mach_ports_register' Multiple Memory Safety s
Microsoft Edge Chakra JIT - Type Confusion with switch Statements
Microsoft Edge Chakra: JIT - 'OP_Memset' Type Confusion
Mandrake Linux 8.2 - '/usr/mail' Local Exploit
ICQ Pro 2003a - 'ca1-icq.asm' Password Bypass Exploit
XGalaga 2.0.34 (RedHat 9.0) - Local Game Exploit
xtokkaetama 1.0b (RedHat 9.0) - Local Game Exploit
man-db 2.4.1 - 'open_cat_stream()' Local uid=man Exploit
DameWare Mini Remote Control Server - System Exploit
Mandrake Linux 8.2 - '/usr/mail' Local Overflow
ICQ Pro 2003a - 'ca1-icq.asm' Password Bypass
XGalaga 2.0.34 (RedHat 9.0) - Local Game
xtokkaetama 1.0b (RedHat 9.0) - Local Game
man-db 2.4.1 - 'open_cat_stream()' Local uid=man
DameWare Mini Remote Control Server - System
IBM DB2 - Universal Database 7.2 'db2licm' Local Exploit
IBM DB2 - Universal Database 7.2 'db2licm' Local
OpenBSD - 'ibcs2_exec' Kernel Local Exploit
OpenBSD - 'ibcs2_exec' Kernel Local
Microsoft Windows - ListBox/ComboBox Control Local Exploit (MS03-045)
Microsoft Windows - ListBox/ComboBox Control Local (MS03-045)
XSOK 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit
XSOK 1.02 - '-xsokdir' Local Buffer Overflow Game
SuSE Linux 9.0 - YaST Configuration Skribt Local Exploit
SuSE Linux 9.0 - YaST Configuration Skribt Local
RedHat 6.2 Restore and Dump - Local Exploit (Perl)
RedHat 6.2 Restore and Dump - Privilege Escalation (Perl)
BSDi 3.0/4.0 - rcvtty[mh] Local Exploit
BSDi 3.0/4.0 - rcvtty[mh] Local
Solaris locale - Format Strings 'noexec stack' Exploit
GLIBC locale - bug mount Exploit
dislocate 1.3 - Local i386 Exploit
UUCP Exploit - File Creation/Overwriting Symlinks Exploit
Solaris locale - Format Strings 'noexec stack'
GLIBC locale - bug mount
dislocate 1.3 - Local i386
UUCP - File Creation/Overwriting Symlinks
GLIBC locale - Format Strings Exploit
GLIBC locale - Format Strings
RedHat 6.1 man - 'egid 15' Local Exploit
RedHat 6.1 man - 'egid 15' Local
splitvt < 1.6.5 - Local Exploit
splitvt < 1.6.5 - Local
IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - '/usr/bin/lpstat' Local Exploit
IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - '/usr/lib/print/netprint' Local Exploit
Microsoft Windows Utility Manager - Local SYSTEM Exploit (MS04-011)
IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - '/usr/bin/lpstat' Local
IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - '/usr/lib/print/netprint' Local
Microsoft Windows Utility Manager - Local SYSTEM (MS04-011)
Slackware 7.1 - '/usr/bin/mail' Local Exploit
Slackware 7.1 - '/usr/bin/mail' Local
GLIBC 2.1.3 - LD_PRELOAD Local Exploit
GLIBC 2.1.3 - LD_PRELOAD Local
Resolv+ (RESOLV_HOST_CONF) - Linux Library Local Exploit
Resolv+ (RESOLV_HOST_CONF) - Linux Library Local
Solaris 2.5.1 lp / lpsched - Symlink Exploit
LibXt - 'XtAppInitialize()' Overflow *xterm Exploit
Solaris 2.5.0/2.5.1 ps / chkey - Data Buffer Exploit
Solaris 2.5.1 lp / lpsched - Symlink
LibXt - 'XtAppInitialize()' Overflow *xterm
Solaris 2.5.0/2.5.1 ps / chkey - Data Buffer
Microsoft Windows Server 2000 - Universal Language Utility Manager Exploit (MS04-019)
Microsoft Windows Task Scheduler (Windows XP/2000) - '.job' Exploit (MS04-022)
Microsoft Windows Server 2000 - Utility Manager All-in-One Exploit (MS04-019)
Microsoft Windows Server 2000 - Universal Language Utility Manager (MS04-019)
Microsoft Windows Task Scheduler (Windows XP/2000) - '.job' (MS04-022)
Microsoft Windows Server 2000 - Utility Manager All-in-One (MS04-019)
Microsoft Windows XP - Task Scheduler '.job' Universal Exploit (MS04-022)
Microsoft Windows XP - Task Scheduler '.job' Universal (MS04-022)
ProFTPd - 'ftpdctl' 'pr_ctrls_connect' Exploit
AOL Instant Messenger AIM - 'Away' Message Local Exploit
OpenBSD - 'ftp' Exploit
ProFTPd - 'ftpdctl' 'pr_ctrls_connect' Overflow
AOL Instant Messenger AIM - 'Away' Message Local
OpenBSD - 'ftp'
IPD (Integrity Protection Driver) - Local Exploit
IPD (Integrity Protection Driver) - Local
htpasswd Apache 1.3.31 - Local Exploit
htpasswd Apache 1.3.31 - Local
SudoEdit 1.6.8 - Local Change Permission Exploit
SudoEdit 1.6.8 - Local Change Permission
BSD bmon 1.2.1_2 - Local Exploit
BSD bmon 1.2.1_2 - Local
Linux Kernel 2.4.27/2.6.8 - 'binfmt_elf' Executable File Read Exploit
Multiple AntiVirus - '.zip' Detection Bypass Exploit
Linux Kernel 2.4.27/2.6.8 - 'binfmt_elf' Executable File Read
Multiple AntiVirus - '.zip' Detection Bypass
Cscope 15.5 - Symlink Exploit
Cscope 15.5 - Symlink
Microsoft Windows - Improper Token Validation Local Exploit
Exim 4.41 - 'dns_build_reverse' Local Exploit (PoC)
Peer2Mail 1.4 - Encrypted Password Dumper Exploit
fkey 0.0.2 - Local File Accessibility Exploit
Microsoft Windows - Improper Token Validation Local
Exim 4.41 - 'dns_build_reverse' Local (PoC)
Peer2Mail 1.4 - Encrypted Password Dumper
fkey 0.0.2 - Local File Accessibility
/usr/bin/trn (Not SUID) - Local Exploit
Mandrake / Slackware /usr/bin/trn - Privilege Escalation (Not SUID)
Linux ncpfs - Local Exploit
ncpfs < 2.2.6 (Gentoo / Linux) - Privilege Escalation
DelphiTurk FTP 1.0 - Passwords to Local Users Exploit
DelphiTurk e-Posta 1.0 - Local Exploit
GNU a2ps - 'Anything to PostScript' Not SUID Local Exploit
VisualBoyAdvanced 1.7.x - Non SUID Local Shell Exploit
DelphiTurk FTP 1.0 - Passwords to Local Users
DelphiTurk e-Posta 1.0 - Local
GNU a2ps - 'Anything to PostScript' Not SUID Local
VisualBoyAdvanced 1.7.x - Non SUID Local Shell
GetDataBack Data Recovery 2.31 - Local Exploit
Aeon 0.2a - Local Linux Exploit (1)
Aeon 0.2a - Local Linux Exploit (2)
GetDataBack Data Recovery 2.31 - Local
Aeon 0.2a - Local Linux (1)
Aeon 0.2a - Local Linux (2)
Microsoft Jet Database - 'msjet40.dll' Reverse Shell Exploit (1)
Microsoft Jet Database - 'msjet40.dll' Reverse Shell (1)
Oracle Database PL/SQL Statement - Multiple SQL Injections Exploits
Oracle Database PL/SQL Statement - Multiple SQL Injections s
Microsoft Windows - 'HTA' Script Execution Exploit (MS05-016)
Microsoft Windows - 'HTA' Script Execution (MS05-016)
Microsoft Jet Database - 'msjet40.dll' Reverse Shell Exploit (2)
Microsoft Jet Database - 'msjet40.dll' Reverse Shell (2)
Exim 4.41 - 'dns_build_reverse' Local Exploit
Microsoft Windows - COM Structured Storage Local Exploit (MS05-012)
ePSXe 1.6.0 - 'nogui()' Local Exploit
Exim 4.41 - 'dns_build_reverse' Local
Microsoft Windows - COM Structured Storage Local (MS05-012)
ePSXe 1.6.0 - 'nogui()' Privilege Escalation
Willing Webcam 2.8 - Licence Information Disclosure Local Exploit
Willing Webcam 2.8 - Licence Information Disclosure Local
Solaris (SPARC/x86) - Local Socket Hijack Exploit
Solaris (SPARC/x86) - Local Socket Hijack
MySQL 4.0.17 (Linux) - User-Defined Function (UDF) Dynamic Library Exploit (1)
MySQL 4.0.17 (Linux) - User-Defined Function (UDF) Dynamic Library (1)
Appfluent Database IDS < 2.1.0.103 - Environment Variable Local Exploit
Appfluent Database IDS < 2.1.0.103 - Environment Variable Local
Microsoft Windows Server 2000 Kernel - APC Data-Free Local Escalation Exploit (MS05-055)
Microsoft Windows Server 2000 Kernel - APC Data-Free Local Escalation (MS05-055)
MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Dynamic Library Exploit (2)
MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Dynamic Library (2)
Oracle 10g Release 2 - 'DBMS_EXPORT_EXTENSION' SQL Exploit
Intel Wireless Service - 's24evmon.exe' Shared Memory Exploit
Oracle 10g Release 2 - 'DBMS_EXPORT_EXTENSION' SQL
Intel Wireless Service - 's24evmon.exe' Shared Memory
Solaris 8/9 - '/usr/ucb/ps' Local Information Leak Exploit
VMware 5.5.1 - 'ActiveX' Local Buffer Overflow
Solaris 8/9 - '/usr/ucb/ps' Local Information Leak
VMware 5.5.1 - 'ActiveX' Local Buffer Overflow
TIBCO Rendezvous 7.4.11 - Password Extractor Local Exploit
TIBCO Rendezvous 7.4.11 - Password Extractor Local
Apple Mac OSX 10.4.7 - Mach Exception Handling Local Exploit (10.3.x)
Apple Mac OSX 10.4.7 - Mach Exception Handling Local (10.3.x)
Kaspersky Internet Security 6.0.0.303 - IOCTL KLICK Local Exploit
Kaspersky Internet Security 6.0.0.303 - IOCTL KLICK Local
HP Tru64 Alpha OSF1 5.1 - 'ps' Information Leak Exploit
HP Tru64 Alpha OSF1 5.1 - 'ps' Information Leak
Plan 9 Kernel - 'devenv.c OTRUNC/pwrite' Local Exploit
Plan 9 Kernel - 'devenv.c OTRUNC/pwrite' Local
PHP 5.2.1 - 'substr_compare()' Information Leak Exploit
PHP 5.2.1 - 'substr_compare()' Information Leak
PHP 'COM' Extensions - inconsistent Win32 'safe_mode' Bypass Exploit
PHP 'COM' Extensions - inconsistent Win32 'safe_mode' Bypass
PHP 5.2.0 (OSX) - EXT/Filter Space Trimming Buffer Underflow Exploit
PHP 5.2.1 - 'session_regenerate_id()' Double-Free Exploit
PHP 5.2.0/5.2.1 - Rejected Session ID Double-Free Exploit
PHP 5.2.0 (OSX) - EXT/Filter Space Trimming Buffer Underflow
PHP 5.2.1 - 'session_regenerate_id()' Double-Free
PHP 5.2.0/5.2.1 - Rejected Session ID Double-Free
PHP 4.4.6/5.2.1 - 'array_user_key_compare()' ZVAL dtor Local Exploit
PHP 5.2.0 (OSX) - 'header()' Space Trimming Buffer Underflow Exploit
PHP 4.4.6/5.2.1 - ext/gd Already Freed Resources Usage Exploit
PHP 5.2.1 - 'hash_update_file()' Freed Resource Usage Exploit
PHP 5.2.1 - 'Unserialize()' Local Information Leak Exploit
PHP < 4.4.5/5.2.1 - '_SESSION unset()' Local Exploit
PHP 4.4.6/5.2.1 - 'array_user_key_compare()' ZVAL dtor Local
PHP 5.2.0 (OSX) - 'header()' Space Trimming Buffer Underflow
PHP 4.4.6/5.2.1 - ext/gd Already Freed Resources Usage
PHP 5.2.1 - 'hash_update_file()' Freed Resource Usage
PHP 5.2.1 - 'Unserialize()' Local Information Leak
PHP < 4.4.5/5.2.1 - '_SESSION unset()' Local
East Wind Software - 'advdaudio.ocx 1.5.1.1' Local Buffer Overflow
PHP 5.x - (Win32service) Local 'Safe_Mode()' Bypass Exploit
PHP 5.x - (Win32service) Local 'Safe_Mode()' Bypass
PHP 'FFI' Extension 5.0.5 - 'Safe_mode' Local Bypass Exploit
PHP 'Perl' Extension - 'Safe_mode' Bypass Exploit
PHP 'FFI' Extension 5.0.5 - 'Safe_mode' Local Bypass
PHP 'Perl' Extension - 'Safe_mode' Bypass
Norman Virus Control - 'nvcoaft51.sys' ioctl BF672028 Exploit
Norman Virus Control - 'nvcoaft51.sys' ioctl BF672028
Microsoft Visual Basic 6.0 - VBP_Open OLE Local CodeExec Exploit
Microsoft Visual Basic 6.0 - VBP_Open OLE Local CodeExec
PHP 4.4.7/5.2.3 - MySQL/MySQLi 'Safe_Mode' Bypass Exploit
PHP 4.4.7/5.2.3 - MySQL/MySQLi 'Safe_Mode' Bypass
Send ICMP Nasty Garbage (SING) - Append File Logrotate Exploit
Send ICMP Nasty Garbage (SING) - Append File Logrotate
SafeNet 10.4.0.12 - 'IPSecDrv.sys' Local kernel Ring0 SYSTEM Exploit
SafeNet 10.4.0.12 - 'IPSecDrv.sys' Local kernel Ring0 SYSTEM
DESlock+ < 3.2.6 - Local Kernel Ring0 link list zero SYSTEM Exploit
DESlock+ < 3.2.6 - 'DLMFDISK.sy's Local kernel Ring0 SYSTEM Exploit
DESlock+ < 3.2.6 - Local Kernel Ring0 link list zero SYSTEM
DESlock+ < 3.2.6 - 'DLMFDISK.sy's Local kernel Ring0 SYSTEM
Solaris 8/9/10 - 'fifofs I_PEEK' Local Kernel Memory Leak Exploit
Solaris 8/9/10 - 'fifofs I_PEEK' Local Kernel Memory Leak
VideoLAN VLC Media Player 0.8.6d SSA Parsing Double Sh311 - Universal Exploit
Deterministic Network Enhancer - 'dne2000.sys' Kernel Ring0 SYSTEM Exploit
VideoLAN VLC Media Player 0.8.6d SSA Parsing Double Sh311 - Universal
Deterministic Network Enhancer - 'dne2000.sys' Kernel Ring0 SYSTEM
Microsoft Windows Server 2003 - Token Kidnapping Local Exploit (PoC)
Microsoft Windows Server 2003 - Token Kidnapping Local (PoC)
Opera 9.62 - 'file://' Local Heap Overflow
PHP 5.2.6 - 'error_log' Safe_mode Bypass Exploit
Opera 9.62 - 'file://' Local Heap Overflow
PHP 5.2.6 - 'error_log' Safe_mode Bypass
RadASM 2.2.1.5 - '.rap' WindowCallProcA Pointer Hijack Exploit
RadASM 2.2.1.5 - '.rap' WindowCallProcA Pointer Hijack
PHP 'python' Extension - 'safe_mode' Local Bypass Exploit
PHP 'python' Extension - 'safe_mode' Local Bypass
Adobe Acrobat Reader - JBIG2 Universal Exploit
Adobe Acrobat Reader - JBIG2 Universal
xscreensaver 5.01 - Arbitrary File Disclosure Symlink Exploit
xscreensaver 5.01 - Arbitrary File Disclosure Symlink
Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer Exploit (SEH) (1)
Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer Exploit (SEH) (2)
Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer Exploit (SEH) (3)
Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer (SEH) (1)
Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer (SEH) (2)
Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer (SEH) (3)
pIPL 2.5.0 - '.PLS' / '.PL' Universal Local Buffer Exploit (SEH)
pIPL 2.5.0 - '.PLS' / '.PL' Universal Local Buffer (SEH)
Xenorate Media Player 2.6.0.0 - '.xpl' Universal Local Buffer Exploit (SEH)
Xenorate Media Player 2.6.0.0 - '.xpl' Universal Local Buffer (SEH)
KSP 2006 FINAL - '.m3u' Universal Local Buffer Exploit (SEH)
KSP 2006 FINAL - '.m3u' Universal Local Buffer (SEH)
BSD (Multiple Distributions) - 'setusercontext()' Exploit
BSD (Multiple Distributions) - 'setusercontext()' Multiple Vulnerabilities
Fat Player 0.6b - '.wav' Universal Local Buffer Exploit
Fat Player 0.6b - '.wav' Universal Local Buffer
Media Jukebox 8 - '.m3u' Universal Local Buffer Exploit (SEH)
Media Jukebox 8 - '.m3u' Universal Local Buffer (SEH)
Media Jukebox 8 - '.pls' Universal Local Buffer Exploit (SEH)
Media Jukebox 8 - '.pls' Universal Local Buffer (SEH)
Hamster Audio Player 0.3a - 'Associations.cfg' Local Buffer Exploit (SEH) (1)
Hamster Audio Player 0.3a - 'Associations.cfg' Local Buffer (SEH) (1)
Adobe Acrobat/Reader < 7.1.1/8.1.3/9.1 - Collab getIcon Universal Exploit
Hamster Audio Player 0.3a - 'Associations.cfg' Local Buffer Exploit (SEH) (2)
Adobe Acrobat/Reader < 7.1.1/8.1.3/9.1 - Collab getIcon Universal
Hamster Audio Player 0.3a - 'Associations.cfg' Local Buffer (SEH) (2)
Enlightenment - Linux Null PTR Dereference Exploit Framework
Enlightenment - Linux Null PTR Dereference Framework
AIMP2 Audio Converter - Playlist (SEH)
AIMP2 Audio Converter - Playlist Overflow (SEH)
VMware Fusion 2.0.5 - vmx86 kext Local Exploit (PoC)
VMware Fusion 2.0.5 - vmx86 kext Local (PoC)
VMware Virtual 8086 - Linux Local Ring0 Exploit
VMware Virtual 8086 - Linux Local Ring0
Oracle - SYS.LT.MERGEWORKSPACE Evil Cursor Exploit
Oracle - SYS.LT.COMPRESSWORKSPACETREE Evil Cursor Exploit
Oracle - ctxsys.drvxtabc.create_tables Evil Cursor Exploit
Oracle - ctxsys.drvxtabc.create_tables Exploit
Oracle - SYS.LT.REMOVEWORKSPACE Evil Cursor Exploit
Oracle - SYS.LT.MERGEWORKSPACE Evil Cursor
Oracle - SYS.LT.COMPRESSWORKSPACETREE Evil Cursor
Oracle - ctxsys.drvxtabc.create_tables Evil Cursor
Oracle - ctxsys.drvxtabc.create_tables
Oracle - SYS.LT.REMOVEWORKSPACE Evil Cursor
Exploit Easy RM to MP3 2.7.3.700 - Ruby
Easy RM to MP3 2.7.3.700 - (Ruby)
VirtualDJ Trial 6.0.6 'New Year Edition' - '.m3u' Overflow
Authentium SafeCentral 2.6 - 'shdrv.sys' Local Kernel Ring0 SYSTEM Exploit
Authentium SafeCentral 2.6 - 'shdrv.sys' Local Kernel Ring0 SYSTEM
WM Downloader 3.0.0.9 (Windows XP SP3) - PLS PLA Exploit
WM Downloader 3.0.0.9 (Windows XP SP3) - PLS PLA
Free MP3 CD Ripper 2.6 - '.wav' Exploit
Free MP3 CD Ripper 2.6 - '.wav'
Winamp 5.572 - 'whatsnew.txt' Exploit (SEH) (Metasploit)
Winamp 5.572 - 'whatsnew.txt' (SEH) (Metasploit)
FreeBSD - 'nfs_mount()' Exploit
FreeBSD 8.0/7.3/7.2 - 'nfs_mount()' Privilege Escalation
GSM SIM Utility 5.15 - Direct RET Local Exploit
GSM SIM Utility 5.15 - Direct RET Local
Apple iOS - '.pdf' Jailbreak Exploit
Exploit Easy RM to MP3 2.7.3.700 - '.m3u' / '.pls' / '.smi' / '.wpl' / '.wax' / '.wvx' / '.ram' Exploit
Apple iOS - '.pdf' Jailbreak
Easy RM to MP3 2.7.3.700 - '.m3u' / '.pls' / '.smi' / '.wpl' / '.wax' / '.wvx' / '.ram'
Microsoft Excel - FEATHEADER Record Exploit (MS09-067)
Microsoft Excel - FEATHEADER Record (MS09-067)
Foxit Reader 4.0 - '.pdf' Jailbreak Exploit
Foxit Reader 4.0 - '.pdf' Jailbreak
Microsoft Vista - 'fveapi.dll' BitLocker Drive Encryption API Hijacking Exploit
Microsoft Vista - 'fveapi.dll' BitLocker Drive Encryption API Hijacking
AudioTran 1.4.2.4 - SafeSEH + SEHOP Exploit
AudioTran 1.4.2.4 - SafeSEH + SEHOP
Oracle Solaris - 'su' Local Exploit
Oracle Solaris - 'su' Local
Trend Micro Titanium Maximum Security 2011 - Local Kernel Exploit
Trend Micro Titanium Maximum Security 2011 - Local Kernel
G Data TotalCare 2011 - Local Kernel Exploit
G Data TotalCare 2011 - Local Kernel
DriveCrypt 5.3 - Local Kernel Ring0 SYSTEM Exploit
DriveCrypt 5.3 - Local Kernel Ring0 SYSTEM
FreeBSD 5.4-RELEASE ftpd 6.00LS - 'sendfile' Memory Leak Exploit
AoA DVD Creator 2.5 - ActiveX Stack Overflow
AoA Mp4 Converter 4.1.0 - ActiveX Stack Overflow
DESlock+ < 4.1.10 - 'vdlptokn.sys' Local Kernel Ring0 SYSTEM Exploit
FreeBSD 5.4-RELEASE ftpd 6.00LS - 'sendfile' Memory Leak
AoA DVD Creator 2.5 - ActiveX Stack Overflow
AoA Mp4 Converter 4.1.0 - ActiveX Stack Overflow
DESlock+ < 4.1.10 - 'vdlptokn.sys' Local Kernel Ring0 SYSTEM
MPlayer (r33064 Lite) - Buffer Overflow + ROP Exploit
MPlayer (r33064 Lite) - Buffer Overflow + ROP
Adobe Reader X 10.0.0 < 10.0.1 - Atom Type Confusion Exploit
Adobe Reader X 10.0.0 < 10.0.1 - Atom Type Confusion
DVD X Player 5.5.0 Professional / Standard - '.plf' File Universal Exploit (ASLR + DEP Bypass)
DVD X Player 5.5.0 Professional / Standard - '.plf' File Universal (ASLR + DEP Bypass)
Linux Kernel 2.6.37-rc1 - 'serial_multiport_struct' Local Information Leak Exploit
Linux Kernel 2.6.37-rc1 - 'serial_multiport_struct' Local Information Leak
Microsoft Office 2008 SP0 (Mac) - RTF pFragments Exploit
Microsoft Office 2008 SP0 (Mac) - RTF pFragments
Lattice Semiconductor PAC-Designer 6.21 - '.PAC' Exploit
Lattice Semiconductor PAC-Designer 6.21 - '.PAC' Overflow
SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - 'NETLS_LICENSE_FILE' Exploit
SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - 'LICENSEMGR_FILE_ROOT' Exploit
Digital Ultrix 4.0/4.1 - '/usr/bin/chroot' Privilege Escalation
SunOS 4.1.1 - '/usr/release/bin/makeinstall' Privilege Escalation
SunOS 4.1.1 - '/usr/release/bin/winstall' Privilege Escalation
SGI IRIX 5.3/6.2 / SGI license_oeo 1.0 LicenseManager - 'NETLS_LICENSE_FILE' Privilege Escalation
SGI IRIX 6.4 / SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - 'LICENSEMGR_FILE_ROOT' Privilege Escalation
ISC BIND 4.9.7 -T1B - named SIGINT and SIGIOT Symlink Exploit
ISC BIND 4.9.7 -T1B - named SIGINT / SIGIOT Symlink
Sun Solaris 2.6 - power management Exploit
Sun Solaris 7.0 - 'sdtcm_convert' Exploit
Sun Solaris 2.6 - power management
Sun Solaris 7.0 - '/usr/dt/bin/sdtcm_convert' Overflow / Privilege Escalation
Microsoft Windows - 'April Fools 2001' Exploit
Microsoft Windows - 'April Fools 2001'
Solaris 2.5.1 - 'ffbconfig' Exploit
Solaris 2.5.1 - 'chkey' Exploit
Solaris 2.5.1 - 'Ping' Exploit
SGI IRIX 6.4 - 'ioconfig' Exploit
Solaris 2.5.1 - 'ffbconfig' Privilege Escalation
Solaris 2.5.1 - 'chkey' Privilege Escalation
Solaris 2.5.1 - 'Ping'
SGI IRIX 6.4 - 'ioconfig' Privilege Escalation
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - 'xlock' Exploit (1)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - 'xlock' Overflow / Privilege Escalation (1)
Solaris 2.5.1 - 'automount' Exploit
BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Exploit (1)
BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Exploit (2)
BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Exploit (3)
Solaris 2.5.1 - 'automount' Privilege Escalation
BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Overflow / Privilege Escalation (1)
BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Overflow / Privilege Escalation (2)
BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Overflow / Privilege Escalation (3)
Allaire ColdFusion Server 4.0.1 - 'CFCRYPT.EXE' Exploit
Allaire ColdFusion Server 4.0.1 - 'CFCRYPT.EXE'
Solaris 7.0 - 'cancel' Exploit
Solaris 7.0 - 'chkperm' Exploit
Solaris 7.0 - 'cancel' Privilege Escalation
Solaris 7.0 - 'chkperm'
G. Wilford man 2.3.10 - Symlink Exploit
G. Wilford man 2.3.10 - Symlink
S.u.S.E. Linux 5.2 - gnuplot Exploit
S.u.S.E. Linux 5.2 - 'gnuplot'
Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Exploit
X11R6 3.3.3 - Symlink Exploit
Sun Solaris 7.0 - 'ff.core' Exploit
S.u.S.E. 5.2 - 'lpc' Exploit
SGI IRIX 6.2 - '/usr/lib/netaddpr' Exploit
NetBSD 1.3.2 / SGI IRIX 6.5.1 - 'at(1)' Exploit
SGI IRIX 6.2 - 'cdplayer' Exploit
Stanford University bootpd 2.4.3 / Debian 2.0 - netstd
X11R6 3.3.3 - Symlink
Sun Solaris 7.0 - 'ff.core' Privilege Escalation
S.u.S.E. 5.2 - 'lpc' Privilege Escalation
SGI IRIX 6.2 - '/usr/lib/netaddpr' Privilege Escalation
NetBSD 1.3.2 / SGI IRIX 6.5.1 - 'at(1)'
SGI IRIX 6.2 - 'cdplayer' Privilege Escalation
SGI IRIX 5.3 - 'Cadmin' Exploit
SGI IRIX 6.0.1 - 'colorview' Exploit
SGI IRIX 5.3 - 'Cadmin' Privilege Escalation
SGI IRIX 6.0.1 - 'colorview'
SGI IRIX 6.2 - day5notifier Exploit
SGI IRIX 6.3 - 'df' Exploit
SGI IRIX 6.4 - datman/cdman Exploit
SGI IRIX 6.2 - 'eject' Exploit (1)
SGI IRIX 6.2 - 'eject' Exploit (2)
RedHat Linux 2.1 - 'abuse.console' Exploit
SGI IRIX 6.2 - 'fsdump' Exploit
SGI IRIX 6.2 - 'day5notifier'
SGI IRIX 6.3 - 'df' Privilege Escalation
SGI IRIX 6.4 - 'datman'/'cdman'
SGI IRIX 6.2 - 'eject' Privilege Escalation (1)
SGI IRIX 6.2 - 'eject' Privilege Escalation (2)
RedHat Linux 2.1 - 'abuse.console' Privilege Escalation
SGI IRIX 6.2 - 'fsdump' Privilege Escalation
IBM AIX 4.3 - 'infod' Exploit
IBM AIX 4.3 - 'infod' Privilege Escalation
SGI IRIX 6.4 - 'inpview' Exploit
RedHat Linux 5.0 - 'msgchk' Exploit
SGI IRIX 6.4 - 'inpview' Privilege Escalation
RedHat Linux 5.0 - 'msgchk' Privilege Escalation
SGI IRIX 6.4 - login Exploit
RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' Exploit (1)
RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' Exploit (2)
SGI IRIX 6.4 - 'netprint' Exploit
SGI IRIX 6.4 - 'login'
RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' (1)
RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' (2)
SGI IRIX 6.4 - 'netprint' Privilege Escalation
SGI IRIX 5.3/6.2 - 'ordist' Exploit
SGI IRIX 5.3/6.2 - 'ordist' Privilege Escalation
SGI IRIX 5.3 - 'pkgadjust' Exploit
SGI IRIX 5.3 - 'pkgadjust' Privilege Escalation
IBM AIX 3.2.5 - 'IFS' Exploit
IBM AIX 3.2.5 - 'IFS' Privilege Escalation
SGI IRIX 6.3 - 'pset' Exploit
SGI IRIX 6.4 - 'rmail' Exploit
SGI IRIX 6.3 - 'pset' Privilege Escalation
SGI IRIX 6.4 - 'rmail'
SGI IRIX 5.2/5.3 - 'serial_ports' Exploit
SGI IRIX 6.4 - 'suid_exec' Exploit
SGI IRIX 5.1/5.2- 'sgihelp' Exploit
SGI IRIX 6.4 - 'startmidi' Exploit
SGI IRIX 6.3 - 'Systour' / 'OutOfBox' Exploit
SGI IRIX 6.4 - 'xfsdump' Exploit
SGI IRIX 5.2/5.3 - 'serial_ports' Privilege Escalation
SGI IRIX 6.4 - 'suid_exec' Privilege Escalation
SGI IRIX 5.1/5.2 - 'sgihelp'
SGI IRIX 6.4 - 'startmidi' Privilege Escalation
SGI IRIX 6.3 - 'Systour' / 'OutOfBox' Privilege Escalation
SGI IRIX 6.4 - 'xfsdump' Privilege Escalation
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (2)
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (2)
GNU glibc 2.1/2.1.1 -6 - 'pt_chown' Exploit
GNU glibc 2.1/2.1.1 -6 - 'pt_chown' Privilege Escalation
Common Desktop Environment 2.1 20 / Solaris 7.0 - dtspcd Exploit
Common Desktop Environment 2.1 20 / Solaris 7.0 - 'dtspcd'
SCO Open Server 5.0.5 - 'userOsa' Symlink Exploit
SCO Open Server 5.0.5 - 'userOsa' Symlink
BSD/OS 2.1/3.0 / Larry Wall Perl 5.0 03 / RedHat 4.0/4.1 / SGI Freeware 1.0/2.0 SUIDPerl - Overflow Exploit (1)
BSD/OS 2.1/3.0 / Larry Wall Perl 5.0 03 / RedHat 4.0/4.1 / SGI Freeware 1.0/2.0 SUIDPerl - Overflow Exploit (2)
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (1)
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (2)
