![]() 14 new exploits Drupal <= 4.5.3 & <= 4.6.1 Comments PHP Injection Exploit Drupal <= 4.5.3 & <= 4.6.1 - Comments PHP Injection Exploit phpBB 2.0.15 - Remote PHP Code Execution Exploit (metasploit) phpBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit vBulletin <= 3.0.6 (Template) Command Execution Exploit (metasploit) vBulletin <= 3.0.6 (Template) Command Execution Exploit (Metasploit WordPress <= 1.5.1.3 - Remote Code Execution eXploit (metasploit) WordPress <= 1.5.1.3 - Remote Code Execution eXploit (Metasploit Solaris <= 10 LPD Arbitrary File Delete Exploit (metasploit) Solaris <= 10 LPD Arbitrary File Delete Exploit (Metasploit Horde <= 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (metasploit) Horde <= 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (Metasploit Softerra PHP Developer Library <= 1.5.3 File Include Vulnerabilities Softerra PHP Developer Library <= 1.5.3 - File Include Vulnerabilities IDEAL Administration 2009 9.7 - Buffer Overflow - Metasploit Universal IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit) PHP RapidKill Pro 5.x Shell Upload Vulnerability PHP RapidKill Pro 5.x - Shell Upload Vulnerability Shellcode - Win32 MessageBox (Metasploit module) Shellcode - Win32 MessageBox (Metasploit) Php Nuke 8.x.x - BlindSQL Injection Vulnerability PHP-Nuke 8.x.x - BlindSQL Injection Vulnerability Integard Pro 2.2.0.9026 - (Win7 ROP-Code Metasploit Module) Integard Pro 2.2.0.9026 - Windows 7 ROP-Code (Metasploit) Digital Music Pad 8.2.3.3.4 - SEH Overflow Metasploit Module Digital Music Pad 8.2.3.3.4 - SEH Overflow (Metasploit) MaticMarket 2.02 for PHP Nuke LFI Vulnerability MaticMarket 2.02 for PHP-Nuke - LFI Vulnerability Microsoft Word 2003 - Record Parsing Buffer Overflow (Metasploit) (MS09-027) Microsoft Word 2003 - Record Parsing Buffer Overflow (MS09-027) (Metasploit) Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (Metasploit) (0day) Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (0day) (Metasploit) Metasploit 4.1.0 Web UI stored XSS Vulnerability Metasploit 4.1.0 Web UI - Stored XSS Vulnerability PHP Nuke 1.0/2.5/3.0/4.x - Remote Ad Banner URL Change Vulnerability PHP-Nuke 1.0/2.5/3.0/4.x - Remote Ad Banner URL Change Vulnerability Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability (metasploit) Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability (Metasploit PHP Nuke 5.0 - 'user.php' Form Element Substitution Vulnerabilty PHP-Nuke 5.0 - 'user.php' Form Element Substitution Vulnerabilty PHP Nuke 5.x Error Message Web Root Disclosure Vulnerability PHP-Nuke 5.x - Error Message Web Root Disclosure Vulnerability PHP Nuke 8.2.4 - CSRF Vulnerability PHP-Nuke 8.2.4 - CSRF Vulnerability DCP-Portal 3.7/4.x/5.x Calendar.PHP HTTP Response Splitting Vulnerability DCP-Portal 3.7/4.x/5.x - Calendar.PHP HTTP Response Splitting Vulnerability PHP Nuke 0-7 Double Hex Encoded Input Validation Vulnerability PHP-Nuke 0-7 - Double Hex Encoded Input Validation Vulnerability PHP 4.x/5.x Html_Entity_Decode() Information Disclosure Vulnerability PHP 4.x/5.x - Html_Entity_Decode() Information Disclosure Vulnerability Western Digital Arkeia Remote Code Execution (Metasploit) Western Digital Arkeia - Remote Code Execution (Metasploit) Apache + PHP 5.x (< 5.3.12 & < 5.4.2) - cgi-bin Remote Code Execution Exploit Apache + PHP 5.x (< 5.3.12 / < 5.4.2) - Remote Code Execution (Multithreaded Scanner) Apache + PHP 5.x (< 5.3.12 & < 5.4.2) - Remote Code Execution (Multithreaded Scanner) PHP PEAR <= 1.5.3 INSTALL-AS Attribute Arbitrary File Overwrite Vulnerability PHP PEAR <= 1.5.3 - INSTALL-AS Attribute Arbitrary File Overwrite Vulnerability GNU bash Environment Variable Command Injection (Metasploit) GNU Bash - Environment Variable Command Injection (Metasploit) Bash - CGI RCE (Metasploit) Shellshock Exploit Bash - CGI RCE Shellshock Exploit (Metasploit) Endian Firewall < 3.0.0 - OS Command Injection (Metasploit Module) Endian Firewall < 3.0.0 - OS Command Injection (Metasploit) Windows - Secondary Logon