A mirror of the Gitlab repo: https://gitlab.com/exploit-database/exploitdb
Find a file
Offensive Security 574c0f2df8 DB: 2017-01-10
5 new exploits

DirectAdmin 1.50.1 - Denial of Service

Joomla! Component 'com_menu' - SQL Injection
Joomla! Component com_menu - SQL Injection
Joomla! Component 'com_pcchess' - Local File Inclusion
Joomla! Component 'com_huruhelpdesk' - SQL Injection
Joomla! Component com_pcchess - Local File Inclusion
Joomla! Component huruhelpdesk - SQL Injection

Joomla! Component 'com_ca' - SQL Injection
Joomla! Component com_ca - SQL Injection

Joomla! Component 'com_education_classess' - SQL Injection
Joomla! Component education - SQL Injection

Joomla! Component 'com_Flashgames' - Local File Inclusion
Joomla! Component FlashGames 1.5.0 - Local File Inclusion
Joomla! Component 'com_cvmaker' - Local File Inclusion
Joomla! Component 'com_myfiles' - Local File Inclusion
Joomla! Component CV Maker 1.0 - Local File Inclusion
Joomla! Component My Files 1.0 - Local File Inclusion
Joomla! Component 'com_joommail' - Local File Inclusion
Joomla! Component 'com_memory' - Local File Inclusion
Joomla! Component JoomMail 1.0 - Local File Inclusion
Joomla! Component Memory Book 1.2 - Local File Inclusion

Joomla! Component 'com_diary' - Local File Inclusion
Joomla! Component Digital Diary 1.5.0 - Local File Inclusion

Joomla! Component 'com_jdrugstopics' - SQL Injection
Joomla! Component com_jdrugstopics - SQL Injection

Joomla! Component 'com_flexicontent' - Local File
Joomla! Component FLEXIcontent 1.5 - Local File Inclusion

Joomla! Component 'com_delicious' - Local File Inclusion
Joomla! Component Delicious Bookmarks 0.0.1 - Local File Inclusion

Joomla! Component 'com_manager' 1.5.3 - 'id' Parameter SQL Injection
Joomla! Component com_manager 1.5.3 - 'id' Parameter SQL Injection

Joomla! Component 'com_pandafminigames' - SQL Injection
Joomla! Component com_pandafminigames - SQL Injection

Joomla! Component 'com_caddy' - Exploit
Joomla! Component com_caddy - Exploit

Joomla! Component 'com_jesectionfinder' - Arbitrary File Upload
Joomla! Component com_jesectionfinder - Arbitrary File Upload

Joomla! Component 'com_camp' - SQL Injection
Joomla! Component com_camp - SQL Injection
Joomla! Component 'com_crowdsource' - SQL Injection
Joomla! Component 'com_event' - Multiple Vulnerabilities
Joomla! Component com_crowdsource - SQL Injection
Joomla! Component com_event - Multiple Vulnerabilities

Joomla! Component 'com_event' - SQL Injection
Joomla! Component com_event - SQL Injection

Joomla! Component 'com_packages' - SQL Injection
Joomla! Component com_packages - SQL Injection

Joomla! Component 'com_jepoll' - 'pollid' Parameter SQL Injection
Joomla! Component JE Poll - 'pollid' Parameter SQL Injection
Joomla! Component 'com_chronoconnectivity' - Blind SQL Injection
Joomla! Component 'com_chronocontact' - Blind SQL Injection
Joomla! Component ChronoConnectivity - Blind SQL Injection
Joomla! Component ChronoForms - Blind SQL Injection

Joomla! Component 'com_lead' - SQL Injection
Joomla! Component com_lead - SQL Injection