BSD/OS 2.1/3.0 / Larry Wall Perl 5.0 03 / RedHat 4.0/4.1 / SGI Freeware 1.0/2.0 SUIDPerl - Overflow (1)
BSD/OS 2.1/3.0 / Larry Wall Perl 5.0 03 / RedHat 4.0/4.1 / SGI Freeware 1.0/2.0 SUIDPerl - Overflow (2)
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (1)
UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS (2)
S.u.S.E. Linux 6.1/6.2 - cwdtools Exploit
S.u.S.E. Linux 6.1/6.2 - 'cwdtools'
Solaris 7.0 - 'kcms_configure Exploit
Solaris 7.0 - 'kcms_configure'
FreeBSD 3.3 - 'gdc' Symlink Exploit
FreeBSD 3.3 - 'gdc' Symlink
SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' Exploit
SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'uidadmin' Privilege Escalation
SCO Unixware 7.1 - 'pkg' Exploit
SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'coredump' Symlink Exploit
SCO Unixware 7.1 - 'pkg' Privilege Escalation
SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'coredump' Symlink
Nortel Networks Optivity NETarchitect 2.0 - PATH Exploit
SGI IRIX 6.2 - midikeys/soundplayer Exploit
Nortel Networks Optivity NETarchitect 2.0 - PATH
SGI IRIX 6.2 - 'midikeys'/'soundplayer'
Mandrake 6.x / RedHat 6.x / Turbolinux 3.5 b2/4.x/6.0.2 userhelper/PAM - Path Exploit (1)
Mandrake 6.x / RedHat 6.x / Turbolinux 3.5 b2/4.x/6.0.2 userhelper/PAM - Path Exploit (2)
Mandrake 6.x / RedHat 6.x / Turbolinux 3.5 b2/4.x/6.0.2 userhelper/PAM - Path (1)
Mandrake 6.x / RedHat 6.x / Turbolinux 3.5 b2/4.x/6.0.2 userhelper/PAM - Path (2)
FreeBSD 3.4 / NetBSD 1.4.1 / OpenBSD 2.6 - '/proc' FileSystem Exploit
FreeBSD 3.4 / NetBSD 1.4.1 / OpenBSD 2.6 - '/proc' FileSystem
Debian 2.1 - apcd Symlink Exploit
Debian 2.1 - apcd Symlink
SCO Unixware 7.1/7.1.1 - ARCserver /tmp Symlink Exploit
Microsoft Windows 95/98/NT 4.0 - autorun.inf Exploit
FreeBSD 3.0/3.1/3.2/3.3/3.4 - 'Asmon'/'Ascpu' Exploit
Sun Workshop 5.0 - Licensing Manager Symlink Exploit
SCO Unixware 7.1/7.1.1 - ARCserver /tmp Symlink
Microsoft Windows 95/98/NT 4.0 - 'autorun.inf'
FreeBSD 3.0/3.1/3.2/3.3/3.4 - 'Asmon'/'Ascpu'
Sun Workshop 5.0 - Licensing Manager Symlink
Corel Linux OS 1.0 - buildxconfig Exploit
Corel Linux OS 1.0 - setxconf Exploit
Corel Linux OS 1.0 - buildxconfig
Corel Linux OS 1.0 - 'setxconf'
Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr Exploit (2)
Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr (2)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (1)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - imwheel Exploit (2)
Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Exploit
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - 'imwheel' (1)
Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - 'imwheel' (2)
Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - 'kreatecd'
Be BeOS 4.0/4.5/5.0 - IP Packet Length Field Exploit
QSSL QNX 4.25 A - 'crypt()' Exploit
Be BeOS 4.0/4.5/5.0 - IP Packet Length Field
QSSL QNX 4.25 A - 'crypt()' Privilege Escalation
RedHat Linux 6.0/6.1/6.2 - pam_console Exploit
RedHat Linux 6.0/6.1/6.2 - 'pam_console'
Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 - '/tmp' Symlink Exploit
Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 - '/tmp' Symlink
OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 - '/usr/tmp/' Symlink Exploit
OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 - '/usr/tmp/' Symlink
HP-UX 10.20/11.0 - man '/tmp' Symlink Exploit
HP-UX 10.20/11.0 - man '/tmp' Symlink
Oracle Internet Directory 2.0.6 - oidldap Exploit
Oracle Internet Directory 2.0.6 - oidldap
HP-UX 10.20/11.0 - crontab '/tmp' File Exploit
Exim Buffer 1.6.2/1.6.51 - Overflow Exploit
HP-UX 10.20/11.0 - crontab '/tmp' File
Exim Buffer 1.6.2/1.6.51 - Overflow
PHP 5.3.4 Win Com Module - Com_sink Exploit
PHP 5.3.4 Win Com Module - Com_sink
Zoner Photo Studio 15 Build 3 - 'Zps.exe' Registry Value Parsing Exploit
Zoner Photo Studio 15 Build 3 - 'Zps.exe' Registry Value Parsing
BlazeVideo HDTV Player 6.6 Professional - Direct RETN Exploit
Aviosoft Digital TV Player Professional 1.x - '.PLF' Direct Retn Exploit
BlazeVideo HDTV Player 6.6 Professional - Direct RETN
Aviosoft Digital TV Player Professional 1.x - '.PLF' Direct Retn
BlazeDVD 6.1 - '.PLF' File Exploit (ASLR + DEP Bypass) (Metasploit)
BlazeDVD 6.1 - '.PLF' File (ASLR + DEP Bypass) (Metasploit)
Inmatrix Ltd. Zoom Player 8.5 - '.jpeg' Exploit
Inmatrix Ltd. Zoom Player 8.5 - '.jpeg'
HexChat 2.9.4 - Local Exploit
HexChat 2.9.4 - Local
Microsoft Windows NT/2000/2003/2008/XP/Vista/7/8 - 'EPATHOBJ' Local Ring Exploit
Microsoft Windows NT/2000/2003/2008/XP/Vista/7/8 - 'EPATHOBJ' Local Ring
Winamp 5.63 - 'winamp.ini' Local Exploit
Winamp 5.63 - 'winamp.ini' Local
Nginx (Debian-Based Distros + Gentoo) - 'logrotate' Privilege Escalation
Nginx (Debian Based Distros + Gentoo) - 'logrotate' Privilege Escalation
PHP 5.2 - FOpen 'Safe_mode' Restriction Bypass Exploit
PHP 5.2 - FOpen 'Safe_mode' Restriction Bypass
Apple 2.0.4 - Safari Local Exploit
Apple 2.0.4 - Safari Local
Notepad++ Plugin Notepad 1.5 - Local Exploit
Notepad++ Plugin Notepad 1.5 - Local Overflow
Castripper 2.50.70 - '.pls' DEP Bypass Exploit
Castripper 2.50.70 - '.pls' DEP Bypass
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - 'CONFIG_X86_X32' Arbitrary Write Exploit (2)
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - 'CONFIG_X86_X32' Arbitrary Write (2)
suPHP 0.7 - 'suPHP_ConfigPath' / 'Safe_Mode()' Restriction Bypass Exploit
suPHP 0.7 - 'suPHP_ConfigPath' / 'Safe_Mode()' Restriction Bypass
PHP 5.2.9 cURL - 'Safe_mode' / 'open_basedir' Restriction Bypass Exploit
PHP 5.2.9 cURL - 'Safe_mode' / 'open_basedir' Restriction Bypass
Adobe Reader for Android - 'addJavascriptInterface' Exploit (Metasploit)
Adobe Reader for Android < 11.2.0 - 'addJavascriptInterface' Local Overflow (Metasploit)
glibc - NUL Byte gconv_translit_find Off-by-One Exploit
glibc - NUL Byte gconv_translit_find Off-by-One
Microsoft Windows - OLE Package Manager SandWorm Exploit
Microsoft Windows - OLE Package Manager SandWorm
PonyOS 3.0 - VFS Permissions Exploit
PonyOS 3.0 - VFS Permissions
PonyOS 3.0 - TTY 'ioctl()' Local Kernel Exploit
PonyOS 3.0 - TTY 'ioctl()' Local Kernel
Microsoft Windows - ClientCopyImage Win32k Exploit (MS15-051) (Metasploit)
Microsoft Windows - ClientCopyImage Win32k (MS15-051) (Metasploit)
Mozilla Firefox < 39.03 - 'pdf.js' Same Origin Policy Exploit
Mozilla Firefox < 39.03 - 'pdf.js' Same Origin Policy
Google Android - get_user/put_user Exploit (Metasploit)
Google Android - get_user/put_user (Metasploit)
IKEView.exe R60 - '.elg' Local Exploit (SEH)
IKEView.exe R60 - '.elg' Local (SEH)
IKEView R60 - Buffer Overflow Local Exploit (SEH)
IKEView R60 - Buffer Overflow Local (SEH)
Gold MP4 Player - '.swf' Local Exploit
Gold MP4 Player - '.swf' Local
Easy RM to MP3 Converter 2.7.3.700 - '.m3u' File Exploit (Universal ASLR + DEP Bypass)
Easy RM to MP3 Converter 2.7.3.700 - '.m3u' File (Universal ASLR + DEP Bypass)
Apple iOS < 10.3.1 - Kernel Exploit
Apple iOS < 10.3.1 - Kernel
Linux Kernel - 'offset2lib Stack Clash' Exploit
Linux Kernel - 'offset2lib Stack Clash'
Microsoft IIS - WebDAV 'ntdll.dll' Remote Exploit
Microsoft IIS 5.0 - WebDAV Remote Exploit (PoC)
Microsoft Windows 2000/NT 4 - RPC Locator Service Remote Exploit
Microsoft IIS - WebDAV 'ntdll.dll' Remote
Microsoft IIS 5.0 - WebDAV Remote (PoC)
Microsoft Windows 2000/NT 4 - RPC Locator Service Remote
Microsoft Windows 2000/XP - SMB Authentication Remote Exploit
RealServer < 8.0.2 (Windows Platforms) - Remote Exploit
Microsoft Windows 2000/XP - SMB Authentication Remote
RealServer < 8.0.2 (Windows Platforms) - Remote Overflow
CommuniGate Pro Webmail 4.0.6 - Session Hijacking Exploit
CommuniGate Pro Webmail 4.0.6 - Session Hijacking
Webfroot Shoutbox < 2.32 (Apache) - Remote Exploit
Webfroot Shoutbox < 2.32 (Apache) - Local File Inclusion / Remote Code Execution
Microsoft Internet Explorer - Object Tag Exploit (MS03-020)
Apache 2.0.45 - 'APR' Remote Exploit
Microsoft Internet Explorer - Object Tag (MS03-020)
Apache 2.0.45 - 'APR' Remote
Yahoo Messenger 5.5 - 'DSR-ducky.c' Remote Exploit
Yahoo Messenger 5.5 - 'DSR-ducky.c' Remote
Microsoft Windows Media Services - Remote Exploit (MS03-022)
eXtremail 1.5.x (Linux) - Remote Format Strings Exploit
ColdFusion MX - Remote Development Service Exploit
Microsoft Windows Media Services - Remote (MS03-022)
eXtremail 1.5.x (Linux) - Remote Format Strings
ColdFusion MX - Remote Development Service
Microsoft Windows Media Services - 'nsiislog.dll' Remote Exploit
Microsoft Windows Media Services - 'nsiislog.dll' Remote
Citadel/UX BBS 6.07 - Remote Exploit
Citadel/UX BBS 6.07 - Remote
Microsoft Windows XP/2000 - 'RPC DCOM' Remote Exploit (MS03-026)
Microsoft Windows XP/2000 - 'RPC DCOM' Remote (MS03-026)
Microsoft Windows - 'RPC DCOM' Remote Exploit (1)
Microsoft Windows - 'RPC DCOM' Remote Exploit (2)
Microsoft Windows - 'RPC DCOM' Remote (1)
Microsoft Windows - 'RPC DCOM' Remote (2)
Microsoft Windows - 'RPC DCOM' Remote Exploit (Universal)
Microsoft Windows - 'RPC DCOM' Remote (Universal)
Microsoft Internet Explorer - Object Data Remote Exploit (MS03-032)
Microsoft Internet Explorer - Object Data Remote (MS03-032)
Linux pam_lib_smb < 1.1.6 - '/bin/login' Remote Exploit
Linux pam_lib_smb < 1.1.6 - '/bin/login' Remote Overflow
MySQL 3.23.x/4.0.x - Remote Exploit
MySQL 3.23.x/4.0.x - Remote Buffer Overflow
Microsoft Windows - 'RPC DCOM2' Remote Exploit (MS03-039)
Microsoft Windows - 'RPC DCOM2' Remote (MS03-039)
Microsoft Windows - 'RPC2' Universal Exploit / Denial of Service (RPC3) (MS03-039)
Microsoft Windows - 'RPC2' Universal / Denial of Service (RPC3) (MS03-039)
NIPrint LPD-LPR Print Server 4.10 - Remote Exploit
Microsoft Windows XP/2000 - RPC Remote Non Exec Memory Exploit
NIPrint LPD-LPR Print Server 4.10 - Remote
Microsoft Windows XP/2000 - RPC Remote Non Exec Memory
Microsoft FrontPage Server Extensions - 'fp30reg.dll' Exploit (MS03-051)
Microsoft Windows - Workstation Service WKSSVC Remote Exploit (MS03-049)
IA WebMail Server 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit
Apache mod_gzip (with debug_mode) 1.2.26.1a - Remote Exploit
Opera 7.22 - File Creation and Execution Exploit (WebServer)
Microsoft Windows XP - Workstation Service Remote Exploit (MS03-049)
Microsoft FrontPage Server Extensions - 'fp30reg.dll' (MS03-051)
Microsoft Windows - Workstation Service WKSSVC Remote (MS03-049)
IA WebMail Server 3.x - 'iaregdll.dll 1.0.0.5' Remote
Apache mod_gzip (with debug_mode) 1.2.26.1a - Remote
Opera 7.22 - File Creation and Execution (WebServer)
Microsoft Windows XP - Workstation Service Remote (MS03-049)
Microsoft Windows Messenger Service (French) - Remote Exploit (MS03-043)
Eznet 3.5.0 - Remote Stack Overflow Universal Exploit
Microsoft Windows Messenger Service (French) - Remote (MS03-043)
Eznet 3.5.0 - Remote Stack Overflow Universal
RhinoSoft Serv-U FTPd Server 3.x/4.x - 'SITE CHMOD' Remote Exploit
RhinoSoft Serv-U FTPd Server 3.x/4.x - 'SITE CHMOD' Remote
Eudora 6.0.3 (Windows) - Attachment Spoofing Exploit
Eudora 6.0.3 (Windows) - Attachment Spoofing
Cisco - Cisco Global Exploiter Tool
Cisco - Cisco Global er Tool
BFTPd - 'vsprintf()' Format Strings Exploit
INND/NNRP < 1.6.x - Overflow Exploit
BFTPd - 'vsprintf()' Format Strings
INND/NNRP < 1.6.x - Overflow
BFTPd 1.0.12 - Remote Exploit
BFTPd 1.0.12 - Remote Overflow
Check Point VPN-1/FireWall-1 4.1 SP2 - Blocked Port Bypass Exploit
OpenBSD ftpd 2.6/2.7 - Remote Exploit
Linux Kernel 2.2 - TCP/IP Weakness Spoof IP Exploit
WU-FTPD 2.6.0 - Remote Format Strings Exploit
Check Point VPN-1/FireWall-1 4.1 SP2 - Blocked Port Bypass
OpenBSD ftpd 2.6/2.7 - Remote
Linux Kernel 2.2 - TCP/IP Weakness Spoof IP
WU-FTPD 2.6.0 - Remote Format Strings
Cisco - Password Bruteforcer Exploit
Netscape Enterprise Server 4.0/sparc/SunOS 5.7 - Remote Exploit
Cisco - Password Bruteforcer
Netscape Enterprise Server 4.0/sparc/SunOS 5.7 - Remote Command Execution
IMAP4rev1 12.261/12.264/2000.284 - 'lsub' Remote Exploit
TCP Connection Reset - Remote Exploit
IMAP4rev1 12.261/12.264/2000.284 - 'lsub' Remote
Microsoft Windows XP/2000 - 'Lsasrv.dll' Remote Universal Exploit (MS04-011)
Microsoft Windows XP/2000 - 'Lsasrv.dll' Remote Universal (MS04-011)
Borland Interbase 7.x - Remote Exploit
Subversion 1.0.2 - 'svn_time_from_cstring()' Remote Exploit
Borland Interbase 7.x - Remote Buffer Overflow
Subversion 1.0.2 - 'svn_time_from_cstring()' Remote
Microsoft Internet Explorer - Remote Application.Shell Exploit
Microsoft Internet Explorer - Remote Application.Shell
Microsoft Internet Explorer - Remote Wscript.Shell Exploit
Linux imapd - Remote Overflow File Retrieve Exploit
Microsoft Internet Explorer - Remote Wscript.Shell
Linux imapd - Remote Overflow / File Retrieve
OpenFTPd 0.30.2 - Remote Exploit
OpenFTPd 0.30.2 - Remote
Remote CVS 1.11.15 - 'error_prog_name' Remote Exploit
WU-IMAP 2000.287(1-2) - Remote Exploit
rsync 2.5.1 - Remote Exploit (1)
rsync 2.5.1 - Remote Exploit (2)
Remote CVS 1.11.15 - 'error_prog_name' Arbitrary Code Execution
WU-IMAP 2000.287(1-2) - Remote
rsync 2.5.1 - Remote (1)
rsync 2.5.1 - Remote (2)
D-Link DCS-900 Camera - Remote IP Address Changer Exploit
D-Link DCS-900 Camera - Remote IP Address Changer
AOL Instant Messenger AIM - 'Away' Message Remote Exploit (2)
AOL Instant Messenger AIM - 'Away' Message Remote (2)
Citadel/UX 6.23 - Remote USER Directive Exploit
Citadel/UX 6.23 - Remote USER Directive
Microsoft Windows - JPEG GDI+ Overflow Shellcode Exploit
Microsoft Windows - JPEG GDI+ Overflow Shellcode
Microsoft Windows - JPEG GDI+ Overflow Administrator Exploit (MS04-028)
Microsoft Windows - JPEG GDI+ Overflow Download Shellcode Exploit (MS04-028)
Microsoft Windows - JPEG GDI+ Overflow Administrator (MS04-028)
Microsoft Windows - JPEG GDI+ Overflow Download Shellcode (MS04-028)
Eudora 6.2.0.7 - Attachment Spoofer Exploit
Eudora 6.2.0.7 - Attachment Spoofer
Microsoft Windows - Compressed Zipped Folders Exploit (MS04-034)
Microsoft Windows - Compressed Zipped Folders (MS04-034)
PHP 4.3.7/5.0.0RC3 - memory_limit Remote Exploit
PHP 4.3.7/5.0.0RC3 - memory_limit Remote
SHOUTcast DNAS/Linux 1.9.4 - Format String Remote Exploit
SHOUTcast DNAS/Linux 1.9.4 - Format String Remote
Apple iTunes - Playlist Buffer Overflow Download Shellcode Exploit
Apple iTunes - Playlist Buffer Overflow Download Shellcode
Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuckV2.c' Remote Exploit
Microsoft Internet Explorer - '.ANI' Universal Exploit (MS05-002)
Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuckV2.c' Remote Buffer Overflow
Microsoft Internet Explorer - '.ANI' Universal (MS05-002)
Microsoft Internet Explorer - '.ANI' Downloader Exploit (MS05-002)
Microsoft Internet Explorer - '.ANI' Downloader (MS05-002)
3CServer 1.1 (FTP Server) - Remote Exploit
MSN Messenger - '.png' Image Buffer Overflow Download Shellcode Exploit
3CServer 1.1 (FTP Server) - Remote
MSN Messenger - '.png' Image Buffer Overflow Download Shellcode
Exim 4.43 - 'auth_spa_server()' Remote Exploit (PoC)
Exim 4.43 - 'auth_spa_server()' Remote (PoC)
Thomson TCW690 - POST Password Validation Exploit
SHOUTcast 1.9.4 (Windows) - File Request Format String Remote Exploit
Thomson TCW690 - POST Password Validation
SHOUTcast 1.9.4 (Windows) - File Request Format String Remote
LimeWire 4.1.2 < 4.5.6 - 'GET' Remote Exploit
LimeWire 4.1.2 < 4.5.6 - 'GET' Remote
Cyrus imapd 2.2.4 < 2.2.8 - 'imapmagicplus' Remote Exploit
Cyrus imapd 2.2.4 < 2.2.8 - 'imapmagicplus' Remote
MailEnable Enterprise 1.x - IMAPd Remote Exploit
MailEnable Enterprise 1.x - IMAPd Remote
HP-UX FTPD 1.1.214.4 - 'REST' Remote Brute Force Exploit
HP-UX FTPD 1.1.214.4 - 'REST' Remote Brute Force
dSMTP Mail Server 3.1b (Linux) - Format String Exploit
dSMTP Mail Server 3.1b (Linux) - Format String
ViRobot Advanced Server 2.0 - 'addschup' Remote Cookie Exploit
ViRobot Advanced Server 2.0 - 'addschup' Remote Cookie
Microsoft Windows Message Queuing - Buffer Overflow Universal Exploit (MS05-017) (v.0.3)
Microsoft Internet Explorer - 'javaprxy.dll' COM Object Remote Exploit
Nokia Affix < 3.2.0 - btftp Remote Client Exploit
Microsoft Windows Message Queuing - Buffer Overflow Universal (MS05-017) (v.0.3)
Microsoft Internet Explorer - 'javaprxy.dll' COM Object Remote
Nokia Affix < 3.2.0 - btftp Remote Client
Hosting Controller 0.6.1 HotFix 2.1 - Change Credit Limit Exploit
Baby Web Server 2.6.2 - Command Validation Exploit
Hosting Controller 0.6.1 HotFix 2.1 - Change Credit Limit
Baby Web Server 2.6.2 - Command Validation
Small HTTP Server 3.05.28 - Arbitrary Data Execution Exploit
HP OpenView OmniBack II - Generic Remote Exploit
Small HTTP Server 3.05.28 - Arbitrary Data Execution
HP OpenView OmniBack II - Generic Remote
CA BrightStor ARCserve Backup Agent - 'dbasqlr.exe' Remote Exploit
CA BrightStor ARCserve Backup Agent - 'dbasqlr.exe' Remote
Microsoft Internet Explorer - 'blnmgr.dll' COM Object Remote Exploit (MS05-038)
Microsoft Internet Explorer - 'blnmgr.dll' COM Object Remote (MS05-038)
Veritas Backup Exec (Windows) - Remote File Access Exploit (Metasploit)
Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (MS05-039)
Veritas Backup Exec (Windows) - Remote File Access (Metasploit)
Microsoft Windows Plug-and-Play Service - Remote Universal (MS05-039)
Solaris 10 LPD - Arbitrary File Delete Exploit (Metasploit)
Solaris 10 LPD - Arbitrary File Delete (Metasploit)
Microsoft IIS 5.0 - '500-100.asp' Server Name Spoof Exploit
Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (Spanish) (MS05-039)
Microsoft Windows Plug-and-Play Service (French) - Remote Universal Exploit (MS05-039)
Microsoft IIS 5.0 - '500-100.asp' Server Name Spoof
Microsoft Windows Plug-and-Play Service - Remote Universal (Spanish) (MS05-039)
Microsoft Windows Plug-and-Play Service (French) - Remote Universal (MS05-039)
HP OpenView Network Node Manager 7.50 - Remote Exploit
DameWare Mini Remote Control 4.0 < 4.9 - Client Agent Remote Exploit
HP OpenView Network Node Manager 7.50 - Remote
DameWare Mini Remote Control 4.0 < 4.9 - Client Agent Remote
Mozilla Browsers - 0xAD (HOST:) Remote Heap Buffer Overrun Exploit (2)
Mozilla Browsers - 0xAD (HOST:) Remote Heap Buffer Overrun (2)
HP-UX FTP Server - Unauthenticated Directory Listing Exploit (Metasploit)
HP-UX FTP Server - Unauthenticated Directory Listing (Metasploit)
Veritas NetBackup 6.0 (Linux) - 'bpjava-msvc' Remote Exploit
Veritas NetBackup 6.0 (Windows x86) - 'bpjava-msvc' Remote Exploit
Veritas NetBackup 6.0 (OSX) - 'bpjava-msvc' Remote Exploit
Veritas NetBackup 6.0 (Linux) - 'bpjava-msvc' Remote
Veritas NetBackup 6.0 (Windows x86) - 'bpjava-msvc' Remote
Veritas NetBackup 6.0 (OSX) - 'bpjava-msvc' Remote
Mirabilis ICQ 2003a - Buffer Overflow Download Shellcode Exploit
Mirabilis ICQ 2003a - Buffer Overflow Download Shellcode
Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote Exploit (3)
Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote Exploit (4)
Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote (3)
Snort 2.4.2 - Back Orifice Pre-Preprocessor Remote (4)
Microsoft Windows - DTC Remote Exploit (PoC) (MS05-051) (2)
Microsoft Windows - DTC Remote (PoC) (MS05-051) (2)
Mercury Mail Transport System 4.01b - PH SERVER Remote Exploit
Mercury Mail Transport System 4.01b - PH SERVER Remote
Farmers WIFE 4.4 sp1 - 'FTP' Remote System Access Exploit
Farmers WIFE 4.4 sp1 - 'FTP' Remote System Access
Microsoft Internet Explorer 6.0 SP0 - IsComponentInstalled() Remote Exploit (Metasploit)
Microsoft Internet Explorer 6.0 SP0 - IsComponentInstalled() Remote (Metasploit)
Microsoft Internet Explorer - 'createTextRang' Download Shellcode Exploit (1)
Microsoft Internet Explorer - 'createTextRang' Remote Exploit (Metasploit)
Microsoft Internet Explorer - 'createTextRang' Download Shellcode (1)
Microsoft Internet Explorer - 'createTextRang' Remote (Metasploit)
Microsoft Internet Explorer - 'createTextRang' Download Shellcode Exploit (2)
Microsoft Internet Explorer - 'createTextRang' Download Shellcode (2)
MySQL 4.1.18/5.0.20 - Local/Remote Information Leakage Exploit
MySQL 4.1.18/5.0.20 - Local/Remote Information Leakage
Microsoft Windows - DHCP Client Broadcast Exploit (MS06-036)
Microsoft Windows - DHCP Client Broadcast (MS06-036)
Microsoft Windows - CanonicalizePathName() Remote Exploit (MS06-040)
Microsoft Windows - CanonicalizePathName() Remote (MS06-040)
Easy File Sharing FTP Server 2.0 - 'PASS' Remote Exploit (PoC)
Easy File Sharing FTP Server 2.0 - 'PASS' Remote (PoC)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (HTML)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (1)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (2)
McAfee ePo 3.5.0 / ProtectionPilot 1.1.0 - Source Remote Exploit (Metasploit)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() (HTML)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() (1)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() (2)
McAfee ePo 3.5.0 / ProtectionPilot 1.1.0 - Source Remote (Metasploit)
AEP SmartGate 4.3b - 'GET' Arbitrary File Download Exploit
Cisco VPN 3000 Concentrator 4.1.7/4.7.2 - 'FTP' Remote Exploit
AEP SmartGate 4.3b - 'GET' Arbitrary File Download
Cisco VPN 3000 Concentrator 4.1.7/4.7.2 - 'FTP' Remote
MiniHTTPServer Web Forum & File Sharing Server 4.0 - Add User Exploit
MiniHTTPServer Web Forum & File Sharing Server 4.0 - Add User
Easy File Sharing Web Server 4 - Remote Information Stealer Exploit
EFS Easy Address Book Web Server 1.2 - Remote File Stream Exploit
Easy File Sharing Web Server 4 - Remote Information Stealer
EFS Easy Address Book Web Server 1.2 - Remote File Stream
Oracle 9i/10g - 'read/write/execute' Exploitation Suite
Oracle 9i/10g - 'read/write/execute' ation Suite
Oracle 9i/10g - 'utl_file' FileSystem Access Exploit
Oracle 9i/10g - 'utl_file' FileSystem Access
Microsoft Windows - ASN.1 Remote Exploit (MS04-007)
Microsoft Windows - ASN.1 Remote (MS04-007)
Rediff Bol Downloader - ActiveX Control Execute Local File Exploit
Rediff Bol Downloader - ActiveX Control Execute Local File
Microsoft Internet Explorer - VML Download and Execute Exploit (MS07-004)
Microsoft Internet Explorer - VML Download and Execute (MS07-004)
PA168 Chipset IP Phones - Weak Session Management Exploit
PA168 Chipset IP Phones - Weak Session Management
Lotus Domino R6 Webmail - Remote Password Hash Dumper Exploit
Portable OpenSSH 3.6.1p-PAM/4.1-SuSE - Timing Attack Exploit
Lotus Domino R6 Webmail - Remote Password Hash Dumper
Portable OpenSSH 3.6.1p-PAM/4.1-SuSE - Timing Attack
Oracle 10g - KUPW$WORKER.MAIN Grant/Revoke dba Permission Exploit
Oracle 10g - KUPV$FT.ATTACH_JOB Grant/Revoke dba Permission Exploit
Oracle 10g - KUPW$WORKER.MAIN Grant/Revoke dba Permission
Oracle 10g - KUPV$FT.ATTACH_JOB Grant/Revoke dba Permission
NetProxy 4.03 - Web Filter Evasion / Bypass Logging Exploit
3Com TFTP Service (3CTftpSvc) 2.0.1 - Long Transporting Mode Exploit (Perl)
NetProxy 4.03 - Web Filter Evasion / Bypass Logging
3Com TFTP Service (3CTftpSvc) 2.0.1 - Long Transporting Mode (Perl)
PHP 5.2.0 - EXT/Filter FDF Post Filter Bypass Exploit
PHP 5.2.0 - EXT/Filter FDF Post Filter Bypass
Mercur Messaging 2005 (Windows 2000 SP4) - IMAP 'Subscribe' Remote Exploit
Mercur Messaging 2005 < SP4 - IMAP Remote Exploit (Egghunter)
Mercur Messaging 2005 (Windows 2000 SP4) - IMAP 'Subscribe' Remote
Mercur Messaging 2005 < SP4 - IMAP Remote (Egghunter)
Microsoft DNS Server - Dynamic DNS Updates Remote Exploit
Microsoft DNS Server - Dynamic DNS Updates Remote
Ethernet Device Drivers Frame Padding - 'Etherleak' Infomation Leakage Exploit