Standard Handles Missing Sanitization Privilege Escalation (MS16-032) WordPress eBook Download Plugin 1.1 - Directory Traversal WordPress Import CSV Plugin 1.0 - Directory Traversal WordPress Abtest Plugin - Local File Inclusion Internet Download Manager 6.25 Build 14 - 'Find file' Unicode SEH Exploit Disc ORGanizer - DORG - Multiple Vulnerabilities D-Link DWR-932 Firmware 4.00 - Authentication Bypass Xoops 2.5.7.2 - Arbitrary User Deletions CSRF Xoops 2.5.7.2 - Directory Traversal Bypass WordPress Image Export Plugin 1.1.0 - Arbitrary File Disclosure Sysax Multi Server 6.50 - HTTP File Share SEH Overflow RCE Exploit Dating Pro Genie 2015.7 - CSRF Vulnerabilities iTop 2.2.1 - CSRF Vulnerability ProjectSend r582 - Multiple XSS Vulnerabilities |
||
---|---|---|
platforms | ||
files.csv | ||
README.md | ||
searchsploit |
The Exploit-Database Git Repository
This is the official repository of The Exploit Database, a project sponsored by Offensive Security.
The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Its aim is to serve as the most comprehensive collection of exploits gathered through direct submissions, mailing lists, and other public sources, and present them in a freely-available and easy-to-navigate database. The Exploit Database is a repository for exploits and proof-of-concepts rather than advisories, making it a valuable resource for those who need actionable data right away.
This repository is updated daily with the most recently added submissions. Any additional resources can be found in our binary sploits repository.
Included with this repository is the searchsploit utility, which will allow you to search through the exploits using one or more terms.
root@kali:~# searchsploit -h
Usage: searchsploit [options] term1 [term2] ... [termN]
Example:
searchsploit afd windows local
searchsploit -t oracle windows
=========
Options
=========
-c, --case Perform a case-sensitive search (Default is inSEnsITiVe).
-e, --exact Perform an EXACT match on exploit title (Default is AND) [Implies "-t"].
-h, --help Show this help screen.
-o, --overflow Exploit title's are allowed to overflow their columns.
-p, --path Show the full path to an exploit (Copies path to clipboard if possible).
-t, --title Search just the exploit title (Default is title AND the file's path).
-u, --update Update exploit database from git.
-w, --www Show URLs to Exploit-DB.com rather than local path.
--id Display EDB-ID value rather than local path.
--colour Disable colour highlighting.
=======
Notes
=======
* Use any number of search terms.
* Search terms are not case sensitive, and order is irrelevant.
* Use '-c' if you wish to reduce results by case-sensitive searching.
* And/Or '-e' if you wish to filter results by using an exact match.
* Use '-t' to exclude the file's path to filter the search results.
* Remove false positives (especially when searching numbers/major versions).
* When updating from git or displaying help, search terms will be ignored.
root@kali:~# searchsploit afd windows local
--------------------------------------------------------------------------------- ----------------------------------
Exploit Title | Path
| (/usr/share/exploitdb/platforms)
--------------------------------------------------------------------------------- ----------------------------------
Microsoft Windows 2003/XP - AFD.sys Privilege Escalation Exploit (K-plugin) | ./windows/local/6757.txt
Microsoft Windows XP - AFD.sys Local Kernel DoS Exploit | ./windows/dos/17133.c
Microsoft Windows XP/2003 Afd.sys - Local Privilege Escalation Exploit (MS11-080)| ./windows/local/18176.py
Microsoft Windows - AfdJoinLeaf Privilege Escalation (MS11-080) | ./windows/local/21844.rb
Microsoft Windows - AFD.SYS Dangling Pointer Privilege Escalation (MS14-040) | ./win32/local/39446.py
Microsoft Windows 7 x64 - AFD.SYS Privilege Escalation (MS14-040) | ./win64/local/39525.py
--------------------------------------------------------------------------------- ----------------------------------
root@kali:~#