bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/linux
History
Offensive Security 35000196e1 DB: 2016-09-27 
11 new exploits

Berlios gpsd 2.7.x - Remote Format String
Berlios GPSD 2.7.x - Remote Format String

bitweaver 1.3 - (tmpImagePath) Attachment mod_mime Exploit
Bitweaver 1.3 - (tmpImagePath) Attachment mod_mime Exploit

Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (1)

D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit)
D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (1)

boastMachine 3.1 - (mail.php id) SQL Injection
BoastMachine 3.1 - 'mail.php' id SQL Injection

BIGACE 2.4 - Multiple Remote File Inclusion
BigACE 2.4 - Multiple Remote File Inclusion

attachmax dolphin 2.1.0 - Multiple Vulnerabilities
Attachmax Dolphin 2.1.0 - Multiple Vulnerabilities

AtomixMP3 <= 2.3 - (Playlist) Universal Overwrite (SEH)
AtomixMP3 <= 2.3 - 'Playlist' Universal Overwrite (SEH)

BIGACE CMS 2.5 - 'Username' SQL Injection
BigACE CMS 2.5 - 'Username' SQL Injection

BIGACE CMS 2.6 - (cmd) Local File Inclusion
BigACE CMS 2.6 - (cmd) Local File Inclusion

Avast AntiVirus 4.8.1351.0 - Denial of Service / Privilege Escalation
Avast! AntiVirus 4.8.1351.0 - Denial of Service / Privilege Escalation

DistCC Daemon - Command Execution (Metasploit)
DistCC Daemon - Command Execution (Metasploit) (1)

Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit)
Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (1)

Avast 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption
Avast! 4.8.1351.0 AntiVirus - aswMon2.sys Kernel Memory Corruption

bitrix site manager 4.0.5 - Remote File Inclusion
Bitrix Site Manager 4.0.5 - Remote File Inclusion

boastMachine 3.1 - Arbitrary File Upload
BoastMachine 3.1 - Arbitrary File Upload

blog system 1.5 - Multiple Vulnerabilities
Blog System 1.5 - Multiple Vulnerabilities

b2b gold script - 'id' SQL Injection
B2B Gold Script - 'id' SQL Injection

TinyBrowser - Arbitrary File Upload
Wordpress Plugin TinyBrowser - Arbitrary File Upload

Nginx http server 0.6.36 - Directory Traversal
Nginx 0.6.36 - Directory Traversal

atomic photo album 1.0.2 - Multiple Vulnerabilities
Atomic Photo Album 1.0.2 - Multiple Vulnerabilities

Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit)
Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (1)

Bigace_2.7.3 - Cross-Site Request Forgery (Change Admin Password) (PoC)
BigACE 2.7.3 - Cross-Site Request Forgery (Change Admin Password) (PoC)

bitweaver 2.8.1 - Persistent Cross-Site Scripting
Bitweaver 2.8.1 - Persistent Cross-Site Scripting

bitweaver 2.8.0 - Multiple Vulnerabilities
Bitweaver 2.8.0 - Multiple Vulnerabilities

Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit)
Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (2)

D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit)
D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (2)

Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit)
Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (2)

Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (2)

DistCC Daemon - Command Execution (Metasploit)
DistCC Daemon - Command Execution (Metasploit) (2)

Bigace 2.7.5 - Arbitrary File Upload
BigACE 2.7.5 - Arbitrary File Upload

atutor 2.0.2 - Multiple Vulnerabilities
ATutor 2.0.2 - Multiple Vulnerabilities

boastMachine 3.1 - Cross-Site Request Forgery (Add Admin)
BoastMachine 3.1 - Cross-Site Request Forgery (Add Admin)

Microsoft Windows - RegLoadAppKey Hive Enumeration Privilege Escalation (MS16-111)

atmail email server Appliance 6.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Remote Code Execution
AtMail Email Server Appliance 6.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Remote Code Execution