Joomla! Component 'com_cinema' - SQL Injection
Joomla! Component cinema - SQL Injection
Joomla! Component 'com_jstore' - SQL Injection
Joomla! Component 'com_jtickets' - SQL Injection
Joomla! Component 'com_jcommunity' - SQL Injection
Joomla! Component 'com_jmarket' - SQL Injection
Joomla! Component 'com_jsubscription' - SQL Injection
Joomla! Component com_jstore - SQL Injection
Joomla! Component com_jtickets - SQL Injection
Joomla! Component com_jcommunity - SQL Injection
Joomla! Component com_jmarket - SQL Injection
Joomla! Component com_jsubscription - SQL Injection

Joomla! Component 'com_jnewsletter' - SQL Injection
Joomla! Component com_jnewsletter - SQL Injection

Joomla! Component 'com_joomdocs' - Cross-Site Scripting
Joomla! Component com_joomdocs - Cross-Site Scripting
Joomla! Component 'com_community' - Persistent Cross-Site Scripting
Joomla! Component 'com_jomestate' - Remote File Inclusion
Joomla! Component com_community - Persistent Cross-Site Scripting
Joomla! Component com_jomestate - Remote File Inclusion

Joomla! Component 'com_jejob' - Local File Inclusion
Joomla! Component com_jejob - Local File Inclusion

Joomla! Component 'com_dateconverter' 0.1 - SQL Injection
Joomla! Component com_dateconverter 0.1 - SQL Injection

Joomla! Component 'com_phocagallery' - SQL Injection
Joomla! Component Phoca Gallery 2.7.3 - SQL Injection

Joomla! Component 'com_jpodium' - SQL Injection
Joomla! Component JPodium 2.7.3 - SQL Injection

Joomla! Component 'com_jomtube' - 'user_id' Parameter Blind SQL Injection
Joomla! Component com_jomtube - 'user_id' Parameter Blind SQL Injection
Joomla! Component 'com_myhome' - Blind SQL Injection
Joomla! Component 'com_mysms' - Arbitrary File Upload
Joomla! Component MyHome - Blind SQL Injection
Joomla! Component MySMS - Arbitrary File Upload

Joomla! Component 'com_iproperty' - SQL Injection
Joomla! Component com_iproperty - SQL Injection

Joomla! Component 'com_itarmory' - SQL Injection
Joomla! Component com_itarmory - SQL Injection

Joomla! Component 'com_neorecruit' 1.4 - SQL Injection
Joomla! Component NeoRecruit 1.4 - SQL Injection

Joomla! Component 'com_equipment' - SQL Injection
Joomla! Component com_equipment - SQL Injection
Joomla! Component 'com_Fabrik' - SQL Injection
Joomla! Component 'com_extcalendar' - Blind SQL Injection
Joomla! Component Fabrik - SQL Injection
Joomla! Component com_extcalendar - Blind SQL Injection

Joomla! Component 'com_jejob' - SQL Injection
Joomla! Component JE Job - SQL Injection

Joomla! Component 'com_jfuploader' < 2.12 - Arbitrary File Upload
Joomla! Component com_jfuploader < 2.12 - Arbitrary File Upload
Joomla! Component 'com_connect' - Local File Inclusion
Joomla! Component 'com_dcnews' - Local File Inclusion
Joomla! Component com_connect - Local File Inclusion
Joomla! Component com_dcnews - Local File Inclusion

Joomla! Component 'com_clan' - SQL Injection
Joomla! Component com_clan - SQL Injection

Joomla! Component 'com_clanlist' - SQL Injection
Joomla! Component com_clanlist - SQL Injection
Joomla! Component 'com_markt' - SQL Injection
Joomla! Component 'com_img' - Local File Inclusion
Joomla! Component com_markt - SQL Injection
Joomla! Component com_img - Local File Inclusion

Joomla! Component 'com_ccboard' 1.2-RC - Multiple Vulnerabilities
Joomla! Component CCBoard 1.2-RC - Multiple Vulnerabilities

Joomla! Component 'com_maianmedia' - SQL Injection
Joomla! Component com_maianmedia - SQL Injection