Ethernet Device Drivers Frame Padding - 'Etherleak' Infomation Leakage
Microsoft Internet Explorer - Recordset Double-Free Memory Exploit (MS07-009)
Easy File Sharing FTP Server 2.0 (Windows 2000 SP4) - 'PASS' Remote Exploit
Microsoft Internet Explorer - Recordset Double-Free Memory (MS07-009)
Easy File Sharing FTP Server 2.0 (Windows 2000 SP4) - 'PASS' Remote
CA BrightStor Backup 11.5.2.0 - 'Mediasvr.exe' Remote Code Exploit
CA BrightStor Backup 11.5.2.0 - 'Mediasvr.exe' Remote Code
IBM Lotus Domino Server 6.5 - Unauthenticated Remote Exploit
IBM Lotus Domino Server 6.5 - Unauthenticated Remote
Microsoft Windows - Animated Cursor '.ani' Remote Exploit (eeye patch Bypass)
Microsoft Windows - Animated Cursor '.ani' Remote (eeye patch Bypass)
Microsoft Windows - Animated Cursor '.ani' Universal Exploit Generator
Microsoft Windows - Animated Cursor '.ani' Universal Generator
MiniWebsvr 0.0.7 - Remote Directory Traversal
Virtual CD 9.0.0.2 - 'vc9api.DLL' Remote Shell Commands Execution Exploit
Virtual CD 9.0.0.2 - 'vc9api.DLL' Remote Shell Commands Execution
EDraw Office Viewer Component - Unsafe Method Exploit
EDraw Office Viewer Component - Unsafe Method
Vivotek Motion Jpeg Control - 'MjpegDecoder.dll 2.0.0.13' Remote Exploit
Vivotek Motion Jpeg Control - 'MjpegDecoder.dll 2.0.0.13' Remote
IBM Tivoli Provisioning Manager - Unauthenticated Remote Exploit
IBM Tivoli Provisioning Manager - Unauthenticated Remote
Zenturi ProgramChecker - 'ActiveX NavigateUrl()' Insecure Method Exploit
Yahoo! Messenger Webcam 8.1 - 'Ywcvwr.dll' Download / Execute Exploit
Yahoo! Messenger Webcam 8.1 - 'Ywcupl.dll' Download / Execute Exploit
Zenturi ProgramChecker - 'ActiveX NavigateUrl()' Insecure Method
Yahoo! Messenger Webcam 8.1 - 'Ywcvwr.dll' Download / Execute
Yahoo! Messenger Webcam 8.1 - 'Ywcupl.dll' Download / Execute
HP Digital Imaging 'hpqxml.dll 2.0.0.133' - Arbitrary Data Write Exploit
HP Digital Imaging 'hpqxml.dll 2.0.0.133' - Arbitrary Data Write
HP Digital Imaging 'hpqvwocx.dll 2.1.0.556' - 'SaveToFile()' Exploit
HP Digital Imaging 'hpqvwocx.dll 2.1.0.556' - 'SaveToFile()'
Apache Tomcat Connector mod_jk - 'exec-shield' Remote Exploit
Apache Tomcat Connector mod_jk - 'exec-shield' Remote
SecureBlackbox 'PGPBBox.dll 5.1.0.112' - Arbitrary Data Write Exploit
SecureBlackbox 'PGPBBox.dll 5.1.0.112' - Arbitrary Data Write
Nessus Vulnerability Scanner 3.0.6 - ActiveX Remote Delete File Exploit
Nessus Vulnerability Scanner 3.0.6 - ActiveX Remote Delete File
VMware 'IntraProcessLogging.dll' 5.5.3.42958 - Arbitrary Data Write Exploit
VMware 'IntraProcessLogging.dll' 5.5.3.42958 - Arbitrary Data Write
BIND 9 0.3beta - DNS Cache Poisoning Exploit
BIND 9 0.3beta - DNS Cache Poisoning
NVR SP2 2.0 'nvUnifiedControl.dll 1.1.45.0' - 'SetText()' Remote Exploit
NVR SP2 2.0 'nvUnifiedControl.dll 1.1.45.0' - 'SetText()' Remote
Telecom Italy Alice Messenger - Remote Registry Key Manipulation Exploit
Telecom Italy Alice Messenger - Remote Registry Key Manipulation
Lighttpd 1.4.16 - FastCGI Header Overflow Remote Exploit
Lighttpd 1.4.16 - FastCGI Header Overflow Remote
Apple QuickTime /w IE .qtl Version XAS - Remote Exploit (PoC)
Apple QuickTime /w IE .qtl Version XAS - Remote (PoC)
Lighttpd 1.4.17 - FastCGI Header Overflow Remote Exploit
Lighttpd 1.4.17 - FastCGI Header Overflow Remote
Motorola Timbuktu Pro 8.6.5 - File Deletion/Creation Exploit
Tor < 0.1.2.16 - ControlPort Remote Rewrite Exploit
Motorola Timbuktu Pro 8.6.5 - File Deletion/Creation
Tor < 0.1.2.16 - ControlPort Remote Rewrite
Apple iTouch/iPhone 1.1.1 - '.tif' File Remote Jailbreak Exploit
PBEmail 7 - ActiveX Edition Insecure Method Exploit
Apple iTouch/iPhone 1.1.1 - '.tif' File Remote Jailbreak
PBEmail 7 - ActiveX Edition Insecure Method
IBM Lotus Domino 7.0.2FP1 - IMAP4 Server LSUB Command Exploit
IBM Lotus Domino 7.0.2FP1 - IMAP4 Server LSUB Command
SonicWALL SSL-VPN - 'NeLaunchCtrl' ActiveX Control Remote Exploit
EDraw Flowchart ActiveX Control 2.0 - Insecure Method Exploit
SonicWALL SSL-VPN - 'NeLaunchCtrl' ActiveX Control Remote
EDraw Flowchart ActiveX Control 2.0 - Insecure Method
Apple QuickTime 7.2/7.3 (Internet Explorer 7 / Firefox / Opera) - RTSP Response Universal Exploit
Apple QuickTime 7.2/7.3 (Internet Explorer 7 / Firefox / Opera) - RTSP Response Universal
Apple QuickTime 7.2/7.3 - RSTP Response Universal Exploit
Apple QuickTime 7.2/7.3 (OSX/Windows) - RSTP Response Universal Exploit
Apple QuickTime 7.2/7.3 - RSTP Response Universal
Apple QuickTime 7.2/7.3 (OSX/Windows) - RSTP Response Universal
Microsoft Windows Server 2000 SP4 (Advanced Server) - Message Queue Exploit (MS07-065)
Microsoft Windows Server 2000 SP4 (Advanced Server) - Message Queue (MS07-065)
Macrovision FlexNet - 'isusweb.dll' DownloadAndExecute Method Exploit
Macrovision FlexNet - 'isusweb.dll' DownloadAndExecute Method
Sejoong Namo ActiveSquare 6 - 'NamoInstaller.dll' install Method Exploit
Sejoong Namo ActiveSquare 6 - 'NamoInstaller.dll' install Method
MailBee Objects 5.5 - 'MailBee.dll' Remote Insecure Method Exploit
Chilkat Mail ActiveX 7.8 - 'ChilkatCert.dll' Insecure Method Exploit
MailBee Objects 5.5 - 'MailBee.dll' Remote Insecure Method
Chilkat Mail ActiveX 7.8 - 'ChilkatCert.dll' Insecure Method
Chilkat FTP ActiveX 2.0 - 'ChilkatCert.dll' Insecure Method Exploit
Chilkat FTP ActiveX 2.0 - 'ChilkatCert.dll' Insecure Method
Backup Exec System Recovery Manager 7.0.1 - Arbitrary File Upload
Rising AntiVirus Online Scanner - Insecure Method Flaw Exploit
Rising AntiVirus Online Scanner - Insecure Method Flaw
NetWin Surgemail 3.8k4-4 - IMAP Authenticated Remote LIST Universal Exploit
NetWin Surgemail 3.8k4-4 - IMAP Authenticated Remote LIST Universal
IBiz E-Banking Integrator 2.0 - ActiveX Edition Insecure Method Exploit
IBiz E-Banking Integrator 2.0 - ActiveX Edition Insecure Method
C6 Messenger - ActiveX Remote Download and Execute Exploit
C6 Messenger - ActiveX Remote Download and Execute
Akamai Download Manager < 2.2.3.7 - ActiveX Remote Download Exploit
Akamai Download Manager < 2.2.3.7 - ActiveX Remote Download
BIND 9.4.1 < 9.4.2 - Remote DNS Cache Poisoning Exploit (Metasploit)
BIND 9.x - Remote DNS Cache Poisoning Exploit (Python)
Microsoft Access - 'Snapview.ocx 10.0.5529.0' ActiveX Remote Exploit
BIND 9.x - Remote DNS Cache Poisoning Exploit
BIND 9.4.1 < 9.4.2 - Remote DNS Cache Poisoning (Metasploit)
BIND 9.x - Remote DNS Cache Poisoning (Python)
Microsoft Access - 'Snapview.ocx 10.0.5529.0' ActiveX Remote
BIND 9.x - Remote DNS Cache Poisoning
Cisco IOS 12.3(18) (FTP Server) - Remote Exploit (Attached to GDB)
Cisco IOS 12.3(18) (FTP Server) - Remote (Attached to GDB)
BIND 9.5.0-P2 - 'Randomized Ports' Remote DNS Cache Poisoning Exploit
BIND 9.5.0-P2 - 'Randomized Ports' Remote DNS Cache Poisoning
Belkin Wireless G Router / ADSL2 Modem - Authentication Bypass
Sun Solaris 10 - snoop(1M) Utility Remote Exploit
Friendly Technologies - Read/Write Registry/Read Files Exploit
Google Chrome 0.2.149.27 - Automatic File Download Exploit
Sun Solaris 10 - snoop(1M) Utility Remote
Friendly Technologies - Read/Write Registry/Read Files
Google Chrome 0.2.149.27 - Automatic File Download
Microworld Mailscan 5.6.a - Password Reveal Exploit
Microworld Mailscan 5.6.a - Password Reveal
NuMedia Soft Nms DVD Burning SDK - ActiveX 'NMSDVDX.dll' Exploit
NuMedia Soft Nms DVD Burning SDK - ActiveX 'NMSDVDX.dll'
Chilkat XML - ActiveX Arbitrary File Creation/Execution Exploit
Chilkat XML - ActiveX Arbitrary File Creation/Execution
Autodesk DWF Viewer Control / LiveUpdate Module - Remote Exploit
GdPicture Pro - ActiveX 'gdpicture4s.ocx' File Overwrite / Exec Exploit
Microsoft Windows - GDI (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021)
Autodesk DWF Viewer Control / LiveUpdate Module - Remote
GdPicture Pro - ActiveX 'gdpicture4s.ocx' File Overwrite / Exec
Microsoft Windows - GDI (EMR_COLORMATCHTOTARGETW) (MS08-021)
PowerTCP FTP Module - Multiple Exploit Techniques (SEH HeapSpray)
PowerTCP FTP Module - Multiple Techniques (SEH HeapSpray)
MW6 Aztec - ActiveX 'Aztec.dll' Remote Insecure Method Exploit
MW6 Barcode - ActiveX 'Barcode.dll' Insecure Method Exploit
MW6 Datamatrix - ActiveX 'Datamatrix.dll' Insecure Method Exploit
MW6 PDF417 - ActiveX 'MW6PDF417.dll' Remote Insecure Method Exploit
MW6 Aztec - ActiveX 'Aztec.dll' Remote Insecure Method
MW6 Barcode - ActiveX 'Barcode.dll' Insecure Method
MW6 Datamatrix - ActiveX 'Datamatrix.dll' Insecure Method
MW6 PDF417 - ActiveX 'MW6PDF417.dll' Remote Insecure Method
GE Fanuc Real Time Information Portal 2.6 - 'writeFile()' API Exploit (Metasploit)
GE Fanuc Real Time Information Portal 2.6 - 'writeFile()' API (Metasploit)
Microsoft Windows - SmbRelay3 NTLM Replay Exploit (MS08-068)
Microsoft Windows - SmbRelay3 NTLM Replay (MS08-068)
DD-WRT v24-sp1 - Cross-Site Reference Forgery
Microsoft Internet Explorer (Windows Vista) - XML Parsing Buffer Overflow
Chilkat FTP - ActiveX (SaveLastError) Insecure Method Exploit
Chilkat FTP - ActiveX (SaveLastError) Insecure Method
ExcelOCX ActiveX 3.2 - Download File Insecure Method Exploit
ExcelOCX ActiveX 3.2 - Download File Insecure Method
GuildFTPd FTP Server 0.999.14 - Remote Delete Files Exploit
GuildFTPd FTP Server 0.999.14 - Remote Delete Files
GeoVision LiveAudio - ActiveX Remote Freed-Memory Access Exploit
Morovia Barcode ActiveX 3.6.2 - 'MrvBarCd.dll' Insecure Method Exploit
RhinoSoft Serv-U FTP Server 7.4.0.1 - 'MKD' Create Arbitrary Directories Exploit
GeoVision LiveAudio - ActiveX Remote Freed-Memory Access
Morovia Barcode ActiveX 3.6.2 - 'MrvBarCd.dll' Insecure Method
RhinoSoft Serv-U FTP Server 7.4.0.1 - 'MKD' Create Arbitrary Directories
Sysax Multi Server 4.3 - Arbitrary Delete Files Exploit
Sysax Multi Server 4.3 - Arbitrary Delete Files Expoit
IncrediMail 5.86 - Cross-Site Scripting Script Execution Exploit
IncrediMail 5.86 - Cross-Site Scripting Script Execution
Pirelli Discus DRG A225 wifi router - WPA2PSK Default Algorithm Exploit
Pirelli Discus DRG A225 wifi router - WPA2PSK Default Algorithm
Linux Kernel 2.6.20/2.6.24/2.6.27_7-10 (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit
Linux Kernel 2.6.20/2.6.24/2.6.27_7-10 (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote
httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files Exploit
httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files
Bopup Communications Server 3.2.26.5460 - Remote SYSTEM Exploit
Bopup Communications Server 3.2.26.5460 - Remote SYSTEM
Green Dam - Remote Change System Time Exploit
Green Dam - Remote Change System Time
Microsoft Office Web Components Spreadsheet - ActiveX 'OWC10/11' Exploit
Microsoft Office Web Components Spreadsheet - ActiveX 'OWC10/11'
Oracle Secure Backup Server 10.3.0.1.0 - Authentication Bypass / Remote Code Injection Exploit
Oracle Secure Backup Server 10.3.0.1.0 - Authentication Bypass / Remote Code Injection
IBM Installation Manager 1.3.0 - 'iim://' URI handler Exploit
EMC Captiva QuickScan Pro 4.6 SP1 and EMC Documentum ApllicationXtender Desktop 5.4 (keyhelp.ocx 1.2.312) - Remote Exploit
Oracle - Document Capture BlackIce DEVMODE Exploit
IBM Installation Manager 1.3.0 - 'iim://' URI handler
EMC Captiva QuickScan Pro 4.6 SP1 and EMC Documentum ApllicationXtender Desktop 5.4 (keyhelp.ocx 1.2.312) - Remote
Oracle - Document Capture BlackIce DEVMODE
Sun Java Runtime and Development Kit 6 Update 10 - Calendar Deserialization Exploit (Metasploit)
Sun Java Runtime and Development Kit 6 Update 10 - Calendar Deserialization (Metasploit)
AoA MP4 Converter 4.1.2 - ActiveX Exploit
AoA MP4 Converter 4.1.2 - ActiveX
Snort 2.4.0 < 2.4.3 - Back Orifice Pre-Preprocessor Remote Exploit (Metasploit)
Snort 2.4.0 < 2.4.3 - Back Orifice Pre-Preprocessor Remote (Metasploit)
Unreal Tournament 2004 - 'Secure' Overflow Exploit (Metasploit)
Unreal Tournament 2004 - 'Secure' Overflow (Metasploit)
AoA Audio Extractor Basic 2.3.7 - ActiveX Exploit
AoA DVD Creator 2.6.2 - ActiveX Exploit
AoA Audio Extractor Basic 2.3.7 - ActiveX
AoA DVD Creator 2.6.2 - ActiveX
Microsoft Internet Explorer 6 - Aurora Exploit
Microsoft Internet Explorer 6 - Aurora
Exploit EFS Software Easy Chat Server 2.2 - Buffer Overflow
EFS Software Easy Chat Server 2.2 - Buffer Overflow
AOL 9.5 - ActiveX Heap Spray Exploit
AOL 9.5 - ActiveX Heap Spray
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Remote Exploit
(Gabriel's FTP Server) Open & Compact FTPd 1.2 - Unauthenticated Remote
Microsoft Internet Explorer 6/7 - Remote Code Execution (Remote User Add Exploit)
Microsoft Internet Explorer 6/7 - Remote Code Execution (Remote User Add)
Apache 2.2.14 mod_isapi - Dangling Pointer Remote SYSTEM Exploit
SAP GUI 7.10 - WebViewer3D Active-X JIT-Spray Exploit
Apache 2.2.14 mod_isapi - Dangling Pointer Remote SYSTEM
SAP GUI 7.10 - WebViewer3D Active-X JIT-Spray
Microsoft Internet Explorer - 'iepeers.dll' Use-After-Free Exploit (Metasploit)
Microsoft Internet Explorer - 'iepeers.dll' Use-After-Free (Metasploit)
Magneto Net Resource ActiveX 4.0.0.5 - 'NetFileClose' Universal Exploit
Magneto Net Resource ActiveX 4.0.0.5 - 'NetConnectionEnum' Universal Exploit
Magneto Net Resource ActiveX 4.0.0.5 - 'NetShareEnum' Universal Exploit
Magneto Net Resource ActiveX 4.0.0.5 - 'NetFileClose' Universal
Magneto Net Resource ActiveX 4.0.0.5 - 'NetConnectionEnum' Universal
Magneto Net Resource ActiveX 4.0.0.5 - 'NetShareEnum' Universal
Xftp client 3.0 - 'PWD' Remote Exploit
Xftp client 3.0 - 'PWD' Remote
HP Digital Imaging - 'hpodio08.dll' Insecure Method Exploit
HP Digital Imaging - 'hpodio08.dll' Insecure Method
ProSSHD 1.2 - Authenticated Remote Exploit (ASLR + DEP Bypass)
ProSSHD 1.2 - Authenticated Remote (ASLR + DEP Bypass)
Litespeed Technologies - Web Server Remote Poison Null Byte Exploit
Litespeed Technologies - Web Server Remote Poison Null Byte
Sun Java Web Server 7.0 u7 - Remote Exploit
Sun Java Web Server 7.0 u7 - Remote
Apple Mac OSX EvoCam Web Server (Snow Leopard) - ROP Remote Exploit
Apple Mac OSX EvoCam Web Server (Snow Leopard) - ROP Remote
IBM AIX 5l - 'FTPd' Remote DES Hash Exploit
IBM AIX 5l - 'FTPd' Remote DES Hash
Barcodewiz Barcode ActiveX Control 3.29 - Remote HeapSpray Exploit (Internet Explorer 6/7)
Barcodewiz Barcode ActiveX Control 3.29 - Remote HeapSpray (Internet Explorer 6/7)
AoA Audio Extractor - Remote ActiveX SEH JIT Spray Exploit (ASLR + DEP Bypass)
SopCast 3.2.9 - Remote Exploit
AoA Audio Extractor - Remote ActiveX SEH JIT Spray (ASLR + DEP Bypass)
SopCast 3.2.9 - Remote
Adobe Acrobat Reader and Flash Player - 'newclass' Invalid Pointer Exploit
Adobe Acrobat Reader and Flash Player - 'newclass' Invalid Pointer
Trend Micro Internet Security 2010 - 'UfPBCtrl.DLL' ActiveX Remote Exploit
Trend Micro Internet Security 2010 - 'UfPBCtrl.DLL' ActiveX Remote
AoA Audio Extractor 2.x - ActiveX ROP Exploit
AoA Audio Extractor 2.x - ActiveX ROP
Microsoft ASP.NET - Auto-Decryptor File Download Exploit (MS10-070)
Microsoft ASP.NET - Auto-Decryptor File Download (MS10-070)
Mozilla Firefox 3.6.8 < 3.6.11 - Interleaving 'document.write' / 'appendChild' Exploit
Mozilla Firefox 3.6.8 < 3.6.11 - Interleaving 'document.write' / 'appendChild'
Google Android 2.0 < 2.1 - Reverse Shell Exploit
Google Android 2.0 < 2.1 - Reverse Shell
FreeBSD Litespeed Web Server 4.0.17 with PHP - Remote Exploit
Litespeed Web Server 4.0.17 with PHP (FreeBSD) - Remote Overflow
Crystal Reports Viewer 12.0.0.549 - 'PrintControl.dll' ActiveX Exploit
Microsoft Internet Explorer 8 - CSS Parser Exploit
Crystal Reports Viewer 12.0.0.549 - 'PrintControl.dll' ActiveX
Microsoft Internet Explorer 8 - CSS Parser
Novell iPrint 5.52 - ActiveX 'GetDriverSettings()' Remote Exploit
Novell iPrint 5.52 - ActiveX 'GetDriverSettings()' Remote
Sun Microsystems SunScreen Firewall - Root Exploit
Sun Microsystems SunScreen Firewall - Privilege Escalation
FTPGetter 3.58.0.21 - 'PASV' Buffer Overflow Exploit
FTPGetter 3.58.0.21 - 'PASV' Buffer Overflow
Sun Java - Calendar Deserialization Exploit (Metasploit)
Sun Java - Calendar Deserialization (Metasploit)
Java - 'Statement.invoke()' Trusted Method Chain Exploit (Metasploit)
Java - 'Statement.invoke()' Trusted Method Chain (Metasploit)
Veritas Backup Exec Name Service - Overflow Exploit (Metasploit)
Veritas Backup Exec Name Service - Overflow (Metasploit)
Microsoft Private Communications Transport - Overflow Exploit (MS04-011) (Metasploit)
Microsoft Private Communications Transport - Overflow (MS04-011) (Metasploit)
Microsoft RRAS Service - Overflow Exploit (MS06-025) (Metasploit)
Microsoft RRAS Service - Overflow (MS06-025) (Metasploit)
Microsoft NetDDE Service - Overflow Exploit (MS04-031) (Metasploit)
Microsoft NetDDE Service - Overflow (MS04-031) (Metasploit)
CA BrightStor Agent for Microsoft SQL - Overflow Exploit (Metasploit)
CA BrightStor Agent for Microsoft SQL - Overflow (Metasploit)
CA BrightStor Universal Agent - Overflow Exploit (Metasploit)
CA BrightStor Universal Agent - Overflow (Metasploit)
Knox Arkeia Backup Client Type 77 (Windows x86) - Overflow Exploit (Metasploit)
Knox Arkeia Backup Client Type 77 (Windows x86) - Overflow (Metasploit)
Mozilla Firefox - Interleaving 'document.write' / 'appendChild' Exploit (Metasploit)
Mozilla Firefox - Interleaving 'document.write' / 'appendChild' (Metasploit)
Microsoft Works 7 - 'WkImgSrv.dll' WKsPictureInterface() ActiveX Exploit (Metasploit)
Microsoft Works 7 - 'WkImgSrv.dll' WKsPictureInterface() ActiveX (Metasploit)
Microsoft RPC DCOM Interface - Overflow Exploit (MS03-026) (Metasploit)
Microsoft RPC DCOM Interface - Overflow (MS03-026) (Metasploit)
Savant Web Server 3.1 - Overflow Exploit (Metasploit)
Savant Web Server 3.1 - Overflow (Metasploit)
McAfee ePolicy Orchestrator / ProtectionPilot - Overflow Exploit (Metasploit)
McAfee ePolicy Orchestrator / ProtectionPilot - Overflow (Metasploit)
Snort Back Orifice - Pre-Preprocessor Remote Exploit (Metasploit)
Snort Back Orifice - Pre-Preprocessor Remote (Metasploit)
Knox Arkeia Backup Client Type 77 (OSX) - Overflow Exploit (Metasploit)
Knox Arkeia Backup Client Type 77 (OSX) - Overflow (Metasploit)
Samba 2.2.8 (BSD x86) - 'trans2open' Overflow Exploit (Metasploit)
Samba 2.2.8 (BSD x86) - 'trans2open' Overflow (Metasploit)
KingView 6.5.3 SCADA - ActiveX Exploit
KingView 6.5.3 SCADA - ActiveX
Google Android 2.0/2.1/2.1.1 - WebKit Use-After-Free Exploit
Google Android 2.0/2.1/2.1.1 - WebKit Use-After-Free
Progea Movicon 11 - 'TCPUploadServer' Remote Exploit
Progea Movicon 11 - 'TCPUploadServer' Remote
Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion Exploit (ASLR + DEP Bypass)
Adobe Flash Player < 10.1.53.64 - Action Script Type Confusion (ASLR + DEP Bypass)
IBM Tivoli Endpoint 4.1.1 - Remote SYSTEM Exploit
IBM Tivoli Endpoint 4.1.1 - Remote SYSTEM
Black Ice Cover Page SDK - Insecure Method 'DownloadImageFileURL()' Exploit (Metasploit)
Black Ice Cover Page SDK - Insecure Method 'DownloadImageFileURL()' (Metasploit)
IBM Web Application Firewall - Bypass Exploit
IBM Web Application Firewall - Bypass
Symantec Backup Exec 12.5 - Man In The Middle Exploit
Symantec Backup Exec 12.5 - Man In The Middle
Mozilla Firefox 3.6.16 (Windows 7) - mChannel Object Use-After-Free Exploit
Mozilla Firefox 3.6.16 (Windows 7) - mChannel Object Use-After-Free
Sunway Force Control SCADA 6.1 SP3 - 'httpsrv.exe' Exploit
Sunway Force Control SCADA 6.1 SP3 - 'httpsrv.exe'
JBoss AS 2.0 - Remote Exploit
JBoss AS 2.0 - Remote
NJStar Communicator 3.00 - MiniSMTP Server Remote Exploit (Metasploit)
NJStar Communicator 3.00 - MiniSMTP Server Remote (Metasploit)
Oracle - xdb.xdb_pitrig_pkg.PITRIG_DROPMETADATA procedure Exploit
Oracle - xdb.xdb_pitrig_pkg.PITRIG_DROPMETADATA procedure
CoDeSys SCADA 2.3 - Remote Exploit
CoDeSys SCADA 2.3 - Remote Buffer Overflow
CoCSoft Stream Down 6.8.0 - Universal Exploit (Metasploit)
Reaver - WiFi Protected Setup (WPS) Exploit
CoCSoft Stream Down 6.8.0 - Universal (Metasploit)
Reaver - WiFi Protected Setup (WPS)
Mozilla Firefox 4.0.1 - 'Array.reduceRight()' Exploit
Mozilla Firefox 4.0.1 - 'Array.reduceRight()'
Apache Tomcat - Account Scanner / 'PUT' Request Remote Exploit
Apache Tomcat - Account Scanner / 'PUT' Request Remote
McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 - ActiveX 'GetObject()' Exploit
McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 - ActiveX 'GetObject()'
Berkeley Sendmail 5.58 - Debug Exploit
Berkeley Sendmail 5.58 - Debug
SunView (SunOS 4.1.1) - selection_svc Exploit
SunOS 4.1.3 - LD_LIBRARY_PATH / LD_OPTIONS Exploit
SunView (SunOS 4.1.1) - 'selection_svc' Remote File Read
SunOS 4.1.3 - LD_LIBRARY_PATH / LD_OPTIONS
IRIX 6.4 - 'pfdisplay.cgi' Exploit
IRIX 6.4 - 'pfdisplay.cgi'
Metainfo Sendmail 2.0/2.5 / MetaIP 3.1 - Upload / Execute Read Scripts
WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - 'realpath' Exploit (1)
WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - 'realpath' Exploit (2)
Metainfo Sendmail 2.0/2.5 / MetaIP 3.1 - Upload / Execute Read Scripts
WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - 'realpath' Buffer Overflow (1)
WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - 'realpath' Buffer Overflow (2)
HP JetAdmin 1.0.9 Rev. D - symlink Exploit
HP JetAdmin 1.0.9 Rev. D - symlink
XM Easy Personal FTP Server 5.30 - Remote Format String Write4 Exploit
XM Easy Personal FTP Server 5.30 - Remote Format String Write4
Western Digital's WD TV Live SMP/Hub - Root Exploit
Western Digital's WD TV Live SMP/Hub - Privilege Escalation
Debian 2.1 - httpd Exploit
Debian 2.1 - httpd
SGI IRIX 6.2 - cgi-bin wrap Exploit
SGI IRIX 6.3 - cgi-bin 'webdist.cgi' Exploit
SGI IRIX 6.4 - cgi-bin handler Exploit
SGI IRIX 6.5.2 - 'nsd'' Exploit
SGI IRIX 6.2 - cgi-bin wrap
SGI IRIX 6.3 - cgi-bin 'webdist.cgi'
SGI IRIX 6.4 - cgi-bin handler
SGI IRIX 6.5.2 - 'nsd' Information Gathering
IBM AIX 3.2.5 - 'login(1)' Exploit
IBM AIX 3.2.5 - 'login(1)' Privilege Escalation
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (1)
Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (1)
Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Exploit
Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP
ProFTPd 1.2 pre6 - 'snprintf' Remote Root Exploit
ProFTPd 1.2 pre6 - 'snprintf' Remote Root
Microsoft Internet Explorer 5.0/4.0.1 - iFrame Exploit
Microsoft Internet Explorer 5.0/4.0.1 - iFrame
PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog Exploit
Lucent Ascend MAX 5.0/Pipeline 6.0/TNT 1.0/2.0 Router - MAX UDP Port 9 Exploit (1)
Lucent Ascend MAX 5.0/Pipeline 6.0/TNT 1.0/2.0 Router - MAX UDP Port 9 Exploit (2)
PHP/FI 1.0/FI 2.0/FI 2.0 b10 - mylog/mlog
Lucent Ascend MAX 5.0/Pipeline 6.0/TNT 1.0/2.0 Router - MAX UDP Port 9 (1)
Lucent Ascend MAX 5.0/Pipeline 6.0/TNT 1.0/2.0 Router - MAX UDP Port 9 (2)
AN-HTTPd 1.2b - CGI Exploits
AN-HTTPd 1.2b - CGI s
Allaire ColdFusion Server 4.0/4.0.1 - 'CFCACHE' Exploit
Allaire ColdFusion Server 4.0/4.0.1 - 'CFCACHE' Information Disclosure
RedHat 6.1 / IRIX 6.5.18 - 'lpd' Exploit
RedHat 6.1 / IRIX 6.5.18 - 'lpd' Command Execution
A-V Tronics InetServ 3.0 - WebMail GET Exploit
A-V Tronics InetServ 3.0 - WebMail GET
Cat Soft Serv-U FTP Server 2.5/a/b (Windows 95/98/2000/NT 4.0) - Shortcut Exploit
Cat Soft Serv-U FTP Server 2.5/a/b (Windows 95/98/2000/NT 4.0) - Shortcut
SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname Exploit
SGI InfoSearch 1.0 / SGI IRIX 6.5.x - fname
Cisco IOS 11.x/12.x - HTTP %% Exploit
Cisco IOS 11.x/12.x - HTTP %%
Netscape Professional Services FTP Server (LDAP Aware) 1.3.6 - FTP Server Exploit
