Offensive Security
ecfeb57577
DB: 2017-10-03
...
15 new exploits
Linux Kernel < 4.14.rc3 - Local Denial of Service
Dnsmasq < 2.78 - 2-byte Heap-Based Overflow
Dnsmasq < 2.78 - Heap-Based Overflow
Dnsmasq < 2.78 - Stack-Based Overflow
Dnsmasq < 2.78 - Information Leak
Dnsmasq < 2.78 - Lack of free() Denial of Service
Dnsmasq < 2.78 - Integer Underflow
UCOPIA Wireless Appliance < 5.1.8 - Privilege Escalation
UCOPIA Wireless Appliance < 5.1.8 - Restricted Shell Escape
Qmail SMTP - Bash Environment Variable Injection (Metasploit)
NPM-V (Network Power Manager) 2.4.1 - Password Reset
phpCollab 2.5.1 - Arbitrary File Upload
phpCollab 2.5.1 - SQL Injection
OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'jobRunId' SQL Injection
OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'documentId' SQL Injection
2017-10-03 05:01:26 +00:00
Offensive Security
38a6cf0b56
DB: 2017-10-02
...
8 new exploits
Dup Scout Enterprise 10.0.18 - 'Import Command' Buffer Overflow
Sync Breeze Enterprise 10.0.28 - Buffer Overflow
SmarterStats 11.3.6347 - Cross-Site Scripting
WordPress Plugin WPHRM - SQL Injection
PHP Multi Vendor Script 1.02 - 'sid' Parameter SQL Injection
Real Estate MLM plan script 1.0 - 'srch' Parameter SQL Injection
ConverTo Video Downloader & Converter 1.4.1 - Arbitrary File Download
HBGK DVR 3.0.0 build20161206 - Authentication Bypass
2017-10-02 05:01:34 +00:00
Offensive Security
952790a0c6
DB: 2017-10-01
2017-10-01 05:01:34 +00:00
Offensive Security
b15ad9d0bc
DB: 2017-09-30
...
2 new exploits
Trend Micro OfficeScan 11.0/XG (12.0) - Memory Corruption
FileRun <= 2017.09.18 - SQL Injection
2017-09-30 05:01:29 +00:00
Offensive Security
a92226f6ac
DB: 2017-09-29
...
14 new exploits
DiskBoss Enterprise 8.4.16 - Local Buffer Overflow (PoC)
Trend Micro OfficeScan 11.0/XG (12.0) - Image File Execution Bypass
DiskBoss Enterprise 8.4.16 - 'Import Command' Buffer Overflow
LAquis SCADA 4.1.0.2385 - Directory Traversal (Metasploit)
Oracle WebLogic Server 10.3.6.0 - Java Deserialization
Cisco Prime Collaboration Provisioning < 12.1 - Authentication Bypass / Remote Code Execution
Wordpress Plugin Ads Pro <= 3.4 - Cross-Site Scripting / SQL Injection
Trend Micro OfficeScan 11.0/XG (12.0) - Private Key Disclosure
Trend Micro OfficeScan 11.0/XG (12.0) - Code Execution / Memory Corruption
Trend Micro OfficeScan 11.0/XG (12.0) - Information Disclosure
Trend Micro OfficeScan 11.0/XG (12.0) - Server Side Request Forgery
Trend Micro OfficeScan 11.0/XG (12.0) - 'Host' Header Injection
Roteador Wireless Intelbras WRN150 - Autentication Bypass
Easy Blog PHP Script 1.3a - 'id' Parameter SQL Injection
2017-09-29 05:01:35 +00:00
Offensive Security
ec599357c0
DB: 2017-09-28
...
21 new exploits
Adobe Flash - Out-of-Bounds Memory Read in MP4 Parsing
Adobe Flash - Out-of-Bounds Write in MP4 Edge Processing
Adobe Flash - Out-of-Bounds Read in applyToRange
CyberArk Viewfinity 5.5.10.95 - Privilege Escalation
PDF-XChange Viewer 2.5 Build 314.0 - Remote Code Execution
Apple iOS 10.2 - Broadcom Out-of-Bounds Write when Handling 802.11k Neighbor Report Response
Tiny HTTPd 0.1.0 - Directory Traversal
Free PHP photo Gallery script - Remote File Inclusion
Free PHP Photo Gallery Script - Remote File Inclusion
WordPress Plugin School Management System - SQL Injection
iTech Dating Script 3.40 - SQL Injection
iTech Job Script 9.27 - SQL Injection
WordPress Plugin Content Timeline - SQL Injection
Job Links - Arbitrary File Upload
TicketPlus - Arbitrary File Upload
Photo Fusion - Arbitrary File Upload
SMSmaster - SQL Injection
AMC Master - Arbitrary File Upload
WordPress Plugin WPCHURCH - SQL Injection
WordPress Plugin WPGYM - SQL Injection
WordPress Plugin Hospital Management System - SQL Injection
Fibaro Home Center 2 - Remote Command Execution / Privilege Escalation
WordPress Plugin WPAMS - SQL Injection
2017-09-28 05:01:27 +00:00
Offensive Security
a06626c22f
DB: 2017-09-27
...
8 new exploits
Supervisor 3.0a1 - 3.3.2 - XML-RPC Authenticated Remote Code Execution (Metasploit)
Supervisor 3.0a1 < 3.3.2 - XML-RPC Authenticated Remote Code Execution (Metasploit)
FLIR Thermal Camera F/FC/PT/D - SSH Backdoor
NodeJS Debugger - Command Injection (Metasploit)
Linux/x86_64 - mkdir() 'evil' Shellcode (30 bytes)
FLIR Thermal Camera PT-Series (PT-334 200562) - Root Remote Code Execution
FLIR Thermal Camera F/FC/PT/D - Information Disclosure
FLIR Thermal Camera FC-S/PT - Command Injection
FLIR Thermal Camera F/FC/PT/D - Stream Disclosure
Sitefinity CMS 9.2 - Cross-Site Scripting
2017-09-27 05:01:31 +00:00
Offensive Security
f27338c1f7
DB: 2017-09-26
...
12 new exploits
Apache 2.0.52 - GET Request Denial of Service
Apache 2.0.52 - GET Denial of Service
CUPS Server 1.1 - GET Request Denial of Service
CUPS Server 1.1 - GET Denial of Service
BlueCoat WinProxy 6.0 R1c - GET Request Denial of Service
BlueCoat WinProxy 6.0 R1c - GET Denial of Service
TFTPD32 2.81 - GET Request Format String Denial of Service (PoC)
TFTPD32 2.81 - GET Format String Denial of Service (PoC)
ImgSvr 0.6.5 - (long http post) Denial of Service
ImgSvr 0.6.5 - POST Denial of Service
Multi-Threaded TFTP 1.1 - Long GET Request Denial of Service
Multi-Threaded TFTP 1.1 - GET Denial of Service
Essentia Web Server 2.15 - GET Request Remote Denial of Service
Essentia Web Server 2.15 - GET Remote Denial of Service
Sami HTTP Server 2.0.1 - POST Request Denial of Service
Sami HTTP Server 2.0.1 - POST Denial of Service
Xserver 0.1 Alpha - Post Request Remote Buffer Overflow
Xserver 0.1 Alpha - POST Remote Buffer Overflow
XBMC 8.10 - GET Requests Multiple Remote Buffer Overflow (PoC)
XBMC 8.10 - GET Multiple Remote Buffer Overflow (PoC)
Zervit Web Server 0.04 - GET Request Remote Buffer Overflow (PoC)
Mereo 1.8.0 - GET Request Remote Denial of Service
Zervit Web Server 0.04 - GET Remote Buffer Overflow (PoC)
Mereo 1.8.0 - GET Remote Denial of Service
ARD-9808 DVR Card Security Camera - GET Request Remote Denial of Service
ARD-9808 DVR Card Security Camera - GET Remote Denial of Service
Kolibri+ Web Server 2 - GET Request Denial of Service
Kolibri+ Web Server 2 - GET Denial of Service
Adobe InDesign CS3 - '.INDD' File Handling Buffer Overflow
Adobe InDesign CS3 - '.INDD' Handling Buffer Overflow
Sami HTTP Server 2.0.1 - GET Request Denial of Service
Sami HTTP Server 2.0.1 - GET Denial of Service
Netscape Enterprise Server 3.6 SP2/FastTrack Server 2.0.1 - GET Request
Netscape Enterprise Server 3.6 SP2/FastTrack Server 2.0.1 - GET Exploit
(Linux Kernel) ReiserFS 3.5.28 - Potential Code Execution / Denial of Service
(Linux Kernel) ReiserFS 3.5.28 - Code Execution / Denial of Service
WebTrends Reporting Center for Windows 4.0 d - GET Request Buffer Overflow
WebTrends Reporting Center for Windows 4.0 d - GET Buffer Overflow
Working Resources BadBlue 1.7.3 - GET Request Denial of Service
Working Resources BadBlue 1.7.3 - GET Denial of Service
PlanetWeb 1.14 - Long GET Request Buffer Overflow
PlanetWeb 1.14 - GET Buffer Overflow
My Web Server 1.0.1/1.0.2 - Long GET Request Denial of Service
My Web Server 1.0.1/1.0.2 - GET Denial of Service
Monkey HTTP Server 0.4/0.5 - Invalid POST Request Denial of Service
Monkey HTTP Server 0.4/0.5 - Invalid POST Denial of Service
Linksys Devices 1.42/1.43 - GET Request Buffer Overflow
Linksys Devices 1.42/1.43 - GET Buffer Overflow
Netgear ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service
NETGEAR ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service
VisNetic ActiveDefense 1.3.1 - Multiple GET Request Denial of Service
VisNetic ActiveDefense 1.3.1 - GET Multiple Denial of Service
Pi3Web 2.0.1 - GET Request Denial of Service
Pi3Web 2.0.1 - GET Denial of Service
Snowblind Web Server 1.0/1.1 - GET Request Buffer Overflow
Snowblind Web Server 1.0/1.1 - GET Buffer Overflow
ArGoSoft Mail Server 1.8.3.5 - Multiple GET Requests Denial of Service
WebBBS Pro 1.18 - GET Request Denial of Service
ArGoSoft Mail Server 1.8.3.5 - GET Multiple Denial of Service
WebBBS Pro 1.18 - GET Denial of Service
Proxomitron Proxy Server - Long GET Request Remote Denial of Service
Proxomitron Proxy Server - GET Remote Denial of Service
Armida Databased Web Server 1.0 - Remote GET Request Denial of Service
Armida Databased Web Server 1.0 - GET Remote Denial of Service
Twilight WebServer 1.3.3.0 - 'GET' Request Buffer Overflow
Twilight WebServer 1.3.3.0 - GET Buffer Overflow
Sami FTP Server 1.1.3 - Library Crafted GET Request Remote Denial of Service
Sami FTP Server 1.1.3 - Library Crafted GET Remote Denial of Service
Loom Software SurfNow 1.x/2.x - Remote GET Request Denial of Service
Loom Software SurfNow 1.x/2.x - GET Remote Denial of Service
Sambar Server 6.0 - 'results.stm' POST Request Buffer Overflow
Sambar Server 6.0 - 'results.stm' POST Buffer Overflow
Linksys PSUS4 PrintServer - POST Request Denial of Service
Linksys PSUS4 PrintServer - POST Denial of Service
Thomson TCW690 Cable Modem ST42.03.0a - Long GET Request Denial of Service
Thomson TCW690 Cable Modem ST42.03.0a - GET Denial of Service
Netgear ProSafe - Denial of Service
NETGEAR ProSafe - Denial of Service
Multiple IEA Software Products - POST Request Denial of Service
Multiple IEA Software Products - POST Denial of Service
Netgear WGR614 - Administration Interface Remote Denial of Service
NETGEAR WGR614 - Administration Interface Remote Denial of Service
Remote Help HTTP 0.0.7 - GET Request Format String Denial of Service
Remote Help HTTP 0.0.7 - GET Format String Denial of Service
Geo++ GNCASTER 1.4.0.7 - GET Request Denial of Service
Geo++ GNCASTER 1.4.0.7 - GET Denial of Service
D-Link WBR-2310 1.0.4 - GET Request Remote Buffer Overflow
D-Link WBR-2310 1.0.4 - GET Remote Buffer Overflow
Polipo 1.0.4.1 - POST/PUT Requests HTTP Header Processing Denial of Service
Polipo 1.0.4.1 - POST/PUT HTTP Header Processing Denial of Service
CoDeSys 3.4 - HTTP POST Request Null Pointer Content-Length Parsing Remote Denial of Service
CoDeSys 3.4 - HTTP POST Null Pointer Content-Length Parsing Remote Denial of Service
Zoom Player - '.avi' File Divide-by-Zero Denial of Service
Zoom Player - '.avi' Divide-by-Zero Denial of Service
Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated '.SWF' File (1)
Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated '.SWF' File (2)
Adobe Flash - '.SWF' Out-of-Bounds Memory Read (1)
Adobe Flash - '.SWF' Out-of-Bounds Memory Read (2)
Microsoft Windows - Cursor Object Potential Memory Leak (MS15-115)
Microsoft Windows - Cursor Object Memory Leak (MS15-115)
Adobe Photoshop CC / Bridge CC - '.png' File Parsing Memory Corruption (1)
Adobe Photoshop CC / Bridge CC - '.png' File Parsing Memory Corruption (2)
Adobe Photoshop CC & Bridge CC - '.iff' File Parsing Memory Corruption
Adobe Photoshop CC / Bridge CC - '.png' Parsing Memory Corruption (1)
Adobe Photoshop CC / Bridge CC - '.png' Parsing Memory Corruption (2)
Adobe Photoshop CC & Bridge CC - '.iff' Parsing Memory Corruption
Adobe Flash - '.MP4' File Stack Corruption
Adobe Flash - '.MP4' Stack Corruption
Adobe Photoshop CS2 / CS3 - Unspecified '.bmp' File Buffer Overflow
Adobe Photoshop CS2 / CS3 - '.bmp' Buffer Overflow
Zoom Player Pro 3.30 - '.m3u' File Buffer Overflow (SEH)
Zoom Player Pro 3.30 - '.m3u' Buffer Overflow (SEH)
Linux Kernel 2.2.x/2.4.x - '/proc' Filesystem Potential Information Disclosure
Linux Kernel 2.2.x/2.4.x - '/proc' Filesystem Information Disclosure
Adrenalin Player 2.2.5.3 - '.m3u' File Buffer Overflow (SEH) (ASLR + DEP Bypass)
Adrenalin Player 2.2.5.3 - '.m3u' Buffer Overflow (SEH) (ASLR + DEP Bypass)
Netgear Genie 2.4.32 - Unquoted Service Path Privilege Escalation
NETGEAR Genie 2.4.32 - Unquoted Service Path Privilege Escalation
CyberLink LabelPrint < 2.5 - Buffer Overflow (SEH Unicode)
LimeWire 4.1.2 < 4.5.6 - Inappropriate GET Request Remote Exploit
LimeWire 4.1.2 < 4.5.6 - Inappropriate GET Remote Exploit
PMSoftware Simple Web Server - GET Request Remote Buffer Overflow
PMSoftware Simple Web Server - GET Remote Buffer Overflow
Fenice Oms 1.10 - Long GET Request Remote Buffer Overflow
Fenice Oms 1.10 - GET Remote Buffer Overflow
webdesproxy 0.0.1 - GET Request Remote Buffer Overflow
webdesproxy 0.0.1 - GET Remote Buffer Overflow
webdesproxy 0.0.1 - (exec-shield) GET Request Remote Code Execution
webdesproxy 0.0.1 - (exec-shield) GET Remote Code Execution
Savant Web Server 3.1 - GET Request Remote Overflow (Universal)
Savant Web Server 3.1 - GET Remote Overflow (Universal)
Belkin Wireless G Plus MIMO Router F5D9230-4 - Authentication Bypass
Belkin F5D9230-4 Wireless G Plus MIMO Router - Authentication Bypass
Netgear WG102 - Leaks SNMP Write Password With Read Access
NETGEAR WG102 - Leaks SNMP Write Password With Read Access
XBMC 8.10 (Windows) - GET Request Remote Buffer Overflow
XBMC 8.10 (Windows) - GET Remote Buffer Overflow
XBMC 8.10 - GET Request Remote Buffer Overflow (SEH) (Universal)
XBMC 8.10 - GET Remote Buffer Overflow (SEH) (Universal)
Netgear WNR2000 FW 1.2.0.8 - Information Disclosure
NETGEAR WNR2000 FW 1.2.0.8 - Information Disclosure
Kolibri+ Web Server 2 - GET Request Remote Overwrite (SEH)
Kolibri+ Web Server 2 - GET Remote Overwrite (SEH)
BigAnt Server 2.50 - GET Request Remote Buffer Overflow (SEH)
BigAnt Server 2.50 - GET Remote Buffer Overflow (SEH)
BigAnt Server 2.50 - GET Request Universal Remote Buffer Overflow (SEH)
BigAnt Server 2.50 - GET Universal Remote Buffer Overflow (SEH)
httpdx 1.4 - GET Request Buffer Overflow
httpdx 1.4 - GET Buffer Overflow
Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)
NETGEAR WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit)
Proxy-Pro Professional GateKeeper 4.7 - GET Request Overflow (Metasploit)
Proxy-Pro Professional GateKeeper 4.7 - GET Overflow (Metasploit)
Linksys WRT54 (Access Point) - apply.cgi Buffer Overflow (Metasploit)
Linksys WRT54 Access Point - apply.cgi Buffer Overflow (Metasploit)
Oracle Weblogic Apache Connector - POST Request Buffer Overflow (Metasploit)
Oracle Weblogic Apache Connector - POST Buffer Overflow (Metasploit)
Berkeley Sendmail 5.58 - Debug exploit
Berkeley Sendmail 5.58 - Debug Exploit
A-V Tronics InetServ 3.0 - WebMail Long GET Request
A-V Tronics InetServ 3.0 - WebMail GET Exploit
Light HTTPD 0.1 - GET Request Buffer Overflow (1)
Light HTTPD 0.1 - GET Request Buffer Overflow (2)
Light HTTPD 0.1 - GET Buffer Overflow (1)
Light HTTPD 0.1 - GET Buffer Overflow (2)
Netgear FM114P Wireless Firewall - File Disclosure
NETGEAR FM114P Wireless Firewall - File Disclosure
Athttpd 0.4b - Remote GET Request Buffer Overrun
Athttpd 0.4b - GET Remote Buffer Overrun
IA WebMail Server 3.0/3.1 - Long GET Request Buffer Overrun
IA WebMail Server 3.0/3.1 - GET Buffer Overrun
Monit 1.4/2.x/3/4 - Overly Long HTTP Request Buffer Overrun
Monit 1.4/2.x/3/4 - Long HTTP Request Buffer Overrun
KarjaSoft Sami HTTP Server 1.0.4 - GET Request Buffer Overflow
KarjaSoft Sami HTTP Server 1.0.4 - GET Buffer Overflow
MyWeb HTTP Server 3.3 - GET Request Buffer Overflow
MyWeb HTTP Server 3.3 - GET Buffer Overflow
Omnicron OmniHTTPd 2.x/3.0 - GET Request Buffer Overflow
Omnicron OmniHTTPd 2.x/3.0 - GET Buffer Overflow
Netgear RP114 3.26 - Content Filter Bypass
NETGEAR RP114 3.26 - Content Filter Bypass
Netgear DGN1000B - setup.cgi Remote Command Execution (Metasploit)
NETGEAR DGN1000B - setup.cgi Remote Command Execution (Metasploit)
Netgear DGN2200B - pppoe.cgi Remote Command Execution (Metasploit)
NETGEAR DGN2200B - pppoe.cgi Remote Command Execution (Metasploit)
Netgear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow
NETGEAR MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow
Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow
NETGEAR WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow
Netgear ReadyNAS - Perl Code Evaluation (Metasploit)
NETGEAR ReadyNAS - Perl Code Evaluation (Metasploit)
Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting
NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting
Zoom Player 3.30/5/6 - Crafted '.ZPL' File Error Message Arbitrary Code Execution
Zoom Player 3.30/5/6 - '.ZPL' Error Message Arbitrary Code Execution
Ultra Mini HTTPD 1.21 - POST Request Stack Buffer Overflow
Ultra Mini HTTPD 1.21 - POST Stack Buffer Overflow
Kolibri Web Server 2.0 - GET Request Stack Buffer Overflow
Kolibri Web Server 2.0 - GET Stack Buffer Overflow
NetGear WNR2000 - Multiple Information Disclosure Vulnerabilities
NETGEAR WNR2000 - Multiple Information Disclosure Vulnerabilities
HTTP 1.1 - GET Request Directory Traversal
HTTP 1.1 - GET Directory Traversal
Kolibri Web Server 2.0 - GET Request (SEH)
D-Link Devices - 'info.cgi' POST Request Buffer Overflow (Metasploit)
Kolibri Web Server 2.0 - GET Exploit (SEH)
D-Link Devices - 'info.cgi' POST Buffer Overflow (Metasploit)
Belkin n750 - jump login Parameter Buffer Overflow
Belkin N750 - jump login Parameter Buffer Overflow
Netgear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities
NETGEAR WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities
Belkin Wireless Router Default - WPS PIN Security
Belkin Wireless Router - Default WPS PIN Security
Easy File Sharing Web Server 7.2 - GET Request Buffer Overflow (SEH)
Easy File Sharing Web Server 7.2 - GET Buffer Overflow (SEH)
Netgear D6300B - '/diag.cgi' 'IPAddr4' Parameter Remote Command Execution
NETGEAR D6300B - '/diag.cgi' 'IPAddr4' Parameter Remote Command Execution
Netgear ProSafe Network Management System NMS300 - Arbitrary File Upload (Metasploit)
NETGEAR NMS300 ProSafe Network Management System - Arbitrary File Upload (Metasploit)
NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vulnerabilities
NUUO NVRmini2 / NVRsolo / Crystal Devices / NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities
NETGEAR ADSL Router JNR1010 - Authenticated Remote File Disclosure
NETGEAR ADSL Router WNR500/WNR612v3/JNR1010/JNR2010 - Authenticated Remote File Disclosure
NETGEAR JNR1010 ADSL Router - Authenticated Remote File Disclosure
NETGEAR WNR500/WNR612v3/JNR1010/JNR2010 ADSL Router - Authenticated Remote File Disclosure
Netgear R7000 and R6400 - 'cgi-bin' Command Injection (Metasploit)
NETGEAR R7000 / R6400 - 'cgi-bin' Command Injection (Metasploit)
Easy File Sharing Web Server 7.2 - GET Request 'PassWD' Buffer Overflow (SEH)
Easy File Sharing Web Server 7.2 - GET 'PassWD' Buffer Overflow (SEH)
Supervisor 3.0a1 - 3.3.2 - XML-RPC Authenticated Remote Code Execution (Metasploit)
Netgear DGN2200 - dnslookup.cgi Command Injection (Metasploit)
NETGEAR DGN2200 - dnslookup.cgi Command Injection (Metasploit)
Easy File Sharing Web Server 7.2 - GET Request 'PassWD' Buffer Overflow (DEP Bypass)
Easy File Sharing Web Server 7.2 - GET 'PassWD' Buffer Overflow (DEP Bypass)
Belkin NetCam F7D7601 - Multiple Vulnerabilities
Belkin F7D7601 NetCam - Multiple Vulnerabilities
Alienvault Open Source SIEM (OSSIM) < 4.8.0 - 'get_file' Information Disclosure (Metasploit)
Alienvault Open Source SIEM (OSSIM) < 4.8.0 - 'get_file' Information Disclosure (Metasploit)
Disk Pulse Enterprise 10.0.12 - GET Buffer Overflow (SEH)
Oracle 9i XDB 9.2.0.1 - HTTP PASS Buffer Overflow
Quezza BB 1.0 - (quezza_root_path) File Inclusion
Quezza BB 1.0 - 'quezza_root_path' File Inclusion
The Bible Portal Project 2.12 - (destination) File Inclusion
The Bible Portal Project 2.12 - 'destination' File Inclusion
Vivvo Article Manager 3.2 - (classified_path) File Inclusion
Vivvo Article Manager 3.2 - 'classified_path' File Inclusion
Forum82 < 2.5.2b - (repertorylevel) Multiple File Inclusion
Forum82 < 2.5.2b - 'repertorylevel' Multiple File Inclusion
OpenDock Easy Doc 1.4 - (doc_directory) File Inclusion
OpenDock Easy Blog 1.4 - (doc_directory) File Inclusion
WebYep 1.1.9 - (webyep_sIncludePath) File Inclusion
OpenDock Easy Gallery 1.4 - (doc_directory) File Inclusion
OpenDock Easy Doc 1.4 - 'doc_directory' File Inclusion
OpenDock Easy Blog 1.4 - 'doc_directory' File Inclusion
WebYep 1.1.9 - 'webyep_sIncludePath' File Inclusion
OpenDock Easy Gallery 1.4 - 'doc_directory' File Inclusion
Open Conference Systems 1.1.4 - (fullpath) File Inclusion
Open Conference Systems 1.1.4 - 'fullpath' File Inclusion
SpeedBerg 1.2beta1 - (SPEEDBERG_PATH) File Inclusion
SpeedBerg 1.2beta1 - 'SPEEDBERG_PATH' File Inclusion
PhpShop Core 0.9.0 RC1 - (PS_BASE) File Inclusion
PhpShop Core 0.9.0 RC1 - 'PS_BASE' File Inclusion
Phpjobscheduler 3.0 - (installed_config_file) File Inclusion
Phpjobscheduler 3.0 - 'installed_config_file' File Inclusion
Magic Photo Storage Website - _config[site_path] File Inclusion
Magic Photo Storage Website - '_config[site_path]' File Inclusion
Linksys Cisco WAG120N - Cross-Site Request Forgery
Cisco Linksys WAG120N - Cross-Site Request Forgery
Belkin G Wireless Router F5D7234-4 v5 - Exploit
Belkin F5D7234-4 v5 G Wireless Router - Exploit
Netgear Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery
NETGEAR Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery
PHP-Nuke 6.x/7.x - Modpath Parameter Potential File Inclusion
PHP-Nuke 6.x/7.x - 'Modpath' Parameter File Inclusion
Netgear SPH200D - Multiple Vulnerabilities
NETGEAR SPH200D - Multiple Vulnerabilities
Netgear DGN1000B - Multiple Vulnerabilities
NETGEAR DGN1000B - Multiple Vulnerabilities
Netgear DGN2200B - Multiple Vulnerabilities
NETGEAR DGN2200B - Multiple Vulnerabilities
Netgear WNR1000 - Authentication Bypass
NETGEAR WNR1000 - Authentication Bypass
PHPMyVisites 1.3 - Set_Lang File Inclusion
PHPMyVisites 1.3 - 'Set_Lang' File Inclusion
PPA 0.5.6 - ppa_root_path File Inclusion
PPA 0.5.6 - 'ppa_root_path' File Inclusion
Netgear WPN824v3 - Unauthorized Config Download
NETGEAR WPN824v3 - Unauthorized Config Download
Netgear DGN1000 / DGN2200 - Multiple Vulnerabilities
NETGEAR DGN1000 / DGN2200 - Multiple Vulnerabilities
Netgear ProSafe - Information Disclosure
NETGEAR ProSafe - Information Disclosure
Netgear WNR1000v3 - Password Recovery Credential Disclosure (Metasploit)
NETGEAR WNR1000v3 - Password Recovery Credential Disclosure (Metasploit)
Simple Machines Forum (SMF) 1.1.6 - POST Request Filter Security Bypass
Simple Machines Forum (SMF) 1.1.6 - POST Filter Security Bypass
Netgear N600 Wireless Dual Band WNDR3400 - Multiple Vulnerabilities
NETGEAR WNDR3400 N600 Wireless Dual Band - Multiple Vulnerabilities
Belkin Router AC1200 Firmware 1.00.27 - Authentication Bypass
Belkin AC1200 Router Firmware 1.00.27 - Authentication Bypass
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting
NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting
Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure
NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure
ManageEngine ADSelfService Plus 4.4 - POST Request Manipulation Security Question
ManageEngine ADSelfService Plus 4.4 - POST Manipulation Security Question
Netgear ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure
NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure
Netgear Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation
NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation
Netgear Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities
NETGEAR Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities
Belkin Router N150 1.00.08/1.00.09 - Directory Traversal
Belkin N150 Router 1.00.08/1.00.09 - Directory Traversal
eBay Magento CE 1.9.2.1 - Unrestricted Cron Script (Potential Code Execution / Denial of Service)
eBay Magento CE 1.9.2.1 - Unrestricted Cron Script (Code Execution / Denial of Service)
Belkin N150 Wireless Home Router F9K1009 v1 - Multiple Vulnerabilities
Belkin N150 Wireless Router F9K1009 v1 - Multiple Vulnerabilities
Netgear WNR1000v4 - Authentication Bypass
NETGEAR WNR1000v4 - Authentication Bypass
Netgear ProSafe Network Management System NMS300 - Multiple Vulnerabilities
NETGEAR NMS300 ProSafe Network Management System - Multiple Vulnerabilities
Netgear R7000 - Command Injection
Netgear R7000 - Cross-Site Scripting
NETGEAR R7000 - Command Injection
NETGEAR R7000 - Cross-Site Scripting
Tenda N3 Wireless N150 Home Router - Authentication Bypass
Tenda N3 Wireless N150 Router - Authentication Bypass
DenyAll WAF < 6.3.0 - Remote Code Execution (Metasploit)
Lending And Borrowing - 'pid' Parameter SQL Injection
Multi Level Marketing - SQL Injection
Cash Back Comparison Script 1.0 - SQL Injection
Claydip Airbnb Clone 1.0 - Arbitrary File Upload
Secure E-commerce Script 1.02 - 'sid' Parameter SQL Injection
PHP Auction Ecommerce Script 1.6 - SQL Injection
JitBit HelpDesk < 9.0.2 - Authentication Bypass
2017-09-26 05:01:29 +00:00
Offensive Security
90ecd7f9e4
DB: 2017-09-23
...
1 new exploits
Linux Kernel <= 4.13.1 - BlueTooth Buffer Overflow (PoC)
Linux Kernel < 4.13.1 - BlueTooth Buffer Overflow (PoC)
Stock Photo Selling 1.0 - SQL Injection
2017-09-23 11:07:27 +00:00
Offensive Security
92bfb7616d
DB: 2017-09-22
...
7 new exploits
Linux Kernel <= 4.13.1 - BlueTooth Buffer Overflow (PoC)
Microsoft Edge - Chakra Incorrectly Parses Object Patterns
Microsoft Edge Chakra - Deferred Parsing Makes Wrong Scopes
Microsoft Edge Chakra - 'Parser::ParseCatch' does not Handle 'eval'
Microsoft Edge Chakra - 'JavascriptFunction::ReparseAsmJsModule' Incorrectly Re-parses
Disk Pulse Enterprise 9.9.16 - GET Buffer Overflow (Metasploit)
PHPMyFAQ 2.9.8 - Cross-Site Scripting
2017-09-22 05:01:23 +00:00
Offensive Security
5c25046219
DB: 2017-09-21
2017-09-21 05:01:19 +00:00
Offensive Security
13a6e2baaf
DB: 2017-09-20
...