Joomla! Component 'com_idoblog' - SQL Injection
Joomla! Component com_idoblog - SQL Injection

Joomla! Component 'com_people' 1.0.0 - SQL Injection
Joomla! Component People 1.0.0 - SQL Injection

Joomla! Component 'com_people' 1.0.0 - Local File Inclusion
Joomla! Component com_people 1.0.0 - Local File Inclusion

Joomla! Component 'com_jce' - Blind SQL Injection
Joomla! Component joomlacontenteditor - Blind SQL Injection

Joomla! Component 'com_hello' - SQL Injection
Joomla! Component com_hello - SQL Injection

Joomla! Component 'com_jdownloads' 1.0 - Arbitrary File Upload
Joomla! Component jDownloads 1.0 - Arbitrary File Upload

Joomla! Component 'com_jesubmit' - Local File Inclusion
Joomla! Component JE Story Submit - Local File Inclusion

Joomla! Component 'com_obSuggest' - Local File Inclusion
Joomla! Component obSuggest - Local File Inclusion

Joomla! Component 'com_jdirectory' - SQL Injection
Joomla! Component com_jdirectory - SQL Injection

Joomla! Component 'com_esearch' - SQL Injection
Joomla! Component Search 3.0.0 - SQL Injection

Joomla! Component 'com_joomtouch' - Local File Inclusion
Joomla! Component JoomTouch 1.0.2 - Local File Inclusion

Joomla! Component 'com_jce' 2.0.10 - Multiple Vulnerabilities
Joomla! Component joomlacontenteditor 2.0.10 - Multiple Vulnerabilities

Joomla! Component 'com_horses' - 'id' Parameter SQL Injection
Joomla! Component com_horses - 'id' Parameter SQL Injection

Joomla! Component 'com_galleryxml' 1.1 - SQL Injection / Local File Inclusion
Joomla! Component Gallery XML 1.1 - SQL Injection / Local File Inclusion

Joomla! Component 'com_jigsaw' - 'Controller' Parameter Directory Traversal
Joomla! Component com_jigsaw - 'Controller' Parameter Directory Traversal

Joomla! Component 'com_fireboard' - 'Itemid' Parameter SQL Injection
Joomla! Component com_fireboard - 'Itemid' Parameter SQL Injection

Joomla! Component 'com_dirfrm' - Multiple SQL Injections
Joomla! Component com_dirfrm - Multiple SQL Injections

Joomla! Component 'com_catalogue' - SQL Injection / Local File Inclusion
Joomla! Component Catalogue - SQL Injection / Local File Inclusion
Joomla! Component 'com_jeformcr' - 'id' Parameter SQL Injection
Joomla! Component 'com_jesectionfinder' - 'sf_id' Parameter SQL Injection
Joomla! Component Jeformcr - 'id' Parameter SQL Injection
Joomla! Component JExtensions Property Finder - 'sf_id' Parameter SQL Injection

Joomla! Component 'com_mailto' - Multiple Cross-Site Scripting Vulnerabilities
Joomla! Component com_mailto - Multiple Cross-Site Scripting Vulnerabilities

Joomla! Component 'com_classified' - SQL Injection
Joomla! Component Classified - SQL Injection

Joomla! Component 'com_frontenduseraccess' - Local File Inclusion
Joomla! Component com_frontenduseraccess - Local File Inclusion

Joomla! Component 'com_clan_members' - 'id' Parameter SQL Injection
Joomla! Component com_clan_members - 'id' Parameter SQL Injection

Joomla! Component 'com_phocadownload' - Local File Inclusion
Joomla! Component com_phocadownload - Local File Inclusion

Joomla! Component 'com_cbcontact' - 'contact_id' Parameter SQL Injection
Joomla! Component com_cbcontact - 'contact_id' Parameter SQL Injection

