exploit-db-mirror

bpmcdevitt/exploit-db-mirror

Fork 0

Commit graph

Author	SHA1	Message	Date
Offensive Security	0ef7d9b9ec	DB: 2017-06-07 8 new exploits Wireshark 2.2.6 - IPv6 Dissector Denial of Service Wireshark 2.2.0 to 2.2.12 - ROS Dissector Denial of Service Apple Safari 10.1 - Spread Operator Integer Overflow Remote Code Execution Home Web Server 1.9.1 build 164 - Remote Code Execution Linux/x86-64 - /bin/sh Shellcode (31 bytes) Kronos Telestaff < 2.92EU29 - SQL Injection WordPress Plugin Tribulant Newsletters 4.6.4.2 - File Disclosure / Cross-Site Scripting Peplink Balance Routers 7.0.0-build1904 - SQL Injection / Cross-Site Scripting / Information Disclosure	2017-06-07 05:01:18 +00:00
Offensive Security	8f3ada9286	DB: 2017-05-05 3 new exploits Internet Explorer 11 - CMarkup::DestroySplayTree Use-After-Free Microsoft Internet Explorer 11 - 'CMarkup::DestroySplayTree' Use-After-Free Safari 10.0.3 - 'JSC::CachedCall' Use-After-Free WordPress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit WordPress 2.6.1 - SQL Column Truncation Admin Takeover Exploit WordPress Core & Plugins - Privileges Unchecked in admin.php / Multiple Information WordPress Core & MU & Plugins - Privileges Unchecked in 'admin.php' / Multiple Information Disclosures WordPress 2.8.1 - (url) Cross-Site Scripting WordPress 2.8.1 - 'url' Cross-Site Scripting WordPress 2.8.5 - Unrestricted Arbitrary File Upload / Arbitrary PHP Code Execution WordPress < 2.8.5 - Unrestricted Arbitrary File Upload / Arbitrary PHP Code Execution WordPress 3.0.3 - Persistent Cross-Site Scripting (Internet Explorer 6/7 NS8.1) WordPress 3.0.3 - Persistent Cross-Site Scripting (Internet Explorer 6/7 / NS8.1) Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - wp-comments-post.php Remote File Inclusion Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - wp-feed.php Remote File Inclusion Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - wp-trackback.php Remote File Inclusion Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - 'wp-comments-post.php' Remote File Inclusion Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - 'wp-feed.php' Remote File Inclusion Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - 'wp-trackback.php' Remote File Inclusion WordPress 2.x - PHP_Self Cross-Site Scripting WordPress < 2.1.2 - PHP_Self Cross-Site Scripting WordPress 4.7.0/4.7.1 Plugin Insert PHP - PHP Code Injection WordPress Plugin Insert PHP 3.3.1 - PHP Code Injection WordPress 4.6 - Unauthenticated Remote Code Execution WordPress < 4.7.4 - Unauthorized Password Reset	2017-05-05 05:01:18 +00:00
Offensive Security	3710b90d25	DB: 2017-02-24 6 new exploits macOS HelpViewer 10.12.1 - XSS Leads to Arbitrary File Execution and Arbitrary File Read Linux/x86-64 - Egghunter Shellcode (38 bytes) WordPress Plugin Mail Masta 1.0 - SQL Injection Joomla! Component Store for K2 3.8.2 - SQL Injection Joomla! Component UserExtranet 1.3.1 - SQL Injection Joomla! Component MultiTier 3.1 - SQL Injection	2017-02-24 05:01:18 +00:00

Author

SHA1

Message

Date

Offensive Security

0ef7d9b9ec

DB: 2017-06-07

8 new exploits

Wireshark 2.2.6 - IPv6 Dissector Denial of Service
Wireshark 2.2.0 to 2.2.12 - ROS Dissector Denial of Service
Apple Safari 10.1 - Spread Operator Integer Overflow Remote Code Execution
Home Web Server 1.9.1 build 164 - Remote Code Execution

Linux/x86-64 - /bin/sh Shellcode (31 bytes)
Kronos Telestaff < 2.92EU29 - SQL Injection
WordPress Plugin Tribulant Newsletters 4.6.4.2 - File Disclosure / Cross-Site Scripting
Peplink Balance Routers 7.0.0-build1904 - SQL Injection / Cross-Site Scripting / Information Disclosure

2017-06-07 05:01:18 +00:00

Offensive Security

8f3ada9286

DB: 2017-05-05

3 new exploits

Internet Explorer 11 - CMarkup::DestroySplayTree Use-After-Free
Microsoft Internet Explorer 11 - 'CMarkup::DestroySplayTree' Use-After-Free

Safari 10.0.3 - 'JSC::CachedCall' Use-After-Free

WordPress 2.6.1 - (SQL Column Truncation) Admin Takeover Exploit
WordPress 2.6.1 - SQL Column Truncation Admin Takeover Exploit

WordPress Core & Plugins - Privileges Unchecked in admin.php / Multiple Information
WordPress Core & MU & Plugins - Privileges Unchecked in 'admin.php' / Multiple Information Disclosures

WordPress 2.8.1 - (url) Cross-Site Scripting
WordPress 2.8.1 - 'url' Cross-Site Scripting

WordPress 2.8.5 - Unrestricted Arbitrary File Upload / Arbitrary PHP Code Execution
WordPress < 2.8.5 - Unrestricted Arbitrary File Upload / Arbitrary PHP Code Execution

WordPress 3.0.3 - Persistent Cross-Site Scripting (Internet Explorer 6/7 NS8.1)
WordPress 3.0.3 - Persistent Cross-Site Scripting (Internet Explorer 6/7 / NS8.1)
Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - wp-comments-post.php Remote File Inclusion
Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - wp-feed.php Remote File Inclusion
Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - wp-trackback.php Remote File Inclusion
Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - 'wp-comments-post.php' Remote File Inclusion
Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - 'wp-feed.php' Remote File Inclusion
Joomla! Plugin JD-WordPress 2.0-1.0 RC2 - 'wp-trackback.php' Remote File Inclusion

WordPress 2.x - PHP_Self Cross-Site Scripting
WordPress < 2.1.2  - PHP_Self Cross-Site Scripting

WordPress 4.7.0/4.7.1 Plugin Insert PHP - PHP Code Injection
WordPress Plugin Insert PHP 3.3.1 - PHP Code Injection
WordPress 4.6 - Unauthenticated Remote Code Execution
WordPress < 4.7.4 - Unauthorized Password Reset

2017-05-05 05:01:18 +00:00

Offensive Security

3710b90d25

DB: 2017-02-24

6 new exploits

macOS HelpViewer 10.12.1 - XSS Leads to Arbitrary File Execution and Arbitrary File Read

Linux/x86-64 - Egghunter Shellcode (38 bytes)
WordPress Plugin Mail Masta 1.0 - SQL Injection
Joomla! Component Store for K2 3.8.2 - SQL Injection
Joomla! Component UserExtranet 1.3.1 - SQL Injection
Joomla! Component MultiTier 3.1 - SQL Injection

2017-02-24 05:01:18 +00:00

3 commits