8 new exploits
McAfee E-Business Server 8.5.2 - Remote Unauthenticated Code Execution / Denial of Service (PoC)
McAfee E-Business Server 8.5.2 - Unauthenticated Remote Code Execution / Denial of Service (PoC)
Apple macOS - Local Privilege Escalation Due to Lack of Bounds Checking in HIServices Custom CFObject Serialization
Apple macOS - Privilege Escalation Due to Lack of Bounds Checking in HIServices Custom CFObject Serialization
Microsoft Edge 38.14393.1066.0 - Memory Corruption with Partial Page Loading
Microsoft Edge 38.14393.1066.0 - 'COptionsCollectionCacheItem::GetAt' Out-of-Bounds Read
Xcode OpenBase 9.1.5 (OSX) - (root file create) Privilege Escalation
Xcode OpenBase 9.1.5 (OSX) - (Root File Create) Privilege Escalation
Xcode OpenBase 10.0.0 (OSX) - (unsafe system call) Privilege Escalation
Xcode OpenBase 10.0.0 (OSX) - (Unsafe System Call) Privilege Escalation
eTrust AntiVirus Agent r8 - Local Privilege Escalation
eTrust AntiVirus Agent r8 - Privilege Escalation
WICD 1.7.1 - Local Privilege Escalation
WICD 1.7.1 - Privilege Escalation
Novell Client 4.91 SP4 - Local Privilege Escalation
Novell Client 4.91 SP4 - Privilege Escalation
H-Sphere Webshell 2.4 - Privilege Escalation
H-Sphere WebShell 2.4 - Privilege Escalation
Zend Platform 2.2.1 - PHP.INI File Modification
Zend Platform 2.2.1 - 'PHP.INI' File Modification
AIX 7.1 - lquerylv Privilege Escalation
AIX 7.1 - 'lquerylv' Privilege Escalation
sheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation
Sheed AntiVirus 2.3 - Unquoted Service Path Privilege Escalation
Serviio PRO 1.8 DLNA Media Streaming Server - Local Privilege Escalation
Serviio PRO 1.8 DLNA Media Streaming Server - Privilege Escalation
Automated Logic WebCTRL 6.5 - Local Privilege Escalation
Automated Logic WebCTRL 6.5 - Privilege Escalation
Netdecision 5.8.2 - Local Privilege Escalation
Netdecision 5.8.2 - Privilege Escalation
H-Sphere Webshell 2.4 - Remote Command Execution
H-Sphere WebShell 2.4 - Remote Command Execution
NetIQ Privileged User Manager 2.3.1 - 'ldapagnt_eval()' Remote Perl Code Execution (Metasploit)
NetIQ Privileged User Manager 2.3.1 - 'ldapagnt_eval()' Perl Remote Code Execution (Metasploit)
STUNSHELL Web Shell - Remote PHP Code Execution (Metasploit)
STUNSHELL Web Shell - PHP Remote Code Execution (Metasploit)
v0pCr3w Web Shell - Remote Code Execution (Metasploit)
v0pCr3w (Web Shell) - Remote Code Execution (Metasploit)
InstantCMS 1.6 - Remote PHP Code Execution (Metasploit)
InstantCMS 1.6 - PHP Remote Code Execution (Metasploit)
Drupal Module RESTWS 7.x - Remote PHP Code Execution (Metasploit)
Drupal Module RESTWS 7.x - PHP Remote Code Execution (Metasploit)
HPE < 7.2 - Java Deserialization
Tecnovision DLX Spot - SSH Backdoor
phpBB 2.0.15 - (highlight) Remote PHP Code Execution
phpBB 2.0.15 - 'highlight' PHP Remote Code Execution
phpBB 2.0.15 - Remote PHP Code Execution (Metasploit)
phpBB 2.0.15 - PHP Remote Code Execution (Metasploit)
versatileBulletinBoard 1.00 RC2 - (board takeover) SQL Injection
versatileBulletinBoard 1.00 RC2 - 'board takeover' SQL Injection
VuBB Forum RC1 - (m) SQL Injection
VuBB Forum RC1 - 'm' SQL Injection
Wizz Forum 1.20 - (TopicID) SQL Injection
PHPWebThings 1.4 - (msg/forum) SQL Injection
Wizz Forum 1.20 - 'TopicID' SQL Injection
PHPWebThings 1.4 - 'msg'/'forum' SQL Injection
webSPELL 4.01 - (title_op) SQL Injection
webSPELL 4.01 - 'title_op' SQL Injection
YapBB 1.2 - (cfgIncludeDirectory) Remote Command Execution
YapBB 1.2 - 'cfgIncludeDirectory' Remote Command Execution
TopList 1.3.8 - (phpBB Hack) Remote File Inclusion (1)
Advanced Guestbook 2.4.0 - (phpBB) File Inclusion
TopList 1.3.8 - (phpBB Hack) Remote File Inclusion (2)
Advanced Guestbook 2.4.0 - (phpBB) Remote File Inclusion
TopList 1.3.8 - 'phpBB Hack' Remote File Inclusion (1)
Advanced Guestbook 2.4.0 - 'phpBB' File Inclusion
TopList 1.3.8 - 'phpBB Hack' Remote File Inclusion (2)
Advanced Guestbook 2.4.0 - 'phpBB' Remote File Inclusion
Knowledge Base Mod 2.0.2 - (phpBB) Remote File Inclusion
Knowledge Base Mod 2.0.2 - 'phpBB' Remote File Inclusion
phpRaid 3.0.b3 - (phpBB/SMF) Remote File Inclusion
pafileDB 2.0.1 - (mxBB/phpBB) Remote File Inclusion
phpRaid 3.0.b3 - 'phpBB'/'SMF' Remote File Inclusion
pafileDB 2.0.1 - 'mxBB'/'phpBB' Remote File Inclusion
Foing 0.7.0 - (phpBB) Remote File Inclusion
Foing 0.7.0 - 'phpBB' Remote File Inclusion
Activity MOD Plus 1.1.0 - (phpBB Mod) File Inclusion
Activity MOD Plus 1.1.0 - 'phpBB Mod' File Inclusion
Blend Portal 1.2.0 - (phpBB Mod) Remote File Inclusion
Blend Portal 1.2.0 - 'phpBB Mod' Remote File Inclusion
XMB 1.9.6 - (u2uid) SQL Injection (mq=off)
XMB 1.9.6 - (mq=off) 'u2uid' SQL Injection
Web3news 0.95 - (PHPSECURITYADMIN_PATH) Remote File Inclusion
Web3news 0.95 - 'PHPSECURITYADMIN_PATH' Remote File Inclusion
Yappa-ng 2.3.1 - (admin_modules) Remote File Inclusion
Yappa-ng 2.3.1 - 'admin_modules' Remote File Inclusion
TualBLOG 1.0 - (icerikno) SQL Injection
TualBLOG 1.0 - 'icerikno' SQL Injection
Tekman Portal 1.0 - (tr) SQL Injection
Tekman Portal 1.0 - 'tr' SQL Injection
MyReview 1.9.4 - (email) SQL Injection / Code Execution
MyReview 1.9.4 - 'email' SQL Injection / Code Execution
phpQuestionnaire 3.12 - (phpQRootDir) Remote File Inclusion
phpQuestionnaire 3.12 - 'phpQRootDir' Remote File Inclusion
phpBB Static Topics 1.0 - phpbb_root_path File Inclusion
phpBB Static Topics 1.0 - 'phpbb_root_path' File Inclusion
CentiPaid 1.4.2 - centipaid_class.php Remote File Inclusion
CentiPaid 1.4.2 - 'centipaid_class.php' Remote File Inclusion
webSPELL 4.01.01 - (getsquad) SQL Injection
webSPELL 4.01.01 - 'getsquad' SQL Injection
Osprey 1.0 - GetRecord.php Remote File Inclusion
Osprey 1.0 - 'GetRecord.php' Remote File Inclusion
Techno Dreams Announcement - (key) SQL Injection
Techno Dreams Guestbook 1.0 - (key) SQL Injection
Techno Dreams Announcement - 'key' SQL Injection
Techno Dreams Guestbook 1.0 - 'key' SQL Injection
GEPI 1.4.0 - gestion/savebackup.php Remote File Inclusion
GEPI 1.4.0 - 'gestion/savebackup.php' Remote File Inclusion
PHPGiggle 12.08 - (CFG_PHPGIGGLE_ROOT) File Inclusion
PHPGiggle 12.08 - 'CFG_PHPGIGGLE_ROOT' File Inclusion
mxBB Module Meeting 1.1.2 - Remote FileInclusion
mxBB Module Meeting 1.1.2 - Remote File Inclusion
Uploader & Downloader 3.0 - (id_user) SQL Injection
Uploader & Downloader 3.0 - 'id_user' SQL Injection
The Classified Ad System 1.0 - (main) SQL Injection
The Classified Ad System 1.0 - 'main' SQL Injection
VisoHotlink 1.01 - functions.visohotlink.php Remote File Inclusion
VisoHotlink 1.01 - 'functions.visohotlink.php' Remote File Inclusion
vhostadmin 0.1 - (MODULES_DIR) Remote File Inclusion
vhostadmin 0.1 - 'MODULES_DIR' Remote File Inclusion
XLAtunes 0.1 - (album) SQL Injection
XLAtunes 0.1 - 'album' SQL Injection
webSPELL 4.01.02 - (topic) SQL Injection
webSPELL 4.01.02 - 'topic' SQL Injection
webSPELL 4.01.02 - Remote PHP Code Execution
webSPELL 4.01.02 - PHP Remote Code Execution
PHP-Nuke - iFrame (iframe.php) Remote File Inclusion
PHP-Nuke - 'iframe.php' Remote File Inclusion
XOOPS Module Camportail 1.1 - (camid) SQL Injection
XOOPS Module Camportail 1.1 - 'camid' SQL Injection
Mutant 0.9.2 - mutant_functions.php Remote File Inclusion
Mutant 0.9.2 - 'mutant_functions.php' Remote File Inclusion
Original 0.11 - config.inc.php x[1] Remote File Inclusion
Original 0.11 - 'config.inc.php' 'x[1]' Remote File Inclusion
Glossword 1.8.1 - custom_vars.php Remote File Inclusion
Glossword 1.8.1 - 'custom_vars.php' Remote File Inclusion
GeekLog 2.x - ImageImageMagick.php Remote File Inclusion
GeekLog 2.x - 'ImageImageMagick.php' Remote File Inclusion
Vizayn Urun Tanitim Sistemi 0.2 - (tr) SQL Injection
Vizayn Urun Tanitim Sistemi 0.2 - 'tr' SQL Injection
WBB2-Addon: Acrotxt 1.0 - (show) SQL Injection
WBB2-Addon: Acrotxt 1.0 - 'show' SQL Injection
STPHPLibrary - (STPHPLIB_DIR) Remote File Inclusion
STPHPLibrary - 'STPHPLIB_DIR' Remote File Inclusion
phpFFL 1.24 - PHPFFL_FILE_ROOT Remote File Inclusion
phpFFL 1.24 - 'PHPFFL_FILE_ROOT' Remote File Inclusion
phpBB Mod OpenID 0.2.0 - BBStore.php Remote File Inclusion
phpBB Mod OpenID 0.2.0 - 'BBStore.php' Remote File Inclusion
LiveAlbum 0.9.0 - common.php Remote File Inclusion
LiveAlbum 0.9.0 - 'common.php' Remote File Inclusion
Pindorama 0.1 - client.php Remote File Inclusion
Pindorama 0.1 - 'client.php' Remote File Inclusion
Socketmail 2.2.8 - fnc-readmail3.php Remote File Inclusion
TOWeLS 0.1 - scripture.php Remote File Inclusion
Socketmail 2.2.8 - 'fnc-readmail3.php' Remote File Inclusion
TOWeLS 0.1 - 'scripture.php' Remote File Inclusion
Sige 0.1 - sige_init.php Remote File Inclusion
Sige 0.1 - 'sige_init.php' Remote File Inclusion
Scribe 0.2 - Remote PHP Code Execution
Scribe 0.2 - PHP Remote Code Execution
patBBcode 1.0 - bbcodeSource.php Remote File Inclusion
patBBcode 1.0 - 'bbcodeSource.php' Remote File Inclusion
Tilde CMS 4.x - (aarstal) SQL Injection
Tilde CMS 4.x - 'aarstal' SQL Injection
CityWriter 0.9.7 - head.php Remote File Inclusion
CityWriter 0.9.7 - 'head.php' Remote File Inclusion
PhpMyDesktop/Arcade 1.0 Final - (phpdns_basedir) Remote File Inclusion
PhpMyDesktop/Arcade 1.0 Final - 'phpdns_basedir' Remote File Inclusion
WebSihirbazi 5.1.1 - (pageid) SQL Injection
WebSihirbazi 5.1.1 - 'pageid' SQL Injection
Blakord Portal Beta 1.3.A - (all modules) SQL Injection
Blakord Portal Beta 1.3.A - (All Modules) SQL Injection
PHP Links 1.3 - smarty.php Remote File Inclusion
PHP Links 1.3 - 'smarty.php' Remote File Inclusion
Aterr 0.9.1 - Local File Inclusion (PHP5)
Aterr 0.9.1 - PHP5 Local File Inclusion
phpEmployment - (PHP upload) Arbitrary File Upload
phpEmployment - 'PHP Upload' Arbitrary File Upload
XOOPS 2.3.2 - 'mydirname' Remote PHP Code Execution
XOOPS 2.3.2 - 'mydirname' PHP Remote Code Execution
Xplode CMS - (wrap_script) SQL Injection
Xplode CMS - 'wrap_script' SQL Injection
VS PANEL 7.3.6 - (Cat_ID) SQL Injection
VS PANEL 7.3.6 - 'Cat_ID' SQL Injection
WebMember 1.0 - (formID) SQL Injection
WebMember 1.0 - 'formID' SQL Injection
Dokuwiki 2009-02-14 - Remote/Temporary File Inclusion
Dokuwiki 2009-02-14 - Temporary/Remote File Inclusion
Kjtechforce mailman b1 - (code) SQL Injection Delete Row
Kjtechforce mailman b1 - (Delete Row) 'code' SQL Injection
Virtue Classifieds - (category) SQL Injection
Virtue Classifieds - 'category' SQL Injection
XOOPS Celepar Module Qas - (codigo) SQL Injection
XOOPS Celepar Module Qas - 'codigo' SQL Injection
URA 3.0 - (cat) SQL Injection
URA 3.0 - 'cat' SQL Injection
TYPO3 CMS 4.0 - (showUid) SQL Injection
TYPO3 CMS 4.0 - 'showUid' SQL Injection
Typing Pal 1.0 - (idTableProduit) SQL Injection
Typing Pal 1.0 - 'idTableProduit' SQL Injection
Videos Broadcast Yourself 2 - (UploadID) SQL Injection
Videos Broadcast Yourself 2 - 'UploadID' SQL Injection
Uiga Church Portal - (year) SQL Injection
Uiga Church Portal - 'year' SQL Injection
Network Management/Inventory System - header.php Remote File Inclusion
Network Management/Inventory System - 'header.php' Remote File Inclusion
BASE 1.2.4 - base_qry_common.php Remote File Inclusion (Metasploit)
BASE 1.2.4 - 'base_qry_common.php' Remote File Inclusion (Metasploit)
PHP-Nuke 8.0 - ' News Module Cross-Site Scripting / HTML Code Injection
PHP-Nuke 8.0 - (News Module) Cross-Site Scripting / HTML Code Injection
Vivid Ads Shopping Cart - (prodid) SQL Injection
Vivid Ads Shopping Cart - 'prodid' SQL Injection
WorldPay Script Shop - (productdetail) SQL Injection
WorldPay Script Shop - 'productdetail' SQL Injection
tincan ltd - (section) SQL Injection
tincan ltd - 'section' SQL Injection
Template Seller Pro 3.25 - (tempid) SQL Injection
Template Seller Pro 3.25 - 'tempid' SQL Injection
Webloader 7 < 8 - (vid) SQL Injection
Webloader 7 < 8 - 'vid' SQL Injection
web5000 - (page_show) SQL Injection
web5000 - 'page_show' SQL Injection
Cosmos Solutions CMS - (id= / page=) SQL Injection
Cosmos Solutions CMS - 'id=' / 'page=' SQL Injection
iBoutique - (page) SQL Injection / Cross-Site Scripting
iBoutique - 'page' SQL Injection / Cross-Site Scripting
OpenX - (phpAdsNew) Remote File Inclusion
OpenX - 'phpAdsNew' Remote File Inclusion
System Shop - (Module aktka) SQL Injection
System Shop - 'Module aktka' SQL Injection
TikiWiki tiki-graph_formula - Remote PHP Code Execution (Metasploit)
TikiWiki tiki-graph_formula - PHP Remote Code Execution (Metasploit)
vBulletin 4.0.x 4.1.3 - (messagegroupid) SQL Injection
vBulletin 4.0.x 4.1.3 - 'messagegroupid' SQL Injection
PmWiki 2.2.34 - (pagelist) Remote PHP Code Injection (1)
PmWiki 2.2.34 - 'pagelist' Remote PHP Code Injection (1)
YABB SE 0.8/1.4/1.5 - Packages.php Remote File Inclusion
YABB SE 0.8/1.4/1.5 - 'Packages.php' Remote File Inclusion
Invision Board 1.1.1 - ipchat.php Remote File Inclusion
Invision Board 1.1.1 - 'ipchat.php' Remote File Inclusion
Typo3 3.5 b5 - Translations.php Remote File Inclusion
Typo3 3.5 b5 - 'Translations.php' Remote File Inclusion
Webchat 0.77 - Defines.php Remote File Inclusion
Webchat 0.77 - 'Defines.php' Remote File Inclusion
PHP-Nuke 6.5 - Multiple Downloads Module SQL Injection
PHP-Nuke 6.5 - (Multiple Downloads Module) SQL Injection
ttCMS 2.2/2.3 - header.php Remote File Inclusion
ttCMS 2.2/2.3 - 'header.php' Remote File Inclusion
PMachine 2.2.1 - Lib.Inc.php Remote File Inclusion Command Execution
PMachine 2.2.1 - 'Lib.Inc.php' Remote File Inclusion / Command Execution
HolaCMS 1.2.x - HTMLtags.php Local File Inclusion
HolaCMS 1.2.x - 'HTMLtags.php' Local File Inclusion
WebCalendar 0.9.x - Multiple Module SQL Injection
WebCalendar 0.9.x - (Multiple Modules) SQL Injection
PHP-Nuke 6.x - Multiple Module SQL Injection
PHP-Nuke 6.x - (Multiple Modules) SQL Injection
EasyDynamicPages 1.0 - 'config_page.php' Remote PHP File Inclusion
EasyDynamicPages 1.0 - 'config_page.php' PHP Remote File Inclusion
VisualShapers EZContents 1.4/2.0 - module.php Remote Command Execution
VisualShapers EZContents 1.4/2.0 - 'module.php' Remote Command Execution
Mambo Open Source 4.5/4.6 - mod_mainmenu.php Remote File Inclusion
Mambo Open Source 4.5/4.6 - 'mod_mainmenu.php' Remote File Inclusion
PHPGedView 2.x - [GED_File]_conf.php Remote File Inclusion
PHPGedView 2.x - '[GED_File]_conf.php' Remote File Inclusion
Laurent Adda Les Commentaires 2.0 - PHP Script fonctions.lib.php Remote File Inclusion
Laurent Adda Les Commentaires 2.0 - PHP Script derniers_commentaires.php Remote File Inclusion
Laurent Adda Les Commentaires 2.0 - PHP Script admin.php Remote File Inclusion
Laurent Adda Les Commentaires 2.0 - PHP Script 'fonctions.lib.php' Remote File Inclusion
Laurent Adda Les Commentaires 2.0 - PHP Script 'derniers_commentaires.php' Remote File Inclusion
Laurent Adda Les Commentaires 2.0 - PHP Script 'admin.php' Remote File Inclusion
VisualShapers EZContents 1.x/2.0 - db.php Arbitrary File Inclusion
VisualShapers EZContents 1.x/2.0 - archivednews.php Arbitrary File Inclusion
VisualShapers EZContents 1.x/2.0 - 'db.php' Arbitrary File Inclusion
VisualShapers EZContents 1.x/2.0 - 'archivednews.php' Arbitrary File Inclusion
VirtuaSystems VirtuaNews 1.0.x - Multiple Module Cross-Site Scripting Vulnerabilities
VirtuaSystems VirtuaNews 1.0.x - (Multiple Modules) Cross-Site Scripting Vulnerabilities
WarpSpeed 4nAlbum Module 0.92 - displaycategory.php basepath Parameter Remote File Inclusion
WarpSpeed 4nAlbum Module 0.92 - 'displaycategory.php' 'basepath' Parameter Remote File Inclusion
Gemitel 3.50 - affich.php Remote File Inclusion Command Injection
Gemitel 3.50 - 'affich.php' Remote File Inclusion / Command Injection
phpBB 2.0.x - album_portal.php Remote File Inclusion
phpBB 2.0.x - 'album_portal.php' Remote File Inclusion
Mail Manage EX 3.1.8 MMEX - Script Settings Parameter Remote PHP File Inclusion
Mail Manage EX 3.1.8 MMEX - Script Settings Parameter PHP Remote File Inclusion
Nucleus CMS 3.0 / Blog:CMS 3 / PunBB 1.x - Common.php Remote File Inclusion
Nucleus CMS 3.0 / Blog:CMS 3 / PunBB 1.x - 'Common.php' Remote File Inclusion
@lexPHPTeam @lex Guestbook 3.12 - Remote PHP File Inclusion
@lexPHPTeam @lex Guestbook 3.12 - PHP Remote File Inclusion
phpBB 2.0.x - 'admin_cash.php' Remote PHP File Inclusion
phpBB 2.0.x - 'admin_cash.php' PHP Remote File Inclusion
Stadtaus.Com Download Center Lite 1.5 - Remote PHP File Inclusion
Stadtaus.Com Download Center Lite 1.5 - PHP Remote File Inclusion
Work System eCommerce 3.0.3/3.0.4 - forum.php Remote File Inclusion
Work System eCommerce 3.0.3/3.0.4 - 'forum.php' Remote File Inclusion
phpGroupWare 0.9.14 - Tables_Update.Inc.php Remote File Inclusion
phpGroupWare 0.9.14 - 'Tables_Update.Inc.php' Remote File Inclusion
PANews 2.0 - Remote PHP Script Code Execution
PANews 2.0 - PHP Remote Code Execution
VoteBox 2.0 - Votebox.php Remote File Inclusion
VoteBox 2.0 - 'Votebox.php' Remote File Inclusion
McNews 1.x - install.php Arbitrary File Inclusion
McNews 1.x - 'install.php' Arbitrary File Inclusion
Vortex Portal 2.0 - content.php act Parameter Remote File Inclusion
Vortex Portal 2.0 - 'content.php' act Parameter Remote File Inclusion
phpBB 1.x/2.0.x - Knowledge Base Module KB.php SQL Injection
phpBB 1.x/2.0.x - (Knowledge Base Module) 'KB.php' SQL Injection
GrayCMS 1.1 - error.php Remote File Inclusion
GrayCMS 1.1 - 'error.php' Remote File Inclusion
PHP Poll Creator 1.0.1 - Poll_Vote.php Remote File Inclusion
PHP Poll Creator 1.0.1 - 'Poll_Vote.php' Remote File Inclusion
MWChat 6.7 - Start_Lobby.php Remote File Inclusion
MWChat 6.7 - 'Start_Lobby.php' Remote File Inclusion
Popper Webmail 1.41 - ChildWindow.Inc.php Remote File Inclusion
Popper Webmail 1.41 - 'ChildWindow.Inc.php' Remote File Inclusion
RaXnet Cacti 0.5/0.6/0.8 - Config_Settings.php Remote File Inclusion
RaXnet Cacti 0.5/0.6/0.8 - 'Config_Settings.php' Remote File Inclusion
RaXnet Cacti 0.5/0.6/0.8 - Top_Graph_Header.php Remote File Inclusion
RaXnet Cacti 0.5/0.6/0.8 - 'Top_Graph_Header.php' Remote File Inclusion
MyGuestbook 0.6.1 - Form.Inc.php3 Remote File Inclusion
MyGuestbook 0.6.1 - 'Form.Inc.php3' Remote File Inclusion
Comdev eCommerce 3.0 - config.php Remote File Inclusion
Comdev eCommerce 3.0 - 'config.php' Remote File Inclusion
PHPWebNotes 2.0 - Api.php Remote File Inclusion
PHPWebNotes 2.0 - 'Api.php' Remote File Inclusion
Autolinks 2.1 Pro - Al_initialize.php Remote File Inclusion
Autolinks 2.1 Pro - 'Al_initialize.php' Remote File Inclusion
MySource 2.14 - Socket.php PEAR_PATH Remote File Inclusion
MySource 2.14 - Request.php PEAR_PATH Remote File Inclusion
MySource 2.14 - 'Socket.php' 'PEAR_PATH' Remote File Inclusion
MySource 2.14 - 'Request.php' 'PEAR_PATH' Remote File Inclusion
MySource 2.14 - mail.php PEAR_PATH Remote File Inclusion
MySource 2.14 - Date.php PEAR_PATH Remote File Inclusion
MySource 2.14 - Span.php PEAR_PATH Remote File Inclusion
MySource 2.14 - mimeDecode.php PEAR_PATH Remote File Inclusion
MySource 2.14 - mime.php PEAR_PATH Remote File Inclusion
MySource 2.14 - 'mail.php' 'PEAR_PATH' Remote File Inclusion
MySource 2.14 - 'Date.php' 'PEAR_PATH' Remote File Inclusion
MySource 2.14 - 'Span.php' 'PEAR_PATH' Remote File Inclusion
MySource 2.14 - 'mimeDecode.php' 'PEAR_PATH' Remote File Inclusion
MySource 2.14 - 'mime.php' 'PEAR_PATH' Remote File Inclusion
Help Center Live 1.0/1.2/2.0 - module.php Local File Inclusion
Help Center Live 1.0/1.2/2.0 - 'module.php' Local File Inclusion
Tru-Zone Nuke ET 3.x - Search Module SQL Injection
Tru-Zone Nuke ET 3.x - (Search Module) SQL Injection
vtiger CRM 4.2 - RSS Aggregation Module Feed Cross-Site Scripting
vtiger CRM 4.2 - (RSS Aggregation Module Feed) Cross-Site Scripting
CF_Nuke 4.6 - index.cfm Local File Inclusion
CF_Nuke 4.6 - 'index.cfm' Local File Inclusion
Tolva 0.1 - Usermods.php Remote File Inclusion
Tolva 0.1 - 'Usermods.php' Remote File Inclusion
SPiD 1.3.1 - Scan_Lang_Insert.php Local File Inclusion
SPiD 1.3.1 - 'Scan_Lang_Insert.php' Local File Inclusion
PHORUM 3.x/5.x - Common.php Remote File Inclusion
PHORUM 3.x/5.x - 'Common.php' Remote File Inclusion
SPIP 1.8.3 - Spip_login.php Remote File Inclusion
SPIP 1.8.3 - 'Spip_login.php' Remote File Inclusion
CyBoards PHP Lite 1.21/1.25 - Common.php Remote File Inclusion
CyBoards PHP Lite 1.21/1.25 - 'Common.php' Remote File Inclusion
Monster Top List 1.4 - functions.php Remote File Inclusion
Monster Top List 1.4 - 'functions.php' Remote File Inclusion
I-RATER Platinum - Common.php Remote File Inclusion
I-RATER Platinum - 'Common.php' Remote File Inclusion
I-RATER Platinum - Config_settings.TPL.php Remote File Inclusion
I-RATER Platinum - 'Config_settings.TPL.php' Remote File Inclusion
Advanced Guestbook 2.x - Addentry.php Remote File Inclusion
Advanced Guestbook 2.x - 'Addentry.php' Remote File Inclusion
DMCounter 0.9.2 -b - Kopf.php Remote File Inclusion
phpBB Knowledge Base 2.0.2 - Mod KB_constants.php Remote File Inclusion
DMCounter 0.9.2 -b - 'Kopf.php' Remote File Inclusion
phpBB Knowledge Base 2.0.2 - 'Mod KB_constants.php' Remote File Inclusion
ISPConfig 2.2.2/2.2.3 - Session.INC.php Remote File Inclusion
ISPConfig 2.2.2/2.2.3 - 'Session.INC.php' Remote File Inclusion
RadScripts RadLance 7.0 - popup.php Local File Inclusion
RadScripts RadLance 7.0 - 'popup.php' Local File Inclusion
osTicket 1.x - Open_form.php Remote File Inclusion
osTicket 1.x - 'Open_form.php' Remote File Inclusion
Squirrelmail 1.4.x - Redirect.php Local File Inclusion
Squirrelmail 1.4.x - 'Redirect.php' Local File Inclusion
phpBB 2.0.x - template.php Remote File Inclusion
phpBB 2.0.x - 'template.php' Remote File Inclusion
phpBB - BBRSS.php Remote File Inclusion
phpBB - 'BBRSS.php' Remote File Inclusion
eNpaper1 - Root_Header.php Remote File Inclusion
eNpaper1 - 'Root_Header.php' Remote File Inclusion
CrisoftRicette 1.0 - Cookbook.php Remote File Inclusion
CrisoftRicette 1.0 - 'Cookbook.php' Remote File Inclusion
MF Piadas 1.0 - admin.php Remote File Inclusion
MF Piadas 1.0 - 'admin.php' Remote File Inclusion
SiteBuilder-FX - top.php Remote File Inclusion
SiteBuilder-FX - 'top.php' Remote File Inclusion
Blog:CMS 4.1 - Thumb.php Remote File Inclusion
Blog:CMS 4.1 - 'Thumb.php' Remote File Inclusion
Extcalendar 2.0 - Extcalendar.php Remote File Inclusion
Extcalendar 2.0 - 'Extcalendar.php' Remote File Inclusion
RW::Download - stats.php Remote File Inclusion
RW::Download - 'stats.php' Remote File Inclusion
PHP Event Calendar 1.4 - calendar.php Remote File Inclusion
PHP Event Calendar 1.4 - 'calendar.php' Remote File Inclusion
Forum 5 - pm.php Local File Inclusion
Forum 5 - 'pm.php' Local File Inclusion
Advanced Poll 2.0.2 - common.inc.php Remote File Inclusion
Advanced Poll 2.0.2 - 'common.inc.php' Remote File Inclusion
Prince Clan Chess Club 0.8 - Include.PCchess.php Remote File Inclusion
Prince Clan Chess Club 0.8 - 'Include.PCchess.php' Remote File Inclusion
Bosdates 3.x/4.0 - Payment.php Remote File Inclusion
Bosdates 3.x/4.0 - 'Payment.php' Remote File Inclusion
Moskool 1.5 Component - Admin.Moskool.php Remote File Inclusion
Moskool 1.5 Component - 'Admin.Moskool.php' Remote File Inclusion
WoW Roster 1.5 - hsList.php subdir Parameter Remote File Inclusion
WoW Roster 1.5 - 'hsList.php' 'subdir' Parameter Remote File Inclusion
VWar 1.5 - war.php vwar_root Parameter Remote File Inclusion
VWar 1.5 - member.php vwar_root Parameter Remote File Inclusion
VWar 1.5 - calendar.php vwar_root Parameter Remote File Inclusion
VWar 1.5 - challenge.php vwar_root Parameter Remote File Inclusion
VWar 1.5 - joinus.php vwar_root Parameter Remote File Inclusion
VWar 1.5 - news.php vwar_root Parameter Remote File Inclusion
VWar 1.5 - stats.php vwar_root Parameter Remote File Inclusion
VWar 1.5 - 'war.php' vwar_root Parameter Remote File Inclusion
VWar 1.5 - 'member.php' vwar_root Parameter Remote File Inclusion
VWar 1.5 - 'calendar.php' vwar_root Parameter Remote File Inclusion
VWar 1.5 - 'challenge.php' vwar_root Parameter Remote File Inclusion
VWar 1.5 - 'joinus.php' vwar_root Parameter Remote File Inclusion
VWar 1.5 - 'news.php' vwar_root Parameter Remote File Inclusion
VWar 1.5 - 'stats.php' vwar_root Parameter Remote File Inclusion