Joomla! Component 'com_maplocator' - 'cid' Parameter SQL Injection
Joomla! Component Map Locator - 'cid' Parameter SQL Injection

Joomla! Component 'com_ccboard' - SQL Injection / Arbitrary File Upload
Joomla! Component CCBoard - SQL Injection / Arbitrary File Upload

Joomla! Component 'com_morfeoshow' - 'idm' Parameter SQL Injection
Joomla! Component com_morfeoshow - 'idm' Parameter SQL Injection

Joomla! Component 'com_jr_tfb' - 'Controller' Parameter Local File Inclusion
Joomla! Component com_jr_tfb - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_foto' - 'id_categoria' Parameter SQL Injection
Joomla! Component 'com_juicy' - 'picId' Parameter SQL Injection
Joomla! Component 'com_hospital' - SQL Injection
Joomla! Component 'com_controller' - 'Itemid' Parameter SQL Injection
Joomla! Component Foto - 'id_categoria' Parameter SQL Injection
Joomla! Component Juicy Gallery - 'picId' Parameter SQL Injection
Joomla! Component com_hospital - SQL Injection
Joomla! Component Controller - 'Itemid' Parameter SQL Injection

Joomla! Component 'com_newssearch' - SQL Injection
Joomla! Component com_newssearch - SQL Injection

Joomla! Component 'com_community' - 'userid' Parameter SQL Injection
Joomla! Component com_community - 'userid' Parameter SQL Injection

Joomla! Component 'com_biitatemplateshop' - 'groups' Parameter SQL Injection
Joomla! Component Biitatemplateshop - 'groups' Parameter SQL Injection

Joomla! Component 'com_expedition' - 'id' Parameter SQL Injection
Joomla! Component com_expedition - 'id' Parameter SQL Injection

Joomla! Component 'com_br' - 'state_id' Parameter SQL Injection
Joomla! Component com_br - 'state_id' Parameter SQL Injection

Joomla! Component 'com_caproductprices' - 'id' Parameter SQL Injection
Joomla! Component com_caproductprices - 'id' Parameter SQL Injection

Joomla! Component 'com_br' - 'Controller' Parameter Local File Inclusion
Joomla! Component com_br - 'Controller' Parameter Local File Inclusion

Joomla! Component 'com_full' - 'id' Parameter SQL Injection
Joomla! Component Full - 'id' Parameter SQL Injection
Joomla! Component 'com_boss' - 'Controller' Parameter Local File Inclusion
Joomla! Component 'com_car' - Multiple SQL Injections
Joomla! Component com_boss - 'Controller' Parameter Local File Inclusion
Joomla! Component com_car - Multiple SQL Injections

Joomla! Component 'com_bulkenquery' - 'Controller' Parameter Local File Inclusion
Joomla! Component com_bulkenquery - 'Controller' Parameter Local File Inclusion

Joomla! Component 'com_jesubmit' - 'index.php' Arbitrary File Upload
Joomla! Component JE Story Submit - 'index.php' Arbitrary File Upload

Joomla! Component 'com_motor' - 'cid' Parameter SQL Injection
Joomla! Component com_motor - 'cid' Parameter SQL Injection
Joomla! Component 'com_firmy' - 'Id' Parameter SQL Injection
Joomla! Component 'com_crhotels' - 'catid' Parameter SQL Injection
Joomla! Component com_firmy - 'Id' Parameter SQL Injection
Joomla! Component com_crhotels - 'catid' Parameter SQL Injection

Joomla! Component 'com_cmotour' - 'id' Parameter SQL Injection
Joomla! Component com_cmotour - 'id' Parameter SQL Injection

Joomla! Component 'com_bnf' - 'seccion_id' Parameter SQL Injection
Joomla! Component com_bnf - 'seccion_id' Parameter SQL Injection

Joomla! Component 'com_machine' - Multiple SQL Injections
Joomla! Component Machine - Multiple SQL Injections