Netscape Professional Services FTP Server (LDAP Aware) 1.3.6 - FTP Server
NCSA httpd-campas 1.2 - sample script Exploit
NCSA httpd-campas 1.2 - sample script
Microsoft Internet Explorer 5.5 - 'Index.dat' Exploit (MS00-055)
Microsoft Internet Explorer 5.5 - 'Index.dat' (MS00-055)
Novell NetWare Web Server 2.x - convert.bas Exploit
Novell NetWare Web Server 2.x - convert.bas
Microsoft Internet Explorer 5 - 'INPUT TYPE=FILE' Exploit
Microsoft Internet Explorer 5 - 'INPUT TYPE=FILE'
Novell Netware Web Server 3.x - files.pl Exploit
Novell Netware Web Server 3.x - files.pl
SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon Exploit
SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon
Sitecom MD-25x - Multiple Vulnerabilities / Reverse Root Exploit
Sitecom MD-25x - Multiple Vulnerabilities
Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuck.c' Remote Exploit
Apache mod_ssl OpenSSL < 0.9.6d / < 0.9.7-beta2 - 'openssl-too-open.c' SSL2 KEY_ARG Overflow Exploit
Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuck.c' Remote Buffer Overflow
Apache mod_ssl OpenSSL < 0.9.6d / < 0.9.7-beta2 - 'openssl-too-open.c' SSL2 KEY_ARG Overflow
BigAnt Server 2.52 SP5 - Stack Overflow ROP-Based Exploit (SEH) (ASLR + DEP Bypass)
BigAnt Server 2.52 SP5 - Stack Overflow ROP-Based (SEH) (ASLR + DEP Bypass)
IBM System Director Agent - Remote System Level Exploit
IBM System Director Agent - Remote System Level
MySQL - 'Stuxnet Technique' Windows Remote System Exploit
MySQL - 'Stuxnet Technique' Windows Remote System
Microsoft Internet Explorer 5 - window.open Search Pane Cross-Zone Scripting
ActFax 5.01 - RAW Server Exploit (Metasploit)
ActFax 5.01 - RAW Server (Metasploit)
Mitsubishi MX ActiveX Component 3 - 'ActUWzd.dll' 'WzTitle' Remote Exploit
Mitsubishi MX ActiveX Component 3 - 'ActUWzd.dll' 'WzTitle' Remote
Adobe ColdFusion APSB13-03 - Remote Exploit (Metasploit)
Adobe ColdFusion APSB13-03 - Remote Multiple Vulnerabilities (Metasploit)
Plesk < 9.5.4 - Remote Exploit
Plesk < 9.5.4 - Remote
PCMan FTP Server 2.0.7 - Remote Exploit (Metasploit)
PCMan FTP Server 2.0.7 - Remote (Metasploit)
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Authentication Bypass / Directory Traversal SAM Retrieval Exploit
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Authentication Bypass / Directory Traversal SAM Retrieval
PHP 4.x - 'copy() Safe_Mode' Bypass Exploit
PHP 4.x - 'copy() Safe_Mode' Bypass
Microsoft PowerPoint 2003 - 'powerpnt.exe' Exploit
Microsoft PowerPoint 2003 - 'powerpnt.exe'
Microsoft Internet Explorer 6 - Code Execution (1)
Microsoft Internet Explorer 6 - Code Execution (2)
Microsoft Internet Explorer 6 - Code Execution (1)
Microsoft Internet Explorer 6 - Code Execution (2)
Nginx 1.4.0 (Generic Linux x64) - Remote Exploit
Nginx 1.4.0 (Generic Linux x64) - Remote
PHP 5.2.5 - cURL 'safe_mode' Security Bypass Exploit
PHP 5.2.5 - cURL 'safe_mode' Security Bypass
Oracle Forms and Reports 11.1 - Remote Exploit
Oracle Forms and Reports 11.1 - Arbitrary Code Execution
Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Exploit
Novell eDirectory 8.x - eMBox Utility 'edirutil' Command
OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (1)
OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak (1)
OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (2) (DTLS Support)
OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak (2) (DTLS Support)
Broadcom Wi-Fi SoC - TDLS Teardown Request Remote Heap Overflow Exploit
Broadcom Wi-Fi SoC - TDLS Teardown Request Remote Heap Overflow
SugarCRM 6.5.23 - REST PHP Object Injection Exploit (Metasploit)
SugarCRM 6.5.23 - REST PHP Object Injection (Metasploit)
NovaSTOR NovaNET 12.0 - Remote SYSTEM Exploit
NovaSTOR NovaNET 12.0 - Remote SYSTEM
Kolibri Web Server 2.0 - GET Exploit (SEH)
Kolibri Web Server 2.0 - GET (SEH)
GNU bash 4.3.11 - Environment Variable dhclient Exploit
GNU bash 4.3.11 - Environment Variable dhclient
Eclipse 3.6.1 - Help Server help/index.jsp URI Cross-Site Scripting
Eclipse 3.6.1 - Help Server help/advanced/content.jsp URI Cross-Site Scripting
Eclipse 3.6.1 - Help Server 'help/index.jsp' Cross-Site Scripting
Eclipse 3.6.1 - Help Server 'help/advanced/content.jsp' Cross-Site Scripting
Microsoft Windows - OLE Remote Code Execution 'Sandworm' Exploit (MS14-060)
Microsoft Windows - OLE Remote Code Execution 'Sandworm' (MS14-060)
tnftp (FreeBSD 8/9/10) - 'tnftp' Client Eide Exploit
tnftp (FreeBSD 8/9/10) - 'tnftp' Client Side
VSAT Sailor 900 - Remote Exploit
VSAT Sailor 900 - Remote
Bsplayer 2.68 - HTTP Response Universal Exploit
Bsplayer 2.68 - HTTP Response Universal
MS SQL Server 2000/2005 - SQLNS.SQLNamespace COM Object Refresh() Unhandled Pointer Exploit
MS SQL Server 2000/2005 - SQLNS.SQLNamespace COM Object Refresh() Unhandled Pointer
Microsoft Windows Media Center - MCL Exploit (MS15-100) (Metasploit)
Microsoft Windows Media Center - MCL (MS15-100) (Metasploit)
Adobe Flash - Object.unwatch Use-After-Free Exploit
Adobe Flash - Object.unwatch Use-After-Free
Google Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass)
Google Android 5.0.1 - Metaphor Stagefright (ASLR Bypass)
TOPSEC Firewalls - 'ELIGIBLEBACHELOR' Remote Exploit
TOPSEC Firewalls - 'ELIGIBLEBACHELOR' Remote
D-Link DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit)
D-Link DIR-Series Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit)
DC/OS Marathon UI - Docker Exploit (Metasploit)
DC/OS Marathon UI - Docker (Metasploit)
CCBILL CGI - 'ccbillx.c' 'whereami.cgi' Remote Exploit
CCBILL CGI - 'ccbillx.c' 'whereami.cgi' Remote
phpBB 2.0.6 - 'search_id' SQL Injection MD5 Hash Remote Exploit
PHP-Nuke 6.9 - 'cid' SQL Injection Remote Exploit
phpBB 2.0.6 - 'search_id' SQL Injection MD5 Hash Remote
PHP-Nuke 6.9 - 'cid' SQL Injection Remote
UBBCentral UBB.Threads 6.2.x < 6.3x - One Char Brute Force Exploit
UBBCentral UBB.Threads 6.2.x < 6.3x - One Char Brute Force
phpBB 1.0.0/2.0.10 - 'admin_cash.php' Remote Exploit
PHP 4.3.9 + phpBB 2.x - 'Unserialize()' Remote Exploit
phpBB 1.0.0/2.0.10 - 'admin_cash.php' Remote Code Execution
PHP 4.3.9 + phpBB 2.x - 'Unserialize()' Remote
phpMyChat 0.14.5 - Remote Improper File Permissions Exploit
e107 - 'include()' Remote Exploit
phpMyChat 0.14.5 - Remote Improper File Permissions
e107 - 'include()' Remote
Siteman 1.1.10 - Remote Administrative Account Addition Exploit
Siteman 1.1.10 - Remote Administrative Account Addition
PostNuke PostWrap Module - Remote Exploit
PHP-Nuke 7.4 - Admin Exploit
PostNuke PostWrap Module - Remote
PHP-Nuke 7.4 - Admin
AWStats 5.7 < 6.2 - Multiple Remote Exploits (PoC)
AWStats 5.7 < 6.2 - Multiple Remote Exploits
AWStats 5.7 < 6.2 - Multiple Remote s (PoC)
AWStats 5.7 < 6.2 - Multiple Remote s
Aztek Forum 4.0 - 'myadmin.php' Database Dumper Exploit
Aztek Forum 4.0 - 'myadmin.php' Database Dumper
phpBB 2.0.13 - 'downloads.php' mod Remote Exploit
phpBB 2.0.13 - 'Calendar Pro' mod Remote Exploit
phpBB 2.0.13 - 'downloads.php' mod Remote
phpBB 2.0.13 - 'Calendar Pro' mod Remote
PhotoPost - Arbitrary Data Remote Exploit
PhotoPost - Arbitrary Data Remote
ZeroBoard 4.1 - preg_replace Remote nobody Shell Exploit
ZeroBoard 4.1 - 'preg_replace' Remote Nobody Shell
eXtropia Shopping Cart - 'web_store.cgi' Remote Exploit
Mambo 4.5.2.1 - Fetch Password Hash Remote Exploit
PHP Arena 1.1.3 - 'pafiledb.php' Remote Change Password Exploit
eXtropia Shopping Cart - 'web_store.cgi' Remote
Mambo 4.5.2.1 - Fetch Password Hash Remote
PHP Arena 1.1.3 - 'pafiledb.php' Remote Change Password
PHP-Fusion 6.00.105 - Accessible Database Backups Download Exploit
PHP-Fusion 6.00.105 - Accessible Database Backups Download
phpBB 2.0.15 - 'highlight' Database Authentication Details Exploit
phpBB 2.0.15 - 'highlight' Database Authentication Details
Hosting Controller 6.1 HotFix 2.2 - Add Domain without Quota Exploit
Hosting Controller 6.1 HotFix 2.2 - Add Domain without Quota
Simple PHP Blog 0.4.0 - Multiple Remote Exploits
Simple PHP Blog 0.4.0 - Multiple Remote s
MuOnline Loopholes Web Server - 'pkok.asp' SQL Injection
Guppy 4.5.9 - 'REMOTE_ADDR' Remote Commands Execution Exploit
Guppy 4.5.9 - 'REMOTE_ADDR' Remote Commands Execution
SimpleBBS 1.1 - Remote Commands Execution Exploit
SimpleBBS 1.1 - Remote Commands Execution
SimpleBBS 1.1 - Remote Commands Execution Exploit (C)
SimpleBBS 1.1 - Remote Commands Execution (C)
Limbo 1.0.4.2 - '_SERVER[REMOTE_ADDR]' Overwrite Remote Exploit
Limbo 1.0.4.2 - '_SERVER[REMOTE_ADDR]' Overwrite Remote
phpBB 2.0.17 - 'signature_bbcode_uid' Remote Command Exploit
phpDocumentor 1.3.0 rc4 - Remote Commands Execution Exploit
phpBB 2.0.17 - 'signature_bbcode_uid' Remote Command
phpDocumentor 1.3.0 rc4 - Remote Commands Execution
Magic News Plus 1.0.3 - Admin Pass Change Exploit
Magic News Plus 1.0.3 - Admin Pass Change
creLoaded 6.15 - 'HTMLAREA' Automated Perl Exploit
creLoaded 6.15 - 'HTMLAREA' Automated Perl
CPGNuke Dragonfly 9.0.6.1 - Remote Commands Execution Exploit
SPIP 1.8.2g - Remote Commands Execution Exploit
CPGNuke Dragonfly 9.0.6.1 - Remote Commands Execution
SPIP 1.8.2g - Remote Commands Execution
DocMGR 0.54.2 - 'file_exists' Remote Commands Execution Exploit
DocMGR 0.54.2 - 'file_exists' Remote Commands Execution
EnterpriseGS 1.0 rc4 - Remote Commands Execution Exploit
FlySpray 0.9.7 - 'install-0.9.7.php' Remote Commands Execution Exploit
EnterpriseGS 1.0 rc4 - Remote Commands Execution
FlySpray 0.9.7 - 'install-0.9.7.php' Remote Commands Execution
PHPKIT 1.6.1R2 - 'filecheck' Remote Commands Execution Exploit
PHPKIT 1.6.1R2 - 'filecheck' Remote Commands Execution
Coppermine Photo Gallery 1.4.3 - Remote Commands Execution Exploit
Coppermine Photo Gallery 1.4.3 - Remote Commands Execution
GeekLog 1.x - 'error.log' (gpc = Off) Remote Commands Execution Exploit
GeekLog 1.x - 'error.log' (gpc = Off) Remote Commands Execution
VHCS 2.4.7.1 - Add User Authentication Bypass
Pentacle In-Out Board 6.03 - 'login.asp' Remote Authentication Bypass
Farsinews 2.5 - Directory Traversal Arbitrary 'users.db' Access Exploit
Farsinews 2.5 - Directory Traversal Arbitrary 'users.db' Access
PHP-Stats 0.1.9.1 - Remote Commands Execution Exploit
PHP-Stats 0.1.9.1 - Remote Commands Execution
Gallery 2.0.3 - stepOrder[] Remote Commands Execution Exploit
Gallery 2.0.3 - stepOrder[] Remote Commands Execution
JiRos Banner Experience 1.0 - Create Authentication Bypass Remote Exploit
JiRos Banner Experience 1.0 - Create Authentication Bypass Remote
Simplog 0.9.2 - 's' Remote Commands Execution Exploit
Simplog 0.9.2 - 's' Remote Commands Execution
phpWebSite 0.10.2 - 'hub_dir' Remote Commands Execution Exploit
phpWebSite 0.10.2 - 'hub_dir' Remote Commands Execution
FlexBB 0.5.5 - '/inc/start.php?_COOKIE' SQL Bypass Exploit
FlexBB 0.5.5 - '/inc/start.php?_COOKIE' SQL Bypass
phpBB 2.0.20 - Admin/Restore DB/default_lang Remote Exploit
Sugar Suite Open Source 4.2 - 'OptimisticLock' Remote Exploit
phpBB 2.0.20 - Admin/Restore DB/default_lang Remote
Sugar Suite Open Source 4.2 - 'OptimisticLock' Remote
DeluxeBB 1.06 - 'Attachment mod_mime' Remote Exploit
DeluxeBB 1.06 - 'Attachment mod_mime' Remote
XOOPS 2.0.13.2 - 'xoopsOption[nocommon]' Remote Exploit
XOOPS 2.0.13.2 - 'xoopsOption[nocommon]' Remote Command Execution
Drupal 4.7 - 'Attachment mod_mime' Remote Exploit
Drupal 4.7 - 'Attachment mod_mime' Remote
EggBlog < 3.07 - Remote SQL Injection / Privilege Escalation
Speedy ASP Forum - 'profileupdate.asp' User Pass Change Exploit
Nukedit 4.9.6 - Unauthorized Admin Add
Speedy ASP Forum - 'profileupdate.asp' User Pass Change
Nukedit 4.9.6 - Unauthorized Admin Add
aspWebLinks 2.0 - SQL Injection / Admin Pass Change Exploit
aspWebLinks 2.0 - SQL Injection / Admin Pass Change
FunkBoard CF0.71 - 'profile.php' Remote User Pass Change Exploit
FunkBoard CF0.71 - 'profile.php' Remote User Pass Change
myNewsletter 1.1.2 - 'adminLogin.asp' Authentication Bypass
Bitweaver 1.3 - 'tmpImagePath' Attachment mod_mime Exploit
Bitweaver 1.3 - 'tmpImagePath' Attachment mod_mime
MyBulletinBoard (MyBB) 1.1.3 - 'usercp.php' Create Admin Exploit
MyBulletinBoard (MyBB) 1.1.3 - 'usercp.php' Create Admin
Phorum 5 - 'pm.php' Arbitrary Local Inclusion Exploit
Phorum 5 - 'pm.php' Arbitrary Local Inclusion
TinyPHP Forum 3.6 - 'makeAdmin' Remote Admin Maker Exploit
TinyPHP Forum 3.6 - 'makeAdmin' Remote Admin Maker
WEBInsta MM 1.3e - 'absolute_path' Remote File Inclusion
Joomla! Component Poll 1.0.10 - Arbitrary Add Votes Exploit
Joomla! Component Poll 1.0.10 - Arbitrary Add Votes
Simple Machines Forum (SMF) 1.1 rc2 (Windows) - 'lngfile' Remote Exploit
Simple Machines Forum (SMF) 1.1 rc2 (Windows) - 'lngfile' Remote
Simple Machines Forum (SMF) 1.1 rc2 - Lock Topics Remote Exploit
Simple Machines Forum (SMF) 1.1 rc2 - Lock Topics Remote
PmWiki 2.1.19 - 'Zend_Hash_Del_Key_Or_Index' Remote Exploit
PmWiki 2.1.19 - 'Zend_Hash_Del_Key_Or_Index' Remote
TR Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit
TR Forum 2.0 - SQL Injection / Bypass Security Restriction
phpBB 2.0.21 - Poison Null Byte Remote Exploit
phpBB 2.0.21 - Poison Null Byte Remote
Blog Pixel Motion 2.1.1 - PHP Code Execution / Create Admin Exploit
Blog Pixel Motion 2.1.1 - PHP Code Execution / Create Admin
Flatnuke 2.5.8 - 'userlang' Local Inclusion / Delete All Users Exploit
Flatnuke 2.5.8 - 'userlang' Local Inclusion / Delete All Users
Active Bulletin Board 1.1b2 - Remote User Pass Change Exploit
Active Bulletin Board 1.1b2 - Remote User Pass Change
JaxUltraBB 2.0 - 'delete.php' Remote Auto Deface Exploit
JaxUltraBB 2.0 - 'delete.php' Remote Auto Deface
PHP League 0.81 - 'config.php' Remote File Inclusion
MiraksGalerie 2.62 - 'pcltar.lib.php' Remote File Inclusion
E Annu 1.0 - Authentication Bypass / SQL Injection
Invision Power Board 2.1.7 - 'Debug' Remote Password Change Exploit
Invision Power Board 2.1.7 - 'Debug' Remote Password Change
iPrimal Forums - '/admin/index.php' Change User Password Exploit
iPrimal Forums - '/admin/index.php' Change User Password
Online Event Registration 2.0 - 'save_profile.asp' Pass Change Exploit
Online Event Registration 2.0 - 'save_profile.asp' Pass Change
Bandwebsite 1.5 - 'LOGIN' Remote Add Admin
Enthrallweb eClassifieds 1.0 - Remote User Pass Change Exploit
Enthrallweb eCoupons 1.0 - 'myprofile.asp' Remote Pass Change Exploit
Enthrallweb eNews 1.0 - Remote User Pass Change Exploit
Enthrallweb eClassifieds 1.0 - Remote User Pass Change
Enthrallweb eCoupons 1.0 - 'myprofile.asp' Remote Pass Change
Enthrallweb eNews 1.0 - Remote User Pass Change
Fishyshoop 0.930b - Remote Add Administrator Account Exploit
Fishyshoop 0.930b - Remote Add Administrator Account
Cahier de texte 2.2 - Bypass General Access Protection Exploit
Cahier de texte 2.2 - Bypass General Access Protection
Cacti 0.8.6i - 'copy_cacti_user.php' SQL Injection Create Admin Exploit
Cacti 0.8.6i - 'copy_cacti_user.php' SQL Injection Create Admin
IMGallery 2.5 - Create Uploader Script Exploit
IMGallery 2.5 - Create Uploader Script
TaskTracker 1.5 - 'Customize.asp' Remote Add Administrator Exploit
TaskTracker 1.5 - 'Customize.asp' Remote Add Administrator
FdWeB Espace Membre 2.01 - 'path' Remote File Inclusion
GuppY 4.5.16 - Remote Commands Execution Exploit
GuppY 4.5.16 - Remote Commands Execution
Extcalendar 2 - 'profile.php' Remote User Pass Change Exploit
Extcalendar 2 - 'profile.php' Remote User Pass Change
Advanced Poll 2.0.5-dev - Remote Admin Session Generator Exploit
Advanced Poll 2.0.5-dev - Remote Admin Session Generator
Site-Assistant 0990 - 'paths[version]' Remote File Inclusion
AT Contenator 1.0 - 'Root_To_Script' Remote File Inclusion
VS-News-System 1.2.1 - 'newsordner' Remote File Inclusion
VS-Link-Partner 2.1 - 'script_pfad' Remote File Inclusion
VS-News-System 1.2.1 - 'newsordner' Remote File Inclusion
VS-Link-Partner 2.1 - 'script_pfad' Remote File Inclusion
S-Gastebuch 1.5.3 - 'gb_pfad' Remote File Inclusion
AJ Dating 1.0 - 'view_profile.php' SQL Injection
AJ Classifieds 1.0 - 'postingdetails.php' SQL Injection
AJ Dating 1.0 - 'view_profile.php' SQL Injection
AJ Classifieds 1.0 - 'postingdetails.php' SQL Injection
JobSitePro 1.0 - 'search.php' SQL Injection
JGBBS 3.0beta1 - 'search.asp?author' SQL Injection
WSN Guest 1.21 - 'id' SQL Injection
Dayfox Blog 4 - 'postpost.php' Remote Code Execution
Orion-Blog 2.0 - Remote Authentication Bypass
WSN Guest 1.21 - 'id' SQL Injection
Dayfox Blog 4 - 'postpost.php' Remote Code Execution
Orion-Blog 2.0 - Remote Authentication Bypass
Particle Blogger 1.2.0 - 'post.php?postid' SQL Injection
PHP-Stats 0.1.9.1b - 'PHP-stats-options.php' Admin 2 'exec()' Exploit
PHP-Stats 0.1.9.1b - 'PHP-stats-options.php' Admin 2 'exec()'
Guestbara 1.2 - Change Admin Login and Password Exploit
Guestbara 1.2 - Change Admin Login and Password
Active NewsLetter 4.3 - 'ViewNewspapers.asp' SQL Injection
eWebquiz 8 - 'eWebQuiz.asp' SQL Injection
PBlang 4.66z - Remote Create Admin Exploit
PBlang 4.66z - Remote Create Admin
IceBB 1.0-rc5 - Remote Create Admin Exploit
IceBB 1.0-rc5 - Remote Create Admin
Joomla! Component D4JeZine 2.8 - Blind SQL Injection
Web Content System 2.7.1 - Remote File Inclusion
XOOPS Module Lykos Reviews 1.00 - 'index.php' SQL Injection
WinMail Server 4.4 build 1124 - 'WebMail' Remote Add Super User Exploit
WinMail Server 4.4 build 1124 - 'WebMail' Remote Add Super User
XOOPS Module debaser 0.92 - 'genre.php' Blind SQL Injection
XOOPS Module RM+Soft Gallery 1.0 - Blind SQL Injection
XOOPS Module XFsection 1.07 - 'articleId' Blind SQL Injection
XOOPS Module PopnupBlog 2.52 - 'postid' Blind SQL Injection
phpMyNewsletter 0.6.10 - 'customize.php' Remote File Inclusion
XOOPS Module WF-Snippets 1.02 (c) - Blind SQL Injection
Mutant 0.9.2 - 'mutant_functions.php' Remote File Inclusion
XOOPS Module WF-Snippets 1.02 (c) - Blind SQL Injection
Mutant 0.9.2 - 'mutant_functions.php' Remote File Inclusion
CodeBreak 1.1.2 - 'codebreak.php' Remote File Inclusion
e107 0.7.8 - 'mailout.php' Authenticated Access Escalation Exploit
e107 0.7.8 - 'mailout.php' Authenticated Access Escalation
AimStats 3.2 - 'process.php?update' Remote Code Execution
wavewoo 0.1.1 - 'loading.php?path_include' Remote File Inclusion
The Merchant 2.2.0 - 'index.php?show' Remote File Inclusion
phpMyPortal 3.0.0 RC3 - GLOBALS[CHEMINMODULES] Remote File Inclusion
Snaps! Gallery 1.4.4 - Remote User Pass Change Exploit
Snaps! Gallery 1.4.4 - Remote User Pass Change
PHP FirstPost 0.1 - 'block.php?Include' Remote File Inclusion
XOOPS Module resmanager 1.21 - Blind SQL Injection
Alstrasoft e-Friends 4.21 - Admin Session Retrieve Exploit
Alstrasoft Live Support 1.21 - Admin Credential Retrieve Exploit
Alstrasoft e-Friends 4.21 - Admin Session Retrieve
Alstrasoft Live Support 1.21 - Admin Credential Retrieve
WordPress 2.1.3 - 'admin-ajax.php' SQL Injection Blind Fishing Exploit
WordPress 2.1.3 - 'admin-ajax.php' SQL Injection Blind Fishing
RevokeBB 1.0 RC4 - Blind SQL Injection / Hash Retrieve Exploit
XOOPS Module icontent 1.0/4.5 - Remote File Inclusion
RevokeBB 1.0 RC4 - Blind SQL Injection / Hash Retrieve
XOOPS Module icontent 1.0/4.5 - Remote File Inclusion
NewsSync for phpBB 1.5.0rc6 - Remote File Inclusion
PHP Real Estate Classifieds - Remote File Inclusion
Solar Empire 2.9.1.1 - Blind SQL Injection / Hash Retrieve Exploit
Solar Empire 2.9.1.1 - Blind SQL Injection / Hash Retrieve
AV Tutorial Script 1.0 - Remote User Pass Change Exploit
AV Tutorial Script 1.0 - Remote User Pass Change
Vivvo CMS 3.4 - 'index.php' Blind SQL Injection
JBlog 1.0 - Create / Delete Admin Authentication Bypass
Fuzzylime CMS 3.0 - Local File Inclusion
Flip 3.0 - Remote Admin Creation Exploit
Flip 3.0 - Remote Admin Creation
Drupal 5.2 - PHP Zend Hash Exploitation Vector
Drupal 5.2 - PHP Zend Hash ation Vector
PHP-AGTC Membership System 1.1a - Remote Add Admin
IceBB 1.0-rc6 - Remote Database Authentication Details Exploit
IceBB 1.0-rc6 - Remote Database Authentication Details
Ucms 1.8 - Backdoor Remote Command Execution
Snitz Forums 2000 - 'Active.asp' SQL Injection
MonAlbum 0.87 - Arbitrary File Upload / Password Grabber Exploit
MonAlbum 0.87 - Arbitrary File Upload / Password Grabber
FreeWebShop 2.2.7 - 'cookie' Admin Password Grabber Exploit
FreeWebShop 2.2.7 - 'cookie' Admin Password Grabber
CuteNews 1.4.5 - Admin Password md5 Hash Fetching Exploit
CuteNews 1.4.5 - Admin Password md5 Hash Fetching
WebPortal CMS 0.6-beta - Remote Password Change Exploit
WebPortal CMS 0.6-beta - Remote Password Change
ClipShare 2.6 - Remote User Password Change Exploit
ClipShare 2.6 - Remote User Password Change
NetRisk 1.9.7 - Remote Password Change Exploit
NetRisk 1.9.7 - Remote Password Change
DomPHP 0.81 - Remote Add Administrator Exploit
DomPHP 0.81 - Remote Add Administrator
Evilsentinel 1.0.9 - Multiple Vulnerabilities Disable Exploit
Evilsentinel 1.0.9 - Multiple Vulnerabilities Disable
DigitalHive 2.0 RC2 - 'user_id' SQL Injection
MoinMoin 1.5.x - 'MOIND_ID' Cookie Bug Remote Exploit
MoinMoin 1.5.x - 'MOIND_ID' Cookie Bug Remote
sCssBoard (Multiple Versions) - 'pwnpack' Remote Exploits
sCssBoard (Multiple Versions) - 'pwnpack' Remote s
PunBB 1.2.16 - Blind Password Recovery Exploit
MultiCart 2.0 - 'productdetails.php' SQL Injection
PunBB 1.2.16 - Blind Password Recovery
MultiCart 2.0 - 'productdetails.php' SQL Injection
QuickTalk Forum 1.6 - Blind SQL Injection
Destar 0.2.2-5 - Arbitrary Add New User Exploit
Destar 0.2.2-5 - Arbitrary Add New User
phpBB Addon Fishing Cat Portal - Remote File Inclusion
LightNEasy 1.2 - no database Remote Hash Retrieve Exploit
LightNEasy 1.2 - no database Remote Hash Retrieve
Joomla! Component JoomlaXplorer 1.6.2 - Remote Exploits
Joomla! Component JoomlaXplorer 1.6.2 - Remote s
OpenInvoice 0.9 - Arbitrary Change User Password Exploit
OpenInvoice 0.9 - Arbitrary Change User Password
txtCMS 0.3 - 'index.php' Local File Inclusion
Zomplog 3.8.2 - 'newuser.php' Arbitrary Add Admin
MeltingIce File System 1.0 - Arbitrary Add User Exploit
MeltingIce File System 1.0 - Arbitrary Add User
CMSimple 3.1 - Local File Inclusion / Arbitrary File Upload
Telephone Directory 2008 - Arbitrary Delete Contact Exploit
Telephone Directory 2008 - Arbitrary Delete Contact
AuraCMS 2.2.2 - '/pages_data.php' Arbitrary Edit/Add/Delete Exploit
AuraCMS 2.2.2 - '/pages_data.php' Arbitrary Edit/Add/Delete
Scripteen Free Image Hosting Script 1.2 - 'cookie' Pass Grabber Exploit
Scripteen Free Image Hosting Script 1.2 - 'cookie' Pass Grabber
WordPress Plugin Download Manager 0.2 - Arbitrary File Upload
IceBB 1.0-RC9.2 - Blind SQL Injection / Session Hijacking Exploit
IceBB 1.0-RC9.2 - Blind SQL Injection / Session Hijacking
moziloCMS 1.10.1 - 'download.php' Arbitrary Download File Exploit
moziloCMS 1.10.1 - 'download.php' Arbitrary Download File
LoveCMS 1.6.2 Final - Update Settings Remote Exploit
LoveCMS 1.6.2 Final - Update Settings Remote
Simple Machines Forum (SMF) 1.1.5 (Windows x86) - Admin Reset Password Exploit
MemHT Portal 3.9.0 - Remote Create Shell Exploit
Simple Machines Forum (SMF) 1.1.5 (Windows x86) - Admin Reset Password
MemHT Portal 3.9.0 - Remote Create Shell
WordPress 2.6.1 - SQL Column Truncation Admin Takeover Exploit
WordPress 2.6.1 - SQL Column Truncation Admin Takeover
phsBlog 0.2 - Bypass SQL Injection Filtering Exploit
phsBlog 0.2 - Bypass SQL Injection Filtering
Sports Clubs Web Panel 0.0.1 - Remote Game Delete Exploit
Sports Clubs Web Panel 0.0.1 - Remote Game Delete
Pluck CMS 4.5.3 - 'update.php' Remote File Corruption Exploit
Pluck CMS 4.5.3 - 'update.php' Remote File Corruption