Mafia Moblog 6 - Big.php Remote File Inclusion
Mafia Moblog 6 - 'Big.php' Remote File Inclusion
WEBinsta Mailing List Manager 1.3 - Install3.php Remote File Inclusion
WEBinsta Mailing List Manager 1.3 - 'Install3.php' Remote File Inclusion
Zen Cart Web Shopping Cart 1.x - autoload_func.php autoLoadConfig[999][0][loadFile] Parameter Remote File Inclusion
Zen Cart Web Shopping Cart 1.x - 'autoload_func.php' 'autoLoadConfig[999][0][loadFile]' Parameter Remote File Inclusion
Jetbox CMS 2.1 - Search_function.php Remote File Inclusion
Jetbox CMS 2.1 - 'Search_function.php' Remote File Inclusion
In-portal In-Link 2.3.4 - ADODB_DIR.php Remote File Inclusion
In-portal In-Link 2.3.4 - 'ADODB_DIR.php' Remote File Inclusion
PHP-Proxima 6.0 - BB_Smilies.php Local File Inclusion
PHP-Proxima 6.0 - 'BB_Smilies.php' Local File Inclusion
WM-News 0.5 - print.php Local File Inclusion
Ractive Popper 1.41 - Childwindow.Inc.php Remote File Inclusion
WM-News 0.5 - 'print.php' Local File Inclusion
Ractive Popper 1.41 - 'Childwindow.Inc.php' Remote File Inclusion
Exporia 0.3 - Common.php Remote File Inclusion
Exporia 0.3 - 'Common.php' Remote File Inclusion
My-BIC 0.6.5 - Mybic_Server.php Remote File Inclusion
My-BIC 0.6.5 - 'Mybic_Server.php' Remote File Inclusion
Geotarget - script.php Remote File Inclusion
Geotarget - 'script.php' Remote File Inclusion
PHPSelect Web Development - index.php3 Remote File Inclusion
PHPSelect Web Development - 'index.php3' Remote File Inclusion
PHP Web Scripts Easy Banner - functions.php Remote File Inclusion
PHP Web Scripts Easy Banner - 'functions.php' Remote File Inclusion
PHP Polling Creator 1.03 - functions.inc.php Remote File Inclusion
PHP Polling Creator 1.03 - 'functions.inc.php' Remote File Inclusion
Softerra PHP Developer Library 1.5.3 - Grid3.lib.php Remote File Inclusion
BlueShoes Framework 4.6 - GoogleSearch.php Remote File Inclusion
Tagit2b - DelTagUser.php Remote File Inclusion
Softerra PHP Developer Library 1.5.3 - 'Grid3.lib.php' Remote File Inclusion
BlueShoes Framework 4.6 - 'GoogleSearch.php' Remote File Inclusion
Tagit2b - 'DelTagUser.php' Remote File Inclusion
CommunityPortals 1.0 - bug.php Remote File Inclusion
CommunityPortals 1.0 - 'bug.php' Remote File Inclusion
PHP TopSites FREE 1.022b - config.php Remote File Inclusion
PHP TopSites FREE 1.022b - 'config.php' Remote File Inclusion
Buzlas 2006-1 Full - Archive_Topic.php Remote File Inclusion
Buzlas 2006-1 Full - 'Archive_Topic.php' Remote File Inclusion
phpBB Add Name Module - Not_Mem.php Remote File Inclusion
phpBB Add Name Module - 'Not_Mem.php' Remote File Inclusion
RamaCMS - ADODB.Inc.php Remote File Inclusion
H-Sphere Webshell 2.x - 'login.php' Cross-Site Scripting
Mambo Module MOStlyCE 4.5.4 - HTMLTemplate.php Remote File Inclusion
Lodel CMS 0.7.3 - Calcul-page.php Remote File Inclusion
RamaCMS - 'ADODB.Inc.php' Remote File Inclusion
H-Sphere WebShell 2.x - 'login.php' Cross-Site Scripting
Mambo Module MOStlyCE 4.5.4 - 'HTMLTemplate.php' Remote File Inclusion
Lodel CMS 0.7.3 - 'Calcul-page.php' Remote File Inclusion
Maintain 3.0.0-RC2 - Example6.php Remote File Inclusion
Maintain 3.0.0-RC2 - 'Example6.php' Remote File Inclusion
Zorum 3.5 - DBProperty.php Remote File Inclusion
Zorum 3.5 - 'DBProperty.php' Remote File Inclusion
PHPMyConferences 8.0.2 - Init.php Remote File Inclusion
PHPMyConferences 8.0.2 - 'Init.php' Remote File Inclusion
PHPTreeView 1.0 - TreeViewClass.php Remote File Inclusion
PHPTreeView 1.0 - 'TreeViewClass.php' Remote File Inclusion
PLS-Bannieres 1.21 - Bannieres.php Remote File Inclusion
PLS-Bannieres 1.21 - 'Bannieres.php' Remote File Inclusion
The Search Engine Project 0.942 - Configfunction.php Remote File Inclusion
The Search Engine Project 0.942 - 'Configfunction.php' Remote File Inclusion
KnowledgeBuilder 2.2 - visEdit_Control.Class.php Remote File Inclusion
KnowledgeBuilder 2.2 - 'visEdit_Control.Class.php' Remote File Inclusion
NewP News Publishing System 1.0 - Class.Database.php Remote File Inclusion
NewP News Publishing System 1.0 - 'Class.Database.php' Remote File Inclusion
Advanced Guestbook 2.3.1 - admin.php Remote File Inclusion
Advanced Guestbook 2.3.1 - 'admin.php' Remote File Inclusion
@cid Stats 2.3 - Install.php3 Remote File Inclusion
@cid Stats 2.3 - 'Install.php3' Remote File Inclusion
PHPMyChat 0.14/0.15 - Languages.Lib.php Local File Inclusion
PHPMyChat 0.14/0.15 - 'Languages.Lib.php' Local File Inclusion
PHPdebug 1.1 - Debug_test.php Remote File Inclusion
PHPdebug 1.1 - 'Debug_test.php' Remote File Inclusion
eXtreme-fusion 4.02 - Fusion_Forum_View.php Local File Inclusion
eXtreme-fusion 4.02 - 'Fusion_Forum_View.php' Local File Inclusion
Easy Banner Pro 2.8 - info.php Remote File Inclusion
Edit-X - Edit_Address.php Remote File Inclusion
Easy Banner Pro 2.8 - 'info.php' Remote File Inclusion
Edit-X - 'Edit_Address.php' Remote File Inclusion
OpenEMR 2.8.2 - Import_XML.php Remote File Inclusion
OpenEMR 2.8.2 - 'Import_XML.php' Remote File Inclusion
PHPProbid 5.24 - Lang.php Remote File Inclusion
PHPProbid 5.24 - 'Lang.php' Remote File Inclusion
MySQLNewsEngine - Affichearticles.php3 Remote File Inclusion
MySQLNewsEngine - 'Affichearticles.php3' Remote File Inclusion
Meganoide's News 1.1.1 - Include.php Remote File Inclusion
Meganoide's News 1.1.1 - 'Include.php' Remote File Inclusion
Shop Kit Plus - StyleCSS.php Local File Inclusion
Shop Kit Plus - 'StyleCSS.php' Local File Inclusion
Pickle 0.3 - download.php Local File Inclusion
Active Calendar 1.2 - showcode.php Local File Inclusion
Pickle 0.3 - 'download.php' Local File Inclusion
Active Calendar 1.2 - 'showcode.php' Local File Inclusion
JCCorp URLShrink Free 1.3.1 - CreateURL.php Remote File Inclusion
JCCorp URLShrink Free 1.3.1 - 'CreateURL.php' Remote File Inclusion
Weekly Drawing Contest 0.0.1 - Check_Vote.php Local File Inclusion
Weekly Drawing Contest 0.0.1 - 'Check_Vote.php' Local File Inclusion
WordPress < 2.1.2 - PHP_Self Cross-Site Scripting
WordPress < 2.1.2 - 'PHP_Self' Cross-Site Scripting
Satel Lite - Satellite.php Local File Inclusion
Satel Lite - 'Satellite.php' Local File Inclusion
eCardMAX HotEditor 4.0 - Keyboard.php Local File Inclusion
eCardMAX HotEditor 4.0 - 'Keyboard.php' Local File Inclusion
MyNews 4.2.2 - Week_Events.php Remote File Inclusion
MyNews 4.2.2 - 'Week_Events.php' Remote File Inclusion
Web Service Deluxe News Manager 1.0.1 Deluxe - footer.php Local File Inclusion
Actionpoll 1.1 - Actionpoll.php Remote File Inclusion
Web Service Deluxe News Manager 1.0.1 Deluxe - 'footer.php' Local File Inclusion
Actionpoll 1.1 - 'Actionpoll.php' Remote File Inclusion
Fully Modded PHPBB2 - phpbb_root_path Remote File Inclusion
Fully Modded PHPBB2 - 'phpbb_root_path' Remote File Inclusion
PHP Turbulence 0.0.1 - Turbulence.php Remote File Inclusion
PHP Turbulence 0.0.1 - 'Turbulence.php' Remote File Inclusion
Allfaclassifieds 6.04 - Level2.php Remote File Inclusion
PHPMyBibli 1.32 - Init.Inc.php Remote File Inclusion
Allfaclassifieds 6.04 - 'Level2.php' Remote File Inclusion
PHPMyBibli 1.32 - 'Init.Inc.php' Remote File Inclusion
ACVSWS - Transport.php Remote File Inclusion
ACVSWS - 'Transport.php' Remote File Inclusion
Lms 1.5.x - RTMessageAdd.php Remote File Inclusion
Lms 1.5.x - 'RTMessageAdd.php' Remote File Inclusion
MyNewsGroups 0.6 - Include.php Remote File Inclusion
PHPMyTGP 1.4 - AddVIP.php Remote File Inclusion
MyNewsGroups 0.6 - 'Include.php' Remote File Inclusion
PHPMyTGP 1.4 - 'AddVIP.php' Remote File Inclusion
Comus 2.0 - Accept.php Remote File Inclusion
Comus 2.0 - 'Accept.php' Remote File Inclusion
HTMLEditBox 2.2 - config.php Remote File Inclusion
DynaTracker 1.5.1 - includes_handler.php base_path Remote File Inclusion
DynaTracker 1.5.1 - action.php base_path Remote File Inclusion
HTMLEditBox 2.2 - 'config.php' Remote File Inclusion
DynaTracker 1.5.1 - 'includes_handler.php' 'base_path' Remote File Inclusion
DynaTracker 1.5.1 - 'action.php' 'base_path' Remote File Inclusion
Doruk100Net - Info.php Remote File Inclusion
Doruk100Net - 'Info.php' Remote File Inclusion
PHPSecurityAdmin 4.0.2 - Logout.php Remote File Inclusion
PHPSecurityAdmin 4.0.2 - 'Logout.php' Remote File Inclusion
PHP Content Architect 0.9 pre 1.2 - MFA_Theme.php Remote File Inclusion
PHP Content Architect 0.9 pre 1.2 - 'MFA_Theme.php' Remote File Inclusion
PHPHostBot 1.05 - Authorize.php Remote File Inclusion
PHPHostBot 1.05 - 'Authorize.php' Remote File Inclusion
PHMe 0.0.2 - Function_List.php Local File Inclusion
PHMe 0.0.2 - 'Function_List.php' Local File Inclusion
VietPHP - _functions.php dirpath Parameter Remote File Inclusion
VietPHP - admin/index.php language Parameter Remote File Inclusion
VietPHP - '_functions.php' dirpath Parameter Remote File Inclusion
VietPHP - 'admin/index.php' language Parameter Remote File Inclusion
Coppermine Photo Gallery 1.3/1.4 - YABBSE.INC.php Remote File Inclusion
Coppermine Photo Gallery 1.3/1.4 - 'YABBSE.INC.php' Remote File Inclusion
Shoutbox 1.0 - Shoutbox.php Remote File Inclusion
Shoutbox 1.0 - 'Shoutbox.php' Remote File Inclusion
Web News 1.1 - feed.php config[root_ordner] Parameter Remote File Inclusion
Web News 1.1 - news.php config[root_ordner] Parameter Remote File Inclusion
Lib2 PHP Library 0.2 - My_Statistics.php Remote File Inclusion
Web News 1.1 - 'feed.php' 'config[root_ordner]' Parameter Remote File Inclusion
Web News 1.1 - 'news.php' 'config[root_ordner]' Parameter Remote File Inclusion
Lib2 PHP Library 0.2 - 'My_Statistics.php' Remote File Inclusion
Dalai Forum 1.1 - forumreply.php Local File Inclusion
Firesoft - Class_TPL.php Remote File Inclusion
Dalai Forum 1.1 - 'forumreply.php' Local File Inclusion
Firesoft - 'Class_TPL.php' Remote File Inclusion
PHP-Nuke 8.0 - autohtml.php Local File Inclusion
PHP-Nuke 8.0 - 'autohtml.php' Local File Inclusion
Content Builder 0.7.5 - postComment.php Remote File Inclusion
Content Builder 0.7.5 - 'postComment.php' Remote File Inclusion
Jeebles Technology Jeebles Directory 2.9.60 - download.php Local File Inclusion
Jeebles Technology Jeebles Directory 2.9.60 - 'download.php' Local File Inclusion
PHPbasic basicFramework 1.0 - Includes.php Remote File Inclusion
PHPbasic basicFramework 1.0 - 'Includes.php' Remote File Inclusion
Galmeta Post 0.2 - Upload_Config.php Remote File Inclusion
Galmeta Post 0.2 - 'Upload_Config.php' Remote File Inclusion
MyBlog 1.x - Games.php ID Remote File Inclusion
MyBlog 1.x - 'Games.php' 'ID' Remote File Inclusion
PHPMyTourney 2 - tourney/index.php Remote File Inclusion
PHPMyTourney 2 - 'tourney/index.php' Remote File Inclusion
W-Agora 4.0 - add_user.php bn_dir_default Parameter Remote File Inclusion
W-Agora 4.0 - create_forum.php bn_dir_default Parameter Remote File Inclusion
W-Agora 4.0 - create_user.php bn_dir_default Parameter Remote File Inclusion
W-Agora 4.0 - delete_notes.php bn_dir_default Parameter Remote File Inclusion
W-Agora 4.0 - delete_user.php bn_dir_default Parameter Remote File Inclusion
W-Agora 4.0 - edit_forum.php bn_dir_default Parameter Remote File Inclusion
W-Agora 4.0 - mail_users.php bn_dir_default Parameter Remote File Inclusion
W-Agora 4.0 - moderate_notes.php bn_dir_default Parameter Remote File Inclusion
W-Agora 4.0 - reorder_forums.php bn_dir_default Parameter Remote File Inclusion
W-Agora 4.0 - 'add_user.php' bn_dir_default Parameter Remote File Inclusion
W-Agora 4.0 - 'create_forum.php' bn_dir_default Parameter Remote File Inclusion
W-Agora 4.0 - 'create_user.php' bn_dir_default Parameter Remote File Inclusion
W-Agora 4.0 - 'delete_notes.php' bn_dir_default Parameter Remote File Inclusion
W-Agora 4.0 - 'delete_user.php' bn_dir_default Parameter Remote File Inclusion
W-Agora 4.0 - 'edit_forum.php' bn_dir_default Parameter Remote File Inclusion
W-Agora 4.0 - 'mail_users.php' bn_dir_default Parameter Remote File Inclusion
W-Agora 4.0 - 'moderate_notes.php' bn_dir_default Parameter Remote File Inclusion
W-Agora 4.0 - 'reorder_forums.php' bn_dir_default Parameter Remote File Inclusion
XOOPS 2.0.18 - modules/system/admin.php fct Parameter Traversal Local File Inclusion
XOOPS 2.0.18 - 'modules/system/admin.php' 'fct' Parameter Traversal Local File Inclusion
Allied Telesis AT-RG634A ADSL Broadband Router - Unauthenticated Webshell
Allied Telesis AT-RG634A ADSL Broadband Router - Unauthenticated Web Shell
C99Shell 1.0 Pre-Release build 16 - 'ch99.php' Cross-Site Scripting
C99Shell 1.0 Pre-Release build 16 (Web Shell) - 'ch99.php' Cross-Site Scripting
C99 Shell - 'c99.php' Authentication Bypass
C99Shell (Web Shell) - 'c99.php' Authentication Bypass
W-Agora 4.2.1 - search.php3 bn Parameter Traversal Local File Inclusion
W-Agora 4.2.1 - 'search.php3' 'bn' Parameter Traversal Local File Inclusion
Andy's PHP KnowledgeBase 0.95.4 - 'step5.php' Remote PHP Code Execution
Andy's PHP KnowledgeBase 0.95.4 - 'step5.php' PHP Remote Code Execution
MySQLDumper 1.24.4 - 'menu.php' Remote PHP Code Execution
MySQLDumper 1.24.4 - 'menu.php' PHP Remote Code Execution
Microweber 1.0.3 - Arbitrary File Upload / Filter Bypass / Remote PHP Code Execution
Microweber 1.0.3 - Arbitrary File Upload / Filter Bypass / PHP Remote Code Execution
Zend Framework 2.4.2 - XML eXternal Entity Injection (XXE) on PHP FPM
Zend Framework 2.4.2 - PHP FPM XML eXternal Entity Injection
Nuts CMS - Remote PHP Code Injection / Execution
Nuts CMS - PHP Remote Code Injection / Execution
WordPress Plugin WP Super Cache - Remote PHP Code Execution
WordPress Plugin WP Super Cache - PHP Remote Code Execution
b374k Web Shell 3.2.3/2.8 - Cross-Site Request Forgery / Command Injection
b374k 3.2.3/2.8 (Web Shell) - Cross-Site Request Forgery / Command Injection
Ovidentia online Module 2.8 - GLOBALS[babAddonPhpPath] Remote File Inclusion
Ovidentia online Module 2.8 - 'GLOBALS[babAddonPhpPath]' Remote File Inclusion
XOOPS Glossaire Module- '/modules/glossaire/glossaire-aff.php' SQL Injection
XOOPS Glossaire Module - '/modules/glossaire/glossaire-aff.php' SQL Injection
ZKTeco ZKBioSecurity 3.0 - Hard-Coded Credentials Remote SYSTEM Code Execution
ZKTeco ZKBioSecurity 3.0 - Hard-Coded Credentials SYSTEM Remote Code Execution
Apache - HTTP OPTIONS Memory Leak
Apache < 2.2.34 / < 2.4.27 - HTTP OPTIONS Memory Leak
Foodspotting Clone 1.0 - SQL Injection
iTech Gigs Script 1.20 - 'cat' Parameter SQL Injection
Tecnovision DLX Spot - Authentication Bypass
Tecnovision DLX Spot - Arbitrary File Upload
2017-09-20 05:01:20 +00:00
Offensive Security
ef4c288da7
DB: 2017-09-19
...
16 new exploits
Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow (PoC) (MS06-005) (1)
Microsoft Windows Media Player 7.1 < 10 - '.BMP' Heap Overflow (PoC) (MS06-005) (1)
Cam2pc 4.6.2 - BMP Image Processing Integer Overflow
Cam2pc 4.6.2 - '.BMP' Image Processing Integer Overflow
Microsoft Internet Explorer 5.0.1 - JPEG Image Rendering Unspecified Buffer Overflow
Microsoft Internet Explorer 5.0.1 - JPEG Image Rendering CMP Fencepost Denial of Service
Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Unspecified Buffer Overflow
Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering CMP Fencepost Denial of Service
Apple QuickTime 6.4/6.5/7.0.x - PictureViewer JPEG/PICT File Buffer Overflow
Apple QuickTime 6.4/6.5/7.0.x - PictureViewer '.JPEG'/.PICT' File Buffer Overflow
Tony Cook Imager 0.4x - JPEG and TGA Images Denial of Service
Tony Cook Imager 0.4x - '.JPEG' / '.TGA' Images Denial of Service
Microsoft Windows Kernel - 'win32k!NtQueryCompositionSurfaceBinding' Stack Memory Disclosure
Microsoft Windows Kernel - 'win32k!NtGdiGetFontResourceInfoInternalW' Stack Memory Disclosure
Microsoft Windows Kernel - 'win32k!NtGdiGetGlyphOutline' Pool Memory Disclosure
Microsoft Windows Kernel - 'win32k!NtGdiGetPhysicalMonitorDescription' Stack Memory Disclosure
Microsoft Windows Kernel - 'nt!NtSetIoCompletion / nt!NtRemoveIoCompletion' Pool Memory Disclosure
Microsoft Windows Kernel win32k.sys TTF Font Processing - Out-of-Bounds Reads/Writes with Malformed 'fpgm' table (win32k!bGeneratePath)
Microsoft Windows Kernel win32k.sys TTF Font Processing - Out-of-Bounds Read with Malformed _glyf_ Table (win32k!fsc_CalcGrayRow)
Microsoft Windows Kernel - 'win32k!NtGdiEngCreatePalette' Stack Memory Disclosure
Microsoft Windows Kernel - 'win32k!NtGdiDoBanding' Stack Memory Disclosure
Adobe Reader X 10.1.4.38 - BMP/RLE Heap Corruption
Adobe Reader X 10.1.4.38 - '.BMP'/'.RLE' Heap Corruption
XV 3.x - BMP Parsing Local Buffer Overflow
XV 3.x - '.BMP' Parsing Local Buffer Overflow
Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow (PoC) (MS06-005) (2)
Microsoft Windows Media Player 7.1 < 10 - '.BMP' Heap Overflow (PoC) (MS06-005) (2)
GeoVision Digital Surveillance System 6.0 4/6.1 - Unauthorized JPEG Image Access
GeoVision Digital Surveillance System 6.0 4/6.1 - Unauthorized '.JPEG' Image Access
Kaseya Virtual System Administrator (VSA) - uploader.aspx Arbitrary File Upload (Metasploit)
Kaseya Virtual System Administrator (VSA) - 'uploader.aspx' Arbitrary File Upload (Metasploit)
XOOPS 2.3.2 - (mydirname) Remote PHP Code Execution
XOOPS 2.3.2 - 'mydirname' Remote PHP Code Execution
Tuleap Project Wiki 8.3 < 9.6.99.86 - Command Injection
Digirez 3.4 - Cross-Site Request Forgery (Update Admin)
Digileave 1.2 - Cross-Site Request Forgery (Update Admin)
DigiAffiliate 1.4 - Cross-Site Request Forgery (Update Admin)
UTStar WA3002G4 ADSL Broadband Modem - Authentication Bypass
iBall ADSL2+ Home Router - Authentication Bypass
Apache - HTTP OPTIONS Memory Leak
2017-09-19 05:01:33 +00:00
Offensive Security
bc6f82924c
DB: 2017-09-18
...
3 new exploits
Netdecision 5.8.2 - Local Privilege Escalation
PTCEvolution 5.50 - SQL Injection
Contact Manager 1.0 - 'femail' Parameter SQL Injection
2017-09-18 05:01:20 +00:00
Offensive Security
db8b5bc2fe
DB: 2017-09-16
...
6 new exploits
D-Link (Wireless Access Point) - (Fragmented UDP) Denial of Service
D-Link Wireless Access Point - Fragmented UDP Denial of Service
D-Link Router - UPNP Stack Overflow Denial of Service (PoC)
D-Link Devices - UPNP Stack Overflow Denial of Service (PoC)
Jungo DriverWizard WinDriver <= 12.4.0 - Kernel Pool Overflow
Jungo DriverWizard WinDriver < 12.4.0 - Kernel Pool Overflow Privilege Escalation
MusicDaemon 0.0.3 - Remote Denial of Service / /etc/shadow Stealer (2)
MusicDaemon 0.0.3 - Remote Denial of Service / '/etc/shadow' Stealer (2)
D-Link (DWL Series) Access-Point 2.10na - Config Disclosure
D-Link DWL Series Access-Point 2.10na - Config Disclosure
Microsoft Internet Explorer 4/5 - DHTML Edit ActiveX Control File Stealing and Cross Frame Access
Microsoft Internet Explorer 4/5 - DHTML Edit ActiveX Control File Stealing / Cross Frame Access
D-Link Airspot DSA-3100 Gateway - Login_error.SHTML Cross-Site Scripting
D-Link Airspot DSA-3100 Gateway - 'Login_error.SHTML' Cross-Site Scripting
D-Link - Authentication.cgi Buffer Overflow (Metasploit)
D-Link - hedwig.cgi Buffer Overflow in Cookie Header (Metasploit)
D-Link Devices - Authentication.cgi Buffer Overflow (Metasploit)
D-Link Devices - 'hedwig.cgi' Buffer Overflow in Cookie Header (Metasploit)
D-Link - info.cgi POST Request Buffer Overflow (Metasploit)
D-Link Devices - 'info.cgi' POST Request Buffer Overflow (Metasploit)
D-Link - Unauthenticated UPnP M-SEARCH Multicast Command Injection (Metasploit)
D-Link Devices - Unauthenticated UPnP M-SEARCH Multicast Command Injection (Metasploit)
D-Link - Cookie Command Execution (Metasploit)
D-Link Devices - Cookie Command Execution (Metasploit)
D-Link ADSL Router DSL-2730U/2750U/2750E - Remote File Disclosure
D-Link DSL-2730U/2750U/2750E ADSL Router - Remote File Disclosure
Dlink DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit)
D-Link DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit)
Astaro Security Gateway 7 - Remote Code Execution
D-link DIR-600M - Cross-Site Request Forgery
D-Link DIR-600M - Cross-Site Request Forgery
DLink DSL-2730U Wireless N 150 - Cross-Site Request Forgery
D-Link DSL-2730U Wireless N 150 - Cross-Site Request Forgery
XYZ Auto Classifieds 1.0 - SQL Injection
Consumer Review Script 1.0 - SQL Injection
D-Link DIR8xx Routers - Leak Credentials
D-Link DIR8xx Routers - Root Remote Code Execution
D-Link DIR8xx Routers - Local Firmware Upload
2017-09-16 05:01:22 +00:00
Offensive Security
6e81f8d635
DB: 2017-09-15
...
13 new exploits
MPlayer - '.SAMI' Subtitle File Buffer Overflow (DEP Bypass) (Metasploit)
Trend Micro Control Manager - ImportFile Directory Traversal RCE (Metasploit)
Trend Micro Control Manager - ImportFile Directory Traversal Remote Code Execution (Metasploit)
EMC AlphaStor Library Manager < 4.0 build 910 - Opcode 0x4f Buffer Overflow (Metasploit)
EMC AlphaStor Device Manager - Opcode 0x72 Buffer Overflow (Metasploit)
Lockstep Backup for Workgroups 4.0.3 - Buffer Overflow (Metasploit)
Disk Pulse Server 2.2.34 - GetServerInfo Buffer Overflow (Metasploit)
haneWIN DNS Server 1.5.3 - Buffer Overflow (Metasploit)
KingScada AlarmServer 3.1.2.13 - Stack Buffer Overflow (Metasploit)
Cloudview NMS 2.00b - Writable Directory Traversal Execution (Metasploit)
Enterprise Edition Payment Processor Script 3.7 - SQL Injection
Adserver Script 5.6 - SQL Injection
PTC KSV1 Script 1.7 - 'type' Parameter SQL Injection
Theater Management Script - SQL Injection
Justdial Clone Script - 'fid' Parameter SQL Injection
2017-09-15 05:01:22 +00:00
Offensive Security
183eb53e48
DB: 2017-09-14
...
44 new exploits
Mako Web Server 2.5 - Multiple Vulnerabilities
ZScada Modbus Buffer 2.0 - Stack-Based Buffer Overflow (Metasploit)
Trend Micro Control Manager - ImportFile Directory Traversal RCE (Metasploit)
Viap Automation WinPLC7 5.0.45.5921 - Recv Buffer Overflow (Metasploit)
Sielco Sistemi Winlog 2.07.16 - Buffer Overflow (Metasploit)
Alienvault Open Source SIEM (OSSIM) < 4.8.0 - 'get_file' Information Disclosure (Metasploit)
Motorola Netopia Netoctopus SDCS - Stack Buffer Overflow (Metasploit)
Alienvault Open Source SIEM (OSSIM) < 4.7.0 - 'get_license' Remote Command Execution (Metasploit)
Infinite Automation Mango Automation - Command Injection (Metasploit)
Fatek Automation PLC WinProladder 3.11 Build 14701 - Stack-Based Buffer Overflow (Metasploit)
EMC CMCNE Inmservlets.war FileUploadController 11.2.1 - Remote Code Execution (Metasploit)
EMC CMCNE 11.2.1 - FileUploadController Remote Code Execution (Metasploit)
Dameware Mini Remote Control 4.0 - Username Stack Buffer Overflow (Metasploit)
Cloudview NMS < 2.00b - Arbitrary File Upload (Metasploit)
Alienvault OSSIM av-centerd Util.pm sync_rserver - Command Execution (Metasploit)
Alienvault OSSIM av-centerd 4.7.0 - 'get_log_line' Command Injection (Metasploit)
Microsoft Windows .NET Framework - Remote Code Execution
ICLowBidAuction 3.3 - SQL Injection
ICMLM 2.1 - 'key' Parameter SQL Injection
ICHotelReservation 3.3 - 'key' Parameter SQL Injection
ICAuction 2.2 - 'id' Parameter SQL Injection
ICDoctor Appointment 1.3 - 'key' Parameter SQL Injection
ICRestaurant software 1.4 - 'key' Parameter SQL Injection
ICDutchAuction 1.2 - SQL Injection
ICAutosales 2.2 - SQL Injection
ICTraveling 2.2 - Authentication Bypass
ICStudents 1.2 - 'key' Parameter SQL Injection
ICClassifieds 1.1 - SQL Injection
ICSurvey 1.1 - SQL Injection
ICJewelry 1.1 - 'key' Parameter SQL Injection
IC-T-Shirt 1.2 - 'key' Parameter SQL Injection
ICProductConfigurator 1.1 - 'key' Parameter SQL Injection
ICGrocery 1.1 - 'key' Parameter SQL Injection
ICCallLimousine 1.1 - 'key' Parameter SQL Injection
ICProjectBidding 1.1 - SQL Injection
ICDental Clinic 1.2 - 'key' Parameter SQL Injection
ICEstate 1.1 - 'id' Parameter SQL Injection
ICHelpDesk 1.1 - 'pk' Parameter SQL Injection
ICSiteBuilder 1.1 - SQL Injection
ICAffiliateTracking 1.1 - Authentication Bypass
Indusoft Web Studio - Directory Traversal Information Disclosure (Metasploit)
Carlo Gavazzi Powersoft 2.1.1.1 - Directory Traversal File Disclosure (Metasploit)
Carel PlantVisor 2.4.4 - Directory Traversal Information Disclosure (Metasploit)
Carel PlantVisor 2.4.4 - Directory Traversal
2017-09-14 05:01:22 +00:00
Offensive Security
590c03106b
DB: 2017-09-13
...