Joomla! Component 'com_joomsport' - SQL Injection / Arbitrary File Upload
Joomla! Component Joomsport - SQL Injection / Arbitrary File Upload

Joomla! Component 'com_dv' - 'upload.php' Arbitrary File Upload
Joomla! Component DentroVideo 1.2 - 'upload.php' Arbitrary File Upload

Joomla! Component 'com_hwdvideoshare' - 'flash_upload.php' Arbitrary File Upload
Joomla! Component hwdVideoShare - 'flash_upload.php' Arbitrary File Upload
Joomla! Component 'com_maianmedia' - 'uploadhandler.php' Arbitrary File Upload
Joomla! Component 'com_jcalpro' - SQL Injection
Joomla! Component Maian Media - 'uploadhandler.php' Arbitrary File Upload
Joomla! Component JCal Pro Calendar - SQL Injection

Joomla! Component 'com_hello' - 'Controller' Parameter Local File Inclusion
Joomla! Component com_hello - 'Controller' Parameter Local File Inclusion

Joomla! Component 'com_odudeprofile' - 'profession' Parameter SQL Injection
Joomla! Component Odudeprofile 2.8 - 'profession' Parameter SQL Injection

Joomla! Component 'com_civicrm' - Multiple Arbitrary File Upload Vulnerabilities
Joomla! Component CiviCRM - Multiple Arbitrary File Upload Vulnerabilities

Joomla! Component 'com_parcoauto' - 'idVeicolo' Parameter SQL Injection
Joomla! Component Parcoauto - 'idVeicolo' Parameter SQL Injection

Joomla! Component 'com_jvideoclip' - 'uid' Parameter SQL Injection
Joomla! Component JVideoClip 1.5.1 - 'uid' Parameter SQL Injection

Joomla! Component 'com_maian15' - 'name' Parameter Arbitrary File Upload
Joomla! Component Maian15 - 'name' Parameter Arbitrary File Upload

Joomla! Component 'com_inneradmission' - 'index.php' SQL Injection
Joomla! Component Inneradmission - 'index.php' SQL Injection

Joomla! Component 'com_easy_youtube_gallery' 1.0.2 - SQL Injection
Joomla! Component Easy Youtube Gallery 1.0.2 - SQL Injection

Joomla! Component 'com_payplans' 3.3.6 - SQL Injection
Joomla! Component com_payplans 3.3.6 - SQL Injection

Joomla! Component 'com_enmasse' 5.1 < 6.4 - SQL Injection
Joomla! Component com_enmasse 5.1 < 6.4 - SQL Injection

Joomla! Component 'com_bt_media' - SQL Injection
Joomla! Component com_bt_media 1.0 - SQL Injection

Joomla! Component 'com_guru' - SQL Injection
Joomla! Component Guru Pro - SQL Injection

DirectAdmin 1.50.1 - Denial of Service
Splunk 6.1.1 - 'Referer' Header Cross-Site Scripting
My Link Trader 1.1 - Authentication Bypass
My Php Dating 2.0 - 'path' Parameter SQL Injection
My Php Dating 2.0 - 'id' Parameter SQL Injection
2017-01-10 05:01:19 +00:00
platforms DB: 2017-01-10 2017-01-10 05:01:19 +00:00
files.csv DB: 2017-01-10 2017-01-10 05:01:19 +00:00
README.md Merge pull request #65 from g0tmi1k/searchsploit 2016-12-08 20:36:52 +00:00
searchsploit Fix for #67 - Show result when their’s only 1 for nmap’s XML mode 2016-12-20 14:30:14 +00:00

The Exploit Database Git Repository

This is the official repository of The Exploit Database, a project sponsored by Offensive Security.

The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Its aim is to serve as the most comprehensive collection of exploits gathered through direct submissions, mailing lists, and other public sources, and present them in a freely-available and easy-to-navigate database. The Exploit Database is a repository for exploits and proof-of-concepts rather than advisories, making it a valuable resource for those who need actionable data right away.