Macro Expert 4.0 - Multiple Privilege Escalations

axigen mail server 8.0.1 - Persistent Cross-Site Scripting
Axigen Mail Server 8.0.1 - Persistent Cross-Site Scripting

Iperius Remote 1.7.0 - Unquoted Service Path Privilege Escalation

MSI - NTIOLib.sys / WinIO.sys Local Privilege Escalation

Elantech-Smart Pad 11.9.0.0 - Unquoted Service Path Privilege Escalation

Joomla! Component Event Booking 2.10.1 - SQL Injection

NetDrive 2.6.12 - Unquoted Service Path Privilege Escalation

bitweaver 2.8.1 - Multiple Vulnerabilities
Bitweaver 2.8.1 - Multiple Vulnerabilities
Contrexx CMS egov Module 1.0.0 - SQL Injection
Microsoft Windows 10 10586 (x32/x64) / 8.1 Update 2 - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111)

White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting
Wordpress Plugin White Label CMS 1.5 - Cross-Site Request Forgery / Persistent Cross-Site Scripting

atutor 1.2 - Multiple Vulnerabilities
ATutor 1.2 - Multiple Vulnerabilities

Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection
Joomla! Component Huge-IT Video Gallery 1.0.9 - SQL Injection

Clockstone and other CMSMasters Theme - Arbitrary File Upload
Wordpress Theme Clockstone (and other CMSMasters Themes) - Arbitrary File Upload

Nginx HTTP Server 1.3.9 < 1.4.0 - Chuncked Encoding Stack Buffer Overflow (Metasploit)
Nginx 1.3.9 < 1.4.0 - Chuncked Encoding Stack Buffer Overflow (Metasploit)

BuilderEngine 3.5.0 - Arbitrary File Upload

PHP Charts 1.0 - (index.php type Parameter) Remote Code Execution
PHP-Charts 1.0 - (index.php type Parameter) Remote Code Execution

Bigace CMS 2.7.8 - Cross-Site Request Forgery (Add Admin)
BigACE CMS 2.7.8 - Cross-Site Request Forgery (Add Admin)

BoastMachine 3.1 - admin.php Cross-Site Scripting
BoastMachine 3.1 - 'admin.php' Cross-Site Scripting

Western Digital Arkeia - Remote Code Execution (Metasploit)
Western Digital Arkeia - Remote Code Execution (Metasploit) (1)

Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting
Wordpress Plugin Quick Paypal Payments 3.0 - Presistant Cross-Site Scripting

Redoable 1.2 Theme - header.php s Parameter Cross-Site Scripting
Wordpress Theme Redoable 1.2 - header.php s Parameter Cross-Site Scripting

Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery
Wordpress Plugin Google FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery

boastMachine 2.8 - 'index.php' Local File Inclusion
BoastMachine 2.8 - 'index.php' Local File Inclusion

TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting
Wordpress Plugin TYPO3 - 't3m_cumulus_tagcloud' Extension 1.0 - HTML Injection / Cross-Site Scripting

boastMachine 3.1 - 'key' Parameter Cross-Site Scripting
BoastMachine 3.1 - 'key' Parameter Cross-Site Scripting

Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin Firestats 1.6.5 - Multiple Cross-Site Scripting Vulnerabilities

WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin WooCommerce Store Exporter 1.7.5 - Multiple Cross-Site Scripting Vulnerabilities

Creative Contact Form 0.9.7 - Arbitrary File Upload
Wordpress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload

Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting
Wordpress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Parameter Cross-Site Scripting

Paid Memberships Pro 1.7.14.2 - Directory Traversal
Wordpress Plugin Paid Memberships Pro 1.7.14.2 - Directory Traversal

DukaPress 2.5.2 - Directory Traversal
Wordpress Plugin DukaPress 2.5.2 - Directory Traversal

Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection
Wordpress Plugin Google Document Embedder 2.5.16 - mysql_real_escpae_string Bypass SQL Injection

WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting
Wordpress Plugin WonderPlugin Audio Player 2.0 - Blind SQL Injection / Cross-Site Scripting

Duplicator 0.5.8 - Privilege Escalation
Wordpress Plugin Duplicator 0.5.8 - Privilege Escalation

VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload
Wordpress Plugin VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload

Shareaholic 7.6.0.3 - Cross-Site Scripting
Wordpress Plugin Shareaholic 7.6.0.3 - Cross-Site Scripting

Paypal Currency Converter Basic For WooCommerce - File Read
Wordpress Plugin Paypal Currency Converter Basic For WooCommerce - File Read

Wordpess Simple Photo Gallery 1.7.8 - Blind SQL Injection
Wordpress Plugin Simple Photo Gallery 1.7.8 - Blind SQL Injection

Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin Download Monitor 3.3.5.4 - 'uploader.php' Multiple Cross-Site Scripting Vulnerabilities
Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting
PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin Download Manager 2.2.2 - 'cid' Parameter Cross-Site Scripting
Wordpress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities
2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities
iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting
Wordpress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting
Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities
LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin Media Library Categories - Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin LeagueManager 3.7 - Multiple Cross-Site Scripting Vulnerabilities
GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting
Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin GD Star Rating 1.9.16 - 'tpl_section' Parameter Cross-Site Scripting
Wordpress Plugin ]Mingle Forum 1.0.33 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities

Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting
Wordpress Plugin Share and Follow 1.80.3 - 'admin.php' Cross-Site Scripting

Western Digital Arkeia - Remote Code Execution (Metasploit)
Western Digital Arkeia - Remote Code Execution (Metasploit) (2)

Multiple WordPress Themes WPScientist - Arbitrary File Upload
Multiple WordPress WPScientist Themes - Arbitrary File Upload

EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities
Wordpress Plugin EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities

Avast AntiVirus - X.509 Error Rendering Command Execution
Avast! AntiVirus - X.509 Error Rendering Command Execution

Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting
Wordpress Plugin Xorbin Analog Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting

miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities
Wordpress Plugin miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities
Avast - OOB Write Decrypting PEncrypt Packed executables
Avast - JetDb::IsExploited4x Performs Unbounded Search on Input
Avast - Heap Overflow Unpacking MoleBox Archives
Avast - Integer Overflow Verifying numFonts in TTC Header
Avast! - OOB Write Decrypting PEncrypt Packed executables
Avast! - JetDb::IsExploited4x Performs Unbounded Search on Input
Avast! - Heap Overflow Unpacking MoleBox Archives
Avast! - Integer Overflow Verifying numFonts in TTC Header

BIGACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal
BigACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal

Simple Ads Manager 2.9.4.116 - SQL Injection
Wordpress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection

MySQL / MariaDB / PerconaDB 5.5.52 / 5.6.33 / 5.7.15 - Code Execution / Privilege Escalation
MySQL / MariaDB / PerconaDB 5.5.51 / 5.6.32 / 5.7.14 - Code Execution / Privilege Escalation

Avast - Authenticode Parsing Memory Corruption
Avast! - Authenticode Parsing Memory Corruption

Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting
Wordpress Plugin Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting

Job Script by Scubez - Remote Code Execution
Wordpress Plugin Job Script by Scubez - Remote Code Execution

Premium SEO Pack 1.9.1.3 - wp_options Overwrite
Wordpress Plugin Premium SEO Pack 1.9.1.3 - wp_options Overwrite

Ocomon 2.0 - SQL Injection
2016-09-27 05:01:25 +00:00
..
dos DB: 2016-09-24 2016-09-24 05:05:07 +00:00
local DB: 2016-09-27 2016-09-27 05:01:25 +00:00
remote DB: 2016-09-10 2016-09-10 05:08:39 +00:00
shellcode DB: 2016-07-18 2016-07-18 05:02:52 +00:00
webapps DB: 2016-09-14 2016-09-14 05:08:39 +00:00