15 new exploits
tcprewrite - Heap-Based Buffer Overflow
WebKit JSC - 'BytecodeGenerator::emitGetByVal' Incorrect Optimization
Docker Daemon - Unprotected TCP Socket
Jungo DriverWizard WinDriver <= 12.4.0 - Kernel Pool Overflow
Osticket 1.9.14 - 'X-Forwarded-For' Cross-Site Scripting
osTicket 1.9.14 - 'X-Forwarded-For' Cross-Site Scripting
PHP Dashboards NEW 4.4 - Arbitrary File Read
PHP Dashboards NEW 4.4 - SQL Injection
JobStar Monster Clone Script 1.0 - SQL Injection
iTech Book Store Script 2.02 - SQL Injection
iTech StockPhoto Script 2.02 - SQL Injection
EduStar Udemy Clone Script 1.0 - SQL Injection
AirStar Airbnb Clone Script 1.0 - SQL Injection
osTicket 1.10 - SQL Injection
FoodStar 1.0 - SQL Injection
Gr8 Multiple Search Engine Script 1.0 - SQL Injection
inClick Cloud Server 5.0 - SQL Injection
2017-09-13 05:01:22 +00:00
Offensive Security
36667e62bc
DB: 2017-09-12
...
6 new exploits
Docker Daemon - Unprotected TCP Socket (Metasploit)
Linux/ARM (Raspberry Pi) - Bind TCP /bin/sh Shell (4444/TCP) Shellcode (192 bytes)
Linux/ARM (Raspberry Pi) - Reverse TCP /bin/sh Shell (192.168.0.12:4444/TCP) Shellcode (160 bytes)
Nimble Professional 1.0 - Cross-Site Request Forgery (Update Admin)
FiberHome ADSL AN1020-25 - Improper Access Restrictions
WiseGiga NAS - Multiple Vulnerabilities
2017-09-12 05:01:25 +00:00
Offensive Security
7744909119
DB: 2017-09-11
...
11 new exploits
Just Dial Marketplace Script - Authentication Bypass
Just Dial Marketplace - Authentication Bypass
Online Print Business 1.0 - SQL Injection
Escort Marketplace 1.0 - SQL Injection
Babysitter Website Script 1.0 - SQL Injection
Job Board Software 1.0 - SQL Injection
RPi Cam Control <= 6.3.14 - Multiple Vulnerabilities
Just Dial Marketplace 1.0 - SQL Injection
Professional Service Booking 1.0 - SQL Injection
Restaurant Website Script 1.0 - SQL Injection
Law Firm 1.0 - SQL Injection
Topsites Script 1.0 - Cross-Site Request Forgery / PHP Code Injection
My Builder Marketplace 1.0 - SQL Injection
2017-09-11 05:01:21 +00:00
Offensive Security
eabeaa97ef
DB: 2017-09-10
2017-09-10 05:01:26 +00:00
Offensive Security
8ab6c39fe1
DB: 2017-09-09
...
4 new exploits
Hexamail Server 3.0.0.001 - (pop3) Unauthenticated Remote Overflow (PoC)
Hexamail Server 3.0.0.001 - 'pop3' Unauthenticated Remote Overflow (PoC)
Noticeware E-mail Server 5.1.2.2 - (POP3) Unauthenticated Denial of Service
Noticeware E-mail Server 5.1.2.2 - 'POP3' Unauthenticated Denial of Service
BIND 8.2.2-P5 - Denial of Service
ISC BIND 8.2.2-P5 - Denial of Service
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (2)
Opera Web browser 7.54 java implementation - Multiple Vulnerabilities (2)
Photoshop CC2014 and Bridge CC 2014 - '.gif' Parsing Memory Corruption
Photoshop CC2014 and Bridge CC 2014 - '.png' Parsing Memory Corruption
Photoshop CC2014 / Bridge CC 2014 - '.gif' Parsing Memory Corruption
Photoshop CC2014 / Bridge CC 2014 - '.png' Parsing Memory Corruption
/usr/bin/trn - Local Exploit (not suid)
/usr/bin/trn (Not SUID) - Local Exploit
Oracle 10g - SYS.LT.COMPRESSWORKSPACETREE SQL Injection (1)
Oracle 10g - 'SYS.LT.COMPRESSWORKSPACETREE' SQL Injection (1)
Oracle 10g - SYS.LT.COMPRESSWORKSPACETREE SQL Injection (2)
Oracle 10g - 'SYS.LT.COMPRESSWORKSPACETREE' SQL Injection (2)
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (4)
Opera Web browser 7.54 java implementation - Multiple Vulnerabilities (4)
Jungo DriverWizard WinDriver - Kernel Pool Overflow
Jungo DriverWizard WinDriver - Kernel Out-of-Bounds Write Privilege Escalation
Jungo DriverWizard WinDriver < 12.4.0 - Kernel Pool Overflow Privilege Escalation
Jungo DriverWizard WinDriver < v12.4.0 - Kernel Out-of-Bounds Write Privilege Escalation
ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution (1)
ProFTPd 1.2.9 rc2 - '.ASCII' File Remote Code Execution (1)
BIND 8.2.x - 'TSIG' Stack Overflow (1)
BIND 8.2.x - 'TSIG' Stack Overflow (2)
BIND 8.2.x - 'TSIG' Stack Overflow (3)
BIND 8.2.x - 'TSIG' Stack Overflow (4)
ISC BIND 8.2.x - 'TSIG' Stack Overflow (1)
ISC BIND 8.2.x - 'TSIG' Stack Overflow (2)
ISC BIND 8.2.x - 'TSIG' Stack Overflow (3)
ISC BIND 8.2.x - 'TSIG' Stack Overflow (4)
Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (1)
Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (2)
Mercury/32 Mail Server 4.01 - 'Pegasus' IMAP Buffer Overflow (1)
Mercury/32 Mail Server 4.01 - 'Pegasus' IMAP Buffer Overflow (2)
Mercur MailServer 5.0 SP3 - (IMAP) Remote Buffer Overflow (1)
Mercur MailServer 5.0 SP3 - 'IMAP' Remote Buffer Overflow (1)
Mercur MailServer 5.0 SP3 - (IMAP) Remote Buffer Overflow (2)
Mercur MailServer 5.0 SP3 - 'IMAP' Remote Buffer Overflow (2)
QK SMTP 3.01 - (RCPT TO) Remote Buffer Overflow (1)
QK SMTP 3.01 - 'RCPT TO' Remote Buffer Overflow (1)
ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution (2)
ProFTPd 1.2.9 rc2 - '.ASCII' File Remote Code Execution (2)
QK SMTP 3.01 - (RCPT TO) Remote Buffer Overflow (2)
QK SMTP 3.01 - 'RCPT TO' Remote Buffer Overflow (2)
ProSysInfo TFTP server TFTPDWIN 0.4.2 - Remote Buffer Overflow (1)
ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Remote Buffer Overflow (1)
BIND 9.4.1 < 9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (Metasploit)
BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (Python)
BIND 9.4.1 < 9.4.2 - Remote DNS Cache Poisoning Exploit (Metasploit)
BIND 9.x - Remote DNS Cache Poisoning Exploit (Python)
BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit
BIND 9.x - Remote DNS Cache Poisoning Exploit
BIND 9.5.0-P2 - (randomized ports) Remote DNS Cache Poisoning Exploit
BIND 9.5.0-P2 - 'Randomized Ports' Remote DNS Cache Poisoning Exploit
Belkin Wireless G router + ADSL2 modem - Authentication Bypass
Belkin Wireless G Router / ADSL2 Modem - Authentication Bypass
Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray (1)
Mozilla Firefox 3.5 - 'Font tags' Remote Heap Spray (1)
Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray (2)
Mozilla Firefox 3.5 - 'Font tags' Remote Heap Spray (2)
Solaris in.TelnetD - 'TTYPROMPT' Buffer Overflow (Metasploit)
Solaris TelnetD - 'TTYPROMPT' Buffer Overflow (Metasploit)
Solaris in.TelnetD - TTYPROMPT Buffer Overflow (Metasploit)
Solaris TelnetD - 'TTYPROMPT' Buffer Overflow (Metasploit)
Multiple OSes - BIND Buffer Overflow (1)
Multiple OSes - BIND Buffer Overflow (2)
ISC BIND (Linux/BSD) - Buffer Overflow (1)
ISC BIND (Multiple OSes) - Buffer Overflow (2)
Oracle 10g Database - SUBSCRIPTION_NAME SQL Injection (1)
Oracle 10g Database - SUBSCRIPTION_NAME SQL Injection (2)
Oracle 10g Database - 'SUBSCRIPTION_NAME' SQL Injection (1)
Oracle 10g Database - 'SUBSCRIPTION_NAME' SQL Injection (2)
Shuttle Tech ADSL Modem-Router 915 WM - Unauthenticated Remote DNS Change
Shuttle Tech ADSL Modem/Router 915 WM - Unauthenticated Remote DNS Change
Poison Ivy 2.1.x - C2 Buffer Overflow (Metasploit)
Poison Ivy 2.1.x (C2 Server) - Buffer Overflow (Metasploit)
Gh0st Client - Buffer Overflow (Metasploit)
Gh0st Client (C2 Server) - Buffer Overflow (Metasploit)
zFeeder 1.6 - 'admin.php' Unauthenticated
zFeeder 1.6 - 'admin.php' Unauthenticated Admin Bypass
CompactCMS 1.4.0 - (tiny_mce) Arbitrary File Upload
CompactCMS 1.4.0 - 'tiny_mce' Arbitrary File Upload
Achievo 1.4.3 - Multiple Authorisation Flaws
Achievo 1.4.3 - Multiple Authorisation Vulnerabilities
CompactCMS 1.4.1 - Multiple Vulnerabilities
phpDenora 1.4.6 - Multiple SQL Injections
Joomla! Component 'com_niceajaxpoll' 1.3.0 - SQL Injection
Psunami Bulletin Board 0.x - Psunami.cgi Remote Command Execution (1)
Psunami Bulletin Board 0.x - Psunami.cgi Remote Command Execution (2)
Psunami Bulletin Board 0.x - 'Psunami.cgi' Remote Command Execution (1)
Psunami Bulletin Board 0.x - 'Psunami.cgi' Remote Command Execution (2)
CompactCMS 1.4.1 - Multiple Cross-Site Scripting Vulnerabilities (2)
PlaySms 1.4 - Remote Code Execution
PlaySMS 1.4 - 'sendfromfile.php' Remote Code Execution / Unrestricted File Upload
Ultimate HR System <= 1.2 - Directory Traversal / Cross-Site Scripting
Ultimate HR System < 1.2 - Directory Traversal / Cross-Site Scripting
EzBan 5.3 - 'id' Parameter SQL Injection
EzInvoice 6.02 - SQL Injection
Roteador Wireless Intelbras WRN150 - Cross-Site Scripting
Huawei HG255s - Directory Traversal
2017-09-09 05:01:22 +00:00
Offensive Security
67b3da92e4
DB: 2017-09-08
...
4 new exploits
Tor - Linux Sandbox Breakout via X11
Tor (Linux) - X11 Linux Sandbox Breakout
Apache Struts 2.5 < 2.5.12 - REST Plugin XStream Remote Code Execution
Gh0st Client - Buffer Overflow (Metasploit)
TerraMaster F2-420 NAS TOS 3.0.30 - Unauthenticated Remote Code Execution as Root
TerraMaster F2-420 NAS TOS 3.0.30 - Unauthenticated Root Remote Code Execution
Ultimate HR System <= 1.2 - Directory Traversal / Cross-Site Scripting
Online Invoice System 3.0 - SQL Injection
2017-09-08 05:01:20 +00:00
Offensive Security
a1eeba1263
DB: 2017-09-07
...
9 new exploits
Sambar FTP Server 6.4 - (SIZE) Remote Denial of Service
Sambar FTP Server 6.4 - 'SIZE' Remote Denial of Service
Samba 3.0.29 (client) - 'receive_smb_raw()' Buffer Overflow (PoC)
Samba 3.0.29 (Client) - 'receive_smb_raw()' Buffer Overflow (PoC)
2WIRE DSL Router (xslt) - Denial of Service
2WIRE DSL Router - 'xslt' Denial of Service
ooVoo 1.7.1.35 - (URL Protocol) Remote Unicode Buffer Overflow (PoC)
ooVoo 1.7.1.35 - 'URL Protocol' Remote Unicode Buffer Overflow (PoC)
Optimal Archive 1.38 - '.zip' File (SEH) (PoC)
Optimal Archive 1.38 - '.zip' File Exploit (SEH) (PoC)
Subtitle Translation Wizard 3.0.0 - (SEH) (PoC)
Subtitle Translation Wizard 3.0.0 - Exploit (SEH) (PoC)
Virtual DJ Trial 6.1.2 - Buffer Overflow (SEH) Crash (PoC)
Virtual DJ Trial 6.1.2 - Buffer Overflow Crash (SEH) (PoC)
VideoLAN VLC Media Player 1.1.9 - XSPF Local File Integer Overflow in XSPF Playlist parser
VideoLAN VLC Media Player 1.1.9 - XSPF Playlist Local File Integer Overflow
Winlog Lite SCADA HMI system - (SEH) Overwrite
Winlog Lite SCADA HMI system - Overwrite (SEH)
FL Studio 10 Producer Edition - (SEH) Buffer Overflow (PoC)
FL Studio 10 Producer Edition -Buffer Overflow (SEH) (PoC)
Sony PC Companion 2.1 - (DownloadURLToFile()) Stack Based Unicode Buffer Overflow
Sony PC Companion 2.1 - (Load()) Stack Based Unicode Buffer Overflow
Sony PC Companion 2.1 - (CheckCompatibility()) Stack Based Unicode Buffer Overflow
Sony PC Companion 2.1 - (Admin_RemoveDirectory()) Stack Based Unicode Buffer Overflow
Sony PC Companion 2.1 - 'DownloadURLToFile()' Stack Based Unicode Buffer Overflow
Sony PC Companion 2.1 - 'Load()' Stack Based Unicode Buffer Overflow
Sony PC Companion 2.1 - 'CheckCompatibility()' Stack Based Unicode Buffer Overflow
Sony PC Companion 2.1 - 'Admin_RemoveDirectory()' Stack Based Unicode Buffer Overflow
Sambar Server 6.0 - results.stm Post Request Buffer Overflow
Sambar Server 6.0 - 'results.stm' POST Request Buffer Overflow
Samba nttrans Reply - Integer Overflow
Samba 3.5.22/3.6.17/4.0.8 - nttrans Reply Integer Overflow
Mediacoder 0.8.33 build 5680 - '.m3u' Buffer Overflow (SEH) Denial of Service
Mediacoder 0.8.33 build 5680 - '.lst' Buffer Overflow (SEH) Denial of Service
Mediacoder 0.8.33 build 5680 - '.m3u' Buffer Overflow (SEH) (Denial of Service)
Mediacoder 0.8.33 build 5680 - '.lst' Buffer Overflow (SEH) (Denial of Service)
i.FTP 2.21 - (SEH) Overflow Crash (PoC)
i.FTP 2.21 - Overflow Crash (SEH) (PoC)
Sam Spade 1.14 - Scan From IP Address Field (SEH) Overflow Crash (SEH) (PoC)
Sam Spade 1.14 - Scan From IP Address Field Overflow Crash (SEH) (PoC)
TECO SG2 FBD Client 3.51 - '.gfb' Overwrite (SEH) Buffer Overflow
TECO SG2 FBD Client 3.51 - '.gfb' Overwrite Buffer Overflow (SEH)
Network Scanner 4.0.0.0 - (SEH)Crash (PoC)
Network Scanner 4.0.0.0 - Crash (SEH) (PoC)
Zortam Mp3 Media Studio 20.15 - Overflow (SEH) Denial of Service
Zortam Mp3 Media Studio 20.15 - Overflow (SEH) (Denial of Service)
Symantec AntiVirus - Remote Stack Buffer Overflow in dec2lha Library
Symantec AntiVirus - 'dec2lha Library' Remote Stack Buffer Overflow
WebKit JSC - Heap Buffer Overflow in Intl.getCanonicalLocales
WebKit JSC - 'Intl.getCanonicalLocales' Heap Buffer Overflow
Firebird 1.0.2 FreeBSD 4.7-RELEASE - Privilege Escalation
Firebird 1.0.2 (FreeBSD 4.7-RELEASE) - Privilege Escalation
CyberLink Power2Go Essential 9.0.1002.0 - Registry Buffer Overflow (Unicode SEH)
CyberLink Power2Go Essential 9.0.1002.0 - Registry Buffer Overflow (SEH Unicode)
Quick Player 1.2 - Unicode Buffer Overflow
DJ Studio Pro 5.1.6.5.2 - (SEH) Exploit
Quick Player 1.2 - Unicode Buffer Overflow (1)
DJ Studio Pro 5.1.6.5.2 - Exploit (SEH)
Quick Player 1.2 - Unicode Buffer Overflow (Bindshell)
Quick Player 1.2 - Unicode Buffer Overflow (2)
Winamp 5.572 - (SEH) Exploit
Winamp 5.572 - Exploit (SEH)
ZipScan 2.2c - (SEH) Exploit
ZipScan 2.2c - Exploit (SEH)
Winamp 5.572 - 'whatsnew.txt' (SEH) (Metasploit)
Winamp 5.572 - 'whatsnew.txt' Exploit (SEH) (Metasploit)
Mediacoder 0.7.3.4672 - (SEH) Exploit
Mediacoder 0.7.3.4672 - Exploit (SEH)
SureThing CD Labeler (m3u/pls) - Unicode Stack Overflow (PoC)
SureThing CD Labeler - '.m3u/.pls' Unicode Stack Overflow (PoC)
MoreAmp - '.maf' Local Stack Buffer Overflow (SEH) (calc)
BlazeDVD 6.0 - '.plf' File (SEH) Universal Buffer Overflow
MoreAmp - '.maf' Local Stack Buffer Overflow (SEH)
BlazeDVD 6.0 - '.plf' File Universal Buffer Overflow (SEH)
ASX to MP3 Converter 3.1.2.1 - (SEH) Multiple OS ASLR + DEP Bypass (Metasploit)
ASX to MP3 Converter 3.1.2.1 - Multiple OS ASLR + DEP Bypass (SEH) (Metasploit)
MP3 Workstation 9.2.1.1.2 - (SEH) Exploit
MP3 Workstation 9.2.1.1.2 - Exploit (SEH)
DJ Studio Pro 8.1.3.2.1 - (SEH) Exploit
DJ Studio Pro 8.1.3.2.1 - Exploit (SEH)
MP3 Workstation 9.2.1.1.2 - (SEH) (Metasploit)
MP3 Workstation 9.2.1.1.2 - Exploit (SEH) (Metasploit)
iworkstation 9.3.2.1.4 - (SEH) Exploit
iworkstation 9.3.2.1.4 - Exploit (SEH)
Winamp 5.6 - Arbitrary Code Execution in MIDI Parser
Winamp 5.6 - 'MIDI Parser' Arbitrary Code Execution
BS.Player 2.57 - Buffer Overflow (Unicode SEH)
BS.Player 2.57 - Buffer Overflow (SEH Unicode)
Nokia MultiMedia Player 1.0 - (SEH Unicode)
Nokia MultiMedia Player 1.0 - Exploit (SEH Unicode)
POP Peeper 3.7 - (SEH) Exploit
POP Peeper 3.7 - Exploit (SEH)
Download Accelerator Plus (DAP) 9.7 - '.M3U' File Buffer Overflow (Unicode SEH)
Download Accelerator Plus (DAP) 9.7 - '.M3U' File Buffer Overflow (SEH Unicode)
BS.Player 2.57 - Buffer Overflow (Unicode SEH) (Metasploit)
BS.Player 2.57 - Buffer Overflow (SEH Unicode) (Metasploit)
DJ Studio Pro 5.1.6.5.2 - (SEH) (Metasploit)
DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) (Metasploit)
Samba 2.0.7 SWAT - Logfile Permissions
Samba 2.0.7 - SWAT Logfile Permissions
Static HTTP Server 1.0 - (SEH) Overflow
Static HTTP Server 1.0 - Overflow (SEH)
ALLPlayer 5.6.2 - '.m3u' File Local Buffer Overflow (Unicode SEH)
ALLPlayer 5.6.2 - '.m3u' File Local Buffer Overflow (SEH Unicode)
Light Alloy 4.7.3 - '.m3u' Buffer Overflow (SEH) 'UNICODE'
Light Alloy 4.7.3 - '.m3u' Buffer Overflow (SEH Unicode)
GOM Player 2.2.53.5169 - Buffer Overflow (SEH) (.reg)
GOM Player 2.2.53.5169 - '.reg' Buffer Overflow (SEH)
Quick Search 1.1.0.189 - 'search textbox Buffer Overflow (Unicode SEH) (Egghunter)
Quick Search 1.1.0.189 - search textbox Buffer Overflow (SEH Unicode) (Egghunter)
Total Commander 8.52 - Overwrite (SEH) Buffer Overflow
Total Commander 8.52 - Overwrite Buffer Overflow (SEH)
TECO SG2 LAD Client 3.51 - '.gen' Overwrite (SEH) Buffer Overflow
TECO JN5 L510-DriveLink 1.482 - '.lf5' Overwrite (SEH) Buffer Overflow
TECO SG2 LAD Client 3.51 - '.gen' Overwrite Buffer Overflow (SEH)
TECO JN5 L510-DriveLink 1.482 - '.lf5' Overwrite Buffer Overflow (SEH)
Jungo DriverWizard WinDriver - Kernel Pool Overflow
Jungo DriverWizard WinDriver - Kernel Out-of-Bounds Write Privilege Escalation
Tor - Linux Sandbox Breakout via X11
Samba < 2.2.8 (Linux/BSD) - Remote Code Execution
Samba 3.0.4 SWAT - Authorisation Buffer Overflow
Samba 3.0.4 - SWAT Authorisation Buffer Overflow
BigAnt Server 2.50 - GET Request Remote Buffer Overflow (SEH) Universal
BigAnt Server 2.50 - GET Request Universal Remote Buffer Overflow (SEH)
Samba 2.2.x - nttrans Overflow (Metasploit)
Samba 2.2.x - 'nttrans' Overflow (Metasploit)
BigAnt Server 2.52 - (SEH) Exploit
BigAnt Server 2.52 - Exploit (SEH)
File Sharing Wizard 1.5.0 - (SEH) Exploit
File Sharing Wizard 1.5.0 - Exploit (SEH)
Samba - 'Username' map script' Command Execution (Metasploit)
Samba 3.0.20 < 3.0.25rc3 - 'Username' map script' Command Execution (Metasploit)
Samba 2.2.8 (*BSD x86) - 'trans2open' Overflow Exploit (Metasploit)
Samba 2.2.8 (BSD x86) - 'trans2open' Overflow Exploit (Metasploit)
Samba 2.0.7 SWAT - Logging Failure
Samba 2.0.7 - SWAT Logging Failure
Sambar Server 4.4/5.0 - pagecount File Overwrite
Sambar Server 4.4/5.0 - 'pagecount' File Overwrite
Sambar Server 5.x - results.stm Cross-Site Scripting
Sambar Server 5.x - 'results.stm' Cross-Site Scripting
Samba SMB 2.2.x - CIFS/9000 Server A.01.x Packet Assembling Buffer Overflow
Samba 2.2.x - CIFS/9000 Server A.01.x Packet Assembling Buffer Overflow
BigAnt Server 2.52 SP5 - (SEH) Stack Overflow ROP-Based Exploit (ASLR + DEP Bypass)
BigAnt Server 2.52 SP5 - Stack Overflow ROP-Based Exploit (SEH) (ASLR + DEP Bypass)
Sambar 5.x - Open Proxy / Authentication Bypass
Sambar Server 5.x - Open Proxy / Authentication Bypass
Sambar Server 6.1 Beta 2 - show.asp show Parameter Cross-Site Scripting
Sambar Server 6.1 Beta 2 - showperf.asp title Parameter Cross-Site Scripting
Sambar Server 6.1 Beta 2 - showini.asp Arbitrary File Access
Sambar Server 6.1 Beta 2 - 'show.asp' show Parameter Cross-Site Scripting
Sambar Server 6.1 Beta 2 - 'showperf.asp' title Parameter Cross-Site Scripting
Sambar Server 6.1 Beta 2 - 'showini.asp' Arbitrary File Access
Sambar Server 5.x/6.0/6.1 - results.stm indexname Cross-Site Scripting
Sambar Server 5.x/6.0/6.1 - 'results.stm' indexname Cross-Site Scripting
Ruby 1.9.1 - WEBrick Terminal Escape Sequence in Logs Command Injection
Ruby 1.9.1 - WEBrick 'Terminal Escape Sequence in Logs' Command Injection
Varnish 2.0.6 - Terminal Escape Sequence in Logs Command Injection
Varnish 2.0.6 - 'Terminal Escape Sequence in Logs' Command Injection
Yaws 1.55 - Terminal Escape Sequence in Logs Command Injection
Orion Application Server 2.0.7 - Terminal Escape Sequence in Logs Command Injection
Yaws 1.55 - 'Terminal Escape Sequence in Logs' Command Injection
Orion Application Server 2.0.7 - 'Terminal Escape Sequence in Logs' Command Injection
Sysax Multi Server 6.50 - HTTP File Share Overflow (SEH) Remote Code Execution (SEH)
Sysax Multi Server 6.50 - HTTP File Share Overflow Remote Code Execution (SEH)
Easy File Sharing Web Server 7.2 - (SEH) Overflow (Egghunter)
Easy File Sharing Web Server 7.2 - Overflow (Egghunter) (SEH)
Samba - 'is_known_pipename()' Arbitrary Module Load (Metasploit)
Samba 3.5.0 < 4.4.14/4.5.10/4.6.4 - 'is_known_pipename()' Arbitrary Module Load (Metasploit)
WordPress Core & MU & Plugins - Privileges Unchecked in 'admin.php' / Multiple Information Disclosures
WordPress Core & MU & Plugins - 'admin.php' Privileges Unchecked / Multiple Information Disclosures
PHP-Nuke 8.0 - Cross-Site Scripting / HTML Code Injection in News Module
PHP-Nuke 8.0 - ' News Module Cross-Site Scripting / HTML Code Injection
PHP-decoda - Cross-Site Scripting In Video Tag
PHP-decoda - 'Video Tag' Cross-Site Scripting
vBulletin 4.x/5.x - Authenticated Persistent Cross-Site Scripting in AdminCP/ApiLog via xmlrpc API
vBulletin 4.x - Authenticated SQL Injection in breadcrumbs via xmlrpc API
vBulletin 4.x/5.x - AdminCP/ApiLog via xmlrpc API Authenticated Persistent Cross-Site Scripting
vBulletin 4.x - breadcrumbs via xmlrpc API Authenticated SQL Injection
Advertiz PHP Script 0.2 - Cross-Site Request Forgery (Update Admin)
WebKit - Stealing Variables via Page Navigation in 'FrameLoader::clear'
WebKit - 'FrameLoader::clear' Stealing Variables via Page Navigation
FineCMS 1.0 - Multiple Vulnerabilities
FineCMS 1.0 - Multiple Vulnerabilities
A2billing 2.x - SQL Injection
Cory Support - 'pr' Parameter SQL Injection
Pay Banner Text Link Ad 1.0.6.1 - Cross-Site Request Forgery (Update Admin)
Pay Banner Text Link Ad 1.0.6.1 - SQL Injection
2017-09-07 05:01:26 +00:00
Offensive Security
69443c8521
DB: 2017-09-06
...
5 new exploits
Samba 2.2.8 - Remote Code Execution
Samba < 2.2.8 (Linux/BSD) - Remote Code Execution
Mongoose Web Server 6.5 - Cross-Site Request Forgery / Remote Code Execution
A2billing 2.x - Backup File Download / Remote Code Execution
iGreeting Cards 1.0 - SQL Injection
WordPress Plugin Participants Database < 1.7.5.10 - Cross-Site Scripting
The Car Project 1.0 - SQL Injection
2017-09-06 05:01:20 +00:00
Offensive Security
427165968d
DB: 2017-09-05
...
9 new exploits
IBM Notes 8.5.x/9.0.x - Denial of Service (2)
Lotus Notes Diagnostic Tool 8.5/9.0 - Privilege Escalation
RubyGems < 2.6.13 - Arbitrary File Overwrite
Dup Scout Enterprise 9.9.14 - 'Input Directory' Local Buffer Overflow
Joomla! Component Survey Force Deluxe 3.2.4 - 'invite' Parameter SQL Injection
Joomla! Component CheckList 1.1.0 - SQL Injection
Wireless Repeater BE126 - Remote Code Execution
CodeMeter 6.50 - Cross-Site Scripting
Symantec Messaging Gateway < 10.6.3-267 - Cross-Site Request Forgery
2017-09-05 05:01:31 +00:00
Offensive Security
572d7c5002
DB: 2017-09-04
...
2 new exploits
IBM Notes 8.5.x/9.0.x - Denial of Service
FineCMS 1.0 - Multiple Vulnerabilities
2017-09-04 05:01:22 +00:00
Offensive Security
a160bc0c68
DB: 2017-09-02
...