This repository is updated daily with the most recently added submissions. Any additional resources can be found in our binary sploits repository.

Included with this repository is the searchsploit utility, which will allow you to search through the exploits using one or more terms. For more information, please see the SearchSploit manual.

root@kali:~# searchsploit -h
  Usage: searchsploit [options] term1 [term2] ... [termN]

==========
 Examples
==========
  searchsploit afd windows local
  searchsploit -t oracle windows
  searchsploit -p 39446

=========
 Options
=========
   -c, --case     [Term]      Perform a case-sensitive search (Default is inSEnsITiVe).
   -e, --exact    [Term]      Perform an EXACT match on exploit title (Default is AND) [Implies "-t"].
   -h, --help                 Show this help screen.
   -j, --json     [Term]      Show result in JSON format.
   -m, --mirror   [EDB-ID]    Mirror (aka copies) an exploit to the current working directory.
   -o, --overflow [Term]      Exploit titles are allowed to overflow their columns.
   -p, --path     [EDB-ID]    Show the full path to an exploit (and also copies the path to the clipboard if possible).
   -t, --title    [Term]      Search JUST the exploit title (Default is title AND the file's path).
   -u, --update               Check for and install any exploitdb package updates (deb or git).
   -w, --www      [Term]      Show URLs to Exploit-DB.com rather than the local path.
   -x, --examine  [EDB-ID]    Examine (aka opens) the exploit using $PAGER.
       --colour               Disable colour highlighting in search results.
       --id                   Display the EDB-ID value rather than local path.
       --nmap     [file.xml]  Checks all results in Nmap's XML output with service version (e.g.: nmap -sV -oX file.xml).
                              Use "-v" (verbose) to try even more combinations
=======
 Notes
=======
 * You can use any number of search terms.
 * Search terms are not case-sensitive (by default), and ordering is irrelevant.
   * Use '-c' if you wish to reduce results by case-sensitive searching.
   * And/Or '-e' if you wish to filter results by using an exact match.
 * Use '-t' to exclude the file's path to filter the search results.
   * Remove false positives (especially when searching using numbers - i.e. versions).
 * When updating from git or displaying help, search terms will be ignored.

root@kali:~#
root@kali:~# searchsploit afd windows local
--------------------------------------------------------------------------------- ----------------------------------
 Exploit Title                                                                   |  Path
                                                                                 | (/usr/share/exploitdb/platforms)
--------------------------------------------------------------------------------- ----------------------------------
Microsoft Windows XP - 'afd.sys' Local Kernel Denial of Service                  | ./windows/dos/17133.c
Microsoft Windows 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066) | ./windows/local/6757.txt
Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (MS11-080)            | ./windows/local/18176.py
Microsoft Windows - 'AfdJoinLeaf' Privilege Escalation (MS11-080) (Metasploit)   | ./windows/local/21844.rb
Microsoft Windows - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040)   | ./win_x86/local/39446.py
Microsoft Windows 7 (x64) - 'afd.sys' Privilege Escalation (MS14-040)            | ./win_x86-64/local/39525.py
Microsoft Windows (x86) - 'afd.sys' Privilege Escalation (MS11-046)              | ./windows/local/40564.c
--------------------------------------------------------------------------------- ----------------------------------
root@kali:~#
root@kali:~# searchsploit -p 39446
Exploit: Microsoft Windows - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040)
    URL: https://www.exploit-db.com/exploits/39446/
   Path: /usr/share/exploitdb/platforms/win_x86/local/39446.py

Copied EDB-ID 39446's path to the clipboard.

root@kali:~#

SearchSploit requires either "CoreUtils" or "utilities" (e.g. bash, sed, grep, awk, etc.) for the core features to work. The self updating function will require git, and the Nmap XML option to work, will require xmllint (found in the libxml2-utils package in Debian-based systems).