Kusaba 1.0.4 - Remote Code Execution (2)
Globsy 1.0 - Remote File Rewriting Exploit
Globsy 1.0 - Remote File Rewriting
LokiCMS 0.3.4 - 'index.php' Arbitrary Check File Exploit
LokiCMS 0.3.4 - 'index.php' Arbitrary Check File
Micro CMS 0.3.5 - Remote Add/Delete/Password Change Exploit
Micro CMS 0.3.5 - Remote Add/Delete/Password Change
FREEze Greetings 1.0 - Remote Password Retrieve Exploit
FREEze Greetings 1.0 - Remote Password Retrieve
wPortfolio 0.3 - Admin Password Changing Exploit
wPortfolio 0.3 - Admin Password Changing
vBulletin 3.7.3 - Visitor Message Cross-Site Request Forgery / Worm Exploit
vBulletin 3.7.3 - Visitor Message Cross-Site Request Forgery / Worm
Discuz! - Remote Reset User Password Exploit
Discuz! - Remote Reset User Password
All Club CMS 0.0.2 - Remote Database Configuration Retrieve Exploit
All Club CMS 0.0.2 - Remote Database Configuration Retrieve
OpenForum 0.66 Beta - Remote Reset Admin Password Exploit
OpenForum 0.66 Beta - Remote Reset Admin Password
IPNPro3 < 1.44 - Admin Password Changing Exploit
DL PayCart 1.34 - Admin Password Changing Exploit
Bonza Cart 1.10 - Admin Password Changing Exploit
IPNPro3 < 1.44 - Admin Password Changing
DL PayCart 1.34 - Admin Password Changing
Bonza Cart 1.10 - Admin Password Changing
Wysi Wiki Wyg 1.0 - Remote Password Retrieve Exploit
Wysi Wiki Wyg 1.0 - Remote Password Retrieve
Flatnux - html/JavaScript Injection Cookie Grabber Exploit
Flatnux - html/JavaScript Injection Cookie Grabber
BabbleBoard 1.1.6 - Cross-Site Request Forgery/Cookie Grabber Exploit
BabbleBoard 1.1.6 - Cross-Site Request Forgery/Cookie Grabber
Comersus Shopping Cart 6.0 - Remote User Pass Exploit
Comersus Shopping Cart 6.0 - Remote User Pass
Fhimage 1.2.1 - Remote Index Change Exploit
Fhimage 1.2.1 - Remote Index Change
Max.Blog 1.0.6 - Arbitrary Delete Post Exploit
Max.Blog 1.0.6 - Arbitrary Delete Post
OpenFiler 2.3 - (Authentication Bypass) Remote Password Change Exploit
OpenFiler 2.3 - (Authentication Bypass) Remote Password Change
txtBB 1.0 RC3 - HTML/JS Injection / Arbitrary Add Admin Privileges
MemHT Portal 4.0.1 - Delete All Private Messages Exploit
MemHT Portal 4.0.1 - Delete All Private Messages
Traidnt up 2.0 - 'cookie' Add Extension Bypass Exploit
Traidnt up 2.0 - 'cookie' Add Extension Bypass
Bloginator 1a - SQL Injection / Command Injection (via Cookie Bypass Exploit)
Bloginator 1a - SQL Injection / Command Injection (via Cookie Bypass )
eLitius 1.0 - '/manage-admin.php' Arbitrary Add Admin/Change Password Exploit
eLitius 1.0 - '/manage-admin.php' Arbitrary Add Admin/Change Password
TotalCalendar 2.4 - Remote Password Change Exploit
TotalCalendar 2.4 - Remote Password Change
Absolute Form Processor XE-V 1.5 - Remote Change Password Exploit
Absolute Form Processor XE-V 1.5 - Remote Change Password
Teraway LinkTracker 1.0 - Remote Password Change Exploit
Teraway LinkTracker 1.0 - Remote Password Change
VisionLms 1.0 - 'changePW.php' Remote Password Change Exploit
VisionLms 1.0 - 'changePW.php' Remote Password Change
MiniTwitter 0.2b - Remote User Options Changer Exploit
MiniTwitter 0.2b - Remote User Options Changer
Simple Customer 1.3 - Arbitrary Change Admin Password
Job Script 2.0 - Arbitrary Change Admin Password
Simple Customer 1.3 - Arbitrary Change Admin Password
Job Script 2.0 - Arbitrary Change Admin Password
MaxCMS 2.0 - 'm_username' Arbitrary Create Admin Exploit
MaxCMS 2.0 - 'm_username' Arbitrary Create Admin
2DayBiz Template Monster Clone - 'edituser.php' Change Pass Exploit
2DayBiz Template Monster Clone - 'edituser.php' Change Pass
PHP Article Publisher - Remote Change Admin Password
Coppermine Photo Gallery 1.4.22 - Remote Exploit
Coppermine Photo Gallery 1.4.22 - Remote
Joomla! Component Casino 0.3.1 - Multiple SQL Injections Exploits
Joomla! Component Casino 0.3.1 - Multiple SQL Injections s
ZaoCMS - 'user_updated.php' Remote Change Password Exploit
ZaoCMS - 'user_updated.php' Remote Change Password
Mole Group Sky Hunter/Bus Ticket Scripts - Change Admin Password
Ultimate Media Script 2.0 - Remote Change Content
Gallarific - 'user.php' Arbirary Change Admin Information Exploit
Ultimate Media Script 2.0 - Remote Change Content
Gallarific - 'user.php' Arbirary Change Admin Information
ShaadiClone 2.0 - 'addAdminmembercode.php' Arbitrary Add Admin
ZeeCareers 2.0 - 'addAdminmembercode.php' Arbitrary Add Admin
Online Grades & Attendance 3.2.6 - Credentials Changer SQL Exploit
Online Grades & Attendance 3.2.6 - Credentials Changer SQL
Web Directory PRO - 'Admins.php' Change Admin Password
Host Directory PRO 2.1.0 - Remote Change Admin Password
Grestul 1.2 - Remote Add Administrator Account Exploit
Grestul 1.2 - Remote Add Administrator Account
Evernew Free Joke Script 1.2 - Remote Change Password Exploit
Evernew Free Joke Script 1.2 - Remote Change Password
phpMyAdmin - pmaPWN! Code Injection Remote Code Execution Scanner & Exploit Tool
phpMyAdmin - 'pmaPWN!' Code Injection / Remote Code Execution
Messages Library 2.0 - Arbitrary Administrator Account
Infinity 2.0.5 - Arbitrary Create Admin Exploit
Infinity 2.0.5 - Arbitrary Create Admin
webLeague 2.2.0 - 'install.php' Remote Change Password Exploit
webLeague 2.2.0 - 'install.php' Remote Change Password
JBLOG 1.5.1 - SQL Table Backup Exploit
JBLOG 1.5.1 - SQL Table Backup
Barracuda IMFirewall 620 - Exploit
Barracuda IMFirewall 620 -
Barracuda Web Firewall 660 Firmware 7.3.1.007 - Exploit
Barracuda Web Firewall 660 Firmware 7.3.1.007 -
XP Book 3.0 - login Admin Exploit
XP Book 3.0 - login Admin
Jax Guestbook 3.50 - Admin Login Exploit
Jax Guestbook 3.50 - Admin Login
ImageVue 2.0 - Remote Admin Login Exploit
ImageVue 2.0 - Remote Admin Login
SoftCab Sound Converter - 'sndConverter.ocx' ActiveX Insecure Method Exploit
SoftCab Sound Converter - 'sndConverter.ocx' ActiveX Insecure Method
Jevonweb Guestbook - Remote Admin Access Exploit
Simple PHP Guestbook - Remote Admin Access Exploit
Jevonweb Guestbook - Remote Admin Access
Simple PHP Guestbook - Remote Admin Access
PHPShop 0.6 - Bypass Exploit
PHPShop 0.6 - Bypass
Jax Calendar 1.34 - Remote Admin Access Exploit
Jax Calendar 1.34 - Remote Admin Access
al3jeb script - Remote Change Password Exploit
al3jeb script - Remote Change Password
Joomla! 1.5.12 - connect back Exploit
Joomla! 1.5.12 - Connect Back
Snif 1.5.2 - Any Filetype Download Exploit
Snif 1.5.2 - Any Filetype Download
bispage - Bypass Exploit
bispage - Bypass
Kolang 4.3.10 < 5.3.0 - 'proc_open()' PHP 'safe_mode' Bypass Exploit
Kolang 4.3.10 < 5.3.0 - 'proc_open()' PHP 'safe_mode' Bypass
Torrent Hoster - Remount Upload Exploit
Torrent Hoster - Remount Upload
Easy-Clanpage 2.2 - Multiple SQL Injections / Exploit
Easy-Clanpage 2.2 - Multiple SQL Injections /
PHP Jokesite 2.0 - exec Command Exploit
PHP Jokesite 2.0 - exec Command
Zyke CMS 1.1 - Bypass Exploit
Zyke CMS 1.1 - Bypass
Tochin eCommerce - Multiple Remote Exploits
Tochin eCommerce - Multiple Remote s
PHP-Nuke 8.2 - Arbitrary File Upload Exploit
PHP-Nuke 8.2 - Arbitrary File Upload
JCMS 2010 - File Download Exploit
JCMS 2010 - File Download
CakePHP 1.3.5/1.2.8 - 'Unserialize()' Exploit
CakePHP 1.3.5/1.2.8 - 'Unserialize()'
JBoss Application Server 4.2 < 4.2.0.CP09 / 4.3 < 4.3.0.CP08 - Remote Exploit
JBoss Application Server 4.2 < 4.2.0.CP09 / 4.3 < 4.3.0.CP08 - Remote
CakePHP 1.3.5/1.2.8 - Cache Corruption Exploit (Metasploit)
CakePHP 1.3.5/1.2.8 - Cache Corruption (Metasploit)
N_CMS 1.1E - Unauthenticated Local File Inclusion / Remote Code Exploit
N_CMS 1.1E - Unauthenticated Local File Inclusion / Remote Code
iCMS 1.1 - Admin SQL Injection / Brute Force Exploit
iCMS 1.1 - Admin SQL Injection / Brute Force
WordPress Plugin Block-Spam-By-Math-Reloaded - Bypass Exploit
WordPress Plugin Block-Spam-By-Math-Reloaded - Bypass
COMTREND CT-5624 Router - Root/Support Password Disclosure/Change Exploit
COMTREND CT-5624 Router - Root/Support Password Disclosure/Change
Vonage VDV23 - Cross-Site Scripting
TP-Link TL-WR740N - Cross-Site Scripting
LanSweeper 6.0.100.75 - Cross-Site Scripting
TRENDnet TEW-812DRU - Cross-Site Request Forgery/Command Injection Root Exploit
TRENDnet TEW-812DRU - Cross-Site Request Forgery/Command Injection Root
WordPress Plugin Akismet 2.1.3 - Exploit
WordPress Plugin Akismet 2.1.3 -
SonicWALL Gms 7.x - Filter Bypass / Persistent Exploit
SonicWALL Gms 7.x - Filter Bypass / Persistent
Google Gmail IOS Mobile Application - Persistent / Persistent Cross-Site Scripting
Google Gmail IOS Mobile Application - Persistent Cross-Site Scripting
Feetan Inc WireShare 1.9.1 iOS - Persistent Exploit
Feetan Inc WireShare 1.9.1 iOS - Persistent
Seagate BlackArmor NAS - Root Exploit
Seagate BlackArmor NAS - Privilege Escalation
Kemana Directory 1.5.6 - 'qvc_init()' Cookie Poisoning CAPTCHA Bypass Exploit
Kemana Directory 1.5.6 - 'qvc_init()' Cookie Poisoning CAPTCHA Bypass
Private Photo+Video 1.1 Pro iOS - Persistent Exploit
Private Photo+Video 1.1 Pro iOS - Persistent
Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass / Persistent Exploit
Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass / Persistent
Bonefire 0.7.1 - Reinstall Admin Account Exploit
Bonefire 0.7.1 - Reinstall Admin Account
Kingsoft Webshield 1.1.0.62 - Cross-Site Scripting / Remote Command Execution
NETGEAR WNR500 Wireless Router - 'webproc?getpage' Traversal Arbitrary File Access Exploit
NETGEAR WNR500 Wireless Router - 'webproc?getpage' Traversal Arbitrary File Access
PHPads 213607 - Authentication Bypass / Password Change Exploit
PHPads 213607 - Authentication Bypass / Password Change
D-Link DSL-2730B Modem - Cross-Site Scripting Injection Stored Exploit Wlsecrefresh.wl & Wlsecurity.wl
D-Link DSL-2730B Modem - Cross-Site Scripting Injection Stored Wlsecrefresh.wl & Wlsecurity.wl
D-Link DSL-2730B Modem - Cross-Site Scripting Injection Stored Exploit DnsProxy.cmd
D-Link DSL-2730B Modem - Cross-Site Scripting Injection Stored DnsProxy.cmd
Seagate Central 2014.0410.0026-F - Remote Facebook Access Token Exploit
Seagate Central 2014.0410.0026-F - Remote Facebook Access Token
Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Security Exploit
Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Security
AirDroid iOS / Android / Win 3.1.3 - Persistent Exploit
AirDroid iOS / Android / Win 3.1.3 - Persistent
up.time 7.5.0 - Arbitrary File Disclose and Delete Exploit
up.time 7.5.0 - Upload and Execute Exploit
up.time 7.5.0 - Arbitrary File Disclose and Delete
up.time 7.5.0 - Upload and Execute
MantisBT 1.2.19 - Host Header Exploit
MantisBT 1.2.19 - Host Header
SMF (Simple Machine Forum) 2.0.10 - Remote Memory Exfiltration Exploit
SMF (Simple Machine Forum) 2.0.10 - Remote Memory Exfiltration
JSSE - SKIP-TLS Exploit
JSSE - SKIP-TLS
D-Link DIR Series Routers - '/model/__show_info.php' Local File Disclosure
D-Link DIR-Series Routers - '/model/__show_info.php' Local File Disclosure
iScripts AutoHoster - 'main_smtp.php' Traversal Exploit
iScripts AutoHoster - 'main_smtp.php' Traversal
OpenMRS 2.3 (1.11.4) - XML External Entity Processing Exploit
OpenMRS 2.3 (1.11.4) - XML External Entity Processing
IBM Lotus Domino R8 - Password Hash Extraction Exploit
IBM Lotus Domino R8 - Password Hash Extraction
Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Exploits
Trend Micro - 'CoreServiceShell.exe' Multiple HTTP s
Dell OpenManage Server Administrator 8.3 - XML External Entity Exploit
Dell OpenManage Server Administrator 8.3 - XML External Entity
D-Link DIR8xx Routers - Leak Credentials
D-Link DIR8xx Routers - Root Remote Code Execution
D-Link DIR8xx Routers - Local Firmware Upload
D-Link DIR-8xx Routers - Leak Credentials
D-Link DIR-8xx Routers - Root Remote Code Execution
D-Link DIR-8xx Routers - Local Firmware Upload
TP-Link WR940N - Authenticated Remote Code Exploit
TP-Link WR940N - Authenticated Remote Code
Zeta Components Mail 1.8.1 - Remote Code Execution
|
2017-11-17 05:02:15 +00:00 |
|
Offensive Security
|
4b39f0d26d
|
DB: 2017-11-16
23 new exploits
VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (1)
VideoLAN VLC Media Player 0.8.6a - Denial of Service (1)
Microsoft Windows Explorer - '.AVI' Unspecified Denial of Service
Microsoft Windows Explorer - '.AVI' File Denial of Service
Microsoft Windows Explorer - Unspecified '.ANI' File Denial of Service
Microsoft Windows Explorer - '.ANI' File Denial of Service
Microsoft Windows Explorer - Unspecified '.doc' File Denial of Service
Microsoft Windows Explorer - '.doc' File Denial of Service
CDBurnerXP 4.2.4.1351 - Local Crash (Denial of Service)
Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Unspecified Vulnerabilities
Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Multiple Vulnerabilities
iPhone / iTouch FtpDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service
iPhone / iTouch FtpDisc 1.0 - Buffer Overflow / Denial of Service
Aladdin eToken PKI Client 4.5 - Virtual File Handling Unspecified Memory Corruption (PoC)
Aladdin eToken PKI Client 4.5 - Virtual File Handling Memory Corruption (PoC)
Webby WebServer - SEH Control (PoC)
Webby WebServer - Overflow (SEH) (PoC)
Quick 'n Easy FTP Server Lite 3.1 - Exploit
Quick 'n Easy FTP Server Lite 3.1 - Denial of Service
Subtitle Translation Wizard 3.0.0 - Exploit (SEH) (PoC)
Subtitle Translation Wizard 3.0.0 - Overflow (SEH) (PoC)
FFDshow - SEH Exception Leading to Null Pointer on Read
FFDshow - Overflow (SEH) Exception Leading to Null Pointer on Read
Microsoft Internet Explorer - MSHTML Findtext Processing Issue
Microsoft Internet Explorer - MSHTML Findtext Processing Exploit
Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption
Oreans WinLicense 2.1.8.0 - XML File Handling Memory Corruption
Debian suidmanager 0.18 - Exploit
AMD K6 Processor - Exploit
Apple Personal Web Sharing 1.1 - Remote Denial of Service
AMD K6 Processor - Denial of Service
Sun Solaris 7.0 - 'procfs' Denial of Service
S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - identd Denial of Service
S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - 'identd' Denial of Service
Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - rpc.lockd Remote Denial of Service
Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - 'rpc.lockd' Remote Denial of Service
D-Link DIR605L - Denial of Service
RedHat Linux 6.1 i386 - Tmpwatch Recursive Write Denial of Service
(Linux Kernel) ReiserFS 3.5.28 - Code Execution / Denial of Service
ReiserFS 3.5.28 (Linux Kernel) - Code Execution / Denial of Service
IBM AIX 4.3.3/5.1/5.2 libIM - Buffer Overflow
IBM AIX 4.3.3/5.1/5.2 - 'libIM' Buffer Overflow
xfstt 1.2/1.4 - Unspecified Memory Disclosure
xfstt 1.2/1.4 - Memory Disclosure
ViRobot Linux Server 2.0 - Exploit
Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities
Linux Kernel 2.4.x/2.6.x - Multiple ISO9660 Filesystem Handling Vulnerabilities
IBM AIX 5.x - Invscout Local Buffer Overflow
IBM AIX 5.x - 'Invscout' Local Buffer Overflow
Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Unspecified Buffer Overflow
Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Buffer Overflow
Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption (MS06-012)
Microsoft Excel 95/97/2000/2002/2003/2004 - Memory Corruption (MS06-012)
IBM Tivoli Directory Server 6.0 - Unspecified LDAP Memory Corruption
IBM Tivoli Directory Server 6.0 - LDAP Memory Corruption
Quake 3 Engine - CL_ParseDownload Remote Buffer Overflow
Quake 3 Engine - 'CL_ParseDownload' Remote Buffer Overflow
Zabbix 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities
Zabbix 1.1.2 - Multiple Remote Code Execution Vulnerabilities
VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (2)
VideoLAN VLC Media Player 0.8.6a - Denial of Service (2)
Sun Solaris 10 - ICMP Unspecified Remote Denial of Service
Sun Solaris 10 - ICMP Remote Denial of Service
Mozilla Firefox 2.0.0.2 - Unspecified GIF Handling Denial of Service
Mozilla Firefox 2.0.0.2 - '.GIF' Handling Denial of Service
Progress WebSpeed 3.0/3.1 - Denial of Service
GStreamer 0.10.15 - Multiple Unspecified Remote Denial of Service Vulnerabilities
GStreamer 0.10.15 - Multiple Remote Denial of Service Vulnerabilities
Wireshark 0.99.8 - X.509sat Dissector Unspecified Denial of Service
Wireshark 0.99.8 - LDAP Dissector Unspecified Denial of Service
Wireshark 0.99.8 - SCCP Dissector Decode As Feature Unspecified Denial of Service
Wireshark 0.99.8 - X.509sat Dissector Denial of Service
Wireshark 0.99.8 - LDAP Dissector Denial of Service
Wireshark 0.99.8 - SCCP Dissector Decode As Feature Denial of Service
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (1)
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (2)
Nokia Lotus Notes Connector - 'lnresobject.dll' Unspecified Remote Denial of Service
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (1)
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (2)
Nokia Lotus Notes Connector - 'lnresobject.dll' Remote Denial of Service
Wireshark 1.2.1 - OpcUa Dissector Unspecified Resource Exhaustion (Denial of Service)
Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Unspecified Remote Denial of Service
Wireshark 1.2.1 - GSM A RR Dissector packet.c Unspecified Remote Denial of Service
Wireshark 1.2.1 - OpcUa Dissector Resource Exhaustion (Denial of Service)
Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Remote Denial of Service
Wireshark 1.2.1 - GSM A RR Dissector packet.c Remote Denial of Service
Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities
Opera Web Browser < 11.60 - Denial of Service / Multiple Vulnerabilities
SmallFTPd - Unspecified Denial of Service
SmallFTPd - Denial of Service
Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Exploitable Kernel NULL Dereference
Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Kernel NULL Dereference
Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference
Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Kernel NULL Dereference
Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference
Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient NULL Dereference
Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF CREATECOLORSPACEW' Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple 'EMF CREATECOLORSPACEW' Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055)
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Apple Mac OSX Kernel - Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleMuxControl.kext
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl
Apple Mac OSX Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource
Apple Mac OSX Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in IOAudioEngine
Apple Mac OSX Kernel - Null Pointer Dereference in AppleMuxControl.kext
Apple Mac OSX Kernel - Null Pointer Dereference in AppleGraphicsDeviceControl
Apple Mac OSX Kernel - NULL Dereference in IOAccelSharedUserClient2::page_off_resource
Apple Mac OSX Kernel - NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
Apple Mac OSX Kernel - Null Pointer Dereference in IOAudioEngine
Apple OS X/iOS - mach_ports_register Multiple Memory Safety Issues
Apple OS X/iOS - 'mach_ports_register' Multiple Memory Safety Exploits
Linux Kernel 3.10.0-327/4.8.0-22 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference
Linux Kernel 4.8.0-22/3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference
Microsoft MsMpEng - Remotely Exploitable Use-After-Free due to Design Issue in GC Engine
Microsoft MsMpEng - Remote Use-After-Free Due to Design Issue in GC Engine
Microsoft Windows Kernel - 'win32k.sys' Multiple Issues 'NtGdiGetDIBitsInternal' System Call
Microsoft Windows Kernel - 'win32k.sys' Multiple 'NtGdiGetDIBitsInternal' System Call
Mandrake Linux 8.2 /usr/mail - Local Exploit
Mandrake Linux 8.2 - '/usr/mail' Local Exploit
RedHat 6.2 /sbin/restore - Exploit
RedHat 6.2 - '/sbin/restore' Privilege Escalation
dump 0.4b15 (RedHat 6.2) - Exploit
dump 0.4b15 (RedHat 6.2) - Privilege Escalation
xsoldier 0.96 (RedHat 6.2) - Exploit
Pine (Local Message Grabber) - Exploit
xsoldier 0.96 (RedHat 6.2) - Buffer Overflow
Pine (Local Message Grabber) - Local Message Read
Seyon 2.1 rev. 4b i586-Linux - Exploit
Seyon 2.1 rev. 4b i586-Linux (RedHat 4.0/5.1) - Overflow
glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - Exploit
glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - File Read
suid_perl 5.001 - Exploit
suid_perl 5.001 - Command Execution
Sendmail 8.11.x (Linux/i386) - Exploit
Sendmail 8.11.x (Linux/i386) - Privilege Escalation
Microsoft Excel - Unspecified Remote Code Execution
Microsoft Excel - Remote Code Execution
Microsoft Word 2000 - Unspecified Code Execution
Microsoft Word 2000 - Code Execution
IBM AIX 5.3 sp6 - capture Terminal Sequence Privilege Escalation
IBM AIX 5.3 sp6 - pioout Arbitrary Library Loading Privilege Escalation
IBM AIX 5.3 SP6 - Capture Terminal Sequence Privilege Escalation
IBM AIX 5.3 SP6 - 'pioout' Arbitrary Library Loading Privilege Escalation
IBM AIX 5.3 libc - MALLOCDEBUG File Overwrite
IBM AIX 5.3 - 'libc' MALLOCDEBUG File Overwrite
Easy RM to MP3 Converter 2.7.3.700 - Exploit
Easy RM to MP3 Converter 2.7.3.700 - Buffer Overflow
Easy RM to MP3 27.3.700 (Windows XP SP3) - Exploit
Easy RM to MP3 27.3.700 (Windows XP SP3) - Overflow
Adobe Reader and Acrobat - Exploit
Adobe Reader / Acrobat - '.PDF' File Overflow
Mini-stream Ripper (Windows XP SP2/SP3) - Exploit
Mini-stream Ripper (Windows XP SP2/SP3) - Local Overflow
DJ Studio Pro 5.1.6.5.2 - Exploit (SEH)
DJ Studio Pro 5.1.6.5.2 - Overflow (SEH)
Winamp 5.572 - Exploit (SEH)
Winamp 5.572 - Overflow (SEH)
ZipScan 2.2c - Exploit (SEH)
ZipScan 2.2c - Overflow (SEH)
Local Glibc shared library (.so) 2.11.1 - Exploit
(Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation
Local Glibc Shared Library (.so) 2.11.1 - Code Execution
ReiserFS (Linux Kernel 2.6.34-rc3 / RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation
SyncBack Freeware 3.2.20.0 - Exploit
SyncBack Freeware 3.2.20.0 - Overflow (SEH)
Mediacoder 0.7.3.4672 - Exploit (SEH)
Mediacoder 0.7.3.4672 - Overflow (SEH)
MP3 Workstation 9.2.1.1.2 - Exploit (SEH)
MP3 Workstation 9.2.1.1.2 - Overflow (SEH)
DJ Studio Pro 8.1.3.2.1 - Exploit (SEH)
DJ Studio Pro 8.1.3.2.1 - Overflow (SEH)
MP3 Workstation 9.2.1.1.2 - Exploit (SEH) (Metasploit)
MP3 Workstation 9.2.1.1.2 - Overflow (SEH) (Metasploit)
iworkstation 9.3.2.1.4 - Exploit (SEH)
iworkstation 9.3.2.1.4 - Overflow (SEH)
Nokia MultiMedia Player 1.0 - Exploit (SEH Unicode)
Nokia MultiMedia Player 1.0 - Overflow (SEH Unicode)
POP Peeper 3.7 - Exploit (SEH)
POP Peeper 3.7 - Overflow (SEH)
DVD X Player 5.5 Pro - SEH + ASLR + DEP Bypass
DVD X Player 5.5 Pro - Overflow (SEH + ASLR + DEP Bypass)
DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) (Metasploit)
DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) (Metasploit)
BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass
BlazeVideo HDTV Player 6.6 Professional - Overflow (SEH + ASLR + DEP Bypass)
Slackware Linux 3.4 - 'liloconfig-color' Temporary file
Slackware Linux 3.4 - 'makebootdisk' Temporary file
Slackware Linux 3.4 - 'liloconfig-color' Temporary File
Slackware Linux 3.4 - 'makebootdisk' Temporary File
Slackware Linux 3.4 - 'netconfig' Temporary file
Slackware Linux 3.4 - 'pkgtool' Temporary file
Slackware Linux 3.4 - 'netconfig' Temporary File
Slackware Linux 3.4 - 'pkgtool' Temporary File
Debian suidmanager 0.18 - Command Execution
BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Exploit
HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Exploit