2 new exploits
Mozilla Firefox 3.6.3 - Fork Bomb Denial of Service
Mozilla Firefox 3.6.3 - Fork Bomb (Denial of Service)
OpenJPEG - 'mqc.c' Heap-Based Buffer Overflow
Motorola Bootloader - Kernel Cmdline Injection Secure Boot and Device Locking Bypass
Git <= 2.7.5 - Command Injection (Metasploit)
Git < 2.7.5 - Command Injection (Metasploit)
Joomla! 1.0.7 / Mambo 4.5.3 - (feed) Full Path Disclosure / Denial of Service
Joomla! 1.0.7 / Mambo 4.5.3 - 'feed' Full Path Disclosure / Denial of Service
Joomla! 1.0.9 - (Weblinks) Blind SQL Injection
Joomla! 1.0.9 - 'Weblinks' Blind SQL Injection
Joomla! 1.5.x - (Token) Remote Admin Change Password
Joomla! 1.5.x - 'Token' Remote Admin Change Password
Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion
Joomla! Component & Plugin 'JE Tooltip' 1.0 - Local File Inclusion
Joomla! 'com_djClassifieds' 0.9.1 - Arbitrary File Upload
Joomla! Component 'com_djClassifieds' 0.9.1 - Arbitrary File Upload
Joomla! 1.6.0-Alpha2 - Cross-Site Scripting
Joomla! 1.6.0 Alpha2 - Cross-Site Scripting
Joomla! - Spam Mail Relay
Joomla! 1.5.22 / 1.6.0 - 'com_mailto' Spam Mail Relay
Joomla Component Myportfolio 3.0.2 - 'pid' Parameter SQL Injection
Joomla! Component Myportfolio 3.0.2 - 'pid' Parameter SQL Injection
Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection
Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.6 - SQL Injection
Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.7 - SQL Injection
Joomla! Component Huge-IT Video Gallery 1.0.9 - SQL Injection
Joomla! Component Huge-IT Portfolio Gallery Plugin 1.0.6 - SQL Injection
Joomla! Component Huge-IT Portfolio Gallery Plugin 1.0.7 - SQL Injection
2017-09-02 05:01:21 +00:00
Offensive Security
f94c5966a1
DB: 2017-09-01
...
5 new exploits
Git <= 2.7.5 - Command Injection (Metasploit)
Linux/x86 - Fork Bomb Shellcode (9 bytes)
Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection
Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.6 - SQL Injection
Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.7 - SQL Injection
2017-09-01 05:01:24 +00:00
Offensive Security
6b9cb90c81
DB: 2017-08-31
...
4 new exploits
Joomla! Component Quiz Deluxe 3.7.4 - SQL Injection
Joomla! Component Joomanager 2.0.0 - Arbitrary File Download
iBall Baton 150M Wireless Router - Authentication Bypass
Invoice Manager 3.1 - Cross-Site Request Forgery (Add Admin)
2017-08-31 05:01:22 +00:00
Offensive Security
13819fd065
DB: 2017-08-30
...
10 new exploits
ProFTPd 1.2.0 (rc2) - memory leakage example Exploit
ProFTPd 1.2.0pre10 - Remote Denial of Service
ProFTPd 1.2.0 rc2 - Memory Leakage Exploit
ProFTPd 1.2.0 pre10 - Remote Denial of Service
ProFTPd 1.3.0a - (mod_ctrls support) Local Buffer Overflow (PoC)
ProFTPd 1.3.0a - 'mod_ctrls support' Local Buffer Overflow (PoC)
ProFTPd mod_sftp - Integer Overflow Denial of Service (PoC)
ProFTPd - 'mod_sftp' Integer Overflow Denial of Service (PoC)
ProFTPd 1.2 - SIZE Remote Denial of Service
ProFTPd 1.2 - 'SIZE' Remote Denial of Service
ProFTPd 1.2.x - STAT Command Denial of Service
ProFTPd 1.2.x - 'STAT' Denial of Service
ProFTPd - (ftpdctl) Local pr_ctrls_connect
ProFTPd - 'ftpdctl' 'pr_ctrls_connect' Exploit
ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (1)
ProFTPd 1.3.0/1.3.0a - (mod_ctrls support) Local Buffer Overflow (2)
ProFTPd 1.3.0/1.3.0a - 'mod_ctrls support' Local Buffer Overflow (1)
ProFTPd 1.3.0/1.3.0a - 'mod_ctrls support' Local Buffer Overflow (2)
ProFTPd 1.3.0/1.3.0a - (mod_ctrls) Local Overflow (exec-shield)
ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' Local Overflow (exec-shield)
ProFTPd 1.3.0 - mod_ctrls Local Stack Overflow (OpenSUSE)
ProFTPd 1.3.0 (OpenSUSE) - 'mod_ctrls' Local Stack Overflow
Easy Vedio to PSP Converter 1.6.20 - Buffer Overflow (SEH)
ProFTPd 1.2.9RC1 - 'mod_sql' SQL Injection
ProFTPd 1.2.9 RC1 - 'mod_sql' SQL Injection
ProFTPd 1.3.0 - (sreplace) Remote Stack Overflow (Metasploit)
ProFTPd 1.3.0 - 'sreplace' Remote Stack Overflow (Metasploit)
ProFTPd 1.x (module mod_tls) - Remote Buffer Overflow
ProFTPd 1.x - 'mod_tls module' Remote Buffer Overflow
ProFTPd 1.3.2rc3 < 1.3.3b (Linux) - Telnet IAC Buffer Overflow (Metasploit)
ProFTPd 1.2 < 1.3.0 (Linux) - sreplace Buffer Overflow (Metasploit)
ProFTPd 1.3.2 rc3 < 1.3.3b (Linux) - Telnet IAC Buffer Overflow (Metasploit)
ProFTPd 1.2 < 1.3.0 (Linux) - 'sreplace' Buffer Overflow (Metasploit)
ProFTPd 1.3.2rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow (Metasploit)
ProFTPd 1.3.2 rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow (Metasploit)
FreeBSD ftpd and ProFTPd on FreeBSD - Remote Command Execution
ftpd / ProFTPd (FreeBSD) - Remote Command Execution
ProFTPd 1.2 pre6 - snprintf Exploit
ProFTPd 1.2 pre6 - 'snprintf' Remote Root Exploit
D-Link DIR-645 / DIR-815 - diagnostic.php Command Execution (Metasploit)
D-Link DIR-645 / DIR-815 - 'diagnostic.php' Command Execution (Metasploit)
D-Link DIR615h - OS Command Injection (Metasploit)
D-Link DIR-615H - OS Command Injection (Metasploit)
ProFTPd 1.3.5 - (mod_copy) Remote Command Execution
ProFTPd 1.3.5 - 'mod_copy' Remote Command Execution
ProFTPd 1.3.5 - 'Mod_Copy' Command Execution (Metasploit)
ProFTPd 1.3.5 - 'mod_copy' Command Execution (Metasploit)
QNAP Transcode Server - Command Execution (Metasploit)
D-Link DIR-600 / DIR-300 (rev B) - Multiple Vulnerabilities
D-Link DIR-600 / DIR-300 (Rev B) - Multiple Vulnerabilities
D-Link DIR-615 rev H - Multiple Vulnerabilities
D-Link DIR-615 Rev H - Multiple Vulnerabilities
D-Link DIR-615 Hardware rev D3 / DIR-300 Hardware rev A - Multiple Vulnerabilities
D-Link DIR-615 Rev D3 / DIR-300 Rev A - Multiple Vulnerabilities
D-Link DIR-615 Hardware vE4 Firmware 5.10 - Cross-Site Request Forgery
D-Link DIR-615 vE4 Firmware 5.10 - Cross-Site Request Forgery
D-Link DIR-600L Hardware Version AX Firmware 1.00 - Cross-Site Request Forgery
D-Link DIR-600L AX 1.00 - Cross-Site Request Forgery
NethServer 7.3.1611 - Cross-Site Request Forgery / Cross-Site Scripting
NethServer 7.3.1611 - Cross-Site Request Forgery (Create User / Enable SSH Access)
D-Link DIR-600 - Authentication Bypass
Car or Cab Booking Script - Authentication Bypass
PHP Appointment Booking Script - Authentication Bypass
User Login and Management - Multiple Vulnerabilities
PHP Video Battle Script 1.0 - SQL Injection
Brickcom IP Camera - Credentials Disclosure
2017-08-30 05:01:38 +00:00
Offensive Security
711d6a6a43
DB: 2017-08-29
...
21 new exploits
Easy DVD Creator 2.5.11 - Buffer Overflow (SEH)
Easy WMV/ASF/ASX to DVD Burner 2.3.11 - Buffer Overflow (SEH)
Easy RM RMVB to DVD Burner 1.8.11 - Buffer Overflow (SEH)
Dup Scout Enterprise 9.9.14 - Buffer Overflow (SEH)
Disk Savvy Enterprise 9.9.14 - Buffer Overflow (SEH)
Sync Breeze Enterprise 9.9.16 - Buffer Overflow (SEH)
Disk Pulse Enterprise 9.9.16 - Buffer Overflow (SEH)
Joomla! Component MasterForms 1.0.3 - SQL Injection
Joomla! Component Photo Contest 1.0.2 - SQL Injection
Wireless Repeater BE126 - Local File Inclusion
Joomla! Component OSDownloads 1.7.4 - SQL Injection
AutoCar 1.1 - 'category' Parameter SQL Injection
Joomla! Component Responsive Portfolio 1.6.1 - SQL Injection
Matrimonial Script 2.7 - Authentication Bypass
Smart Chat 1.0.0 - SQL Injection
FTP Made Easy PRO 1.2 - SQL Injection
WYSIWYG HTML Editor PRO 1.0 - Arbitrary File Download
Easy Web Search 4.0 - SQL Injection
PHP Search Engine 1.0 - SQL Injection
Flash Poker 2.0 - 'game' Parameter SQL Injection
Login-Reg Members Management PHP 1.0 - Arbitrary File Upload
Schools Alert Management Script - Authentication Bypass
2017-08-29 05:01:21 +00:00
Offensive Security
72d44bf877
DB: 2017-08-28
2017-08-28 05:01:24 +00:00
Offensive Security
3d9901b4c9
DB: 2017-08-27
...
1 new exploits
HP-UX 11i - (swpackage) Stack Overflow Privilege Escalation
HP-UX 11i - 'swpackage' Stack Overflow Privilege Escalation
Apple iOS <= 10.3.1 - Kernel Exploit
2017-08-27 05:01:24 +00:00
Offensive Security
c388cc7a95
DB: 2017-08-26
...
7 new exploits
MP3 WAV to CD Burner 1.4.24 - Buffer Overflow (SEH)
My Video Converter 1.5.24 - Buffer Overflow (SEH)
Easy Video to iPod/MP4/PSP/3GP Converter 1.5.20 - Buffer Overflow (SEH)
Easy AVI DivX Converter 1.2.24 - Buffer Overflow (SEH)
Linux/x86-64 - execve /bin/sh Shellcode (25 bytes)
Linux/x86-64 - execve /bin/sh Shellcode (25 bytes) (2)
Linux/x86-64 - execve /bin/sh Shellcode (25 bytes)
Linux/x86-64 - execve /bin/sh Shellcode (25 bytes) (1)
Linux/x86-64 - execve /bin/sh Shellcode (31 bytes)
Linux/x86-64 - execve /bin/sh Shellcode (31 bytes) (2)
Linux/x86-64 - execve /bin/sh Shellcode (31 bytes)
Linux/x86-64 - execve /bin/sh Shellcode (31 bytes) (1)
Joomla! Component Bargain Product VM3 1.0 - 'product_id' Parameter SQL Injection
Joomla! Component Price Alert 3.0.2 - 'product_id' Parameter SQL Injection
Joomla! Component MasterForms 1.0.3 - SQL Injection
2017-08-26 05:01:24 +00:00
Offensive Security
d4775ec75b
DB: 2017-08-25
2017-08-25 05:01:28 +00:00
Offensive Security
dd6e8a4e4c
DB: 2017-08-24
...
13 new exploits
libgig 4.0.0 - LinuxSampler Multiple Vulnerabilities
Microsoft Internet Explorer - wshom.ocx (Run) ActiveX Remote Code Execution (Add Admin)
Microsoft Internet Explorer - 'wshom.ocx' (Run) ActiveX Remote Code Execution (Add Admin)
Automated Logic WebCTRL 6.5 - Local Privilege Escalation
Microsoft Internet Explorer - (createTextRang) Download Shellcode Exploit (1)
Microsoft Internet Explorer - 'createTextRang' Download Shellcode Exploit (1)
Microsoft Internet Explorer - wshom.ocx ActiveX Control Remote Code Execution
Microsoft Internet Explorer - 'wshom.ocx' ActiveX Control Remote Code Execution
Easy File Management Web Server 5.3 - UserID Remote Buffer Overflow (ROP)
Easy File Management Web Server 5.3 - 'UserID' Remote Buffer Overflow (ROP)
Easy File Management Web Server 5.6 - USERID Remote Buffer Overflow
Easy File Management Web Server 5.6 - 'USERID' Remote Buffer Overflow
BSD/x86 - Bind TCP Shell (Random Port) Shellcode (143 bytes)
BSD/x86 - Bind TCP Shell (Random TCP Port) Shellcode (143 bytes)
FreeBSD/x86 - ConnectBack (172.17.0.9:8000/TCP) + Receive Shellcode + JMP + Return Results Null-Free Shellcode (90 bytes)
FreeBSD/x86 - ConnectBack (172.17.0.9:8000/TCP) + Receive Shellcode + Payload Loader + Return Results Null-Free Shellcode (90 bytes)
Linux/x86 - Bind TCP Shellcode (Generator)
Linux/x86 - Bind TCP Shell Shellcode (Generator)
Linux/x86 - Command Null-Free Shellcode (Generator)
Linux/x86 - Command Generator Null-Free Shellcode (Generator)
Cisco IOS/PowerPC - Bind Password (1rmp455) Shellcode (116 bytes)
Cisco IOS/PowerPC - New VTY + Password (1rmp455) Shellcode (116 bytes)
Linux/MIPS (Linksys WRT54G/GL) - execve Shellcode (60 bytes)
Linux/MIPS (Linksys WRT54G/GL) - execve(_/bin/sh__[_/bin/sh_]_[]); Shellcode (60 bytes)
Linux/x86 - Self-Modifying Anti-IDS Shellcode (64 bytes)
Linux/x86 - Forks a HTTP Server on 8800/TCP Shellcode (166 bytes)
Linux/x86 - Listens on 5555/TCP + Jumps to it Shellcode (83 bytes)
Linux/x86 - Self-Modifying Anti-IDS /bin/sh Shellcode (35/64 bytes)
Linux/x86 - HTTP Server (8800/TCP) + Fork Shellcode (166 bytes)
Linux/x86 - Bind TCP Listener (5555/TCP) + Receive Shellcode + Payload Loader Shellcode (83 bytes)
Linux/x86 - File Reader Shellcode (65+ bytes)
Linux/x86 - Read /etc/passwd Shellcode (65+ bytes)
Linux/x86 - Edit /etc/sudoers (ALL ALL=(ALL) NOPASSWD: ALL) for full access Shellcode (86 bytes)
Linux/x86 - Ho' Detector - Promiscuous mode detector Shellcode (56 bytes)
Linux/x86 - Edit /etc/sudoers (ALL ALL=(ALL) NOPASSWD: ALL) For Full Access Shellcode (86 bytes)
Linux/x86 - Promiscuous Mode Detector Shellcode (56 bytes)
Linux/x86 - system-beep Shellcode (45 bytes)
Linux/x86 - System Beep Shellcode (45 bytes)
Linux/x86 - rm -rf / Attempts To Block The Process From Being Stopped Shellcode (132 bytes)
Linux/x86 - /bin/rm -rf / + Attempts To Block The Process From Being Stopped Shellcode (132 bytes)
Linux/x86 - raw-socket ICMP/checksum shell Shellcode (235 bytes)
Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (40 bytes)
Linux/x86 - kill all processes Shellcode (11 bytes)
Linux/x86 - Raw-Socket ICMP/Checksum /bin/sh Shell Shellcode (235 bytes)
Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (40 bytes)
Linux/x86 - Kill All Processes Shellcode (11 bytes)
Linux/x86 - HTTP/1.x GET + Downloads + execve() Null-Free Shellcode (111+ bytes)
Linux/x86 - Download File (HTTP/1.x http://0xdeadbeef/A ) + execve() Null-Free Shellcode (111+ bytes)
Linux/x86 - re-use of /bin/sh string in .rodata Shellcode (16 bytes)
Linux/x86 - execve /bin/sh (Re-Use Of Strings In .rodata) Shellcode (16 bytes)
Linux/x86 - execve(/bin/sh) + .ZIP Header Shellcode (28 bytes)
Linux/x86 - execve(/bin/sh) + .RTF Header Shellcode (30 bytes)
Linux/x86 - execve(/bin/sh) + .RIFF Header Shellcode (28 bytes)
Linux/x86 - execve(/bin/sh) + .BMP Bitmap Header Shellcode (27 bytes)
Linux/x86 - Read SWAP write to /tmp/swr Shellcode (109 bytes)
Linux/x86 - SWAP store from /tmp/sws Shellcode (99 bytes)
Linux/x86 - execve(/bin/sh) + '.ZIP' Header Shellcode (28 bytes)
Linux/x86 - execve(/bin/sh) + '.RTF' Header Shellcode (30 bytes)
Linux/x86 - execve(/bin/sh) + '.RIFF' Header Shellcode (28 bytes)
Linux/x86 - execve(/bin/sh) + '.BMP' Bitmap Header Shellcode (27 bytes)
Linux/x86 - Read SWAP + Write To /tmp/swr Shellcode (109 bytes)
Linux/x86 - Read /tmp/sws + Store In SWAP Shellcode (99 bytes)
Linux/x86 - HTTP/1.x GET_ Downloads + JMP Shellcode (68+ bytes)
Linux/x86 - TCP Proxy Null-Free Shellcode (236 bytes)
Linux/x86 - Download File (HTTP/1.x http://127.0.0.1:8081/foobar.bin ) + Receive Shellcode + Payload Loader Shellcode (68+ bytes)
Linux/x86 - TCP Proxy (192.168.1.16:1280) All Connect() Null-Free Shellcode (236 bytes)
Linux/x86 - eject cd-rom (follows /dev/cdrom symlink) + exit() Shellcode (40 bytes)
Linux/x86 - eject/close cd-rom loop (follows /dev/cdrom symlink) Shellcode (45 bytes)
Linux/x86 - Eject CD-Rom (Follows /dev/cdrom Symlink) + exit() Shellcode (40 bytes)
Linux/x86 - Eject/Close CD-Rom Loop (Follows /dev/cdrom Symlink) Shellcode (45 bytes)
Linux/x86 - normal exit with random (so to speak) return value Shellcode (5 bytes)
Linux/x86 - Normal Exit With Random (So To Speak) Return Value Shellcode (5 bytes)
Linux/x86 - Socket-proxy Shellcode (372 bytes)
Linux/x86 - Socket-Proxy (31337:11.22.33.44:80) Shellcode (372 bytes)
Linux/x86 - snoop /dev/dsp Null-Free Shellcode (172 bytes)
Linux/x86 - Snoop /dev/dsp Null-Free Shellcode (172 bytes)
Linux/x86 - examples of long-term payloads hide-wait-change Shellcode (.s) (187+ bytes)
Linux/x86 - examples of long-term payloads hide-wait-change Shellcode (187+ bytes)
Linux/x86 - Hide-Wait-Change (Hide from PS + Wait for /tmp/foo + chmod 0455) Shellcode (187+ bytes)
Linux/x86 - Radically Self-Modifying Shellcode (70 bytes)
Linux/x86 - Magic Byte Self-Modifying Shellcode (76 bytes)
Linux/x86 - Self-Modifying Radical Shellcode (70 bytes)
Linux/x86 - Self-Modifying Magic Byte /bin/sh Shellcode (76 bytes)
Linux/x86 - execve /bin/sh IA32 0xff-less Shellcode (45 bytes)
Linux/IA32 - execve /bin/sh 0xff-Free Shellcode (45 bytes)
Linux/x86 - kill snort Shellcode (151 bytes)
Linux/x86 - Kill Snort Shellcode (151 bytes)
Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (45 bytes)
Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (58 bytes)
Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (45 bytes)
Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (58 bytes)
Linux/x86 - eject /dev/cdrom Shellcode (64 bytes)
Linux/x86 - xterm -ut -display [IP]:0 Shellcode (132 bytes)
Linux/x86 - ipchains -F Shellcode (49 bytes)
Linux/x86 - Eject /dev/cdrom Shellcode (64 bytes)
Linux/x86 - xterm -ut -display 1270.0.0.1:0 Shellcode (132 bytes)
Linux/x86 - Flush IPChains Rules (/sbin/ipchains -F) Shellcode (49 bytes)
Linux/x86 - execve /bin/sh (tolower() Evasion) Shellcode (41 bytes)
Linux/x86 - execve /bin/sh ToLower Encoded Shellcode (41 bytes)
Linux/x86 - execve /bin/sh (toupper() Evasion) Shellcode (55 bytes)
Linux/x86 - execve /bin/sh ToLower Encoded Shellcode (55 bytes)
NetBSD/x86 - kill all processes Shellcode (23 bytes)
NetBSD/x86 - Callback 6666/TCP Shellcode (83 bytes)
NetBSD/x86 - Kill All Processes Shellcode (23 bytes)
NetBSD/x86 - Reverse TCP Shell (6666/TCP) Shellcode (83 bytes)
OSX/PPC - Add inetd backdoor Shellcode (222 bytes)
OSX/PPC - reboot Shellcode (28 bytes)
OSX/PPC - Add inetd (/etc/inetd.conf) Backdoor (Bind 6969/TCP Shell) Shellcode (222 bytes)
OSX/PPC - Reboot Shellcode (28 bytes)
OSX/PPC - create /tmp/suid Shellcode (122 bytes)
OSX/PPC - simple write() Shellcode (75 bytes)
OSX/PPC - Create /tmp/suid Shellcode (122 bytes)
OSX/PPC - Simple write() Shellcode (75 bytes)
Solaris/SPARC - Download File + Execute Shellcode (278 bytes)
Solaris/SPARC - Download File (http://evil-dl/ ) + Execute (/tmp/ff) Shellcode (278 bytes)
Solaris/SPARC - Bind TCP /bin/sh (6789/TCP) Shellcode (228 bytes)
Solaris/SPARC - Bind TCP /bin/sh Shell (6789/TCP) Shellcode (228 bytes)
Solaris/x86 - Bind TCP Shellcode (Generator)
Solaris/x86 - Bind TCP Shell Shellcode (Generator)
Solaris/x86 - execve /bin/sh toupper evasion Shellcode (84 bytes)
Solaris/x86 - Add services and execve inetd Shellcode (201 bytes)
Solaris/x86 - execve /bin/sh ToUpper Encoded Shellcode (84 bytes)
Solaris/x86 - inetd Add Service + execve Shellcode (201 bytes)
Windows x64 - (URLDownloadToFileA) Download + Execute Shellcode (218+ bytes)
Linux/x86 - kill all processes Shellcode (9 bytes)
Windows x64 - (URLDownloadToFileA) Download File (http://localhost/trojan.exe ) + Execute Shellcode (218+ bytes)
Linux/x86 - Kill All Processes Shellcode (9 bytes)
Linux/x86 - Pverwrite MBR on /dev/sda with _LOL!' Shellcode (43 bytes)
Linux/x86 - Overwrite MBR on /dev/sda with _LOL!' Shellcode (43 bytes)
Linux/x86 - eject /dev/cdrom Shellcode (42 bytes)
Linux/x86 - Eject /dev/cdrom Shellcode (42 bytes)
Linux/x86 - Disabled modsecurity Shellcode (64 bytes)
Linux/x86 - Disable modsecurity Shellcode (64 bytes)
Linux/x86 - chmod 0777 /etc/shadow Shellcode (33 bytes)
Linux/x86 - chmod 0777 /etc/shadow Shellcode (33 bytes)
Solaris/x86 - Download File Shellcode (79 bytes)
Linux/x86 - Disable ASLR Security Shellcode Shellcode (106 bytes)
Solaris/x86 - Download File (http://shell-storm.org/exemple-solaris ) Shellcode (79 bytes)
Linux/x86 - Disable ASLR Security Shellcode (106 bytes)
Linux/x86 - kill all running process Shellcode (11 bytes)
Linux/x86 - Kill All Running Process Shellcode (11 bytes)
Solaris/x86 - SystemV killall command Shellcode (39 bytes)
Solaris/x86 - SystemV killall Command Shellcode (39 bytes)
Windows x86 - Checksum Routine Shellcode (18 bytes)
Windows x86 - Egghunter Checksum Routine Shellcode (18 bytes)
ARM - Bind (68/UDP) + Reverse Shell (192.168.0.1:67/UDP) Shellcode
ARM - Loader (0x1337/TCP) Shellcode
ARM - Bind TCP Listener (68/UDP) + Reverse TCP Shell (192.168.0.1:67/UDP) Shellcode
ARM - Bind TCP Listener (0x1337/TCP) + Receive Shellcode + Payload Loader Shellcode
Linux/x86 - Bind Netcat (/usr/bin/netcat) /bin/sh Shell (6666/TCP) + Polymorphic XOR Encoded Shellcode (69 bytes)
OSX/Intel (x86-64) - Reverse TCP /bin/sh Shell (FFFFFFFF:4444/TCP) Shellcode (131 bytes)
Linux/x86 - Bind Netcat (/usr/bin/netcat) /bin/sh Shell (6666/TCP) + Polymorphic XOR Encoded Shellcode (69/93 bytes)
OSX/Intel x86-64 - Reverse TCP /bin/sh Shell (FFFFFFFF:4444/TCP) Shellcode (131 bytes)
OSX - Universal ROP Shellcode
Linux/MIPS - execve Shellcode (52 bytes)
OSX - Universal ROP + Reverse TCP Shell Shellcode
Linux/MIPS - execve /bin/sh Shellcode (52 bytes)
Windows x86 - Bind TCP Password (damn_it!$$##@;*#) Shellcode (637 bytes)
Windows x86 - Bind TCP Password (damn_it!$$##@;*#) Shell Shellcode (637 bytes)
Windows - URLDownloadToFile + WinExec + ExitProcess Shellcode
Windows - URLDownloadToFile (http://bflow.security-portal.cz/down/xy.txt ) + WinExec + ExitProcess Shellcode
Linux/x86 - Socket Re-use Shellcode (50 bytes)
Linux/x86 - execve /bin/sh + Socket Re-Use Shellcode (50 bytes)
Linux/x86-64 - Position independent + execve(_/bin/sh\0__NULL_NULL); Alphanumeric Shellcode (87 bytes)
Linux/x86-64 - execve(_/bin/sh\0__NULL_NULL); Position Independent Alphanumeric Shellcode (87 bytes)
Linux/x86-64 - Reads Data From /etc/passwd To /tmp/outfile Shellcode (118 bytes)
Linux/x86-64 - Read /etc/passwd + Write To /tmp/outfile Shellcode (118 bytes)
Linux/x86 - execve _/bin/sh_ Shellcode (35 bytes)
Linux/x86 - execve /bin/sh Shellcode (35 bytes)
Linux/x86 - Execve /bin/sh Via Push Shellcode (21 bytes)
Linux/x86-64 - Execve /bin/sh Via Push Shellcode (23 bytes)
Linux/x86 - execve /bin/sh Via Push Shellcode (21 bytes)
Linux/x86-64 - execve /bin/sh Via Push Shellcode (23 bytes)
Linux/x86 - execve _/bin/sh_ Shellcode (26 bytes)
Linux/x86 - execve /bin/sh Shellcode (26 bytes)
Linux/x86 - /etc/passwd Reader Shellcode (58 bytes)
Linux/x86 - Read /etc/passwd Shellcode (58 bytes)
Linux/x86 - execve _/bin/sh_ Shellcode (24 bytes)
Linux/x86 - execve /bin/sh Shellcode (24 bytes)
Linux x86/x86-64 - Bind Shell (4444/TCP) Shellcode (251 bytes)
Linux x86/x86-64 - Bind TCP Shell (4444/TCP) Shellcode (251 bytes)
Linux/x86-64 - Execve-Stack Polymorphic Shellcode (47 bytes)
Linux/x86-64 - execve Stack Polymorphic Shellcode (47 bytes)
Linux/x86-64 - Bind Shell Shellcode (Generator)
Windows - Primitive Keylogger to File Null-Free Shellcode (431 (0x01AF) bytes)
Linux/x86-64 - Bind TCP Shell Shellcode (Generator)
Windows - Keylogger to File (./log.bin) Null-Free Shellcode (431 bytes)
Windows - Functional Keylogger to File Null-Free Shellcode (601 (0x0259) bytes)
Windows - Keylogger to File (%TEMP%/log.bin) Null-Free Shellcode (601 bytes)
Linux/x86-64 - Information Stealer Shellcode (399 bytes)
Linux/x86-64 - Download File (http://192.168.30.129/pri.sh ) + Execute Used To Steal Information Shellcode (399 bytes)
Linux/x86 - Reverse TCP /bin/sj Shell (192.168.227.129:4444) Shellcode (75 bytes)
Linux/x86 - Reverse TCP /bin/sh Shell (192.168.227.129:4444) Shellcode (75 bytes)
Windows x64 - Download File + Execute Shellcode (358 bytes)
Windows x64 - Download File (http://192.168.10.129/pl.exe ) + Execute (C:\Users\Public\p.exe) Shellcode (358 bytes)
Linux/x86-64 - Random Listener Shellcode (54 bytes)
Linux/x86-64 - Bind TCP /bin/sh Shell (Random TCP Port) Shellcode (54 bytes)
Linux/x86-64 - Setuid(0) + Execve(/bin/sh) Polymorphic Shellcode (31 bytes)
Linux/x86-64 - setuid(0) + Execve(/bin/sh) Polymorphic Shellcode (31 bytes)
Linux/x86 - Bind TCP /bin/sh Random Port Shell Shellcode (44 bytes)
Linux/x86 - File Reader Shellcode (54 Bytes)
Linux/x86 - Bind TCP /bin/sh Shell (Random TCP Port) Shellcode (44 bytes)
Linux/x86 - Read /etc/passwd Shellcode (54 Bytes)
Matrimonial Script - SQL Injection
Automated Logic WebCTRL 6.5 - Unrestricted File Upload / Remote Code Execution
Automated Logic WebCTRL 6.1 - Path Traversal / Arbitrary File Write
iTech B2B Script 4.42 - SQL Injection
iTech Business Networking Script 8.26 - SQL Injection
iTech Caregiver Script 2.71 - SQL Injection
iTech Classifieds Script 7.41 - SQL Injection
iTech Image Sharing Script 4.13 - SQL Injection
iTech Freelancer Script 5.27 - SQL Injection
iTech Travel Script 9.49 - SQL Injection
iTech Multi Vendor Script 6.63 - SQL Injection
2017-08-24 05:01:22 +00:00
Offensive Security
c7b4bfd8e6
DB: 2017-08-23
...
23 new exploits
Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation (MS17-017)
Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation (MS17-017)
Disk Pulse Enterprise 9.9.16 - 'Import Command' Buffer Overflow
Disk Savvy Enterprise 9.9.14 - 'Import Command' Buffer Overflow
VX Search Enterprise 9.9.12 - 'Import Command' Buffer Overflow
Microsoft Windows - Escalate UAC Protection Bypass (Via COM Handler Hijack) (Metasploit)
IBM OpenAdmin Tool - SOAP welcomeServer PHP Code Execution (Metasploit)
BSD - Passive Connection Shellcode (124 bytes)
BSD - Reverse TCP /bin/sh Shell (127.0.0.1:31337/TCP) Shellcode (124 bytes)
BSD/x86 - setuid(0) then execve /bin/sh Shellcode (30 bytes)
BSD/x86 - Bind Shell 31337/TCP + setuid(0) Shellcode (94 bytes)
BSD/x86 - execve /bin/sh multiplatform Shellcode (27 bytes)
BSD/x86 - execve /bin/sh setuid (0) Shellcode (29 bytes)
BSD/x86 - Bind Shell 31337/TCP Shellcode (83 bytes)
BSD/x86 - Bind Random Port Shellcode (143 bytes)
BSD/x86 - setuid(0) + execve /bin/sh Shellcode (30 bytes)
BSD/x86 - Bind TCP Shell (31337/TCP) + setuid(0) Shellcode (94 bytes)
BSD/x86 - execve /bin/sh Shellcode (27 bytes)
BSD/x86 - execve /bin/sh + setuid(0) Shellcode (29 bytes)
BSD/x86 - Bind TCP Shell (31337/TCP) Shellcode (83 bytes)
BSD/x86 - Bind TCP Shell (Random Port) Shellcode (143 bytes)
BSD/x86 - execve /bin/sh Crypt Shellcode (49 bytes)
BSD/x86 - execve /bin/sh ENCRYPT* Shellcode (57 bytes)
BSD/x86 - Connect torootteam.host.sk:2222 Shellcode (93 bytes)
BSD/x86 - cat /etc/master.passwd | mail [email] Shellcode (92 bytes)
BSD/x86 - execve /bin/sh Encoded Shellcode (49 bytes)
BSD/x86 - execve /bin/sh Encoded Shellcode (57 bytes)
BSD/x86 - Reverse TCP Shell (torootteam.host.sk:2222/TCP) Shellcode (93 bytes)
BSD/x86 - execve /bin/cat /etc/master.passwd | mail [email] Shellcode (92 bytes)
BSDi/x86 - execve /bin/sh toupper evasion Shellcode (97 bytes)
FreeBSD i386 & AMD64 - Execve /bin/sh Shellcode (Anti-Debugging) (140 bytes)
BSDi/x86 - execve /bin/sh ToUpper Encoded Shellcode (97 bytes)
FreeBSD x86 / x64 - execve /bin/sh Anti-Debugging Shellcode (140 bytes)
FreeBSD/x86 - connect back.send.exit /etc/passwd Shellcode (112 bytes)
FreeBSD/x86 - kill all processes Shellcode (12 bytes)
FreeBSD/x86 - rev connect + recv + jmp + return results Shellcode (90 bytes)
FreeBSD/x86 - /bin/cat /etc/master.passwd Null-Free Shellcode (65 bytes)
FreeBSD/x86 - Reverse /bin/sh Shell (127.0.0.1:8000) Shellcode (89 bytes)
FreeBSD/x86 - setuid(0); execve(ipf -Fa); Shellcode (57 bytes)
FreeBSD/x86 - /bin/sh Encrypted Shellcode (48 bytes)
FreeBSD/x86 - Reverse TCP cat /etc/passwd (192.168.1.33:8000/TCP) Shellcode (112 bytes)
FreeBSD/x86 - Kill All Processes Shellcode (12 bytes)
FreeBSD/x86 - ConnectBack (172.17.0.9:8000/TCP) + Receive Shellcode + JMP + Return Results Null-Free Shellcode (90 bytes)
FreeBSD/x86 - execve /bin/cat /etc/master.passwd Null-Free Shellcode (65 bytes)
FreeBSD/x86 - Reverse TCP /bin/sh Shell (127.0.0.1:8000) Null-Free Shellcode (89 bytes)
FreeBSD/x86 - setuid(0); + execve(ipf -Fa); Shellcode (57 bytes)
FreeBSD/x86 - execve /bin/sh Encoded Shellcode (48 bytes)
FreeBSD/x86 - execve /bin/sh Shellcode (2) (23 bytes)
FreeBSD/x86 - execve /bin/sh Shellcode (23 bytes)
FreeBSD/x86 - kldload /tmp/o.o Shellcode (74 bytes)
FreeBSD/x86 - Load Kernel Module (/sbin/kldload /tmp/o.o) Shellcode (74 bytes)
FreeBSD/x86 - Connect Port 31337 Shellcode (102 bytes)
FreeBSD/x86 - Reverse TCP /bin/sh Shell (127.0.0.1:31337/TCP) Shellcode (102 bytes)
Linux/x86 - Bind Shellcode (Generator)
Windows XP SP1 - Bind Shellcode (Generator)
(Generator) - /bin/sh Polymorphic With Printable ASCII Characters Shellcode
Linux/x86 - cmd Null-Free Shellcode (Generator)
(Generator) - Alphanumeric Shellcode (Encoder/Decoder)
Linux/x86 - Bind TCP Shellcode (Generator)
Windows XP SP1 - Bind TCP Shell Shellcode (Generator)
Linux - execve /bin/sh Polymorphic With Printable ASCII Characters Shellcode (Generator)
Linux/x86 - Command Null-Free Shellcode (Generator)
Windows - Reverse TCP Shell (127.0.0.1:123/TCP) Alphanumeric Shellcode (Encoder/Decoder) (Generator)
Win32 - Multi-Format Encoding Tool Shellcode (Generator)
iOS - Version-independent Shellcode
Cisco IOS - Connectback 21/TCP Shellcode
Windows x86 - Multi-Format Encoding Tool Shellcode (Generator)
iOS Version-independent - Null-Free Shellcode
Cisco IOS - New TTY / Privilege Level To 15 / Reverse Virtual Terminal Shell (21/TCP) Shellcode
Linux/x86-64 - Flush IPTables Rules Shellcode (84 bytes)
Linux/x86-64 - Reverse TCP Semi-Stealth Shell Shellcode (88+ bytes) (Generator)
Linux/MIPS (Linksys WRT54G/GL) - Bind 4919/TCP Shellcode (276 bytes)
Linux/x86-64 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (84 bytes)
Linux/x86-64 - Reverse TCP Semi-Stealth /bin/bash Shell Shellcode (88+ bytes) (Generator)
Linux/MIPS (Linksys WRT54G/GL) - Bind TCP /bin/sh Shell (4919/TCP) Shellcode (276 bytes)
Linux/PPC - connect back (192.168.1.1:31337) execve /bin/sh Shellcode (240 bytes)
Linux/PPC - Reverse TCP /bin/sh Shell (192.168.1.1:31337/TCP) Shellcode (240 bytes)
Linux/SPARC - Bind 8975/TCP Shellcode (284 bytes)
Linux/SPARC - Bind TCP Shell (8975/TCP) Null-Free Shellcode (284 bytes)
Linux/x86 - killall5 polymorphic Shellcode (61 bytes)
Linux/x86 - /bin/sh Polymorphic Shellcode (48 bytes)
Linux/x86 - Bind 4444/TCP Shellcode (XOR Encoded) (152 bytes)
Linux/x86 - reboot() polymorphic Shellcode (57 bytes)
Linux/x86 - chmod(_/etc/shadow__666) Polymorphic Shellcode (54 bytes)
Linux/x86 - setreuid(geteuid()_geteuid())_execve(_/bin/sh__0_0) Shellcode (34 bytes)
Linux/x86 - Bind 8000/TCP + Execve Iptables -F Shellcode (176 bytes)
Linux/x86 - Bind 8000/TCP + Add Root User Shellcode (225+ bytes)
Linux/x86 - Bind 8000/TCP ASM Code Linux Shellcode (179 bytes)
Linux/x86 - killall5 Polymorphic Shellcode (61 bytes)
Linux/x86 - execve /bin/sh Polymorphic Shellcode (48 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (4444/TCP) XOR Encoded Shellcode (152 bytes)
Linux/x86 - reboot() Polymorphic Shellcode (57 bytes)
Linux/x86 - chmod 666 /etc/shadow Polymorphic Shellcode (54 bytes)
Linux/x86 - setreuid(geteuid()_ geteuid()) + execve(_/bin/sh__0_0) Shellcode (34 bytes)
Linux/x86 - Bind TCP Shell (8000/TCP) + Flush IPTables Rules (/sbin/iptables -F) Shellcode (176 bytes)
Linux/x86 - Bind TCP Shell (8000/TCP) + Add Root User Shellcode (225+ bytes)
Linux/x86 - Bind TCP /bin/sh Shell (8000/TCP) Shellcode (179 bytes)
Linux/x86 - Serial port shell binding + busybox Launching Shellcode (82 bytes)
Linux/x86 - Serial Port Shell Binding (/dev/ttyS0) + busybox Launching Null-Free Shellcode (82 bytes)
Linux/x86 - chmod(_/etc/shadow__666) + exit(0) Shellcode (30 bytes)
Linux/x86 - chmod 666 /etc/shadow + exit(0) Shellcode (30 bytes)
Linux/x86 - Shellcode Obfuscator (Generator)
Linux/x86 - Shellcode Obfuscator Null-Free (Generator)
Linux/x86 - setuid(0) + execve(/bin/sh_0_0) Shellcode (28 bytes)
Linux/x86 - setresuid(0_0_0) /bin/sh Shellcode (35 bytes)
Linux/x86 - setuid(0) + execve(/bin/sh_0_0) Null-Free Shellcode (28 bytes)
Linux/x86 - setresuid(0_0_0) + /bin/sh Shellcode (35 bytes)
Linux/x86 - Reverse TCP /etc/shadow (8192/TCP) Shellcode (155 bytes)
Linux/x86 - Reverse TCP cat /etc/shadow (8192/TCP) Shellcode (155 bytes)
Linux/x86 - setuid(0) . setgid(0) . aslr_off Shellcode (79 bytes)
Linux/x86 - setuid(0) + setgid(0) + aslr_off (Disable ASLR Security) Shellcode (79 bytes)
Linux/x86 - /sbin/iptables -F Shellcode (40 bytes)
Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (40 bytes)
Linux/x86 - /sbin/ipchains -F Shellcode (40 bytes)
Linux/x86 - Flush IPChains Rules (/sbin/ipchains -F) Shellcode (40 bytes)
Linux/x86 - HTTP/1.x GET_ Downloads + execve() Shellcode (111+ bytes)
Linux/x86 - executes command after setreuid Shellcode (49+ bytes)
Linux/x86 - HTTP/1.x GET + Downloads + execve() Null-Free Shellcode (111+ bytes)
Linux/x86 - setreuid + executes command (49+ bytes)
Linux/x86 - Bind 31337/TCP + setuid Shellcode (96 bytes)
Linux/x86 - Bind 2707/TCP Shellcode (84 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) + setuid Shellcode (96 bytes)
Linux/x86 - Bind TCP Shell (2707/TCP) Shellcode (84 bytes)
Linux/x86 - Bind 31337/TCP SET_PORT() Shellcode (100 bytes)
Linux/x86 - Reverse TCP Shell (192.168.13.22:31337) Shellcode (82 bytes) (Generator)
Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) Shellcode (100 bytes)
Linux/x86 - Reverse TCP /bin/sh Shell (192.168.13.22:31337) Shellcode (82 bytes) (Generator)
Linux/x86 - Reverse TCP XOR Encoded Shell (127.0.0.1:80/TCP) Shellcode (371 bytes)
Linux/x86 - Reverse TCP Shell (127.0.0.1:80/TCP) XOR Encoded Shellcode (371 bytes)
Linux/x86 - /tmp/swr to SWAP restore Shellcode (109 bytes)
Linux/x86 - Read SWAP write to /tmp/swr Shellcode (109 bytes)
Linux/x86 - Bind TCP Password (gotfault) Shell (64713/TCP) Shellcode (166 bytes)
Linux/x86 - Bind 64713/TCP Shellcode (86 bytes)
Linux/x86 - Bind TCP /bin/sh Password (gotfault) Shell (64713/TCP) Shellcode (166 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (64713/TCP) Shellcode (86 bytes)
Linux/x86 - setreuid(0_0) execve(_/bin/sh__ [_/bin/sh__ NULL]) Shellcode (33 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/sh__ [_/bin/sh__ NULL]) Shellcode (33 bytes)
Linux/x86 - TCP Proxy Shellcode (236 bytes)
Linux/x86 - TCP Proxy Null-Free Shellcode (236 bytes)
Linux/x86 - execve /bin/sh xored for Intel x86 CPUID Shellcode (41 bytes)
Linux/x86 - execve /bin/sh Shellcode (+1 Encoded) (39 bytes)
Linux/x86 - Add User (xtz) To /etc/passwd Shellcode (59 bytes)
Linux/x86 - anti-debug trick (INT 3h trap) + execve /bin/sh Shellcode (39 bytes)
Linux/x86 - Bind /bin/sh to 31337/TCP Shellcode (80 bytes)
Linux/x86 - Bind /bin/sh to 31337/TCP + fork() Shellcode (98 bytes)
Linux/x86 (Intel x86 CPUID) - execve /bin/sh XORED Encoded Shellcode (41 bytes)
Linux/x86 - execve /bin/sh Shellcode +1 Encoded (39 bytes)
Linux/x86 - Add Root User (xtz) To /etc/passwd Shellcode (59 bytes)
Linux/x86 - Anti-Debug Trick (INT 3h trap) + execve /bin/sh Shellcode (39 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) Shellcode (80 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (31337/TCP) + fork() Shellcode (98 bytes)
Linux/x86 - chmod(/etc/shadow_ 0666) + exit() Shellcode (32 bytes)
Linux/x86 - chmod 0666 /etc/shadow + exit() Shellcode (32 bytes)
Linux/x86 - Reverse TCP Shell Shellcode (90 bytes) (Generator)
Linux/x86 - Reverse TCP Shell Shellcode (90 bytes) (Generator)
Linux/x86 - read(0_buf_2541); chmod(buf_4755); Shellcode (23 bytes)
Linux/x86 - write(0__Hello core!\n__12); (with optional 7 byte exit) Shellcode (36 bytes)
Linux/x86 - snoop /dev/dsp Shellcode (172 bytes)
Linux/x86 - /bin/sh Standard Opcode Array Payload Shellcode (21 bytes)
Linux/x86 - read(0_buf_2541); + chmod(buf_4755); Shellcode (23 bytes)
Linux/x86 - write(0__Hello core!\n__12); Exit Shellcode (36/43 bytes)
Linux/x86 - snoop /dev/dsp Null-Free Shellcode (172 bytes)
Linux/x86 - execve /bin/sh Standard Opcode Array Payload Shellcode (21 bytes)
Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (23 bytes)
Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (27 bytes)
Linux/x86 - /bin/sh sysenter Opcode Array Payload Shellcode (45 bytes)
Linux/x86 - chroot + standart Shellcode (66 bytes)
Linux/x86 - execve /bin/sh sysenter Opcode Array Payload Shellcode (23 bytes)
Linux/x86 - execve /bin/sh sysenter Opcode Array Payload Shellcode (27 bytes)
Linux/x86 - execve /bin/sh sysenter Opcode Array Payload Shellcode (45 bytes)
Linux/x86 - Break chroot (../ 20x Loop) + execve /bin/sh Shellcode (66 bytes)
Linux/x86 - setreuid/execve Shellcode (31 bytes)
Linux/x86 - Alphanumeric Shellcode (64 bytes)
Linux/x86 - Alphanumeric using IMUL Method Shellcode (88 bytes)
Linux/x86 - setreuid + execve Shellcode (31 bytes)
Linux/x86 - Alphanumeric Encoded Shellcode (64 bytes)
Linux/x86 - Alphanumeric Encoder (IMUL Method) Shellcode (88 bytes)
Linux/x86 - Bind 5074/TCP (ToUpper Encoded) Shellcode (226 bytes)
Linux/x86 - Add User (t00r) Anti-IDS Shellcode (116 bytes)
Linux/x86 - Bind TCP Shell (5074/TCP) ToUpper Encoded Shellcode (226 bytes)
Linux/x86 - Add Root User (t00r) Anti-IDS Shellcode (116 bytes)
Linux/x86 - iptables -F Shellcode (45 bytes)
Linux/x86 - iptables -F Shellcode (58 bytes)
Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (45 bytes)
Linux/x86 - Flush IPTables Rules (/sbin/iptables -F) Shellcode (58 bytes)
Linux/x86 - connect Shellcode (120 bytes)
Linux/x86 - Reverse TCP /bin/sh Shell Shellcode (120 bytes)
Linux/x86 - cp /bin/sh /tmp/katy ; chmod 4555 katy Shellcode (126 bytes)
Linux/x86 - cp /bin/sh /tmp/katy ; + chmod 4555 katy Shellcode (126 bytes)
Linux/x86 - execve /bin/sh setreuid(12_12) Shellcode (50 bytes)
Linux/x86 - Bind 5074/TCP Shellcode (92 bytes)
Linux/x86 - Bind 5074/TCP + fork() Shellcode (130 bytes)
Linux/x86 - Add User (t00r) Shellcode (82 bytes)
Linux/x86 - Add User Shellcode (104 bytes)
Linux/x86 - break chroot Shellcode (34 bytes)
Linux/x86 - break chroot Shellcode (46 bytes)
Linux/x86 - break chroot execve /bin/sh Shellcode (80 bytes)
Linux/x86 - execve /bin/sh + setreuid(12_12) Shellcode (50 bytes)
Linux/x86 - Bind TCP Shell (5074/TCP) Shellcode (92 bytes)
Linux/x86 - Bind TCP Shell (5074/TCP) + fork() Shellcode (130 bytes)
Linux/x86 - Add Root User (t00r) Shellcode (82 bytes)
Linux/x86 - Add Root User Shellcode (104 bytes)
Linux/x86 - Break chroot (../ 10x Loop) Shellcode (34 bytes)
Linux/x86 - Break chroot (../ 10x Loop) Shellcode (46 bytes)
Linux/x86 - Break chroot + execve /bin/sh Shellcode (80 bytes)
Linux/x86 - execve /bin/sh (XOR Encoded) Shellcode (55 bytes)
Linux/x86 - execve /bin/sh XOR Encoded Shellcode (55 bytes)
Linux/x86 - chroot()/execve() code Shellcode (80 bytes)
Linux/x86 - Add User (z) Shellcode (70 bytes)
Linux/x86 - break chroot setuid(0) + /bin/sh Shellcode (132 bytes)
Linux/x86-64 - Bind 4444/TCP Shellcode (132 bytes)
Linux/x86 - Add Root User (z) Shellcode (70 bytes)
Linux/x86 - setreuid(0_ 0) + Break chroot (mkdir/chdir/chroot _../_) + execve /bin/sh Shellcode (132 bytes)
Linux/x86-64 - Bind TCP Shell (4444/TCP) Shellcode (132 bytes)
Linux PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (99 bytes)
OSX PPC & x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (121 bytes)
Linux/x86 & Unix/SPARC & IRIX/MIPS - execve /bin/sh Shellcode (141 bytes)
Linux/x86 & Unix/SPARC - execve /bin/sh Shellcode (80 bytes)
Linux/x86 & bsd/x86 - execve /bin/sh Shellcode (38 bytes)
Linux/PPC / Linux/x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (99 bytes)
OSX/PPC / OSX/x86 - execve(_/bin/sh__{_/bin/sh__NULL}_NULL) Shellcode (121 bytes)
Linux/x86 / Unix/SPARC / IRIX/MIPS - execve /bin/sh Shellcode (141 bytes)
Linux/x86 / Unix/SPARC - execve /bin/sh Shellcode (80 bytes)
BSD/x86 / Linux/x86 - execve /bin/sh Shellcode (38 bytes)
NetBSD/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); Shellcode (29 bytes)
NetBSD/x86 - setreuid(0_ 0); execve(_/bin//sh__ ..._ NULL); Shellcode (30 bytes)
NetBSD/x86 - setreuid(0_ 0); + execve(_/bin//sh__ ..._ NULL); Shellcode (29 bytes)
NetBSD/x86 - setreuid(0_ 0); + execve(_/bin//sh__ ..._ NULL); Shellcode (30 bytes)
OpenBSD/x86 - Bind 6969/TCP Shellcode (148 bytes)
OpenBSD/x86 - Add user _w00w00_ Shellcode (112 bytes)
OSX/PPC - sync()_ reboot() Shellcode (32 bytes)
OpenBSD/x86 - Bind TCP Shell (6969/TCP) Shellcode (148 bytes)
OpenBSD/x86 - Add Root User (w00w00) Shellcode (112 bytes)
OSX/PPC - sync() + reboot() Shellcode (32 bytes)
OSX/PPC - Add user _r00t_ Shellcode (219 bytes)
OSX/PPC - Add Root User (r00t) Shellcode (219 bytes)
Solaris/SPARC - executes command after setreuid Shellcode (92+ bytes)
Solaris/SPARC - Reverse TCP XNOR Encoded Shell (44434/TCP) Shellcode (600 bytes) (Generator)
Solaris/SPARC - setreuid/execve Shellcode (56 bytes)
Solaris/SPARC - Bind 6666/TCP Shellcode (240 bytes)
Solaris/SPARC - setreuid + executes command Shellcode (92+ bytes)
Solaris/SPARC - Reverse TCP Shell (44434/TCP) XNOR Encoded Shellcode (600 bytes) (Generator)
Solaris/SPARC - setreuid + execve Shellcode (56 bytes)
Solaris/SPARC - Bind TCP Shell (6666/TCP) Shellcode (240 bytes)
Solaris/SPARC - Bind 6789/TCP Shellcode (228 bytes)
Solaris/SPARC - Reverse TCP Shell (192.168.1.4:5678/TCP) Shellcode (204 bytes)
Solaris/SPARC - Bind Shellcode (240 bytes)
Solaris/x86 - Bind TCP Shellcode (Generator)
Solaris/SPARC - Bind TCP /bin/sh (6789/TCP) Shellcode (228 bytes)
Solaris/SPARC - Reverse TCP /bin/sh Shell (192.168.1.4:5678/TCP) Shellcode (204 bytes)
Solaris/SPARC - Bind TCP Shell Shellcode (240 bytes)
Solaris/x86 - Bind TCP Shellcode (Generator)
Windows 5.0 < 7.0 x86 - Bind Shell 28876/TCP Null-Free Shellcode
Win32/XP SP2 (EN) - cmd.exe Shellcode (23 bytes)
Win32 - SEH Omelet Shellcode
Win32 - Bind 23/TCP Winexec Telnet Shellcode (111 bytes)
Win32 - PEB!NtGlobalFlags Shellcode (14 bytes)
Win32 XP SP2 (FR) - Sellcode cmd.exe Shellcode (32 bytes)
Win32/XP SP2 - cmd.exe Shellcode (57 bytes)
Win32 - PEB 'Kernel32.dll' ImageBase Finder Alphanumeric Shellcode (67 bytes)
Win32 - PEB 'Kernel32.dll' ImageBase Finder (ASCII Printable) Shellcode (49 bytes)
Win32 - ConnectBack + Download A File + Save + Execute Shellcode
Win32 - Download File + Execute Shellcode (Browsers Edition) (Generator) (275+ bytes)
Win32 - Download File + Execute Shellcode (192 bytes)
Win32 - Download File + Execute Shellcode (124 bytes)
Win32/NT/XP - IsDebuggerPresent Shellcode (39 bytes)
Win32 SP1/SP2 - Beep Shellcode (35 bytes)
Win32/XP SP2 - Pop up message box Shellcode (110 bytes)
Win32 - WinExec() Command Parameter Shellcode (104+ bytes)
Win32 - Download File + Execute Shellcode (226+ bytes)
Windows NT/2000/XP (Russian) - Add User 'slim' Shellcode (318 bytes)
Windows 5.0 < 7.0 x86 - Bind TCP Shell (28876/TCP) Null-Free Shellcode
Windows XP SP2 x86 (English) - cmd.exe Shellcode (23 bytes)
Windows x86 - SEH Omelet Shellcode
Windows x86 - Add Administrator User (GAZZA/123456) + Start Telnet Service Shellcode (111 bytes)
Windows x86 - PEB!NtGlobalFlags Shellcode (14 bytes)
Windows XP SP2 x86 (French) - Sellcode cmd.exe Shellcode (32 bytes)
Windows XP SP2 x86 - cmd.exe Shellcode (57 bytes)
Windows x86 - PEB _Kernel32.dll_ ImageBase Finder Alphanumeric Shellcode (67 bytes)
Windows x86 - PEB _Kernel32.dll_ ImageBase Finder (ASCII Printable) Shellcode (49 bytes)
Windows x86 - ConnectBack + Download A File + Save + Execute Shellcode
Windows x86 - Download File + Execute Shellcode (Browsers Edition) (275+ bytes) (Generator)
Windows x86 - Download File + Execute Shellcode (192 bytes)
Windows x86 - Download File + Execute Shellcode (124 bytes)
Windows NT/XP x86 - IsDebuggerPresent Shellcode (39 bytes)
Windows SP1/SP2 x86 - Beep Shellcode (35 bytes)
Windows XP SP2 x86 - Pop up message box Shellcode (110 bytes)
Windows x86 - WinExec() Command Parameter Shellcode (104+ bytes)
Windows x86 - Download File + Execute Shellcode (226+ bytes)
Windows NT/2000/XP (Russian) - Add Administartor User (slim/shady) Shellcode (318 bytes)
Windows XP/2000/2003 - Reverse TCP Shell (127.0.0.1:53) Shellcode (275 bytes) (Generator)
Windows XP/2000/2003 - Reverse TCP Shell (127.0.0.1:53) Shellcode (275 bytes) (Generator)
Windows XP - Download File + Execute Shellcode
Windows XP SP1 - Bind 58821/TCP Shellcode (116 bytes)
Windows XP - Download File + Execute Null-Free Shellcode
Windows XP SP1 - Bind TCP Shell (58821/TCP) Shellcode (116 bytes)
Win64 - (URLDownloadToFileA) Download + Execute Shellcode (218+ bytes)
Windows x64 - (URLDownloadToFileA) Download + Execute Shellcode (218+ bytes)
Linux/x86 - setuid(0) + cat /etc/shadow Shellcode (49 bytes)
Linux/x86 - chmod(/etc/shadow_ 0666) + exit() Shellcode (33 bytes)
Linux/x86 - setuid(0) + /bin/cat /etc/shadow Shellcode (49 bytes)
Linux/x86 - chmod 0666 /etc/shadow + exit() Shellcode (33 bytes)
Linux/x86 - overwrite MBR on /dev/sda with _LOL!' Shellcode (43 bytes)
Win32 XP SP3 - ShellExecuteA Shellcode
Linux/x86 - Pverwrite MBR on /dev/sda with _LOL!' Shellcode (43 bytes)
Windows XP SP3 x86 - ShellExecuteA Shellcode
Win32 XP SP3 - Add Firewall Rule to Allow 445/TCP Traffic Shellcode
FreeBSD/x86 - Bind 1337/TCP Shellcode (167 bytes)
Win32/XP SP2 - calc.exe Shellcode (45 bytes)
Windows XP SP3 x86 - Add Firewall Rule to Allow 445/TCP Traffic Shellcode
FreeBSD/x86 - Bind TCP /bin/sh Shell (1337/TCP) Shellcode (167 bytes)
Windows XP SP2 x86 - calc.exe Shellcode (45 bytes)
Win32/XP SP2 (EN + AR) - cmd.exe Shellcode (23 bytes)
Windows XP SP2 x86 (English / Arabic) - cmd.exe Shellcode (23 bytes)
Linux/x86 - break chroot Shellcode (79 bytes)
Linux/x86 - setuid + Break chroot (mkdir/chdir/chroot _..._) + execve /bin/sh Shellcode (79 bytes)
Linux/x86 - Append '/etc/passwd' + exit() Shellcode (107 bytes)
Linux/x86 - Add Root User (toor) To /etc/passwd + exit() Shellcode (107 bytes)
Win32 XP SP2 (FR) - calc Shellcode (19 bytes)
Windows XP SP2 x86 (French) - calc Shellcode (19 bytes)
Linux/x86 - bin/cat /etc/passwd Shellcode (43 bytes)
Win32 XP SP3 (English) - cmd.exe Shellcode (26 bytes)
Win32 XP SP2 (Turkish) - cmd.exe Shellcode (26 bytes)
Linux/x86 - /bin/sh Shellcode (8 bytes)
Linux/x86 - execve /bin/cat /etc/passwd Shellcode (43 bytes)
Windows XP SP3 x86 (English) - cmd.exe Shellcode (26 bytes)
Windows XP SP2 x86 (Turkish) - cmd.exe Shellcode (26 bytes)
Linux/x86 - execve /bin/sh Shellcode (8 bytes)
Linux/x86 - disabled modsecurity Shellcode (64 bytes)
Win32 - JITed Stage-0 Shellcode
Win32 - JITed exec notepad Shellcode
Windows XP Professional SP2 (ITA) - calc.exe Shellcode (36 bytes)
Win32 - Mini HardCode WinExec&ExitProcess Shellcode (16 bytes)
Linux/x86 - Disabled modsecurity Shellcode (64 bytes)
Windows x86 - JITed Stage-0 Shellcode
Windows x86 - JITed exec notepad Shellcode
Windows XP Professional SP2 (Italian) - calc.exe Shellcode (36 bytes)
Windows XP SP2 x86 - write.exe + ExitProcess WinExec Shellcode (16 bytes)
Win32/XP SP3 (RU) - WinExec+ExitProcess cmd Shellcode (12 bytes)
Win32 - MessageBox Shellcode (Metasploit)
Windows XP SP3 x86 (Russia) - cmd + ExitProcess WinExec Shellcode (12 bytes)
Windows x86 - MessageBox Shellcode (Metasploit)
Linux/x86 - Bind nc -lvve/bin/sh -p13377 Shellcode
Linux/x86 - chmod(_/etc/shadow__ 0666) Shellcode (36 bytes)
Linux/x86 - Bind Netcat Shell (13377/TCP) Shellcode
Linux/x86 - chmod 0666 /etc/shadow Shellcode (36 bytes)
Linux/x86 - chmod(_/etc/shadow__ 0777) Shellcode (33 bytes)
Linux/x86 - chmod(_/etc/shadow__ 0777) Shellcode (29 bytes)
Linux - write() + exit(0) Shellcode (Genearator With Customizable Text)
Linux/x86 - chmod 0777 /etc/shadow Shellcode (33 bytes)
Linux/x86 - chmod 0777 /etc/shadow Shellcode (29 bytes)
Linux - write() + exit(0) Shellcode (Generator)
Linux/x86 - Sends 'Phuck3d!' To All Terminals Shellcode (60 bytes)
Linux/x86 - Sends _Phuck3d!_ To All Terminals Shellcode (60 bytes)
Windows XP SP2 (FR) - Download File + Execute Shellcode
Windows XP SP2 (French) - Download File + Execute Shellcode
Linux/x86 - Disable randomize stack addresse Shellcode (106 bytes)
Linux/x86 - Disable ASLR Security Shellcode Shellcode (106 bytes)
Linux/x86 - setuid(0) + chmod(_/etc/shadow__ 0666) Polymorphic Shellcode (61 bytes)
Linux/x86 - change mode 0777 of '/etc/shadow' with sys_chmod syscall Shellcode (39 bytes)