Slackware Linux 3.5 - Missing /etc/group Privilege Escalation
BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Buffer Overrun
HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Change File Permission
Slackware Linux 3.5 - '/etc/group' Privilege Escalation
Sun Solaris 2.6 power management - Exploit
Sun Solaris 2.6 - power management Exploit
DataLynx suGuard 1.0 - Exploit
Sun Solaris 2.5.1 PAM & unix_scheme - Exploit
Solaris 2.5.1 ffbconfig - Exploit
Solaris 2.5.1 chkey - Exploit
Solaris 2.5.1 Ping - Exploit
SGI IRIX 6.4 ioconfig - Exploit
DataLynx suGuard 1.0 - Privilege Escalation
Sun Solaris 2.5.1 PAM / unix_scheme - 'passwd' Privilege Escalation
Solaris 2.5.1 - 'ffbconfig' Exploit
Solaris 2.5.1 - 'chkey' Exploit
Solaris 2.5.1 - 'Ping' Exploit
SGI IRIX 6.4 - 'ioconfig' Exploit
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (1)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (2)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - 'xlock' Exploit (1)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - '/usr/bin/X11/xlock' Privilege Escalation (2)
Solaris 2.5.1 automount - Exploit
Solaris 2.5.1 - 'automount' Exploit
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Exploit
Sun Solaris 7.0 dtprintinfo - Buffer Overflow
Sun Solaris 7.0 lpset - Buffer Overflow
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Privilege Escalation
Sun Solaris 7.0 - '/usr/dt/bin/dtprintinfo' Buffer Overflow
Sun Solaris 7.0 - '/usr/bin/lpset' Buffer Overflow
IBM Remote Control Software 1.0 - Exploit
IBM Remote Control Software 1.0 - Code Execution
Xcmail 0.99.6 - Exploit
Xcmail 0.99.6 - Buffer Overflow
Sun Solaris 7.0 ff.core - Exploit
S.u.S.E. 5.2 lpc - Exploit
Sun Solaris 7.0 - 'ff.core' Exploit
S.u.S.E. 5.2 - 'lpc' Exploit
SGI IRIX 6.2 cdplayer - Exploit
SGI IRIX 6.2 - 'cdplayer' Exploit
SGI IRIX 5.3 Cadmin - Exploit
SGI IRIX 6.0.1 colorview - Exploit
SGI IRIX 5.3 - 'Cadmin' Exploit
SGI IRIX 6.0.1 - 'colorview' Exploit
SGI IRIX 6.3 df - Exploit
SGI IRIX 6.4 - datman/cdman Exploit
SGI IRIX 6.3 - 'df' Exploit
SGI IRIX 6.4 - datman/cdman Exploit
RedHat Linux 2.1 - abuse.console Exploit
SGI IRIX 6.2 fsdump - Exploit
RedHat Linux 5.1 xosview - Exploit
Slackware Linux 3.1 - Buffer Overflow
RedHat Linux 2.1 - 'abuse.console' Exploit
SGI IRIX 6.2 - 'fsdump' Exploit
RedHat Linux 5.1 - xosview
Slackware Linux 3.1 - '/usr/X11/bin/SuperProbe' Buffer Overflow
IBM AIX 4.3 infod - Exploit
IBM AIX 4.3 - 'infod' Exploit
IBM AIX 4.2.1 snap - Insecure Temporary File Creation
IBM AIX 4.2.1 - 'snap' Insecure Temporary File Creation
SGI IRIX 6.4 inpview - Exploit
RedHat Linux 5.0 msgchk - Exploit
IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation
IBM AIX 4.2 ping - Buffer Overflow
IBM AIX 4.2 lchangelv - Buffer Overflow
SGI IRIX 6.4 - 'inpview' Exploit
RedHat Linux 5.0 - 'msgchk' Exploit
IBM AIX 4.2.1 - '/usr/bin/portmir' Buffer Overflow / Insecure Temporary File Creation
IBM AIX 4.2 - 'ping' Buffer Overflow
IBM AIX 4.2 - '/usr/sbin/lchangelv' Buffer Overflow
RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 mailx - Exploit (1)
RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' Exploit (1)
SGI IRIX 6.4 netprint - Exploit
SGI IRIX 6.4 - 'netprint' Exploit
SGI IRIX 5.3/6.2 ordist - Exploit
SGI IRIX 5.3/6.2 - 'ordist' Exploit
SGI IRIX 5.3 pkgadjust - Exploit
SGI IRIX 5.3 - 'pkgadjust' Exploit
Sun Solaris 7.0 procfs - Exploit
IBM AIX 3.2.5 - IFS Exploit
IBM AIX 4.2.1 lquerypv - Exploit
IBM AIX 3.2.5 - 'IFS' Exploit
IBM AIX 4.2.1 - 'lquerypv' File Read
SGI IRIX 6.3 pset - Exploit
SGI IRIX 6.4 rmail - Exploit
SGI IRIX 6.3 - 'pset' Exploit
SGI IRIX 6.4 - 'rmail' Exploit
SGI IRIX 5.2/5.3 serial_ports - Exploit
SGI IRIX 6.4 suid_exec - Exploit
SGI IRIX 5.1/5.2 sgihelp - Exploit
SGI IRIX 6.4 startmidi - Exploit
SGI IRIX 5.2/5.3 - 'serial_ports' Exploit
SGI IRIX 6.4 - 'suid_exec' Exploit
SGI IRIX 5.1/5.2- 'sgihelp' Exploit
SGI IRIX 6.4 - 'startmidi' Exploit
SGI IRIX 6.4 xfsdump - Exploit
SGI IRIX 6.4 - 'xfsdump' Exploit
IBM AIX 4.3.1 adb - Exploit
IBM AIX 4.3.1 - 'adb' Denial of Service
Apple At Ease 5.0 - Exploit
Samba < 2.0.5 - Exploit
Apple At Ease 5.0 - Information Disclosure
Samba < 2.0.5 - Overflow
NetBSD 1.4 / OpenBSD 2.5 /Solaris 7.0 profil(2) - Exploit
NetBSD 1.4 / OpenBSD 2.5 / Solaris 7.0 - 'profil(2)' Modify The Internal Data Space
Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 espeaker - Local Buffer Overflow
Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 - 'espeaker' Local Buffer Overflow
HP-UX 10.20 newgrp - Exploit
HP-UX 10.20 newgrp - Privilege Escalation
BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (2)
BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - '/usr/bin/lpr' Buffer Overrun Privilege Escalation (2)
BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon Exploit
BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon
FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (1)
FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (2)
xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (1)
xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (2)
Solaris 7.0 kcms_configure - Exploit
Solaris 7.0 - 'kcms_configure Exploit
Windowmaker wmmon 1.0 b2 - Exploit
Windowmaker wmmon 1.0 b2 - Command Execution
Oracle8i Standard Edition 8.1.5 for Linux Installer - Exploit
Oracle8i Standard Edition 8.1.5 for Linux Installer - Privilege Escalation
Standard & Poors ComStock 4.2.4 - Exploit
Standard & Poors ComStock 4.2.4 - Command Execution
KDE 1.1.2 KApplication configfile - Exploit (1)
KDE 1.1.2 KApplication configfile - Exploit (2)
KDE 1.1.2 KApplication configfile - Exploit (3)
KDE 1.1.2 KApplication configfile - Privilege Escalation (1)
KDE 1.1.2 KApplication configfile - Privilege Escalation (2)
KDE 1.1.2 KApplication configfile - Privilege Escalation (3)
BSD 'mailx' 8.1.1-10 - Buffer Overflow (2)
mailx 8.1.1-10 (BSD/Slackware) - Buffer Overflow (2)
Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - fld Input File Overflow
Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - '/usr/bin/fld' Input File Overflow
IRIX 6.5.x - GR_OSView Buffer Overflow
SGI IRIX 6.2 libgl.so - Buffer Overflow
IRIX 6.5.x - dmplay Buffer Overflow
IRIX 6.2/6.3 lpstat - Buffer Overflow
IRIX 6.5.x - inpview Race Condition
IRIX 6.5.x - '/usr/sbin/gr_osview' Buffer Overflow
SGI IRIX 6.2 - 'libgl.so' Buffer Overflow
IRIX 6.5.x - '/usr/sbin/dmplay' Buffer Overflow
IRIX 6.2/6.3 - '/bin/lpstat' Buffer Overflow
IRIX 6.5.x - '/usr/lib/InPerson/inpview' Race Condition
IRIX 5.3/6.x - mail Exploit
IRIX 5.3/6.x - '/usr/bin/mail' Buffer Overflow
Libc locale - Exploit (1)
Libc locale - Exploit (2)
Libc locale - Privilege Escalation (1)
Libc locale - Privilege Escalation (2)
GNOME esound 0.2.19 - Unix Domain Socket Race Condition
Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell redirection Race Condition
Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell Redirection Race Condition
IBM AIX 4.x - setsenv Buffer Overflow
IBM AIX 4.3 digest - Buffer Overflow
IBM AIX 4.x - enq Buffer Overflow
IBM AIX 4.3.x - piobe Buffer Overflow
IBM AIX 4.x - '/usr/bin/setsenv' Buffer Overflow
IBM AIX 4.3 - '/usr/lib/lpd/digest' Buffer Overflow
IBM AIX 4.x - 'enq' Buffer Overflow
IBM AIX 4.3.x - '/usr/lib/lpd/piobe' Buffer Overflow
SGI IRIX 6.5 / Solaris 7.0/8 - CDE dtsession Buffer Overflow
SGI IRIX 6.5 / Solaris 7.0/8 CDE - '/usr/dt/bin/dtsession' Buffer Overflow
AIX 4.2/4.3 - piomkapqd Buffer Overflow
AIX 4.2/4.3 - '/usr/lib/lpd/pio/etc/piomkapqd' Buffer Overflow
(Linux Kernel 2.4.17-8) User-Mode Linux - Memory Access Privilege Escalation
User-Mode Linux (Linux Kernel 2.4.17-8) - Memory Access Privilege Escalation
(Linux Kernel) Grsecurity Kernel Patch 1.9.4 - Memory Protection
Grsecurity Kernel Patch 1.9.4 (Linux Kernel) - Memory Protection
QNX RTOS 6.1 - phlocale Environment Variable Buffer Overflow
QNX RTOS 6.1 - PKG-Installer Buffer Overflow
QNX RTOS 6.1 - '/usr/photon/bin/phlocale' Environment Variable Buffer Overflow
QNX RTOS 6.1 - 'PKG-Installer' Buffer Overflow
NCMedia Sound Editor Pro 7.5.1 - SEH + DEP Bypass
NCMedia Sound Editor Pro 7.5.1 - Overflow (SEH + DEP Bypass)
AFD 1.2.x - Working Directory Local Buffer Overflow
AFD 1.2.x - Working Directory Local Buffer Overflow Privilege Escalation
IBM AIX 4.3.x/5.1 - ERRPT Local Buffer Overflow
IBM AIX 4.3.x/5.1 - 'ERRPT' Local Buffer Overflow
HP-UX 10.x - rs.F3000 Unspecified Unauthorized Access
HP-UX 10.x - rs.F3000 Unauthorized Access
Leksbot 1.2 - Multiple Unspecified Vulnerabilities
Leksbot 1.2 - Multiple Vulnerabilities
IBM AIX 4.3.x/5.1 - LSMCODE Environment Variable Local Buffer Overflow
IBM AIX 4.3.x/5.1 - 'LSMCODE' Environment Variable Local Buffer Overflow
IBM UniVerse 10.0.0.9 - uvadmsh Privilege Escalation
IBM UniVerse 10.0.0.9 - 'uvadmsh' Privilege Escalation
ViRobot Linux Server 2.0 - Overflow
(Linux Kernel 2.6) Samba 2.2.8 (Debian / Mandrake) - Share Privilege Escalation
Samba 2.2.8 (Linux Kernel 2.6 / Debian / Mandrake) - Share Privilege Escalation
Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (1)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (2)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (3)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (1)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (2)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (3)
Nvidia Display Driver Service (Nsvr) - Exploit
Nvidia Display Driver Service (Nsvr) - Buffer Overflow
IBM AIX 5.3 - GetShell and GetCommand File Enumeration
IBM AIX 5.3 - GetShell and GetCommand Partial File Disclosure
IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Enumeration
IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Disclosure
Apple 2.0.4 - Safari Unspecified Local
Apple 2.0.4 - Safari Local Exploit
Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities
IBM AIX 6.1.8 libodm - Arbitrary File Write
IBM AIX 6.1.8 - 'libodm' Arbitrary File Write
Apple iOS 4.0.2 - Networking Packet Filter Rules Privilege Escalation
VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow
VeryPDF HTML Converter 2.0 - Buffer Overflow (SEH/ToLower() Bypass)
Symantec Encryption Desktop 10 - Buffer Overflow Privilege Escalation
QEMU (Gentoo) - Local Priv Escalation
QEMU (Gentoo) - Privilege Escalation
Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation
Apache Tomcat 8/7/6 (RedHat Based Distros) - Privilege Escalation
RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock)
RedStar 3.0 Server - 'BEAM' / 'RSSMON' Command Injection (Shellshock)
Microsoft WordPerfect Document Converter - Exploit (MS03-036)
Microsoft WordPerfect Document Converter (Windows NT4 Workstation SP5/SP6 French) - File Template Buffer Overflow (MS03-036)
CA BrightStor ARCserve Backup - Exploiter Tool
CA BrightStor ARCserve Backup - Overflow
NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - Exploit
NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - File Write
CDBurnerXP 4.2.4.1351 - Exploit
PeerCast 0.1216 - Exploit (Metasploit)
PeerCast 0.1216 - Stack Overflow (Metasploit)
BigAnt Server 2.52 - Exploit (SEH)
BigAnt Server 2.52 - Overflow (SEH)
NetTransport Download Manager 2.90.510 - Exploit
NetTransport Download Manager 2.90.510 - Overflow (SEH)
File Sharing Wizard 1.5.0 - Exploit (SEH)
File Sharing Wizard 1.5.0 - Overflow (SEH)
Real Player 12.0.0.879 - Exploit
Sun Java Web Server 7.0 u7 - Exploit (DEP Bypass)
Real Player 12.0.0.879 - Code Execution
Sun Java Web Server 7.0 u7 - Overflow (DEP Bypass)
IBM AIX 5l FTPd - Remote DES Hash Exploit
IBM AIX 5l - 'FTPd' Remote DES Hash Exploit
Microsoft Data Access Components - Exploit (MS11-002)
Microsoft Data Access Components - Overflow (PoC) (MS11-002)
FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit)
FileCOPA FTP Server (Pre 18 Jul Version) - 'LIST' Buffer Overflow (Metasploit)
Viscom Software Movie Player Pro SDK ActiveX 6.8 - Exploit (Metasploit)
Viscom Software Movie Player Pro SDK ActiveX 6.8 - Stack-Based Buffer Overflow (Metasploit)
Apple Personal Web Sharing 1.1 - Exploit
id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Exploit
id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Command Execution
Metainfo Sendmail 2.0/2.5 & MetaIP 3.1 - Exploit
Metainfo Sendmail 2.0/2.5 / MetaIP 3.1 - Upload / Execute Read Scripts
IBM AIX 3.2/4.1 & SCO Unixware 7.1.1 & SGI IRIX 5.3 & Sun Solaris 2.5.1 - Exploit
IBM AIX 3.2/4.1 / SCO Unixware 7.1.1 / SGI IRIX 5.3 / Sun Solaris 2.5.1 - Privilege Escalation
HP HP-UX 10.34 rlpdaemon - Exploit
HP HP-UX 10.34 rlpdaemon - Remote Overflow
Ray Chan WWW Authorization Gateway 0.1 - Exploit
Ray Chan WWW Authorization Gateway 0.1 - Command Execution
Solaris 7.0 Coredump - Exploit
Solaris 7.0 - 'Coredump' File Write
IBM Scalable POWERparallel (SP) 2.0 sdrd - Exploit
SGI IRIX 6.2 cgi-bin wrap - Exploit
IBM Scalable POWERparallel (SP) 2.0 - 'sdrd' File Read
SGI IRIX 6.2 - cgi-bin wrap Exploit
SGI IRIX 6.5.2 nsd - Exploit
SGI IRIX 6.5.2 - 'nsd'' Exploit
IBM AIX 3.2.5 - login(1) Exploit
IBM AIX 3.2.5 - 'login(1)' Exploit
Compaq Java Applet for Presario SpawnApp - Exploit
Compaq Java Applet for Presario SpawnApp - Code Execution
Network Security Wizards Dragon-Fire IDS 1.0 - Exploit
Network Security Wizards Dragon-Fire IDS 1.0 - Command Execution
Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Exploit
Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Information Disclosure
IBM AIX 4.3.2 ftpd - Remote Buffer Overflow
IBM AIX 4.3.2 - 'ftpd' Remote Buffer Overflow
glFTPd 1.17.2 - Exploit
glFTPd 1.17.2 - Code Execution
Netopia R-series routers 4.6.2 - Exploit
Netopia R-series Routers 4.6.2 - Modifying SNMP Tables
Sun Java Web Server 1.1.3/2.0 Servlets - Exploit
Sun Java Web Server 1.1.3/2.0 Servlets - information Disclosure
IPFilter 3.x - Fragment Rule Bypass
CGIWrap 2.x/3.x - Cross-Site Scripting
AIX 4.1/4.2 - pdnsd Buffer Overflow
AIX 4.1/4.2 - 'pdnsd' Buffer Overflow
RedHat Linux 7.0 Apache - Remote 'Username' Enumeration
RedHat Linux 7.0 Apache - Remote Username Enumeration
Hylafax 4.1.x - HFaxD Unspecified Format String
Hylafax 4.1.x - HFaxD Format String
EZMeeting 3.x - 'EZNet.exe' Long HTTP Request Remote Buffer Overflow
LHA 1.x - Multiple extract_one Buffer Overflow Vulnerabilities
LHA 1.x - 'extract_one' Multiple Buffer Overflow Vulnerabilities
Ethereal 0.x - Multiple Unspecified iSNS / SMB / SNMP Protocol Dissector Vulnerabilities
Ethereal 0.x - Multiple iSNS / SMB / SNMP Protocol Dissector Vulnerabilities
Oracle 9i - Multiple Unspecified Vulnerabilities
Oracle 9i - Multiple Vulnerabilities
File ELF 4.x - Header Unspecified Buffer Overflow
File ELF 4.x - Header Buffer Overflow
Microsoft PowerPoint 2003 - 'mso.dll' .PPT Processing Unspecified Code Execution
Microsoft PowerPoint 2003 - 'powerpnt.exe' Unspecified Issue
Microsoft PowerPoint 2003 - 'mso.dll' '.PPT' Processing Code Execution
Microsoft PowerPoint 2003 - 'powerpnt.exe' Exploit
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Unspecified Arbitrary File Manipulation
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Unspecified Replay Attack
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Arbitrary File Manipulation
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Replay Attack
Microsoft Internet Explorer 6 - Unspecified Code Execution (1)
Microsoft Internet Explorer 6 - Unspecified Code Execution (2)
Microsoft Internet Explorer 6 - Code Execution (1)
Microsoft Internet Explorer 6 - Code Execution (2)
GNU Tar 1.1x - GNUTYPE_NAMES Directory Traversal
GNU Tar 1.1x - 'GNUTYPE_NAMES' Directory Traversal
TFTP Server TFTPDWin 0.4.2 - Unspecified Directory Traversal
TFTP Server TFTPDWin 0.4.2 - Directory Traversal
Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified
Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Exploit
Multiple CA Service Management Products - Unspecified Remote Command Execution
Multiple CA Service Management Products - Remote Command Execution
NovaStor NovaNET 12 - 'DtbClsLogin()' Remote Stack Buffer Overflow
Bash - Environment Variables Code Injection (Shellshock)
Bash - Environment Variables Command Injection (Shellshock)
OpenVPN 2.2.29 - Remote Exploit (Shellshock)
OpenVPN 2.2.29 - Remote Command Injection (Shellshock)
Postfix SMTP 4.2.x < 4.2.48 - Remote Exploit (Shellshock)
Apache mod_cgi - Remote Exploit (Shellshock)
Postfix SMTP 4.2.x < 4.2.48 - Remote Command Injection (Shellshock)
Apache mod_cgi - Remote Command Injection (Shellshock)
Poison Ivy 2.3.2 - Unspecified Remote Buffer Overflow
Poison Ivy 2.3.2 - Remote Buffer Overflow
Samba 3.5.11/3.6.3 - Unspecified Remote Code Execution
Samba 3.5.11/3.6.3 - Remote Code Execution
Advantech Switch - Bash Environment Variable Code Injection (Shellshock) (Metasploit)
Advantech Switch - Bash Environment Variable Command Injection (Shellshock) (Metasploit)
Cisco UCS Manager 2.1(1b) - Remote Exploit (Shellshock)
Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock)
IPFire - Bash Environment Variable Injection (Shellshock) (Metasploit)
IPFire - Bash Environment Variable Command Injection (Shellshock) (Metasploit)
TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock)
TrendMicro InterScan Web Security Virtual Appliance - Remote Command Injection (Shellshock)
Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remotely Exploitable Type Confusion
Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remote Type Confusion
Poll It CGI 2.0 - Exploit
Poll It CGI 2.0 - Multiple Vulnerabilities
DreamPoll 3.1 - Exploit
DreamPoll 3.1 - SQL Injection
WordPress Plugin WP-Cumulus 1.20 - Exploit
WordPress Plugin WP-Cumulus 1.20 - Full Path Disclosure / Cross-Site Scripting
Public Media Manager - Exploit
Public Media Manager - Remote File Inclusion
Joomla! Component com_adagency - Exploit
Joomla! Component com_adagency - Local File Inclusion
File Upload Manager 1.3 - Exploit
File Upload Manager 1.3 - Web Shell File Upload
Joomla! Component com_caddy - Exploit
Renista CMS - Exploit
Renista CMS - SQL Injection
BtiTracker 1.3.x < 1.4.x - Exploit
BtiTracker 1.3.x < 1.4.x - SQL Injection
WordPress Plugin Cimy Counter - Exploit
WordPress Plugin Cimy Counter - Full Path Disclosure / Redirector / Cross-Site Scripting / HTTP Response Spitting
Belkin F5D7234-4 v5 G Wireless Router - Exploit
Belkin F5D7234-4 v5 G Wireless Router - Remote Hash Exposed
WhatsApp Status Changer 0.2 - Exploit
WhatsApp - Remote Change Status
MySimpleNews 1.0 - Remotely Readable Administrator Password
MySimpleNews 1.0 - Remote Readable Administrator Password
SquirrelMail 1.2.11 - Exploit
SquirrelMail 1.2.11 - Multiple Vulnerabilities
D-Link DCS-936L Network Camera - Cross-Site Request Forgery
Yappa-ng 1.x/2.x - Unspecified Remote File Inclusion
Yappa-ng 1.x/2.x - Unspecified Cross-Site Scripting
Yappa-ng 1.x/2.x - Remote File Inclusion
Yappa-ng 1.x/2.x - Cross-Site Scripting
Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities
Aenovo - Multiple Cross-Site Scripting Vulnerabilities
Codegrrl - 'Protection.php' Unspecified Code Execution
Codegrrl - 'Protection.php' Code Execution
Red Mombin 0.7 - 'index.php' Unspecified Cross-Site Scripting
Red Mombin 0.7 - 'process_login.php' Unspecified Cross-Site Scripting
Red Mombin 0.7 - 'index.php' Cross-Site Scripting
Red Mombin 0.7 - 'process_login.php' Cross-Site Scripting
A-Blog 1.0 - Unspecified Cross-Site Scripting
A-Blog 1.0 - Cross-Site Scripting
Liens_Dynamiques 2.1 - Multiple Unspecified Cross-Site Scripting Vulnerabilities
Liens_Dynamiques 2.1 - Multiple Cross-Site Scripting Vulnerabilities
WordPress Plugin Akismet 2.1.3 - Unspecified
WordPress Plugin Akismet 2.1.3 - Exploit
SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Unspecified Remote Command Execution Vulnerabilities
SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Remote Command Execution Vulnerabilities
UPC Ireland Cisco EPC 2425 Router / Horizon Box - Exploit
UPC Ireland Cisco EPC 2425 Router / Horizon Box - WPA-PSK Handshake Information
Korean GHBoard - 'Component/upload.jsp' Unspecified Arbitrary File Upload
Korean GHBoard - 'Component/upload.jsp' Arbitrary File Upload
MyPHP Forum 3.0 - 'search.php' Multiple Unspecified SQL Injections
MyPHP Forum 3.0 - 'search.php' Multiple SQL Injections
Zoph 0.7.2.1 - Unspecified SQL Injection
Zoph 0.7.2.1 - SQL Injection
Joomla! Component FreiChat 1.0/2.x - Unspecified HTML Injection
Joomla! Component FreiChat 1.0/2.x - HTML Injection
Bash CGI - Remote Code Execution (Shellshock) (Metasploit)
Bash CGI - Remote Command Injection (Shellshock) (Metasploit)
PHP < 5.6.2 - 'disable_functions()' Bypass Exploit (Shellshock)
PHP < 5.6.2 - 'disable_functions()' Bypass Command Injection (Shellshock)
Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Unspecified Security Vulnerabilities
Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Security Vulnerabilities
Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Unspecified Security
Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Security Exploit
Netsweeper 4.0.8 - Authentication Bypass Issue
Netsweeper 4.0.8 - Authentication Bypass
SimpleInvoices invoices Module - Unspecified Customer Field Cross-Site Scripting
SimpleInvoices invoices Module - Customer Field Cross-Site Scripting
Bugzilla 4.2 - Tabular Reports Unspecified Cross-Site Scripting
Bugzilla 4.2 - Tabular Reports Cross-Site Scripting
iScripts AutoHoster - 'main_smtp.php' Unspecified Traversal
iScripts AutoHoster - 'main_smtp.php' Traversal Exploit
Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Issues
Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Exploits
Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Exploit (Shellshock)
Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock)
NUUO NVRmini 2 3.0.8 - Remote Code Execution (Shellshock)
NUUO NVRmini 2 3.0.8 - Remote Command Injection (Shellshock)
Squid Analysis Report Generator 2.3.10 - Remote Code Execution
|
2017-11-16 10:02:26 +00:00 |
|
Offensive Security
|
c7b4bfd8e6
|
DB: 2017-08-23
23 new exploits
Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation (MS17-017)
Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation (MS17-017)
Disk Pulse Enterprise 9.9.16 - 'Import Command' Buffer Overflow
Disk Savvy Enterprise 9.9.14 - 'Import Command' Buffer Overflow
VX Search Enterprise 9.9.12 - 'Import Command' Buffer Overflow
Microsoft Windows - Escalate UAC Protection Bypass (Via COM Handler Hijack) (Metasploit)
IBM OpenAdmin Tool - SOAP welcomeServer PHP Code Execution (Metasploit)
BSD - Passive Connection Shellcode (124 bytes)
BSD - Reverse TCP /bin/sh Shell (127.0.0.1:31337/TCP) Shellcode (124 bytes)
BSD/x86 - setuid(0) then execve /bin/sh Shellcode (30 bytes)
BSD/x86 - Bind Shell 31337/TCP + setuid(0) Shellcode (94 bytes)
BSD/x86 - execve /bin/sh multiplatform Shellcode (27 bytes)
BSD/x86 - execve /bin/sh setuid (0) Shellcode (29 bytes)
BSD/x86 - Bind Shell 31337/TCP Shellcode (83 bytes)
BSD/x86 - Bind Random Port Shellcode (143 bytes)
BSD/x86 - setuid(0) + execve /bin/sh Shellcode (30 bytes)
BSD/x86 - Bind TCP Shell (31337/TCP) + setuid(0) Shellcode (94 bytes)
BSD/x86 - execve /bin/sh Shellcode (27 bytes)
BSD/x86 - execve /bin/sh + setuid(0) Shellcode (29 bytes)
BSD/x86 - Bind TCP Shell (31337/TCP) Shellcode (83 bytes)
BSD/x86 - Bind TCP Shell (Random Port) Shellcode (143 bytes)
BSD/x86 - execve /bin/sh Crypt Shellcode (49 bytes)
BSD/x86 - execve /bin/sh ENCRYPT* Shellcode (57 bytes)
BSD/x86 - Connect torootteam.host.sk:2222 Shellcode (93 bytes)
BSD/x86 - cat /etc/master.passwd | mail [email] Shellcode (92 bytes)