Linux/x86 - setuid(0) + chmod 0666 /etc/shadow Polymorphic Shellcode (61 bytes)
Linux/x86 - (sys_chmod syscall) chmod 0777 /etc/shadow Shellcode (39 bytes)
Linux/x86 - change mode 0777 of '/etc/passwd' with sys_chmod syscall Shellcode (39 bytes)
Linux/x86 - (sys_chmod syscall) chmod 0777 /etc/passwd Shellcode (39 bytes)
Linux/x86 - Reverse Netcat Shell (8080/TCP) Shellcode (76 bytes)
Linux/x86 - Reverse Netcat Shell (8080/TCP) Shellcode (76 bytes)
Solaris/x86 - Sync() & reboot() + exit(0) Shellcode (48 bytes)
Solaris/x86 - Sync() + reboot() + exit(0) Shellcode (48 bytes)
Linux/x86 - Bind 31337/TCP + setreuid (0_0) Polymorphic Shellcode (131 bytes)
Linux/x86-64 - setuid(0) + chmod (_/etc/passwd__ 0777) & exit(0) Shellcode (63 bytes)
Linux/x86 - Bind TCP Shell (31337/TCP) + setreuid(0_0) Polymorphic Shellcode (131 bytes)
Linux/x86-64 - setuid(0) + chmod 0777 /etc/passwd + exit(0) Shellcode (63 bytes)
Windows XP SP3 (SPA) - URLDownloadToFileA + CreateProcessA + ExitProcess Shellcode (176+ bytes)
Windows XP SP3 (Spanish) - URLDownloadToFileA + CreateProcessA + ExitProcess Shellcode (176+ bytes)
Windows - WinExec cmd.exe + ExitProcess Shellcode (195 bytes)
Windows - cmd.exe + ExitProcess WinExec Shellcode (195 bytes)
Linux/x86 - /bin/sh Polymorphic Shellcode (116 bytes)
Linux/ARM - chmod(_/etc/shadow__ 0777) polymorphic Shellcode (84 bytes)
Linux/ARM - chmod(_/etc/shadow__ 0777) Shellcode (35 bytes)
Linux/x86 - execve /bin/sh Polymorphic Shellcode (116 bytes)
Linux/ARM - chmod 0777 /etc/shadow Polymorphic Shellcode (84 bytes)
Linux/ARM - chmod 0777 /etc/shadow Shellcode (35 bytes)
Linux/ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL); (XOR 88 encoded) Polymorphic Shellcode (78 bytes)
Linux/x86 - Bind Shell 64533 Shellcode (97 bytes)
Linux/ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL); XOR 88 Encoded Polymorphic Shellcode (78 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (64533/TCP) Shellcode (97 bytes)
Linux - setreuid(0_0) execve(_/bin/sh__NULL_NULL) XOR Encoded Shellcode (62 bytes)
Safari 4.0.5 - 5.0.0 (Windows XP/7) - JavaScript JITed exec calc (ASLR/DEP Bypass) Shellcode
Linux - Bind 6778/TCP (XOR Encoded) Polymorphic Shellcode (125 bytes)
Linux - Bind Shell (nc -lp 31337 -e /bin//sh) Polymorphic Shellcode (91 bytes)
ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL) Polymorphic Shellcode (Generator)
Linux - setreuid(0_0) + execve(_/bin/sh__NULL_NULL) XOR Encoded Shellcode (62 bytes)
Safari 4.0.5 < 5.0.0 (Windows XP/7) - JavaScript JITed exec calc (ASLR/DEP Bypass) Null-Free Shellcode
Linux - Bind TCP Shell (6778/TCP) XOR Encoded Polymorphic Shellcode (125 bytes)
Linux - Bind Netcat Shell (31337/TCP) Polymorphic Shellcode (91 bytes)
ARM - execve(_/bin/sh__ [_/bin/sh_]_ NULL) Polymorphic Shellcode (Generator)
Win32 - Write-to-file Shellcode (278 bytes)
Windows x86 - Write-to-file Null-Free Shellcode (278 bytes)
Linux/x86 - Bind Shell Netcat 8080/TCP Shellcode (75 bytes)
Linux/x86 - /bin/sh Polymorphic Null-Free Shellcode (46 bytes)
Windows XP SP3 English - MessageBoxA Shellcode (87 bytes)
BSD/x86 - Bind Shell 2525/TCP Shellcode (167 bytes)
Win32 - Checksum Routine Shellcode (18 bytes)
Linux/x86 - Bind Netcat (/bin/nc) /bin/sh Shell (8080/TCP) Shellcode (75 bytes)
Linux/x86 - execve /bin/sh Polymorphic Null-Free Shellcode (46 bytes)
Windows XP SP3 (English) - MessageBoxA Shellcode (87 bytes)
BSD/x86 - Bind TCP Shell (2525/TCP) Shellcode (167 bytes)
Windows x86 - Checksum Routine Shellcode (18 bytes)
Win32/XP SP3 (TR) - Add Administrator 'zrl' Shellcode (127 bytes)
Windows XP SP3 x86 (Turkish) - Add Administrator User (zrl/123456) Shellcode (127 bytes)
Win32/XP Professional SP3 (EN) x86 - Add New Local Administrator 'secuid0' Shellcode (113 bytes)
Win32 - Add New Local Administrator 'secuid0' Shellcode (326 bytes)
Windows XP Professional SP3 (English) x86 - Add Local Administrator User (secuid0/m0nk) Shellcode (113 bytes)
Windows x86 - Add Local Administrator User (secuid0/m0nk) Shellcode (326 bytes)
ARM - Bind Connect (68/UDP) + Reverse Shell (192.168.0.1:67/UDP) Shellcode
ARM - Loader Port 0x1337 Shellcode
ARM - ifconfig eth0 and Assign Address 192.168.0.2 Shellcode
ARM - Bind (68/UDP) + Reverse Shell (192.168.0.1:67/UDP) Shellcode
ARM - Loader (0x1337/TCP) Shellcode
ARM - ifconfig eth0 192.168.0.2 up Shellcode
ARM - Create a New User with UID 0 Shellcode (Metasploit) (Generator) (66+ bytes)
Win32 - Speaking 'You got pwned!' Shellcode
FreeBSD/x86 - connect back Shellcode (81 bytes)
BSD/x86 - Bind Shell 31337/TCP + fork Shellcode (111 bytes)
Win32 - eggsearch Shellcode (33 bytes)
Linux/SuperH (sh4) - setuid(0) + chmod(_/etc/shadow__ 0666) + exit(0) Shellcode (43 bytes)
Linux/x86 - Bind Shell Netcat 6666/TCP Shellcode (69 bytes)
OSX/Intel (x86-64) - Reverse TCP Shell (FFFFFFFF:4444/TCP) Shellcode (131 bytes)
Windows - WinExec Add New Local Administrator 'RubberDuck' + ExitProcess Shellcode (279 bytes)
Linux/x86 - ASLR deactivation Shellcode (83 bytes)
Windows - Download File + Execute via DNS (IPv6) Shellcode (Generator) (Metasploit)
Linux/x86 - Reverse TCP SSL Shell (localhost:8080) Shellcode (422 bytes)
ARM - Add Root User Shellcode (Metasploit) (66+ bytes) (Generator)
Windows 5.0 < 7.0 x86 - Speaking _You got pwned!_ Null-Free Shellcode
FreeBSD/x86 - Reverse TCP /bin/sh Shell (127.0.0.1:1337/TCP) Shellcode (81 bytes) (Generator)
BSD/x86 - Bind TCP Shell (31337/TCP) + fork Shellcode (111 bytes)
Windows x86 - eggsearch Shellcode (33 bytes)
Linux/SuperH (sh4) - setuid(0) + chmod 0666 /etc/shadow + exit(0) Shellcode (43 bytes)
Linux/x86 - Bind Netcat (/usr/bin/netcat) /bin/sh Shell (6666/TCP) + Polymorphic XOR Encoded Shellcode (69 bytes)
OSX/Intel (x86-64) - Reverse TCP /bin/sh Shell (FFFFFFFF:4444/TCP) Shellcode (131 bytes)
Windows - Add Local Administrator User (RubberDuck/mudbath) + ExitProcess WinExec Shellcode (279 bytes)
Linux/x86 - Disable ASLR Security Shellcode (83 bytes)
Windows - Download File + Execute via DNS (IPv6) Shellcode (Generator) (Metasploit)
Linux/x86 - Reverse TCP SSL Shell (localhost:8080) Shellcode (422 bytes)
Win32/PerfectXp-pc1/SP3 (TR) - Add Administrator 'kpss' Shellcode (112 bytes)
Linux/x86 - Egghunter Shellcode (29 bytes)
Windows PerfectXp-pc1/SP3 x86 (Turkish) - Add Administrator User (kpss/12345) Shellcode (112 bytes)
Linux/x86 - Egghunter Null-Free Shellcode (29 bytes)
Linux/MIPS - XOR Encoder Shellcode (Generator) (60 bytes)
Linux/SuperH (sh4) - setuid(0) ; execve(_/bin/sh__ NULL_ NULL) Shellcode (27 bytes)
Linux/MIPS - XOR Encoder Shellcode (60 bytes) (Generator)
Linux/SuperH (sh4) - setuid(0); + execve(_/bin/sh__ NULL_ NULL) Shellcode (27 bytes)
Linux/MIPS - Add User(UID 0) (rOOt/'pwn3d) Shellcode (164 bytes)
Linux/MIPS - Add Root User (rOOt/pwn3d) Shellcode (164 bytes)
Linux/MIPS - Connectback Shellcode (port 0x7a69) (168 bytes)
Linux/MIPS - Reverse TCP Shell (0x7a69/TCP) Shellcode (168 bytes)
Linux/x86 - setuid(0) + setgid(0) + Add User (iph) To /etc/passwd Polymorphic Shellcode
Linux/x86 - setuid(0) + setgid(0) + Add Root User (iph) To /etc/passwd Polymorphic Shellcode
Linux/x86-64 - Add User (t0r/Winner) Shellcode (189 bytes)
Linux/x86-64 - Add Root User (t0r/Winner) Shellcode (189 bytes)
Linux/ARM (Raspberry Pi) - Reverse TCP Shell (10.1.1.2:0x1337/TCP) Shellcode (72 bytes)
Linux/ARM (Raspberry Pi) - Reverse TCP /bin/sh Shell (10.1.1.2:0x1337/TCP) Shellcode (72 bytes)
Linux/ARM (Raspberry Pi) - chmod(_/etc/shadow__ 0777) Shellcode (41 bytes)
Linux/ARM (Raspberry Pi) - chmod 0777 /etc/shadow Shellcode (41 bytes)
Windows XP Professional SP3 - Full ROP calc Shellcode (428 bytes)
Windows x64 - Bind TCP Shell Shellcode (508 bytes)
Windows XP Professional SP3 - calc Full ROP Shellcode (428 bytes)
Windows x64 - Bind TCP Shell (4444/TCP) Shellcode (508 bytes)
Cisco ASA - Authentication Bypass 'EXTRABACON' (Improved Shellcode) (69 bytes)
Cisco ASA - Authentication Bypass _EXTRABACON_ (Improved Shellcode) (69 bytes)
Windows RT ARM - Bind Shell 4444/TCP Shellcode
Windows RT ARM - Bind TCP Shell (4444/TCP) Shellcode
Windows - Messagebox Shellcode (113 bytes)
Linux/MIPS (Little Endian) - Reverse TCP Shell (192.168.1.177:31337/TCP) Shellcode (200 bytes)
Windows 7 x86 - Bind Shell 4444/TCP Shellcode (357 Bytes)
Windows - Add Administrator 'BroK3n' Shellcode (194 bytes)
Windows - Messagebox Null-FreeShellcode (113 bytes)
Linux/MIPS (Little Endian) - Reverse TCP /bin/sh Shell (192.168.1.177:31337/TCP) Shellcode (200 bytes)
Windows 7 x86 - Bind TCP Shell (4444/TCP) Shellcode (357 Bytes)
Windows - Add Administrator User (BroK3n/BroK3n) Null-Free Shellcode (194 bytes)
Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add New Root User (ALI/ALI) + Execute /bin/sh Shellcode (378 bytes)
Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add New Root User (ALI/ALI) + setreuid + Execute /bin/bash Obfuscated Shellcode (521 bytes)
Linux/x86-64 - Reverse TCP Shell (127.1.1.1:6969/TCP) Shellcode (139 bytes)
Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add Root User (ALI/ALI) + Execute /bin/sh Shellcode (378 bytes)
Linux/x86 - chmod 777 (/etc/passwd + /etc/shadow) + Add Root User (ALI/ALI) + setreuid + Execute /bin/bash Obfuscated Shellcode (521 bytes)
Linux/x86-64 - Reverse TCP /bin/bash Shell (127.1.1.1:6969/TCP) Shellcode (139 bytes)
Linux/x86-64 - Bind TCP Password (Z~r0) Shell (4444/TCP) Shellcode (81/96 bytes)
Linux/x86-64 - Reverse TCP Password (Z~r0) Shell (127.0.0.1:4444/TCP) Shellcode (77-85/90-98 bytes)
Windows x86 - Add Administrator 'ALI' + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes)
Windows x64 - Add Administrator 'ALI' + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes)
Linux/x86-64 - Bind TCP /bin/sh Shell (4444/TCP) + Password (Z~r0) Null-Free Shellcode (81/96 bytes)
Linux/x86-64 - Reverse TCP Password (Z~r0) /bin/sh Shell (127.0.0.1:4444/TCP) Null-Free + Null-Mask Shellcode (77-85/90-98 bytes)
Windows x86 - Add Administrator User (ALI/ALI) + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes)
Windows x64 - Add Administrator User (ALI/ALI) + Add To RDP Group + Enable RDP From Registry + STOP Firewall + Auto Start Terminal Service Obfuscated Shellcode (1218 bytes)
Windows XP x86-64 - Download File + Execute Shellcode (Generator)
Linux/MIPS (Little Endian) - Chmod 666 /etc/shadow Shellcode (55 bytes)
Linux/MIPS (Little Endian) - Chmod 666 /etc/passwd Shellcode (55 bytes)
Windows XP x86-64 - Download File + Execute Shellcode (Generator)
Linux/MIPS (Little Endian) - chmod 666 /etc/shadow Shellcode (55 bytes)
Linux/MIPS (Little Endian) - chmod 666 /etc/passwd Shellcode (55 bytes)
Linux/x86 - execve(_/bin/sh_) (ROT13 Encoded) Shellcode (68 bytes)
Linux/x86 - chmod 0777 /etc/shadow obfuscated Shellcode (84 bytes)
Linux/x86 - execve(_/bin/sh_) ROT13 Encoded Shellcode (68 bytes)
Linux/x86 - chmod 0777 /etc/shadow Obfuscated Shellcode (84 bytes)
Linux/x86 - Reverse TCP Shell (192.168.1.133:33333) Shellcode (72 bytes)
Linux/x86 - Bind Shell 33333/TCP Shellcode (96 bytes)
Linux/x86 - Disable ASLR Shellcode (84 bytes)
Linux/x86 - Reverse TCP /bin/sh Shell (192.168.1.133:33333) Shellcode (72 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (33333/TCP) Shellcode (96 bytes)
Linux/x86 - Disable ASLR Security Shellcode (84 bytes)
Linux/x86 - Typewriter Shellcode (Generator)
Linux/x86 - Create 'my.txt' Working Directory Shellcode (37 bytes)
Linux/x86 - Typewriter Shellcode (Generator)
Linux/x86 - Create _my.txt_ In Working Directory Shellcode (37 bytes)
Win32/XP SP3 - Create ('file.txt') Shellcode (83 bytes)
Win32/XP SP3 - Restart computer Shellcode (57 bytes)
Linux/x86 - custom execve Shellcode (Encoder/Decoder) (Generator)
Windows XP SP3 x86 - Create (_file.txt_) Shellcode (83 bytes)
Windows XP SP3 x86 - Restart Computer Shellcode (57 bytes)
Linux/x86 - Custom execve Shellcode (Encoder/Decoder) (Generator)
Linux/x86 - Bind Shell /bin/nc -le /bin/sh -vp 17771 Shellcode (58 bytes)
Linux/x86 - Bind Netcat (/bin/nc) /bin/sh Shell (17771/TCP) Shellcode (58 bytes)
Linux/x86 - chmod() 777 /etc/shadow + exit() Shellcode (33 bytes)
Linux/x86 - execve /bin/sh Shellcode (2) (21 bytes)
Linux/x86 - chmod 777 /etc/shadow + exit() Shellcode (33 bytes)
Linux/x86 - execve /bin/sh Shellcode (21 bytes)
Linux/x86 - Bind Shell Netcat 5555/TCP Shellcode (60 bytes)
Linux/x86-64 - execve(/bin/sh) Shellcode (30 bytes)
Linux/x86 - Bind Netcat Shell (5555/TCP) Shellcode (60 bytes)
Linux/x86-64 - execve(/bin/sh) Null-Free Shellcode (30 bytes)
Linux/x86 - chmod('/etc/passwd'_0777) Shellcode (42 bytes)
Linux/x86 - chmod('/etc/gshadow') Shellcode (37 bytes)
Linux/x86 - chmod('/etc/shadow'_'0777') Shellcode (42 bytes)
Linux/x86 - exec('/bin/dash') Shellcode (45 bytes)
Linux/x86 - chmod 0777 /etc/passwd Shellcode (42 bytes)
Linux/x86 - chmod /etc/gshadow Shellcode (37 bytes)
Linux/x86 - chmod 0777 /etc/shadow Shellcode (42 bytes)
Linux/x86 - exec(_/bin/dash_) Shellcode (45 bytes)
Linux/x86 - /bin/sh (ROT7 Encoded) Shellcode
Win32/XP SP3 (TR) - MessageBox Shellcode (24 bytes)
Linux/x86 - execve /bin/sh ROT7 Encoded Shellcode
Windows XP SP3 x86 (Turkish) - MessageBox Shellcode (24 bytes)
Windows x86 - user32!MessageBox 'Hello World!' Null-Free Shellcode (199 bytes)
Linux/x86 - /bin/sh (ROL/ROR Encoded) Shellcode
Windows x86 - user32!MessageBox _Hello World!_ Null-Free Shellcode (199 bytes)
Linux/x86 - execve /bin/sh ROL/ROR Encoded Shellcode
OSX/x86-64 - /bin/sh Null-Free Shellcode (34 bytes)
Mainframe/System Z - Bind Shell 12345/TCP Shellcode (2488 bytes)
OSX/x86-64 - execve /bin/sh Null-Free Shellcode (34 bytes)
Mainframe/System Z - Bind TCP Shell (12345/TCP) Null-Free Shellcode (2488 bytes)
Linux/x86 - Create file with permission 7775 + exit Shellcode (Generator)
Linux/x86 - Create File With Permission 7775 + exit Shellcode (Generator)
OSX/x86-64 - Bind 4444/TCP Null-free Shellcode (144 bytes)
Linux/x86-64 - /bin/sh Shellcode (34 bytes)
Google Android - Telnetd Port 1035 with Parameters Shellcode (248 bytes)
OSX/x86-64 - Bind TCP /bin/sh Shell (4444/TCP) Null-Free Shellcode (144 bytes)
Linux/x86-64 - execve /bin/sh Shellcode (34 bytes)
Google Android - Bind Telnetd Shell (1035/TCP) + Environment / Parameters Shellcode (248 bytes)
Linux/x86-64 - Bind TCP Password (1234) Shell (31173/TCP) Shellcode (92 bytes)
Linux/x86-64 - Bind TCP /bin/sh Password (1234) Shell (31173/TCP) Shellcode (92 bytes)
Windows XP < 10 - WinExec Null-Free Shellcode (Generator) (Python)
Linux/x86-64 - Bind 4444/TCP Shellcode (103 bytes)
Linux/x86-64 - Bind TCP Password (hack) Shell (4444/TCP) Shellcode (162 bytes)
Windows XP < 10 - WinExec Null-Free Shellcode (Generator)
Linux/x86-64 - Bind TCP /bin/sh Shell (4444/TCP) Null-Free Shellcode (103 bytes)
Linux/x86-64 - Bind TCP /bin/sh Password (hack) Shell (4444/TCP) Null-Free Shellcode (162 bytes)
Linux/x86-64 - Reverse TCP Password (hack) Shell (127.0.0.1:4444/TCP) Shellcode (151 bytes)
Linux/x86-64 - Reverse TCP Password (hack) /bin/sh Shell (127.0.0.1:4444/TCP) Null-Free Shellcode (151 bytes)
Linux/x86-64 - execve (xor/not/div Encoded) Shellcode (54 bytes)
Linux/x86-64 - execve XOR/NOT/DIV Encoded Shellcode (54 bytes)
Linux x86/x86-64 - Bind 4444/TCP Shellcode (251 bytes)
Linux x86/x86-64 - Bind Shell (4444/TCP) Shellcode (251 bytes)
Linux/x86-64 - Reverse TCP Password (hack) Polymorphic Shell (127.0.0.1:4444/TCP) Shellcode (122 bytes)
Linux/x86-64 - Reverse TCP Password (hack) Polymorphic Shell (127.0.0.1:4444/TCP) Shellcode (135 bytes)
Linux/x86-64 - Reverse TCP Password (hack) /bin/sh Shell (127.0.0.1:4444/TCP) Polymorphic Shellcode (122 bytes)
Linux/x86-64 - Reverse TCP Password (hack) Shell (127.0.0.1:4444/TCP) Polymorphic Shellcode (135 bytes)
Linux/ARM - Connect back to 10.0.0.10:1337 with /bin/sh Shellcode (95 bytes)
Linux/ARM - Reverse TCP /bin/sh Shell (10.0.0.10:1337/TCP) Shellcode (95 bytes)
Linux/x86-64 - Bind 5600/TCP Shellcode (81 bytes)
Linux/x86-64 - Bind TCP Shell (5600/TCP) Shellcode (81 bytes)
Linux/x86-64 - Bind 5600/TCP Shellcode (86 bytes)
Linux/x86-64 - Bind TCP Shell (5600/TCP) Shellcode (86 bytes)
Linux/x86 - Reverse TCP Shell (::ffff:192.168.64.129:1472/TCP) (IPv6) Shellcode (159 bytes)
Linux/x86 - Bind 1472/TCP Shell (IPv6) Shellcode (1250 bytes)
Linux/x86 - Reverse TCP /bin/sh Shell (::ffff:192.168.64.129:1472/TCP) (IPv6) Shellcode (159 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (1472/TCP) (IPv6) Shellcode (1250 bytes)
Win32 .Net Framework - Execute Native x86 Shellcode
Linux/x86-64 - Bind 1472/TCP Shell (IPv6) Shellcode (199 bytes)
Linux/x86-64 - Reverse TCP Shell (192.168.209.131:1472/TCP) (IPv6) Shellcode (203 bytes)
Windows .Net Framework x86 - Execute Native x86 Shellcode
Linux/x86-64 - Bind TCP /bin/sh Shell (1472/TCP) (IPv6) Shellcode (199 bytes)
Linux/x86-64 - Reverse TCP /bin/sh Shell (192.168.209.131:1472/TCP) (IPv6) Shellcode (203 bytes)
Linux/x86 - Bind Shell 1234/TCP (Configurable Port) Shellcode (87 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (1234/TCP) Shellcode (87 bytes) (Generator)
Linux/x86 - Bind Shell 4444/TCP Shellcode (656 bytes)
Linux/x86-64 - execve (XOR Encoded) Shellcode (84 bytes)
Linux/Windows/BSD x86-64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes)
Linux/x86 - Bind TCP /bin/bash Shell (4444/TCP) Shellcode (656 bytes)
Linux/x86-64 - execve XOR Encoded Shellcode (84 bytes)
BSD / Linux / Windows x86/x86-64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes)
Linux/x86 - Bind Shell /bin/nc -le /bin/sh -vp13337 Shellcode (56 bytes)
Linux/x86 - Bind Netcat (/bin/nc) /bin/sh Shell (13337/TCP) Shellcode (56 bytes)
Linux/x86 - /bin/sh + ASLR Bruteforce Shellcode
Linux/x86-64 - /etc/passwd File Sender Shellcode (164 bytes)
Linux/x86-64 - Bind Netcat Shellcode (64 bytes)
Linux/x86 - Bind Shell 4444/TCP Shellcode (98 bytes)
Linux/x86-64 - Bind Ncat (4442/TCP) Shell / SSL / Multi-Channel (4444/TCP-4447/TCP) / Persistant / Fork / IPv4/6 / Password Shellcode (176 bytes)
Linux/x86 - Reverse TCP Shell (192.168.227.129:4444) Shellcode (75 bytes)
Linux/x86-64 - Reverse TCP Shell (10.1.1.4/TCP) / Continuously Probing via Socket / Port-Range (391-399) / Password (la crips) Shellcode (172 bytes)
Linux/x86 - execve /bin/sh + ASLR Bruteforce Shellcode
Linux/x86-64 - Reverse TCP cat /etc/passwd (192.168.86.128:1472/TCP) Shellcode (164 bytes)
Linux/x86-64 - Bind Netcat Shell Null-Free Shellcode (64 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (4444/TCP) Shellcode (98 bytes)
Linux/x86-64 - Bind Ncat Shell (4442/TCP) / SSL / Multi-Channel (4444-4447/TCP) / Persistant / Fork / IPv4/6 / Password Null-Free Shellcode (176 bytes)
Linux/x86 - Reverse TCP /bin/sj Shell (192.168.227.129:4444) Shellcode (75 bytes)
Linux/x86-64 - Reverse TCP Shell (10.1.1.4/TCP) / Continuously Probing via Socket / Port-Range (391-399) / Password (la crips) Null-Free Shellcode (172 bytes)
Linux/x86-64 - Bind TCP (4442/TCP) Shell / Syscall Persistent / Multi-Terminal (4444/TCP-4447/TCP) / Password (la crips) / Daemon Shellcode (83/148/177 bytes)
Linux/CRISv32 - Axis Communication Connect Back Shellcode (189 bytes)
Linux/x86-64 - Bind TCP Shell (4442/TCP) / Syscall Persistent / Multi-Terminal (4444-4447/TCP) / Password (la crips) / Daemon Shellcode (83/148/177 bytes)
Linux/CRISv32 - Axis Communication - Reverse TCP /bin/sh Shell (192.168.57.1:443/TCP) Shellcode (189 bytes)
Linux/x86 - Bind Netcat 98/TCP + UDP Shellcode (44/52 bytes)
Linux/x86 - Bind zsh 9090/TCP Shellcode (96 bytes)
Linux/x86 - Reverse TCP ZSH (127.255.255.254:9090/TCP) Shellcode (80 bytes)
Linux/x86 - Bind Netcat Shell (98/TCP + UDP) Shellcode (44/52 bytes)
Linux/x86 - Bind TCP /bin/zsh Shell (9090/TCP) Shellcode (96 bytes)
Linux/x86 - Reverse TCP /bin/zsh Shell (127.255.255.254:9090/TCP) Shellcode (80 bytes)
Windows x64 - WinExec() Shellcode (93 bytes)
Windows x64 - cmd.exe WinExec() Shellcode (93 bytes)
Linux/x86-64 - /bin/sh -c reboot Shellcode (89 bytes)
Linux/x86-64 - execve /bin/sh -c reboot Shellcode (89 bytes)
Linux/x86 - Reverse Netcat + mkfifo (-e option disabled) Shell (localhost:9999) Shellcode (180 bytes)
Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode (72 bytes)
Linux/x86 - Reverse Netcat + mkfifo (-e option disabled) Shell (localhost:9999) Shellcode (180 bytes)
Linux/x86 - execve /bin/bash -c Arbitrary Command Execution Null-Free Shellcode (72 bytes)
Linux/x86-64 - Bind 5600/TCP - Shellcode (87 bytes)
Linux/x86-64 - Bind TCP Shell (5600/TCP) Shellcode (87 bytes)
Linux - Reverse TCP Multi/Dual Mode Shell Shellcode (Genearator) (129 bytes)
Linux/x86 - Reverse TCP Alphanumeric Staged Shell (127.0.0.1:4444/TCP) Shellcode (103 bytes)
Linux - Bind Shell Dual/Multi Mode Shellcode (156 bytes)
Linux - Reverse TCP Multi/Dual Mode Shell Shellcode (129 bytes) (Generator)
Linux/x86 - Reverse TCP /bin/sh Alphanumeric Staged Shell (127.0.0.1:4444/TCP) Shellcode (103 bytes)
Linux - Bind TCP Dual/Multi Mode Shell Shellcode (156 bytes)
Linux/x86-64 - Reverse TCP Shell (127.0.0.1:4444/TCP) Shellcode (65 bytes)
Linux/x86-64 - Reverse TCP /bin/sh Shell (127.0.0.1:4444/TCP) Shellcode (65 bytes)
Windows x86 - Executable Directory Search Shellcode (130 bytes)
Windows x86 - Executable Directory Search Null-Free Shellcode (130 bytes)
Linux/x86-64 - Flush IPTables Polymorphic Shellcode (47 bytes)
Linux/x86-64 - Flush IPTables Rules (/sbin/iptables -F) Polymorphic Shellcode (47 bytes)
Linux/x86-64 - Reverse Netcat Polymorphic Shell (127.0.0.1:1234) Shellcode (106 bytes)
Linux/x86-64 - Reverse Netcat Shell (127.0.0.1:1234) Polymorphic Shellcode (106 bytes)
Linux/x86 - Bind Shell Shellcode (44 bytes)
Linux/x86 - Bind TCP /bin/sh Random Port Shell Shellcode (44 bytes)
Linux/x86 - Reverse TCP Shell (127.1.1.1:11111/TCP) Shellcode (67 bytes)
Linux/x86 - Reverse /bin/bash Shell (192.168.3.119:54321) Shellcode (110 bytes)
Linux/x86 - Reverse TCP Shell (127.1.1.1:11111/TCP) Null-Free Shellcode (67 bytes)
Linux/x86 - Reverse TCP /bin/bash Shell (192.168.3.119:54321) Shellcode (110 bytes)
Linux/x86 - Disable ASLR Shellcode (80 bytes)
Linux/x86-64 - Reverse TCP Shell (::1:1472/TCP) (IPv6) Shellcode (113 bytes)
Linux/x86 - Disable ASLR Security Shellcode (80 bytes)
Linux/x86-64 - Reverse TCP Shell (::1:1472/TCP) (IPv6) Null-Free Shellcode (113 bytes)
Linux/x86-64 - /bin/sh Shellcode (31 bytes)
Linux/x86 - execve(/bin/sh) setuid(0) setgid(0) (XOR Encoded) Shellcode (66 bytes)
Linux/x86-64 - execve /bin/sh Shellcode (31 bytes)
Linux/x86 - execve(/bin/sh) + setuid(0) + setgid(0) XOR Encoded Shellcode (66 bytes)
Linux/x86 - Reverse UDP Shell (127.0.0.1:53/UDP) Shellcode (668 bytes)
Linux/x86 - Bind Shell 4444/TCP Shellcode (75 bytes)
Linux/x86 - Reverse UDP /bin/sh Shell (127.0.0.1:53/UDP) Shellcode (668 bytes)
Linux/x86 - Bind TCP /bin/sh Shell (4444/TCP) Null-Free Shellcode (75 bytes)
Linux x86 - /bin/sh Shellcode (24 bytes)
Linux x86 - execve /bin/sh Shellcode (24 bytes)
Linux/x86_64 - kill All Processes Shellcode (19 bytes)
Linux/x86_64 - Kill All Processes Shellcode (19 bytes)
Php Cloud mining Script - Authentication Bypass
(Bitcoin / Dogecoin) PHP Cloud Mining Script - Authentication Bypass
2017-08-23 05:01:29 +00:00
Offensive Security
e4f4ca48ad
DB: 2017-08-22
...
16 new exploits
Easy DVD Creater 2.5.11 - Buffer Overflow (SEH)
FreeBSD/x86 - Bind 4883/TCP with Auth Shellcode (222 bytes)
FreeBSD/x86 - Bind TCP Password Shell (4883/TCP) Shellcode (222 bytes)
Cisco IOS - Bind Password Shellcode (116 bytes)
Cisco IOS - New TTY_ Privilege level to 15_ No password Shellcode
Cisco IOS/PowerPC - Bind Password (1rmp455) Shellcode (116 bytes)
Cisco IOS - New TTY / Privilege Level To 15 / No Password Shellcode
Linux/x86-64 - Connect Back Semi-Stealth Shellcode (88+ bytes)
Linux/x86-64 - Reverse TCP Semi-Stealth Shell Shellcode (88+ bytes) (Generator)
Linux/SPARC - connect back (192.168.100.1:2313) Shellcode (216 bytes)
Linux/SPARC - Reverse TCP Shell (192.168.100.1:2313/TCP) Shellcode (216 bytes)
Linux/x86 - Connectback 54321/UDP Live Packet Capture Shellcode (151 bytes)
Linux/x86 - Reverse UDP tcpdump (54321/UDP) Live Packet Capture Shellcode (151 bytes)
Linux/x86 - Connect back (140.115.53.35:9999) + Download a file (cb) + Execute Shellcode (149 bytes)
Linux/x86 - ConnectBack (140.115.53.35:9999/TCP) + Download A File (cb) + Execute Shellcode (149 bytes)
Linux/x86 - Connectback Port 8192.send.exit /etc/shadow Shellcode (155 bytes)
Linux/x86 - Writes A PHP connectback shell (/var/www/cb.php) To The Filesystem Shellcode (508 bytes)
Linux/x86 - Reverse TCP /etc/shadow (8192/TCP) Shellcode (155 bytes)
Linux/x86 - Reverse PHP (Writes to /var/www/cb.php On The Filesystem) Shell Shellcode (508 bytes)
Linux/x86 - SET_IP() Connectback (192.168.13.22:31337) Shellcode (82 bytes)
Linux/x86 - Reverse TCP Shell (192.168.13.22:31337) Shellcode (82 bytes) (Generator)
Linux/x86 - Connectback (127.0.0.1:80) (XOR Encoded) Shellcode (371 bytes)
Linux/x86 - Reverse TCP XOR Encoded Shell (127.0.0.1:80/TCP) Shellcode (371 bytes)
Linux/x86 - Bind Password 64713/TCP Shellcode (166 bytes)
Linux/x86 - Bind TCP Password (gotfault) Shell (64713/TCP) Shellcode (166 bytes)
Linux/x86 - Connectback 127.0.0.1:31337/TCP Shellcode (74 bytes)
Linux/x86 - Reverse TCP Shell (127.0.0.1:31337/TCP) Shellcode (74 bytes)
Linux/x86 - Connectback Shellcode (90 bytes)
Linux/x86 - Reverse TCP Shell Shellcode (90 bytes) (Generator)
Solaris/SPARC - connect-back (with XNOR encoded session) Shellcode (600 bytes)
Solaris/SPARC - Reverse TCP XNOR Encoded Shell (44434/TCP) Shellcode (600 bytes) (Generator)
Solaris/SPARC - connect-back Shellcode (204 bytes)
Solaris/SPARC - Reverse TCP Shell (192.168.1.4:5678/TCP) Shellcode (204 bytes)
Win32 - Connectback + receive + save + execute Shellcode
Win32 - ConnectBack + Download A File + Save + Execute Shellcode
Windows XP/2000/2003 - Overflow Connect Back Shellcode (275 bytes)
Windows XP/2000/2003 - Reverse TCP Shell (127.0.0.1:53) Shellcode (275 bytes) (Generator)
Linux/x86 - Netcat Connectback 8080/TCP Shellcode (76 bytes)
Linux/x86 - Reverse Netcat Shell (8080/TCP) Shellcode (76 bytes)
Linux/ARM - Add root user 'shell-storm' with password 'toor' Shellcode (151 bytes)
Linux/ARM - Add Root User (shell-storm/toor) Shellcode (151 bytes)
Linux/x86 - ConnectBack with SSL connection Shellcode (422 bytes)
Linux/SuperH (sh4) - Add root user 'shell-storm' with password 'toor' Shellcode (143 bytes)
Linux/x86 - Reverse TCP SSL Shell (localhost:8080) Shellcode (422 bytes)
Linux/SuperH (sh4) - Add Root User (shell-storm/toor) Shellcode (143 bytes)
Linux/MIPS - Add user(UID 0) 'rOOt' with password 'pwn3d' Shellcode (164 bytes)
Linux/MIPS - Add User(UID 0) (rOOt/'pwn3d) Shellcode (164 bytes)
Linux/x86-64 - Connect Back Shellcode (139 bytes)
Linux/x86-64 - Reverse TCP Shell (127.1.1.1:6969/TCP) Shellcode (139 bytes)
Linux/x86-64 - Bind TCP Password Shell (4444/TCP) Shellcode (81/96 bytes with password)
Linux/x86-64 - Reverse TCP Connect Shellcode (77-85/90-98 bytes with Password)
Linux/x86-64 - Bind TCP Password (Z~r0) Shell (4444/TCP) Shellcode (81/96 bytes)
Linux/x86-64 - Reverse TCP Password (Z~r0) Shell (127.0.0.1:4444/TCP) Shellcode (77-85/90-98 bytes)
Linux/x86-64 - Bind 31173/TCP Password Shellcode (92 bytes)
Linux/x86-64 - Bind TCP Password (1234) Shell (31173/TCP) Shellcode (92 bytes)
Linux/x86-64 - Bind 4444/TCP Password Shellcode (162 bytes)
Linux/x86-64 - Bind TCP Password (hack) Shell (4444/TCP) Shellcode (162 bytes)
Linux/x86-64 - Reverse TCP Password (hack) Polymorphic Shell (127.0.0.1:4444/TCP) Shellcode (1) (122 bytes)
Linux/x86-64 - Reverse TCP Password (hack) Polymorphic Shell (127.0.0.1:4444/TCP) Shellcode (122 bytes)
Linux/x86-64 - Ncat Shellcode (SSL_ MultiChannel_ Persistant_ Fork_ IPv4/6_ Password) (176 bytes)
Linux/x86-64 - Bind Ncat (4442/TCP) Shell / SSL / Multi-Channel (4444/TCP-4447/TCP) / Persistant / Fork / IPv4/6 / Password Shellcode (176 bytes)
Linux/x86-64 - Bind Shell / Syscall Persistent / Multi-terminal / Password / Daemon Shellcode (83/148/177 bytes)
Linux/x86-64 - Bind TCP (4442/TCP) Shell / Syscall Persistent / Multi-Terminal (4444/TCP-4447/TCP) / Password (la crips) / Daemon Shellcode (83/148/177 bytes)
Windows x64 - Bind Password (h271508F) 2493/TCP Shellcode (825 bytes)
Windows x64 - Bind TCP Password (h271508F) Shell (2493/TCP) Shellcode (825 bytes)
Linux/x86_64 - kill All Processes Shellcode (19 bytes)
Linux/x86_64 - Fork Bomb Shellcode (11 bytes)
Apache2Triad 1.5.4 - Multiple Vulnerabilities
Joomla! Component Flip Wall 8.0 - 'wallid' Parameter SQL Injection
Joomla! Component Sponsor Wall 8.0 - SQL Injection
PHP Classifieds Script 5.6.2 - SQL Injection
Affiliate Niche Script 3.4.0 - SQL Injection
PHP Coupon Script 6.0 - 'cid' Parameter SQL Injection
iTech Social Networking Script 3.08 - SQL Injection
Joomla! Component FocalPoint 1.2.3 - SQL Injection
Php Cloud mining Script - Authentication Bypass
Joomla! Component Ajax Quiz 1.8 - SQL Injection
PHP-Lance 1.52 - 'subcat' Parameter SQL Injection
PHP Jokesite 2.0 - 'joke_id' Parameter SQL Injection
PHPMyWind 5.3 - Cross-Site Scripting
2017-08-22 05:01:20 +00:00
Offensive Security
ce5d8c0fdd
DB: 2017-08-21
2017-08-21 05:01:20 +00:00
Offensive Security
dff4158a48
DB: 2017-08-20
2017-08-20 05:01:22 +00:00
Offensive Security
ab70fd48b8
DB: 2017-08-19
...
27 new exploits
Microsoft Edge Chakra - Uninitialized Arguments
Microsoft Edge Chakra - Uninitialized Arguments (1)
MyDoomScanner 1.00 - Local Buffer Overflow (PoC)
DSScan 1.0 - Local Buffer Overflow (PoC)
MessengerScan 1.05 - Local Buffer Overflow (PoC)
NoviFlow NoviWare <= NW400.2.6 - Multiple Vulnerabilities
Dive Assistant Template Builder 8.0 - XML External Entity Injection
Kolibri WebServer 2.0 - Buffer Overflow with EMET 5.0 and EMET 4.1 Partial Bypass
Kolibri WebServer 2.0 - Buffer Overflow (EMET 5.0 / EMET 4.1 Partial Bypass)
SpyCamLizard 1.230 - Buffer Overflow
Mozilla Firefox < 45.0 - 'nsHtml5TreeBuilder' Use-After-Free (EMET 5.52 Bypass)
BSD/x86 - setuid/portbind 31337/TCP Shellcode (94 bytes)
BSD/x86 - Bind Shell 31337/TCP + setuid(0) Shellcode (94 bytes)
BSD/x86 - Bind 31337/TCP Shellcode (83 bytes)
BSD/x86 - Bind Shell 31337/TCP Shellcode (83 bytes)
BSD/x86 - break chroot Shellcode (45 bytes)
BSD/x86 - Break chroot Shellcode (45 bytes)
BSD/x86 - connect torootteam.host.sk:2222 Shellcode (93 bytes)
BSD/x86 - Connect torootteam.host.sk:2222 Shellcode (93 bytes)
BSD/x86 - Reverse Portbind 6969/TCP Shellcode (129 bytes)
BSD/x86 - Reverse Shell 6969/TCP Shellcode (129 bytes)
FreeBSD/x86 - Reverse Portbind 127.0.0.1:8000 /bin/sh Shellcode (89 bytes)
FreeBSD/x86 - Reverse Shell 127.0.0.1:8000 /bin/sh Shellcode (89 bytes)
(Generator) - HTTP/1.x Requests Shellcode (18+ bytes / 26+ bytes)
(Generator) - HTTP/1.x Requests Shellcode (18+/26+ bytes)
Cisco IOS - Connectback Port 21 Shellcode
Cisco IOS - Connectback 21/TCP Shellcode
Linux/x86 - Reverse Telnet Shellcode (134 bytes)
Linux/x86 - Reverse Telnet Shell (200.182.207.235) Shellcode (134 bytes)
Windows 9x/NT/2000/XP - Reverse Generic without Loader Shellcode (249 bytes)
Windows 9x/NT/2000/XP - Reverse Generic without Loader (192.168.1.11:4919) Shellcode (249 bytes)
ARM - Bind Shell Port 0x1337 Shellcode
ARM - Bind Connect 68/UDP Shellcode
ARM - Bind Shell 0x1337/TCP Shellcode
ARM - Bind Connect 68/UDP (Reverse Shell 192.168.0.1:67/UDP) Shellcode
OSX/Intel (x86-64) - reverse_tcp shell Shellcode (131 bytes)
OSX/Intel (x86-64) - Reverse TCP Shell (FFFFFFFF:4444/TCP) Shellcode (131 bytes)
Windows - DNS Reverse Download and Exec Shellcode (Metasploit)
Windows - Reverse Download and Execute via DNS (IPv6) Shellcode (Metasploit)
Linux/ARM (Raspberry Pi) - reverse_shell (tcp_10.1.1.2_0x1337) Shellcode (72 bytes)
Linux/ARM (Raspberry Pi) - Reverse TCP Shell (10.1.1.2:0x1337/TCP) Shellcode (72 bytes)
Linux/x86 - Reverse TCP (192.168.1.10:31337) Shellcode (92 bytes)
Linux/x86 - Reverse TCP Shell (192.168.1.10:31337/TCP) Shellcode (92 bytes)
Windows x86 - Reverse Persistent TCP Shellcode (494 Bytes)
Windows x86 - Reverse TCP Persistent Shell (192.168.232.129:4444/TCP) Shellcode (494 Bytes)
Linux/x86-64 - Reverse TCP Password Prompt Shellcode (151 bytes)
Linux/x86-64 - Reverse TCP Password Prompt Shell (127.0.0.1:4444) Shellcode (151 bytes)
Linux x86/x86-64 - reverse_tcp (192.168.1.29:4444) Shellcode (195 bytes)
Linux x86/x86-64 - Reverse TCP Shell (192.168.1.29:4444/TCP) Shellcode (195 bytes)
Linux/x86-64 - shell_reverse_tcp Password Polymorphic Shellcode (1) (122 bytes)
Linux/x86-64 - shell_reverse_tcp Password Polymorphic Shellcode (2) (135 bytes)
Linux/x86-64 - Reverse TCP Password Polymorphic Shell (127.0.0.1:4444/TCP) Shellcode (1) (122 bytes)
Linux/x86-64 - Reverse TCP Password Polymorphic Shell (127.0.0.1:4444/TCP) Shellcode (2) (135 bytes)
Linux/x86 - Reverse TCP Shellcode (IPv6) (159 bytes)
Linux/x86 - Reverse TCP (IPv6) Shellcode (159 bytes)
Linux/x86-64 - Bind 1472/TCP Shellcode (IPv6) (199 bytes)
Linux/x86-64 - Reverse TCP Shellcode (IPv6) (203 bytes)
Linux/x86-64 - Bind 1472/TCP (IPv6) Shellcode (199 bytes)
Linux/x86-64 - Reverse TCP Shell (192.168.209.131:1472/TCP) (IPv6) Shellcode (203 bytes)
Linux/x86 - Bind Shell Configurable Port Shellcode (87 bytes)
Linux/x86-64 - Reverse TCP Shell Null-Free Shellcode (134 bytes)
Linux/x86 - Bind Shell 1234/TCP (Configurable Port) Shellcode (87 bytes)
Linux/x86-64 - Reverse TCP Shell (192.168.1.2:1234/TCP) Shellcode (134 bytes)
Linux/x86 - Reverse TCP Shellcode (75 bytes)
Linux/x86 - Reverse TCP Shell Shellcode (75 bytes)
Linux/x86-64 - Syscall Persistent Bind Shell / Multi-terminal / Password / Daemon Shellcode (83_ 148_ 177 bytes)
Linux/x86-64 - Syscall Persistent Bind Shell / Multi-terminal / Password / Daemon Shellcode (83/148/177 bytes)
Linux/x86-64 - Subtle Probing Reverse Shell / Timer_ Burst / Password / Multi-Terminal Shellcode (84_ 122_ 172 bytes)
Linux/x86-64 - Reverse TCP Shell (10.1.1.4:46357) / Subtle Probing / Timer / Burst / Password / Multi-Terminal Shellcode (84/122/172 bytes)
Linux/x86 - Bind Netcat with Port Shellcode (44/52 bytes)
Linux/x86 - Bind Netcat 98/TCP + UDP Shellcode (44/52 bytes)
Linux/x86 - Reverse ZSH 127.255.255.254:9090/TCP Shellcode (80 bytes)
Linux/x86 - Reverse TCP ZSH (127.255.255.254:9090/TCP) Shellcode (80 bytes)
Windows x86 - Reverse UDP Keylogger Shellcode (493 bytes)
Windows x64 - Reverse Shell TCP Shellcode (694 bytes)
Windows x86 - Reverse UDP Keylogger (www.example.com:4444/UDP) Shellcode (493 bytes)
Windows x64 - Reverse TCP Shell (192.168.232.129:4444/TCP) Shellcode (694 bytes)
Linux/x86-64 - Reverse TCP Shellcode (65 bytes)
Linux/x86-64 - Reverse TCP Shell (127.0.0.1:4444/TCP) Shellcode (65 bytes)
Linux/x86-64 - Reverse Shell Shellcode (84 bytes)
Windows x86 - Reverse TCP Staged Alphanumeric Shellcode (332 Bytes)
Linux/x86-64 - Reverse TCP Shell Shellcode (84 bytes)
Windows x86 - Reverse TCP Staged Alphanumeric Shell (127.0.0.1:4444/TCP) Shellcode (332 Bytes)
Linux/x86-64 - Reverse Netcat Shellcode (72 bytes)
Linux/x86-64 - Reverse Netcat (127.0.0.1:1337) Shellcode (72 bytes)
Linux/x86 - Reverse TCP Shellcode (67 bytes)
Linux/x86 - Reverse TCP Shell Shellcode (67 bytes)
Linux/x86-64 - Reverse Shell Shellcode (IPv6) (113 bytes)
Linux/x86-64 - Reverse TCP Shell (::1:1472/TCP) Shellcode (IPv6) (113 bytes)
Linux/x86_64 - execve(_/bin/sh_) Shellcode (24 bytes)
Linux/x86 - Reverse UDP Shellcode (668 bytes)
Linux/x86 - Bind Shell Shellcode (75 bytes)
Linux/x86_64 - Reverse Shell (192.168.1.8:4444) Shellcode (104 bytes)
Linux/x86-64 - execve(_/bin/sh_) Shellcode (24 bytes)
Linux/x86 - Reverse UDP Shell (127.0.0.1:53/UDP) Shellcode (668 bytes)
Linux/x86 - Bind Shell 4444/TCP Shellcode (75 bytes)
Linux/x86-64 - Reverse TCP Shell (192.168.1.8:4444/TCP) Shellcode (104 bytes)
Linux/x86-64 - Reverse TCP Shell (192.168.1.2:4444/TCP) Shellcode (153 bytes)
SOA School Management - SQL Injection
SOA School Management - 'view' Parameter SQL Injection
Sungard eTRAKiT3 <= 3.2.1.17 - SQL Injection
Food Ordering Script 1.0 - SQL Injection
LiveCRM 1.0 - SQL Injection
LiveSupport 1.0 - SQL Injection
LiveInvoices 1.0 - SQL Injection
LiveSales 1.0 - SQL Injection
LiveProjects 1.0 - SQL Injection
Symantec Messaging Gateway 10.6.3-2 - Unauthenticated root Remote Command Execution
Joomla! Component Appointment 1.1 - SQL Injection
Joomla! Component Twitch Tv 1.1 - SQL Injection
Joomla! Component KissGallery 1.0.0 - SQL Injection
Matrimony Script 2.7 - SQL Injection
eCardMAX 10.5 - SQL Injection
SOA School Management 3.0 - SQL Injection
Joomla! Component Zap Calendar Lite 4.3.4 - SQL Injection
Joomla! Component Calendar Planner 1.0.1 - SQL Injection
Joomla! Component SP Movie Database 1.3 - SQL Injection
DeWorkshop 1.0 - Arbitrary File Upload
QuantaStor Software Defined Storage < 4.3.1 - Multiple Vulnerabilities
2017-08-19 05:01:24 +00:00
Offensive Security
1a85ec2c87
DB: 2017-08-18
...
21 new exploits
Microsoft Office Products - Array Index Bounds Error (Unpatched) (PoC)
Microsoft Office Products - Array Index Bounds Error (PoC)
JAD java Decompiler 1.5.8g - (argument) Local Crash
JAD java Decompiler 1.5.8g - 'argument' Local Crash
Microsoft Edge Chakra - 'PreVisitCatch' Missing Call
Microsoft Edge Chakra - 'chakra!Js::GlobalObject' Integer overflow
Microsoft Edge Chakra - Buffer Overflow
Microsoft Edge Chakra - NULL Pointer Dereference
Microsoft Edge Chakra - Heap Buffer Overflow
Microsoft Edge Chakra - 'InterpreterStackFrame::ProcessLinkFailedAsmJsModule' Incorrectly Re-parses
Microsoft Edge Chakra - Incorrect Usage of 'PushPopFrameHelper' in 'InterpreterStackFrame::ProcessLinkFailedAsmJsModule'
Microsoft Edge Chakra - Incorrect Usage of 'TryUndeleteProperty'
Microsoft Edge Chakra - 'EmitAssignment' uses the 'this' Register Without Initializing
Microsoft Edge Chakra - Incorrect JIT Optimization with TypedArray Setter #2
Microsoft Edge Chakra - 'JavascriptArray::ConcatArgs' Type Confusion
Microsoft Edge Chakra - 'JavascriptFunction::EntryCall' Fails to Handle 'CallInfo' Properly
Microsoft Edge Chakra - Uninitialized Arguments
Microsoft Edge Chakra - Uninitialized Arguments (2)
Microsoft Edge Chakra - 'EmitNew' Integer Overflow
Microsoft Edge 40.15063.0.0 Chakra - Incorrect JIT Optimization with TypedArray Setter #3
Adobe Flash - Invoke Accesses Trait Out-of-Bounds
Microsoft Edge - Out-of-Bounds Access when Fetching Source
Audiotran 1.4.1 - Direct RET Buffer Overflow
Audiotran 1.4.1 - Buffer Overflow (Direct RET)
GSM SIM Utility 5.15 - Local Exploit Direct Ret ver
GSM SIM Utility 5.15 - Local Exploit (Direct RET)
DVD X Player 5.5.0 Pro / Standard - Universal Exploit (ASLR + DEP Bypass)
DVD X Player 5.5.0 Professional / Standard - '.plf' File Universal Exploit (ASLR + DEP Bypass)
CVS Kit CVS Server 1.10.8 - Checkin.prog Binary Execution
CVS Kit CVS Server 1.10.8 - 'Checkin.prog' Binary Execution
BlazeVideo HDTV Player 6.6 Professional - Direct Retn Exploit
Aviosoft Digital TV Player Professional 1.x - Direct Retn Exploit
BlazeVideo HDTV Player 6.6 Professional - Exploit (Direct Retn)
Aviosoft Digital TV Player Professional 1.x - '.PLF' Exploit (Direct Retn)
BlazeDVD 6.1 - PLF Exploit (DEP + ASLR Bypass) (Metasploit)
BlazeDVD 6.1 - '.PLF' File Exploit (DEP + ASLR Bypass) (Metasploit)
AudioCoder 0.8.22 - '.m3u' Direct Retn Buffer Overflow
AudioCoder 0.8.22 - '.m3u' Buffer Overflow (Direct Retn)
AudioCoder 0.8.22 - '.lst' Direct Retn Buffer Overflow
AudioCoder 0.8.22 - '.lst' Buffer Overflow (Direct Retn)
BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow (Direct Ret)
BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow (Direct RET)
BlazeDVD Pro 7.0 - '.plf' Buffer Overflow (SEH)
BlazeDVD Pro Player 7.0 - '.plf' Buffer Overflow (SEH)
BlazeDVD Pro 7.0 - '.plf' Stack Based Buffer Overflow (Direct RET)
BlazeDVD Pro Player 7.0 - '.plf' Stack Based Buffer Overflow (Direct RET)
Apple Mac OSX Install.Framework - SUID root Runner Binary Privilege Escalation
Apple Mac OSX Install.Framework - SUID Root Runner Binary Privilege Escalation
Xamarin Studio for Mac 6.2.1 (build 3)/6.3 (build 863) - Privilege Escalation
Xamarin Studio for Mac 6.2.1 (build 3) / 6.3 (build 863) - Privilege Escalation
RealVNC 4.1.0 < 4.1.1 - VNC Null Authentication Bypass (Patched EXE)
RealVNC 4.1.0 < 4.1.1 - VNC Null Authentication Bypass
Symphony 1.7.01 - (non-patched) Remote Code Execution
Symphony 1.7.01 (non-patched) - Remote Code Execution
Binary Board System 0.2.5 - reply.pl Multiple Parameter Cross-Site Scripting
Binary Board System 0.2.5 - stats.pl Multiple Parameter Cross-Site Scripting
Binary Board System 0.2.5 - toc.pl board Parameter Cross-Site Scripting
Binary Board System 0.2.5 - 'reply.pl' Multiple Parameter Cross-Site Scripting
Binary Board System 0.2.5 - 'stats.pl' Multiple Parameter Cross-Site Scripting
Binary Board System 0.2.5 - 'toc.pl' 'board' Parameter Cross-Site Scripting
Orchard 1.3.9 - 'ReturnUrl' Parameter URI redirection
Orchard 1.3.9 - 'ReturnUrl' Parameter URI Redirection
WebsitePanel - 'ReturnUrl' Parameter URI redirection
WebsitePanel - 'ReturnUrl' Parameter URI Redirection
Online Quiz Project 1.0 - SQL Injection
Photogallery Project 1.0 - SQL Injection
Doctor Patient Project 1.0 - SQL Injection
2017-08-18 05:01:20 +00:00
Offensive Security
d873f7500d
DB: 2017-08-17
...
1 new exploits
Microsoft Edge 38.14393.1066.0 - 'CInputDateTimeScrollerElement::_SelectValueInternal' Out-of-Bounds Read
2017-08-17 05:01:22 +00:00
Offensive Security
c76dbe0def
DB: 2017-08-16
...
4 new exploits
Microsoft Edge and Internet Explorer - 'HandleColumnBreakOnColumnSpanningElement' Type Confusion
Microsoft Edge / Internet Explorer - 'HandleColumnBreakOnColumnSpanningElement' Type Confusion
Microsoft Internet Explorer - 'textarea.defaultValue' Memory Disclosure (MS17-006)
Microsoft Internet Explorer 11 - 'textarea.defaultValue' Memory Disclosure (MS17-006)
ALLPlayer 7.4 - Buffer Overflow (SEH Unicode)
Internet Download Manager 6.28 Build 17 - Buffer Overflow (SEH Unicode)
Quali CloudShell 7.1.0.6508 (Patch 6) - Persistent Cross Site Scripting
Quali CloudShell 7.1.0.6508 (Patch 6) - Persistent Cross-Site Scripting
AdvanDate iCupid Dating Software 12.2 - SQL Injection
ClipBucket 2.8.3 - Multiple Vulnerabilities
2017-08-16 05:01:20 +00:00
Offensive Security
bc1dac1620
DB: 2017-08-15
...
3 new exploits
GetRight 5.2a - Skin File (.grs) Buffer Overflow
GetRight 5.2a - '.grs' Skin File Buffer Overflow
Tomabo MP4 Converter 3.19.15 - Denial of Service
Xamarin Studio for Mac 6.2.1 (build 3)/6.3 (build 863) - Privilege Escalation
Winamp 5.04 - Skin File (.wsz) Remote Code Execution
Winamp 5.04 - '.wsz' Skin File Remote Code Execution
PHP 4.3.9 + phpBB 2.x - 'Unserialize()' Remote Exploit (Compiled)
PHP 4.3.9 + phpBB 2.x - 'Unserialize()' Remote Exploit
Concrete5 < 5.4.2.1 - Multiple Vulnerabilities
Concrete5 CMS < 5.4.2.1 - Multiple Vulnerabilities
Concrete5 5.6.2.1 - 'index.php' 'cID' Parameter SQL Injection
Concrete5 CMS 5.6.2.1 - 'index.php' 'cID' Parameter SQL Injection
Concrete5 5.5.2.1 - Information Disclosure / SQL Injection / Cross-Site Scripting
Concrete5 CMS 5.5.2.1 - Information Disclosure / SQL Injection / Cross-Site Scripting
Concrete5 5.7.3.1 - 'Application::dispatch' Method Local File Inclusion
Concrete5 CMS 5.7.3.1 - 'Application::dispatch' Method Local File Inclusion
Quali CloudShell 7.1.0.6508 (Patch 6) - Persistent Cross Site Scripting
Concrete5 8.1.0 - 'Host' Header Injection
Concrete5 CMS 8.1.0 - 'Host' Header Injection
DALIM SOFTWARE ES Core 5.0 build 7184.1 - Cross-Site Scripting / Cross-Site Request
DALIM SOFTWARE ES Core 5.0 build 7184.1 - Cross-Site Scripting / Cross-Site Request Forgery
Red-Gate SQL Monitor < 3.10/4.2 - Authentication Bypass
Red-Gate SQL Monitor < 3.10 / 4.2 - Authentication Bypass
2017-08-15 05:01:22 +00:00
Offensive Security
26466c9d62
DB: 2017-08-14
...
1 new exploits
RealTime RWR-3G-100 Router - Cross-Site Request Forgery (Change Admin Password)
2017-08-14 05:01:19 +00:00
Offensive Security
89822ebf5d
DB: 2017-08-12
...
3 new exploits
DeWorkshop 1.0 - SQL Injection
De-Journal 1.0 - SQL Injection
De-Tutor 1.0 - SQL Injection
2017-08-12 05:01:21 +00:00
Offensive Security
e0d5ee5024
DB: 2017-08-11
...
11 new exploits
Microsoft Edge 38.14393.1066.0 - 'textarea.defaultValue' Memory Disclosure
WordPress Plugin WatuPRO 5.5.1 - SQL Injection
DALIM SOFTWARE ES Core 5.0 build 7184.1 - User Enumeration
DALIM SOFTWARE ES Core 5.0 build 7184.1 - Cross-Site Scripting / Cross-Site Request
DALIM SOFTWARE ES Core 5.0 build 7184.1 - Directory Traversal
DALIM SOFTWARE ES Core 5.0 build 7184.1 - Server-Side Request Forgery
WebFile Explorer 1.0 - Arbitrary File Download
ImageBay 1.0 - SQL Injection
GIF Collection 2.0 - SQL Injection
Piwigo Plugin User Tag 0.9.0 - Cross-Site Scripting
Red-Gate SQL Monitor < 3.10/4.2 - Authentication Bypass
2017-08-11 05:01:19 +00:00
Offensive Security
3a72c13375
DB: 2017-08-10
...
1 new exploits
Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098) (2)
2017-08-10 05:01:21 +00:00
Offensive Security