BSD/x86 - execve /bin/sh Encoded Shellcode (49 bytes)
BSD/x86 - execve /bin/sh Encoded Shellcode (57 bytes)
BSD/x86 - Reverse TCP Shell (torootteam.host.sk:2222/TCP) Shellcode (93 bytes)
BSD/x86 - execve /bin/cat /etc/master.passwd | mail [email] Shellcode (92 bytes)
BSDi/x86 - execve /bin/sh toupper evasion Shellcode (97 bytes)
FreeBSD i386 & AMD64 - Execve /bin/sh Shellcode (Anti-Debugging) (140 bytes)
BSDi/x86 - execve /bin/sh ToUpper Encoded Shellcode (97 bytes)
FreeBSD x86 / x64 - execve /bin/sh Anti-Debugging Shellcode (140 bytes)
FreeBSD/x86 - connect back.send.exit /etc/passwd Shellcode (112 bytes)
FreeBSD/x86 - kill all processes Shellcode (12 bytes)
FreeBSD/x86 - rev connect + recv + jmp + return results Shellcode (90 bytes)
FreeBSD/x86 - /bin/cat /etc/master.passwd Null-Free Shellcode (65 bytes)
FreeBSD/x86 - Reverse /bin/sh Shell (127.0.0.1:8000) Shellcode (89 bytes)
FreeBSD/x86 - setuid(0); execve(ipf -Fa); Shellcode (57 bytes)
FreeBSD/x86 - /bin/sh Encrypted Shellcode (48 bytes)
FreeBSD/x86 - Reverse TCP cat /etc/passwd (192.168.1.33:8000/TCP) Shellcode (112 bytes)
FreeBSD/x86 - Kill All Processes Shellcode (12 bytes)
FreeBSD/x86 - ConnectBack (172.17.0.9:8000/TCP) + Receive Shellcode + JMP + Return Results Null-Free Shellcode (90 bytes)
FreeBSD/x86 - execve /bin/cat /etc/master.passwd Null-Free Shellcode (65 bytes)
FreeBSD/x86 - Reverse TCP /bin/sh Shell (127.0.0.1:8000) Null-Free Shellcode (89 bytes)
FreeBSD/x86 - setuid(0); + execve(ipf -Fa); Shellcode (57 bytes)
FreeBSD/x86 - execve /bin/sh Encoded Shellcode (48 bytes)
FreeBSD/x86 - execve /bin/sh Shellcode (2) (23 bytes)
FreeBSD/x86 - execve /bin/sh Shellcode (23 bytes)
FreeBSD/x86 - kldload /tmp/o.o Shellcode (74 bytes)
FreeBSD/x86 - Load Kernel Module (/sbin/kldload /tmp/o.o) Shellcode (74 bytes)
FreeBSD/x86 - Connect Port 31337 Shellcode (102 bytes)
FreeBSD/x86 - Reverse TCP /bin/sh Shell (127.0.0.1:31337/TCP) Shellcode (102 bytes)
Linux/x86 - Bind Shellcode (Generator)
Windows XP SP1 - Bind Shellcode (Generator)
(Generator) - /bin/sh Polymorphic With Printable ASCII Characters Shellcode
Linux/x86 - cmd Null-Free Shellcode (Generator)
(Generator) - Alphanumeric Shellcode (Encoder/Decoder)
Linux/x86 - Bind TCP Shellcode (Generator)
Windows XP SP1 - Bind TCP Shell Shellcode (Generator)
Linux - execve /bin/sh Polymorphic With Printable ASCII Characters Shellcode (Generator)
Linux/x86 - Command Null-Free Shellcode (Generator)
Windows - Reverse TCP Shell (127.0.0.1:123/TCP) Alphanumeric Shellcode (Encoder/Decoder) (Generator)
Win32 - Multi-Format Encoding Tool Shellcode (Generator)
iOS - Version-independent Shellcode
Cisco IOS - Connectback 21/TCP Shellcode
Windows x86 - Multi-Format Encoding Tool Shellcode (Generator)
iOS Version-independent - Null-Free Shellcode
Cisco IOS - New TTY / Privilege Level To 15 / Reverse Virtual Terminal Shell (21/TCP) Shellcode
Linux/x86-64 - Flush IPTables Rules Shellcode (84 bytes)
Linux/x86-64 - Reverse TCP Semi-Stealth Shell Shellcode (88+ bytes) (Generator)
Linux/MIPS (Linksys WRT54G/GL) - Bind 4919/TCP Shellcode (276 bytes)
Linux/x86-64 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (84 bytes)
Linux/x86-64 - Reverse TCP Semi-Stealth /bin/bash Shell Shellcode (88+ bytes) (Generator)
Linux/MIPS (Linksys WRT54G/GL) - Bind TCP /bin/sh Shell (4919/TCP) Shellcode (276 bytes)
Linux/PPC - connect back (192.168.1.1:31337) execve /bin/sh Shellcode (240 bytes)
Linux/PPC - Reverse TCP /bin/sh Shell (192.168.1.1:31337/TCP) Shellcode (240 bytes)
Linux/SPARC - Bind 8975/TCP Shellcode (284 bytes)
Linux/SPARC - Bind TCP Shell (8975/TCP) Null-Free Shellcode (284 bytes)
Linux/x86 - killall5 polymorphic Shellcode (61 bytes)
Linux/x86 - /bin/sh Polymorphic Shellcode (48 bytes)
Linux/x86 - Bind 4444/TCP Shellcode (XOR Encoded) (152 bytes)
Linux/x86 - reboot() polymorphic Shellcode (57 bytes)
Linux/x86 - chmod(_/etc/shadow__666) Polymorphic Shellcode (54 bytes)
Linux/x86 - setreuid(geteuid()_geteuid())_execve(_/bin/sh__0_0) Shellcode (34 bytes)
Linux/x86 - Bind 8000/TCP + Execve Iptables -F Shellcode (176 bytes)
Linux/x86 - Bind 8000/TCP + Add Root User Shellcode (225+ bytes)
Linux/x86 - Bind 8000/TCP ASM Code Linux Shellcode (179 bytes)
Linux/x86 - killall5 Polymorphic Shellcode (61 bytes)
Linux/x86 - execve /bin/sh Polymorphic Shellcode (48 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (4444/TCP) XOR Encoded Shellcode (152 bytes)
Linux/x86 - reboot() Polymorphic Shellcode (57 bytes)
Linux/x86 - chmod 666 /etc/shadow Polymorphic Shellcode (54 bytes)
Linux/x86 - setreuid(geteuid()_ geteuid()) + execve(_/bin/sh__0_0) Shellcode (34 bytes)
Linux/x86 - Bind TCP Shell (8000/TCP) + Flush IPTables Rules (/sbin/iptables -F) Shellcode (176 bytes)
Linux/x86 - Bind TCP Shell (8000/TCP) + Add Root User Shellcode (225+ bytes)
Linux/x86 - Bind TCP /bin/sh Shell (8000/TCP) Shellcode (179 bytes)
Linux/x86 - Serial port shell binding + busybox Launching Shellcode (82 bytes)
Linux/x86 - Serial Port Shell Binding (/dev/ttyS0) + busybox Launching Null-Free Shellcode (82 bytes)
Linux/x86 - chmod(_/etc/shadow__666) + exit(0) Shellcode (30 bytes)
Linux/x86 - chmod 666 /etc/shadow + exit(0) Shellcode (30 bytes)
Linux/x86 - Shellcode Obfuscator (Generator)
Linux/x86 - Shellcode Obfuscator Null-Free (Generator)
Linux/x86 - setuid(0) + execve(/bin/sh_0_0) Shellcode (28 bytes)
Linux/x86 - setresuid(0_0_0) /bin/sh Shellcode (35 bytes)
Linux/x86 - setuid(0) + execve(/bin/sh_0_0) Null-Free Shellcode (28 bytes)
Linux/x86 - setresuid(0_0_0) + /bin/sh Shellcode (35 bytes)
Linux/x86 - Reverse TCP /etc/shadow (8192/TCP) Shellcode (155 bytes)
Linux/x86 - Reverse TCP cat /etc/shadow (8192/TCP) Shellcode (155 bytes)
Linux/x86 - setuid(0) . setgid(0) . aslr_off Shellcode (79 bytes)
Linux/x86 - setuid(0) + setgid(0) + aslr_off (Disable ASLR Security) Shellcode (79 bytes)
Linux/x86 - /sbin/iptables -F Shellcode (40 bytes)
Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (40 bytes)
Linux/x86 - /sbin/ipchains -F Shellcode (40 bytes)
Linux/x86 - Flush IPChains Rules (/sbin/ipchains -F) Shellcode (40 bytes)
Linux/x86 - HTTP/1.x GET_ Downloads + execve() Shellcode (111+ bytes)
Linux/x86 - executes command after setreuid Shellcode (49+ bytes)
Linux/x86 - HTTP/1.x GET + Downloads + execve() Null-Free Shellcode (111+ bytes)
Linux/x86 - setreuid + executes command (49+ bytes)
Linux/x86 - Bind 31337/TCP + setuid Shellcode (96 bytes)
Linux/x86 - Bind 2707/TCP Shellcode (84 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) + setuid Shellcode (96 bytes)
Linux/x86 - Bind TCP Shell (2707/TCP) Shellcode (84 bytes)
Linux/x86 - Bind 31337/TCP SET_PORT() Shellcode (100 bytes)
Linux/x86 - Reverse TCP Shell (192.168.13.22:31337) Shellcode (82 bytes) (Generator)
Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) Shellcode (100 bytes)
Linux/x86 - Reverse TCP /bin/sh Shell (192.168.13.22:31337) Shellcode (82 bytes) (Generator)
Linux/x86 - Reverse TCP XOR Encoded Shell (127.0.0.1:80/TCP) Shellcode (371 bytes)
Linux/x86 - Reverse TCP Shell (127.0.0.1:80/TCP) XOR Encoded Shellcode (371 bytes)
Linux/x86 - /tmp/swr to SWAP restore Shellcode (109 bytes)
Linux/x86 - Read SWAP write to /tmp/swr Shellcode (109 bytes)
Linux/x86 - Bind TCP Password (gotfault) Shell (64713/TCP) Shellcode (166 bytes)
Linux/x86 - Bind 64713/TCP Shellcode (86 bytes)
Linux/x86 - Bind TCP /bin/sh Password (gotfault) Shell (64713/TCP) Shellcode (166 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (64713/TCP) Shellcode (86 bytes)
Linux/x86 - setreuid(0_0) execve(_/bin/sh__ [_/bin/sh__ NULL]) Shellcode (33 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/sh__ [_/bin/sh__ NULL]) Shellcode (33 bytes)
Linux/x86 - TCP Proxy Shellcode (236 bytes)
Linux/x86 - TCP Proxy Null-Free Shellcode (236 bytes)
Linux/x86 - execve /bin/sh xored for Intel x86 CPUID Shellcode (41 bytes)
Linux/x86 - execve /bin/sh Shellcode (+1 Encoded) (39 bytes)
Linux/x86 - Add User (xtz) To /etc/passwd Shellcode (59 bytes)
Linux/x86 - anti-debug trick (INT 3h trap) + execve /bin/sh Shellcode (39 bytes)
Linux/x86 - Bind /bin/sh to 31337/TCP Shellcode (80 bytes)
Linux/x86 - Bind /bin/sh to 31337/TCP + fork() Shellcode (98 bytes)
Linux/x86 (Intel x86 CPUID) - execve /bin/sh XORED Encoded Shellcode (41 bytes)
Linux/x86 - execve /bin/sh Shellcode +1 Encoded (39 bytes)
Linux/x86 - Add Root User (xtz) To /etc/passwd Shellcode (59 bytes)
Linux/x86 - Anti-Debug Trick (INT 3h trap) + execve /bin/sh Shellcode (39 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) Shellcode (80 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) + fork() Shellcode (98 bytes)
Linux/x86 - chmod(/etc/shadow_ 0666) + exit() Shellcode (32 bytes)
Linux/x86 - chmod 0666 /etc/shadow + exit() Shellcode (32 bytes)
Linux/x86 - Reverse TCP Shell Shellcode (90 bytes) (Generator)
Linux/x86 - Reverse TCP Shell Shellcode (90 bytes) (Generator)
Linux/x86 - read(0_buf_2541); chmod(buf_4755); Shellcode (23 bytes)
Linux/x86 - write(0__Hello core!\n__12); (with optional 7 byte exit) Shellcode (36 bytes)
Linux/x86 - snoop /dev/dsp Shellcode (172 bytes)
Linux/x86 - /bin/sh Standard Opcode Array Payload Shellcode (21 bytes)
Linux/x86 - read(0_buf_2541); + chmod(buf_4755); Shellcode (23 bytes)
Linux/x86 - write(0__Hello core!\n__12); Exit Shellcode (36/43 bytes)
Linux/x86 - snoop /dev/dsp Null-Free Shellcode (172 bytes)
Linux/x86 - execve /bin/sh Standard Opcode Array Payload Shellcode (21 bytes)
Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (23 bytes)
Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (27 bytes)
Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (45 bytes)
Linux/x86 - chroot + standart Shellcode (66 bytes)
Linux/x86 - execve /bin/sh sysenter Opcode Array Payload Shellcode (23 bytes)
Linux/x86 - execve /bin/sh sysenter Opcode Array Payload Shellcode (27 bytes)
Linux/x86 - execve /bin/sh sysenter Opcode Array Payload Shellcode (45 bytes)
Linux/x86 - Break chroot (../ 20x Loop) + execve /bin/sh Shellcode (66 bytes)
Linux/x86 - setreuid/execve Shellcode (31 bytes)
Linux/x86 - Alphanumeric Shellcode (64 bytes)
Linux/x86 - Alphanumeric using IMUL Method Shellcode (88 bytes)
Linux/x86 - setreuid + execve Shellcode (31 bytes)
Linux/x86 - Alphanumeric Encoded Shellcode (64 bytes)
Linux/x86 - Alphanumeric Encoder (IMUL Method) Shellcode (88 bytes)
Linux/x86 - Bind 5074/TCP (ToUpper Encoded) Shellcode (226 bytes)
Linux/x86 - Add User (t00r) Anti-IDS Shellcode (116 bytes)
Linux/x86 - Bind TCP Shell (5074/TCP) ToUpper Encoded Shellcode (226 bytes)
Linux/x86 - Add Root User (t00r) Anti-IDS Shellcode (116 bytes)
Linux/x86 - iptables -F Shellcode (45 bytes)
Linux/x86 - iptables -F Shellcode (58 bytes)
Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (45 bytes)
Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (58 bytes)
Linux/x86 - connect Shellcode (120 bytes)
Linux/x86 - Reverse TCP /bin/sh Shell Shellcode (120 bytes)
Linux/x86 - cp /bin/sh /tmp/katy ; chmod 4555 katy Shellcode (126 bytes)
Linux/x86 - cp /bin/sh /tmp/katy ; + chmod 4555 katy Shellcode (126 bytes)
Linux/x86 - execve /bin/sh setreuid(12_12) Shellcode (50 bytes)
Linux/x86 - Bind 5074/TCP Shellcode (92 bytes)
Linux/x86 - Bind 5074/TCP + fork() Shellcode (130 bytes)
Linux/x86 - Add User (t00r) Shellcode (82 bytes)
Linux/x86 - Add User Shellcode (104 bytes)
Linux/x86 - break chroot Shellcode (34 bytes)
Linux/x86 - break chroot Shellcode (46 bytes)
Linux/x86 - break chroot execve /bin/sh Shellcode (80 bytes)
Linux/x86 - execve /bin/sh + setreuid(12_12) Shellcode (50 bytes)
Linux/x86 - Bind TCP Shell (5074/TCP) Shellcode (92 bytes)
Linux/x86 - Bind TCP Shell (5074/TCP) + fork() Shellcode (130 bytes)
Linux/x86 - Add Root User (t00r) Shellcode (82 bytes)
Linux/x86 - Add Root User Shellcode (104 bytes)
Linux/x86 - Break chroot (../ 10x Loop) Shellcode (34 bytes)
Linux/x86 - Break chroot (../ 10x Loop) Shellcode (46 bytes)
Linux/x86 - Break chroot + execve /bin/sh Shellcode (80 bytes)
Linux/x86 - execve /bin/sh (XOR Encoded) Shellcode (55 bytes)
Linux/x86 - execve /bin/sh XOR Encoded Shellcode (55 bytes)
Linux/x86 - chroot()/execve() code Shellcode (80 bytes)
Linux/x86 - Add User (z) Shellcode (70 bytes)
Linux/x86 - break chroot setuid(0) + /bin/sh Shellcode (132 bytes)
Linux/x86-64 - Bind 4444/TCP Shellcode (132 bytes)
Linux/x86 - Add Root User (z) Shellcode (70 bytes)
Linux/x86 - setreuid(0_ 0) + Break chroot (mkdir/chdir/chroot _../_) + execve /bin/sh Shellcode (132 bytes)
Linux/x86-64 - Bind TCP Shell (4444/TCP) Shellcode (132 bytes)
Linux PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (99 bytes)
OSX PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (121 bytes)
Linux/x86 & Unix/SPARC & IRIX/MIPS - execve /bin/sh Shellcode (141 bytes)
Linux/x86 & Unix/SPARC - execve /bin/sh Shellcode (80 bytes)
Linux/x86 & bsd/x86 - execve /bin/sh Shellcode (38 bytes)
Linux/PPC / Linux/x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (99 bytes)
OSX/PPC / OSX/x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (121 bytes)
Linux/x86 / Unix/SPARC / IRIX/MIPS - execve /bin/sh Shellcode (141 bytes)
Linux/x86 / Unix/SPARC - execve /bin/sh Shellcode (80 bytes)
BSD/x86 / Linux/x86 - execve /bin/sh Shellcode (38 bytes)
NetBSD/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); Shellcode (29 bytes)
NetBSD/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); Shellcode (30 bytes)
NetBSD/x86 - setreuid(0_ 0); + execve(_/bin//sh__ ..._ NULL); Shellcode (29 bytes)
NetBSD/x86 - setreuid(0_ 0); + execve(_/bin//sh__ ..._ NULL); Shellcode (30 bytes)
OpenBSD/x86 - Bind 6969/TCP Shellcode (148 bytes)
OpenBSD/x86 - Add user _w00w00_ Shellcode (112 bytes)
OSX/PPC - sync()_ reboot() Shellcode (32 bytes)
OpenBSD/x86 - Bind TCP Shell (6969/TCP) Shellcode (148 bytes)
OpenBSD/x86 - Add Root User (w00w00) Shellcode (112 bytes)
OSX/PPC - sync() + reboot() Shellcode (32 bytes)
OSX/PPC - Add user _r00t_ Shellcode (219 bytes)
OSX/PPC - Add Root User (r00t) Shellcode (219 bytes)
Solaris/SPARC - executes command after setreuid Shellcode (92+ bytes)
Solaris/SPARC - Reverse TCP XNOR Encoded Shell (44434/TCP) Shellcode (600 bytes) (Generator)
Solaris/SPARC - setreuid/execve Shellcode (56 bytes)
Solaris/SPARC - Bind 6666/TCP Shellcode (240 bytes)
Solaris/SPARC - setreuid + executes command Shellcode (92+ bytes)
Solaris/SPARC - Reverse TCP Shell (44434/TCP) XNOR Encoded Shellcode (600 bytes) (Generator)
Solaris/SPARC - setreuid + execve Shellcode (56 bytes)
Solaris/SPARC - Bind TCP Shell (6666/TCP) Shellcode (240 bytes)
Solaris/SPARC - Bind 6789/TCP Shellcode (228 bytes)
Solaris/SPARC - Reverse TCP Shell (192.168.1.4:5678/TCP) Shellcode (204 bytes)
Solaris/SPARC - Bind Shellcode (240 bytes)
Solaris/x86 - Bind TCP Shellcode (Generator)
Solaris/SPARC - Bind TCP /bin/sh (6789/TCP) Shellcode (228 bytes)
Solaris/SPARC - Reverse TCP /bin/sh Shell (192.168.1.4:5678/TCP) Shellcode (204 bytes)
Solaris/SPARC - Bind TCP Shell Shellcode (240 bytes)
Solaris/x86 - Bind TCP Shellcode (Generator)
Windows 5.0 < 7.0 x86 - Bind Shell 28876/TCP Null-Free Shellcode
Win32/XP SP2 (EN) - cmd.exe Shellcode (23 bytes)
Win32 - SEH Omelet Shellcode
Win32 - Bind 23/TCP Winexec Telnet Shellcode (111 bytes)
Win32 - PEB!NtGlobalFlags Shellcode (14 bytes)
Win32 XP SP2 (FR) - Sellcode cmd.exe Shellcode (32 bytes)
Win32/XP SP2 - cmd.exe Shellcode (57 bytes)
Win32 - PEB 'Kernel32.dll' ImageBase Finder Alphanumeric Shellcode (67 bytes)
Win32 - PEB 'Kernel32.dll' ImageBase Finder (ASCII Printable) Shellcode (49 bytes)
Win32 - ConnectBack + Download A File + Save + Execute Shellcode
Win32 - Download File + Execute Shellcode (Browsers Edition) (Generator) (275+ bytes)
Win32 - Download File + Execute Shellcode (192 bytes)
Win32 - Download File + Execute Shellcode (124 bytes)
Win32/NT/XP - IsDebuggerPresent Shellcode (39 bytes)
Win32 SP1/SP2 - Beep Shellcode (35 bytes)
Win32/XP SP2 - Pop up message box Shellcode (110 bytes)
Win32 - WinExec() Command Parameter Shellcode (104+ bytes)
Win32 - Download File + Execute Shellcode (226+ bytes)
Windows NT/2000/XP (Russian) - Add User 'slim' Shellcode (318 bytes)
Windows 5.0 < 7.0 x86 - Bind TCP Shell (28876/TCP) Null-Free Shellcode
Windows XP SP2 x86 (English) - cmd.exe Shellcode (23 bytes)
Windows x86 - SEH Omelet Shellcode
Windows x86 - Add Administrator User (GAZZA/123456) + Start Telnet Service Shellcode (111 bytes)
Windows x86 - PEB!NtGlobalFlags Shellcode (14 bytes)
Windows XP SP2 x86 (French) - Sellcode cmd.exe Shellcode (32 bytes)
Windows XP SP2 x86 - cmd.exe Shellcode (57 bytes)
Windows x86 - PEB _Kernel32.dll_ ImageBase Finder Alphanumeric Shellcode (67 bytes)
Windows x86 - PEB _Kernel32.dll_ ImageBase Finder (ASCII Printable) Shellcode (49 bytes)
Windows x86 - ConnectBack + Download A File + Save + Execute Shellcode
Windows x86 - Download File + Execute Shellcode (Browsers Edition) (275+ bytes) (Generator)
Windows x86 - Download File + Execute Shellcode (192 bytes)
Windows x86 - Download File + Execute Shellcode (124 bytes)
Windows NT/XP x86 - IsDebuggerPresent Shellcode (39 bytes)
Windows SP1/SP2 x86 - Beep Shellcode (35 bytes)
Windows XP SP2 x86 - Pop up message box Shellcode (110 bytes)
Windows x86 - WinExec() Command Parameter Shellcode (104+ bytes)
Windows x86 - Download File + Execute Shellcode (226+ bytes)
Windows NT/2000/XP (Russian) - Add Administartor User (slim/shady) Shellcode (318 bytes)
Windows XP/2000/2003 - Reverse TCP Shell (127.0.0.1:53) Shellcode (275 bytes) (Generator)
Windows XP/2000/2003 - Reverse TCP Shell (127.0.0.1:53) Shellcode (275 bytes) (Generator)
Windows XP - Download File + Execute Shellcode
Windows XP SP1 - Bind 58821/TCP Shellcode (116 bytes)
Windows XP - Download File + Execute Null-Free Shellcode
Windows XP SP1 - Bind TCP Shell (58821/TCP) Shellcode (116 bytes)
Win64 - (URLDownloadToFileA) Download + Execute Shellcode (218+ bytes)
Windows x64 - (URLDownloadToFileA) Download + Execute Shellcode (218+ bytes)
Linux/x86 - setuid(0) + cat /etc/shadow Shellcode (49 bytes)
Linux/x86 - chmod(/etc/shadow_ 0666) + exit() Shellcode (33 bytes)
Linux/x86 - setuid(0) + /bin/cat /etc/shadow Shellcode (49 bytes)
Linux/x86 - chmod 0666 /etc/shadow + exit() Shellcode (33 bytes)
Linux/x86 - overwrite MBR on /dev/sda with _LOL!' Shellcode (43 bytes)
Win32 XP SP3 - ShellExecuteA Shellcode
Linux/x86 - Pverwrite MBR on /dev/sda with _LOL!' Shellcode (43 bytes)
Windows XP SP3 x86 - ShellExecuteA Shellcode
Win32 XP SP3 - Add Firewall Rule to Allow 445/TCP Traffic Shellcode
FreeBSD/x86 - Bind 1337/TCP Shellcode (167 bytes)
Win32/XP SP2 - calc.exe Shellcode (45 bytes)
Windows XP SP3 x86 - Add Firewall Rule to Allow 445/TCP Traffic Shellcode
FreeBSD/x86 - Bind TCP /bin/sh Shell (1337/TCP) Shellcode (167 bytes)
Windows XP SP2 x86 - calc.exe Shellcode (45 bytes)
Win32/XP SP2 (EN + AR) - cmd.exe Shellcode (23 bytes)
Windows XP SP2 x86 (English / Arabic) - cmd.exe Shellcode (23 bytes)
Linux/x86 - break chroot Shellcode (79 bytes)
Linux/x86 - setuid + Break chroot (mkdir/chdir/chroot _..._) + execve /bin/sh Shellcode (79 bytes)
Linux/x86 - Append '/etc/passwd' + exit() Shellcode (107 bytes)
Linux/x86 - Add Root User (toor) To /etc/passwd + exit() Shellcode (107 bytes)
Win32 XP SP2 (FR) - calc Shellcode (19 bytes)
Windows XP SP2 x86 (French) - calc Shellcode (19 bytes)
Linux/x86 - bin/cat /etc/passwd Shellcode (43 bytes)
Win32 XP SP3 (English) - cmd.exe Shellcode (26 bytes)
Win32 XP SP2 (Turkish) - cmd.exe Shellcode (26 bytes)
Linux/x86 - /bin/sh Shellcode (8 bytes)
Linux/x86 - execve /bin/cat /etc/passwd Shellcode (43 bytes)
Windows XP SP3 x86 (English) - cmd.exe Shellcode (26 bytes)
Windows XP SP2 x86 (Turkish) - cmd.exe Shellcode (26 bytes)
Linux/x86 - execve /bin/sh Shellcode (8 bytes)
Linux/x86 - disabled modsecurity Shellcode (64 bytes)
Win32 - JITed Stage-0 Shellcode
Win32 - JITed exec notepad Shellcode
Windows XP Professional SP2 (ITA) - calc.exe Shellcode (36 bytes)
Win32 - Mini HardCode WinExec&ExitProcess Shellcode (16 bytes)
Linux/x86 - Disabled modsecurity Shellcode (64 bytes)
Windows x86 - JITed Stage-0 Shellcode
Windows x86 - JITed exec notepad Shellcode
Windows XP Professional SP2 (Italian) - calc.exe Shellcode (36 bytes)
Windows XP SP2 x86 - write.exe + ExitProcess WinExec Shellcode (16 bytes)
Win32/XP SP3 (RU) - WinExec+ExitProcess cmd Shellcode (12 bytes)
Win32 - MessageBox Shellcode (Metasploit)
Windows XP SP3 x86 (Russia) - cmd + ExitProcess WinExec Shellcode (12 bytes)
Windows x86 - MessageBox Shellcode (Metasploit)
Linux/x86 - Bind nc -lvve/bin/sh -p13377 Shellcode
Linux/x86 - chmod(_/etc/shadow__ 0666) Shellcode (36 bytes)
Linux/x86 - Bind Netcat Shell (13377/TCP) Shellcode
Linux/x86 - chmod 0666 /etc/shadow Shellcode (36 bytes)
Linux/x86 - chmod(_/etc/shadow__ 0777) Shellcode (33 bytes)
Linux/x86 - chmod(_/etc/shadow__ 0777) Shellcode (29 bytes)
Linux - write() + exit(0) Shellcode (Genearator With Customizable Text)
Linux/x86 - chmod 0777 /etc/shadow Shellcode (33 bytes)
Linux/x86 - chmod 0777 /etc/shadow Shellcode (29 bytes)
Linux - write() + exit(0) Shellcode (Generator)
Linux/x86 - Sends 'Phuck3d!' To All Terminals Shellcode (60 bytes)
Linux/x86 - Sends _Phuck3d!_ To All Terminals Shellcode (60 bytes)
Windows XP SP2 (FR) - Download File + Execute Shellcode
Windows XP SP2 (French) - Download File + Execute Shellcode
Linux/x86 - Disable randomize stack addresse Shellcode (106 bytes)
Linux/x86 - Disable ASLR Security Shellcode Shellcode (106 bytes)
Linux/x86 - setuid(0) + chmod(_/etc/shadow__ 0666) Polymorphic Shellcode (61 bytes)
Linux/x86 - change mode 0777 of '/etc/shadow' with sys_chmod syscall Shellcode (39 bytes)
Linux/x86 - setuid(0) + chmod 0666 /etc/shadow Polymorphic Shellcode (61 bytes)
Linux/x86 - (sys_chmod syscall) chmod 0777 /etc/shadow Shellcode (39 bytes)
Linux/x86 - change mode 0777 of '/etc/passwd' with sys_chmod syscall Shellcode (39 bytes)
Linux/x86 - (sys_chmod syscall) chmod 0777 /etc/passwd Shellcode (39 bytes)
Linux/x86 - Reverse Netcat Shell (8080/TCP) Shellcode (76 bytes)
Linux/x86 - Reverse Netcat Shell (8080/TCP) Shellcode (76 bytes)
Solaris/x86 - Sync() & reboot() + exit(0) Shellcode (48 bytes)
Solaris/x86 - Sync() + reboot() + exit(0) Shellcode (48 bytes)
Linux/x86 - Bind 31337/TCP + setreuid (0_0) Polymorphic Shellcode (131 bytes)
Linux/x86-64 - setuid(0) + chmod (_/etc/passwd__ 0777) & exit(0) Shellcode (63 bytes)
Linux/x86 - Bind TCP Shell (31337/TCP) + setreuid(0_0) Polymorphic Shellcode (131 bytes)
Linux/x86-64 - setuid(0) + chmod 0777 /etc/passwd + exit(0) Shellcode (63 bytes)
Windows XP SP3 (SPA) - URLDownloadToFileA + CreateProcessA + ExitProcess Shellcode (176+ bytes)
Windows XP SP3 (Spanish) - URLDownloadToFileA + CreateProcessA + ExitProcess Shellcode (176+ bytes)
Windows - WinExec cmd.exe + ExitProcess Shellcode (195 bytes)
Windows - cmd.exe + ExitProcess WinExec Shellcode (195 bytes)
Linux/x86 - /bin/sh Polymorphic Shellcode (116 bytes)
Linux/ARM - chmod(_/etc/shadow__ 0777) polymorphic Shellcode (84 bytes)
Linux/ARM - chmod(_/etc/shadow__ 0777) Shellcode (35 bytes)
Linux/x86 - execve /bin/sh Polymorphic Shellcode (116 bytes)
Linux/ARM - chmod 0777 /etc/shadow Polymorphic Shellcode (84 bytes)
Linux/ARM - chmod 0777 /etc/shadow Shellcode (35 bytes)
Linux/ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL); (XOR 88 encoded) Polymorphic Shellcode (78 bytes)
Linux/x86 - Bind Shell 64533 Shellcode (97 bytes)
Linux/ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL); XOR 88 Encoded Polymorphic Shellcode (78 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (64533/TCP) Shellcode (97 bytes)
Linux - setreuid(0_0) execve(_/bin/sh__NULL_NULL) XOR Encoded Shellcode (62 bytes)
Safari 4.0.5 - 5.0.0 (Windows XP/7) - JavaScript JITed exec calc (ASLR/DEP Bypass) Shellcode
Linux - Bind 6778/TCP (XOR Encoded) Polymorphic Shellcode (125 bytes)
Linux - Bind Shell (nc -lp 31337 -e /bin//sh) Polymorphic Shellcode (91 bytes)
ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL) Polymorphic Shellcode (Generator)
Linux - setreuid(0_0) + execve(_/bin/sh__NULL_NULL) XOR Encoded Shellcode (62 bytes)
Safari 4.0.5 < 5.0.0 (Windows XP/7) - JavaScript JITed exec calc (ASLR/DEP Bypass) Null-Free Shellcode
Linux - Bind TCP Shell (6778/TCP) XOR Encoded Polymorphic Shellcode (125 bytes)
Linux - Bind Netcat Shell (31337/TCP) Polymorphic Shellcode (91 bytes)
ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL) Polymorphic Shellcode (Generator)
Win32 - Write-to-file Shellcode (278 bytes)
Windows x86 - Write-to-file Null-Free Shellcode (278 bytes)
Linux/x86 - Bind Shell Netcat 8080/TCP Shellcode (75 bytes)
Linux/x86 - /bin/sh Polymorphic Null-Free Shellcode (46 bytes)
Windows XP SP3 English - MessageBoxA Shellcode (87 bytes)
BSD/x86 - Bind Shell 2525/TCP Shellcode (167 bytes)
Win32 - Checksum Routine Shellcode (18 bytes)
Linux/x86 - Bind Netcat (/bin/nc) /bin/sh Shell (8080/TCP) Shellcode (75 bytes)
Linux/x86 - execve /bin/sh Polymorphic Null-Free Shellcode (46 bytes)
Windows XP SP3 (English) - MessageBoxA Shellcode (87 bytes)
BSD/x86 - Bind TCP Shell (2525/TCP) Shellcode (167 bytes)
Windows x86 - Checksum Routine Shellcode (18 bytes)
Win32/XP SP3 (TR) - Add Administrator 'zrl' Shellcode (127 bytes)
Windows XP SP3 x86 (Turkish) - Add Administrator User (zrl/123456) Shellcode (127 bytes)
Win32/XP Professional SP3 (EN) x86 - Add New Local Administrator 'secuid0' Shellcode (113 bytes)
Win32 - Add New Local Administrator 'secuid0' Shellcode (326 bytes)
Windows XP Professional SP3 (English) x86 - Add Local Administrator User (secuid0/m0nk) Shellcode (113 bytes)
Windows x86 - Add Local Administrator User (secuid0/m0nk) Shellcode (326 bytes)
ARM - Bind Connect (68/UDP) + Reverse Shell (192.168.0.1:67/UDP) Shellcode
ARM - Loader Port 0x1337 Shellcode
ARM - ifconfig eth0 and Assign Address 192.168.0.2 Shellcode
ARM - Bind (68/UDP) + Reverse Shell (192.168.0.1:67/UDP) Shellcode
ARM - Loader (0x1337/TCP) Shellcode
ARM - ifconfig eth0 192.168.0.2 up Shellcode
ARM - Create a New User with UID 0 Shellcode (Metasploit) (Generator) (66+ bytes)
Win32 - Speaking 'You got pwned!' Shellcode
FreeBSD/x86 - connect back Shellcode (81 bytes)
BSD/x86 - Bind Shell 31337/TCP + fork Shellcode (111 bytes)
Win32 - eggsearch Shellcode (33 bytes)
Linux/SuperH (sh4) - setuid(0) + chmod(_/etc/shadow__ 0666) + exit(0) Shellcode (43 bytes)
Linux/x86 - Bind Shell Netcat 6666/TCP Shellcode (69 bytes)
OSX/Intel (x86-64) - Reverse TCP Shell (FFFFFFFF:4444/TCP) Shellcode (131 bytes)
Windows - WinExec Add New Local Administrator 'RubberDuck' + ExitProcess Shellcode (279 bytes)
Linux/x86 - ASLR deactivation Shellcode (83 bytes)
Windows - Download File + Execute via DNS (IPv6) Shellcode (Generator) (Metasploit)
Linux/x86 - Reverse TCP SSL Shell (localhost:8080) Shellcode (422 bytes)
ARM - Add Root User Shellcode (Metasploit) (66+ bytes) (Generator)
Windows 5.0 < 7.0 x86 - Speaking _You got pwned!_ Null-Free Shellcode
FreeBSD/x86 - Reverse TCP /bin/sh Shell (127.0.0.1:1337/TCP) Shellcode (81 bytes) (Generator)
BSD/x86 - Bind TCP Shell (31337/TCP) + fork Shellcode (111 bytes)
Windows x86 - eggsearch Shellcode (33 bytes)
Linux/SuperH (sh4) - setuid(0) + chmod 0666 /etc/shadow + exit(0) Shellcode (43 bytes)
Linux/x86 - Bind Netcat (/usr/bin/netcat) /bin/sh Shell (6666/TCP) + Polymorphic XOR Encoded Shellcode (69 bytes)
OSX/Intel (x86-64) - Reverse TCP /bin/sh Shell (FFFFFFFF:4444/TCP) Shellcode (131 bytes)
Windows - Add Local Administrator User (RubberDuck/mudbath) + ExitProcess WinExec Shellcode (279 bytes)
Linux/x86 - Disable ASLR Security Shellcode (83 bytes)
Windows - Download File + Execute via DNS (IPv6) Shellcode (Generator) (Metasploit)
Linux/x86 - Reverse TCP SSL Shell (localhost:8080) Shellcode (422 bytes)
Win32/PerfectXp-pc1/SP3 (TR) - Add Administrator 'kpss' Shellcode (112 bytes)
Linux/x86 - Egghunter Shellcode (29 bytes)
Windows PerfectXp-pc1/SP3 x86 (Turkish) - Add Administrator User (kpss/12345) Shellcode (112 bytes)
Linux/x86 - Egghunter Null-Free Shellcode (29 bytes)
Linux/MIPS - XOR Encoder Shellcode (Generator) (60 bytes)
Linux/SuperH (sh4) - setuid(0) ; execve(_/bin/sh__ NULL_ NULL) Shellcode (27 bytes)
Linux/MIPS - XOR Encoder Shellcode (60 bytes) (Generator)
Linux/SuperH (sh4) - setuid(0); + execve(_/bin/sh__ NULL_ NULL) Shellcode (27 bytes)
Linux/MIPS - Add User(UID 0) (rOOt/'pwn3d) Shellcode (164 bytes)
Linux/MIPS - Add Root User (rOOt/pwn3d) Shellcode (164 bytes)
Linux/MIPS - Connectback Shellcode (port 0x7a69) (168 bytes)
Linux/MIPS - Reverse TCP Shell (0x7a69/TCP) Shellcode (168 bytes)
Linux/x86 - setuid(0) + setgid(0) + Add User (iph) To /etc/passwd Polymorphic Shellcode
Linux/x86 - setuid(0) + setgid(0) + Add Root User (iph) To /etc/passwd Polymorphic Shellcode
Linux/x86-64 - Add User (t0r/Winner) Shellcode (189 bytes)
Linux/x86-64 - Add Root User (t0r/Winner) Shellcode (189 bytes)
Linux/ARM (Raspberry Pi) - Reverse TCP Shell (10.1.1.2:0x1337/TCP) Shellcode (72 bytes)
Linux/ARM (Raspberry Pi) - Reverse TCP /bin/sh Shell (10.1.1.2:0x1337/TCP) Shellcode (72 bytes)
Linux/ARM (Raspberry Pi) - chmod(_/etc/shadow__ 0777) Shellcode (41 bytes)
Linux/ARM (Raspberry Pi) - chmod 0777 /etc/shadow Shellcode (41 bytes)
Windows XP Professional SP3 - Full ROP calc Shellcode (428 bytes)
Windows x64 - Bind TCP Shell Shellcode (508 bytes)
Windows XP Professional SP3 - calc Full ROP Shellcode (428 bytes)
Windows x64 - Bind TCP Shell (4444/TCP) Shellcode (508 bytes)
Cisco ASA - Authentication Bypass 'EXTRABACON' (Improved Shellcode) (69 bytes)
Cisco ASA - Authentication Bypass _EXTRABACON_ (Improved Shellcode) (69 bytes)
Windows RT ARM - Bind Shell 4444/TCP Shellcode
Windows RT ARM - Bind TCP Shell (4444/TCP) Shellcode
Windows - Messagebox Shellcode (113 bytes)
Linux/MIPS (Little Endian) - Reverse TCP Shell (192.168.1.177:31337/TCP) Shellcode (200 bytes)
Windows 7 x86 - Bind Shell 4444/TCP Shellcode (357 Bytes)
Windows - Add Administrator 'BroK3n' Shellcode (194 bytes)
Windows - Messagebox Null-FreeShellcode (113 bytes)
Linux/MIPS (Little Endian) - Reverse TCP /bin/sh Shell (192.168.1.177:31337/TCP) Shellcode (200 bytes)
Windows 7 x86 - Bind TCP Shell (4444/TCP) Shellcode (357 Bytes)
Windows - Add Administrator User (BroK3n/BroK3n) Null-Free Shellcode (194 bytes)
Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add New Root User (ALI/ALI) + Execute /bin/sh Shellcode (378 bytes)
Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add New Root User (ALI/ALI) + setreuid + Execute /bin/bash Obfuscated Shellcode (521 bytes)
Linux/x86-64 - Reverse TCP Shell (127.1.1.1:6969/TCP) Shellcode (139 bytes)
Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add Root User (ALI/ALI) + Execute /bin/sh Shellcode (378 bytes)
Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add Root User (ALI/ALI) + setreuid + Execute /bin/bash Obfuscated Shellcode (521 bytes)
Linux/x86-64 - Reverse TCP /bin/bash Shell (127.1.1.1:6969/TCP) Shellcode (139 bytes)
Linux/x86-64 - Bind TCP Password (Z~r0) Shell (4444/TCP) Shellcode (81/96 bytes)
Linux/x86-64 - Reverse TCP Password (Z~r0) Shell (127.0.0.1:4444/TCP) Shellcode (77-85/90-98 bytes)
Windows x86 - Add Administrator 'ALI' + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes)
Windows x64 - Add Administrator 'ALI' + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes)
Linux/x86-64 - Bind TCP /bin/sh Shell (4444/TCP) + Password (Z~r0) Null-Free Shellcode (81/96 bytes)
Linux/x86-64 - Reverse TCP Password (Z~r0) /bin/sh Shell (127.0.0.1:4444/TCP) Null-Free + Null-Mask Shellcode (77-85/90-98 bytes)
Windows x86 - Add Administrator User (ALI/ALI) + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes)
Windows x64 - Add Administrator User (ALI/ALI) + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes)
Windows XP x86-64 - Download File + Execute Shellcode (Generator)
Linux/MIPS (Little Endian) - Chmod 666 /etc/shadow Shellcode (55 bytes)
Linux/MIPS (Little Endian) - Chmod 666 /etc/passwd Shellcode (55 bytes)
Windows XP x86-64 - Download File + Execute Shellcode (Generator)
Linux/MIPS (Little Endian) - chmod 666 /etc/shadow Shellcode (55 bytes)
Linux/MIPS (Little Endian) - chmod 666 /etc/passwd Shellcode (55 bytes)
Linux/x86 - execve(_/bin/sh_) (ROT13 Encoded) Shellcode (68 bytes)
Linux/x86 - chmod 0777 /etc/shadow obfuscated Shellcode (84 bytes)
Linux/x86 - execve(_/bin/sh_) ROT13 Encoded Shellcode (68 bytes)
Linux/x86 - chmod 0777 /etc/shadow Obfuscated Shellcode (84 bytes)
Linux/x86 - Reverse TCP Shell (192.168.1.133:33333) Shellcode (72 bytes)
Linux/x86 - Bind Shell 33333/TCP Shellcode (96 bytes)
Linux/x86 - Disable ASLR Shellcode (84 bytes)
Linux/x86 - Reverse TCP /bin/sh Shell (192.168.1.133:33333) Shellcode (72 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (33333/TCP) Shellcode (96 bytes)
Linux/x86 - Disable ASLR Security Shellcode (84 bytes)
Linux/x86 - Typewriter Shellcode (Generator)
Linux/x86 - Create 'my.txt' Working Directory Shellcode (37 bytes)
Linux/x86 - Typewriter Shellcode (Generator)
Linux/x86 - Create _my.txt_ In Working Directory Shellcode (37 bytes)
Win32/XP SP3 - Create ('file.txt') Shellcode (83 bytes)
Win32/XP SP3 - Restart computer Shellcode (57 bytes)
Linux/x86 - custom execve Shellcode (Encoder/Decoder) (Generator)
Windows XP SP3 x86 - Create (_file.txt_) Shellcode (83 bytes)
Windows XP SP3 x86 - Restart Computer Shellcode (57 bytes)
Linux/x86 - Custom execve Shellcode (Encoder/Decoder) (Generator)
Linux/x86 - Bind Shell /bin/nc -le /bin/sh -vp 17771 Shellcode (58 bytes)
Linux/x86 - Bind Netcat (/bin/nc) /bin/sh Shell (17771/TCP) Shellcode (58 bytes)
Linux/x86 - chmod() 777 /etc/shadow + exit() Shellcode (33 bytes)
Linux/x86 - execve /bin/sh Shellcode (2) (21 bytes)
Linux/x86 - chmod 777 /etc/shadow + exit() Shellcode (33 bytes)
Linux/x86 - execve /bin/sh Shellcode (21 bytes)
Linux/x86 - Bind Shell Netcat 5555/TCP Shellcode (60 bytes)
Linux/x86-64 - execve(/bin/sh) Shellcode (30 bytes)
Linux/x86 - Bind Netcat Shell (5555/TCP) Shellcode (60 bytes)
Linux/x86-64 - execve(/bin/sh) Null-Free Shellcode (30 bytes)
Linux/x86 - chmod('/etc/passwd'_0777) Shellcode (42 bytes)
Linux/x86 - chmod('/etc/gshadow') Shellcode (37 bytes)
Linux/x86 - chmod('/etc/shadow'_'0777') Shellcode (42 bytes)
Linux/x86 - exec('/bin/dash') Shellcode (45 bytes)
Linux/x86 - chmod 0777 /etc/passwd Shellcode (42 bytes)
Linux/x86 - chmod /etc/gshadow Shellcode (37 bytes)
Linux/x86 - chmod 0777 /etc/shadow Shellcode (42 bytes)
Linux/x86 - exec(_/bin/dash_) Shellcode (45 bytes)
Linux/x86 - /bin/sh (ROT7 Encoded) Shellcode
Win32/XP SP3 (TR) - MessageBox Shellcode (24 bytes)
Linux/x86 - execve /bin/sh ROT7 Encoded Shellcode
Windows XP SP3 x86 (Turkish) - MessageBox Shellcode (24 bytes)
Windows x86 - user32!MessageBox 'Hello World!' Null-Free Shellcode (199 bytes)
Linux/x86 - /bin/sh (ROL/ROR Encoded) Shellcode
Windows x86 - user32!MessageBox _Hello World!_ Null-Free Shellcode (199 bytes)
Linux/x86 - execve /bin/sh ROL/ROR Encoded Shellcode
OSX/x86-64 - /bin/sh Null-Free Shellcode (34 bytes)
Mainframe/System Z - Bind Shell 12345/TCP Shellcode (2488 bytes)
OSX/x86-64 - execve /bin/sh Null-Free Shellcode (34 bytes)
Mainframe/System Z - Bind TCP Shell (12345/TCP) Null-Free Shellcode (2488 bytes)
Linux/x86 - Create file with permission 7775 + exit Shellcode (Generator)
Linux/x86 - Create File With Permission 7775 + exit Shellcode (Generator)
OSX/x86-64 - Bind 4444/TCP Null-free Shellcode (144 bytes)
Linux/x86-64 - /bin/sh Shellcode (34 bytes)
Google Android - Telnetd Port 1035 with Parameters Shellcode (248 bytes)
OSX/x86-64 - Bind TCP /bin/sh Shell (4444/TCP) Null-Free Shellcode (144 bytes)
Linux/x86-64 - execve /bin/sh Shellcode (34 bytes)
Google Android - Bind Telnetd Shell (1035/TCP) + Environment / Parameters Shellcode (248 bytes)
Linux/x86-64 - Bind TCP Password (1234) Shell (31173/TCP) Shellcode (92 bytes)
Linux/x86-64 - Bind TCP /bin/sh Password (1234) Shell (31173/TCP) Shellcode (92 bytes)
Windows XP < 10 - WinExec Null-Free Shellcode (Generator) (Python)
Linux/x86-64 - Bind 4444/TCP Shellcode (103 bytes)
Linux/x86-64 - Bind TCP Password (hack) Shell (4444/TCP) Shellcode (162 bytes)
Windows XP < 10 - WinExec Null-Free Shellcode (Generator)
Linux/x86-64 - Bind TCP /bin/sh Shell (4444/TCP) Null-Free Shellcode (103 bytes)
Linux/x86-64 - Bind TCP /bin/sh Password (hack) Shell (4444/TCP) Null-Free Shellcode (162 bytes)
Linux/x86-64 - Reverse TCP Password (hack) Shell (127.0.0.1:4444/TCP) Shellcode (151 bytes)
Linux/x86-64 - Reverse TCP Password (hack) /bin/sh Shell (127.0.0.1:4444/TCP) Null-Free Shellcode (151 bytes)
Linux/x86-64 - execve (xor/not/div Encoded) Shellcode (54 bytes)
Linux/x86-64 - execve XOR/NOT/DIV Encoded Shellcode (54 bytes)
Linux x86/x86-64 - Bind 4444/TCP Shellcode (251 bytes)
Linux x86/x86-64 - Bind Shell (4444/TCP) Shellcode (251 bytes)
Linux/x86-64 - Reverse TCP Password (hack) Polymorphic Shell (127.0.0.1:4444/TCP) Shellcode (122 bytes)
Linux/x86-64 - Reverse TCP Password (hack) Polymorphic Shell (127.0.0.1:4444/TCP) Shellcode (135 bytes)
Linux/x86-64 - Reverse TCP Password (hack) /bin/sh Shell (127.0.0.1:4444/TCP) Polymorphic Shellcode (122 bytes)
Linux/x86-64 - Reverse TCP Password (hack) Shell (127.0.0.1:4444/TCP) Polymorphic Shellcode (135 bytes)
Linux/ARM - Connect back to 10.0.0.10:1337 with /bin/sh Shellcode (95 bytes)
Linux/ARM - Reverse TCP /bin/sh Shell (10.0.0.10:1337/TCP) Shellcode (95 bytes)
Linux/x86-64 - Bind 5600/TCP Shellcode (81 bytes)
Linux/x86-64 - Bind TCP Shell (5600/TCP) Shellcode (81 bytes)
Linux/x86-64 - Bind 5600/TCP Shellcode (86 bytes)
Linux/x86-64 - Bind TCP Shell (5600/TCP) Shellcode (86 bytes)
Linux/x86 - Reverse TCP Shell (::ffff:192.168.64.129:1472/TCP) (IPv6) Shellcode (159 bytes)
Linux/x86 - Bind 1472/TCP Shell (IPv6) Shellcode (1250 bytes)
Linux/x86 - Reverse TCP /bin/sh Shell (::ffff:192.168.64.129:1472/TCP) (IPv6) Shellcode (159 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (1472/TCP) (IPv6) Shellcode (1250 bytes)
Win32 .Net Framework - Execute Native x86 Shellcode
Linux/x86-64 - Bind 1472/TCP Shell (IPv6) Shellcode (199 bytes)
Linux/x86-64 - Reverse TCP Shell (192.168.209.131:1472/TCP) (IPv6) Shellcode (203 bytes)
Windows .Net Framework x86 - Execute Native x86 Shellcode
Linux/x86-64 - Bind TCP /bin/sh Shell (1472/TCP) (IPv6) Shellcode (199 bytes)
Linux/x86-64 - Reverse TCP /bin/sh Shell (192.168.209.131:1472/TCP) (IPv6) Shellcode (203 bytes)
Linux/x86 - Bind Shell 1234/TCP (Configurable Port) Shellcode (87 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (1234/TCP) Shellcode (87 bytes) (Generator)
Linux/x86 - Bind Shell 4444/TCP Shellcode (656 bytes)
Linux/x86-64 - execve (XOR Encoded) Shellcode (84 bytes)
Linux/Windows/BSD x86-64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes)
Linux/x86 - Bind TCP /bin/bash Shell (4444/TCP) Shellcode (656 bytes)
Linux/x86-64 - execve XOR Encoded Shellcode (84 bytes)
BSD / Linux / Windows x86/x86-64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes)
Linux/x86 - Bind Shell /bin/nc -le /bin/sh -vp13337 Shellcode (56 bytes)
Linux/x86 - Bind Netcat (/bin/nc) /bin/sh Shell (13337/TCP) Shellcode (56 bytes)
Linux/x86 - /bin/sh + ASLR Bruteforce Shellcode
Linux/x86-64 - /etc/passwd File Sender Shellcode (164 bytes)
Linux/x86-64 - Bind Netcat Shellcode (64 bytes)
Linux/x86 - Bind Shell 4444/TCP Shellcode (98 bytes)
Linux/x86-64 - Bind Ncat (4442/TCP) Shell / SSL / Multi-Channel (4444/TCP-4447/TCP) / Persistant / Fork / IPv4/6 / Password Shellcode (176 bytes)
Linux/x86 - Reverse TCP Shell (192.168.227.129:4444) Shellcode (75 bytes)
Linux/x86-64 - Reverse TCP Shell (10.1.1.4/TCP) / Continuously Probing via Socket / Port-Range (391-399) / Password (la crips) Shellcode (172 bytes)
Linux/x86 - execve /bin/sh + ASLR Bruteforce Shellcode
Linux/x86-64 - Reverse TCP cat /etc/passwd (192.168.86.128:1472/TCP) Shellcode (164 bytes)
Linux/x86-64 - Bind Netcat Shell Null-Free Shellcode (64 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (4444/TCP) Shellcode (98 bytes)
Linux/x86-64 - Bind Ncat Shell (4442/TCP) / SSL / Multi-Channel (4444-4447/TCP) / Persistant / Fork / IPv4/6 / Password Null-Free Shellcode (176 bytes)
Linux/x86 - Reverse TCP /bin/sj Shell (192.168.227.129:4444) Shellcode (75 bytes)
Linux/x86-64 - Reverse TCP Shell (10.1.1.4/TCP) / Continuously Probing via Socket / Port-Range (391-399) / Password (la crips) Null-Free Shellcode (172 bytes)
Linux/x86-64 - Bind TCP (4442/TCP) Shell / Syscall Persistent / Multi-Terminal (4444/TCP-4447/TCP) / Password (la crips) / Daemon Shellcode (83/148/177 bytes)
Linux/CRISv32 - Axis Communication Connect Back Shellcode (189 bytes)
Linux/x86-64 - Bind TCP Shell (4442/TCP) / Syscall Persistent / Multi-Terminal (4444-4447/TCP) / Password (la crips) / Daemon Shellcode (83/148/177 bytes)
Linux/CRISv32 - Axis Communication - Reverse TCP /bin/sh Shell (192.168.57.1:443/TCP) Shellcode (189 bytes)
Linux/x86 - Bind Netcat 98/TCP + UDP Shellcode (44/52 bytes)
Linux/x86 - Bind zsh 9090/TCP Shellcode (96 bytes)
Linux/x86 - Reverse TCP ZSH (127.255.255.254:9090/TCP) Shellcode (80 bytes)
Linux/x86 - Bind Netcat Shell (98/TCP + UDP) Shellcode (44/52 bytes)
Linux/x86 - Bind TCP /bin/zsh Shell (9090/TCP) Shellcode (96 bytes)
Linux/x86 - Reverse TCP /bin/zsh Shell (127.255.255.254:9090/TCP) Shellcode (80 bytes)
Windows x64 - WinExec() Shellcode (93 bytes)
Windows x64 - cmd.exe WinExec() Shellcode (93 bytes)
Linux/x86-64 - /bin/sh -c reboot Shellcode (89 bytes)
Linux/x86-64 - execve /bin/sh -c reboot Shellcode (89 bytes)
Linux/x86 - Reverse Netcat + mkfifo (-e option disabled) Shell (localhost:9999) Shellcode (180 bytes)
Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode (72 bytes)
Linux/x86 - Reverse Netcat + mkfifo (-e option disabled) Shell (localhost:9999) Shellcode (180 bytes)
Linux/x86 - execve /bin/bash -c Arbitrary Command Execution Null-Free Shellcode (72 bytes)
Linux/x86-64 - Bind 5600/TCP - Shellcode (87 bytes)
Linux/x86-64 - Bind TCP Shell (5600/TCP) Shellcode (87 bytes)
Linux - Reverse TCP Multi/Dual Mode Shell Shellcode (Genearator) (129 bytes)
Linux/x86 - Reverse TCP Alphanumeric Staged Shell (127.0.0.1:4444/TCP) Shellcode (103 bytes)
Linux - Bind Shell Dual/Multi Mode Shellcode (156 bytes)
Linux - Reverse TCP Multi/Dual Mode Shell Shellcode (129 bytes) (Generator)
Linux/x86 - Reverse TCP /bin/sh Alphanumeric Staged Shell (127.0.0.1:4444/TCP) Shellcode (103 bytes)
Linux - Bind TCP Dual/Multi Mode Shell Shellcode (156 bytes)
Linux/x86-64 - Reverse TCP Shell (127.0.0.1:4444/TCP) Shellcode (65 bytes)
Linux/x86-64 - Reverse TCP /bin/sh Shell (127.0.0.1:4444/TCP) Shellcode (65 bytes)
Windows x86 - Executable Directory Search Shellcode (130 bytes)
Windows x86 - Executable Directory Search Null-Free Shellcode (130 bytes)
Linux/x86-64 - Flush IPTables Polymorphic Shellcode (47 bytes)
Linux/x86-64 - Flush IPTables Rules (/sbin/iptables -F) Polymorphic Shellcode (47 bytes)
Linux/x86-64 - Reverse Netcat Polymorphic Shell (127.0.0.1:1234) Shellcode (106 bytes)
Linux/x86-64 - Reverse Netcat Shell (127.0.0.1:1234) Polymorphic Shellcode (106 bytes)
Linux/x86 - Bind Shell Shellcode (44 bytes)
Linux/x86 - Bind TCP /bin/sh Random Port Shell Shellcode (44 bytes)
Linux/x86 - Reverse TCP Shell (127.1.1.1:11111/TCP) Shellcode (67 bytes)
Linux/x86 - Reverse /bin/bash Shell (192.168.3.119:54321) Shellcode (110 bytes)
Linux/x86 - Reverse TCP Shell (127.1.1.1:11111/TCP) Null-Free Shellcode (67 bytes)
Linux/x86 - Reverse TCP /bin/bash Shell (192.168.3.119:54321) Shellcode (110 bytes)
Linux/x86 - Disable ASLR Shellcode (80 bytes)
Linux/x86-64 - Reverse TCP Shell (::1:1472/TCP) (IPv6) Shellcode (113 bytes)
Linux/x86 - Disable ASLR Security Shellcode (80 bytes)
Linux/x86-64 - Reverse TCP Shell (::1:1472/TCP) (IPv6) Null-Free Shellcode (113 bytes)
Linux/x86-64 - /bin/sh Shellcode (31 bytes)
Linux/x86 - execve(/bin/sh) setuid(0) setgid(0) (XOR Encoded) Shellcode (66 bytes)
Linux/x86-64 - execve /bin/sh Shellcode (31 bytes)
Linux/x86 - execve(/bin/sh) + setuid(0) + setgid(0) XOR Encoded Shellcode (66 bytes)
Linux/x86 - Reverse UDP Shell (127.0.0.1:53/UDP) Shellcode (668 bytes)
Linux/x86 - Bind Shell 4444/TCP Shellcode (75 bytes)
Linux/x86 - Reverse UDP /bin/sh Shell (127.0.0.1:53/UDP) Shellcode (668 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (4444/TCP) Null-Free Shellcode (75 bytes)
Linux x86 - /bin/sh Shellcode (24 bytes)
Linux x86 - execve /bin/sh Shellcode (24 bytes)
Linux/x86_64 - kill All Processes Shellcode (19 bytes)
Linux/x86_64 - Kill All Processes Shellcode (19 bytes)
Php Cloud mining Script - Authentication Bypass
(Bitcoin / Dogecoin) PHP Cloud Mining Script - Authentication Bypass
|
2017-08-23 05:01:29 +00:00 |
|
Offensive Security
|
477bcbdcc0
|
DB: 2016-03-17
5 new exploits
phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerability Exploit
phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerabilities
My Book World Edition NAS Multiple Vulnerability
My Book World Edition NAS - Multiple Vulnerabilities
Katalog Stron Hurricane 1.3.5 - Multiple Vulnerability RFI / SQL
Katalog Stron Hurricane 1.3.5 - (RFI / SQL) Multiple Vulnerabilities
cmsfaethon-2.2.0-ultimate.7z Multiple Vulnerability
cmsfaethon-2.2.0-ultimate.7z - Multiple Vulnerabilities
DynPG CMS 4.1.0 - Multiple Vulnerability (popup.php and counter.php)
DynPG CMS 4.1.0 - (popup.php and counter.php) Multiple Vulnerabilities
Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerability
Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities
N/X - Web CMS (N/X WCMS 4.5) Multiple Vulnerability
N/X - Web CMS (N/X WCMS 4.5) - Multiple Vulnerabilities
New-CMS - Multiple Vulnerability
New-CMS - Multiple Vulnerabilities
Edgephp Clickbank Affiliate Marketplace Script Multiple Vulnerability
Edgephp Clickbank Affiliate Marketplace Script - Multiple Vulnerabilities
JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerability
JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerabilities
i-Gallery - Multiple Vulnerability
i-Gallery - Multiple Vulnerabilities
My Kazaam Notes Management System Multiple Vulnerability
My Kazaam Notes Management System - Multiple Vulnerabilities
Omnidocs - Multiple Vulnerability
Omnidocs - Multiple Vulnerabilities
Web Cookbook Multiple Vulnerability
Web Cookbook - Multiple Vulnerabilities
KikChat - (LFI/RCE) Multiple Vulnerability
KikChat - (LFI/RCE) Multiple Vulnerabilities
Webformatique Reservation Manager - 'index.php' Cross-Site Scripting Vulnerability
Webformatique Reservation Manager 2.4 - 'index.php' Cross-Site Scripting Vulnerability
xEpan 1.0.4 - Multiple Vulnerability
xEpan 1.0.4 - Multiple Vulnerabilities
AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection
Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow
Cisco UCS Manager 2.1(1b) - Shellshock Exploit
OpenSSH <= 7.2p1 - xauth Injection
FreeBSD 10.2 amd64 Kernel - amd64_set_ldt Heap Overflow
|
2016-03-17 07:07:56 +00:00 |
|
Offensive Security
|
fffbf04102
|
Updated
|
2013-12-03 19:44:07 +00:00 |
|