A mirror of the Gitlab repo: https://gitlab.com/exploit-database/exploitdb
Find a file
Offensive Security 67cc75a29b DB: 2016-03-29
9 new exploits

Serv-U 3x - 5.x - Local Privilege Escalation Exploit
Serv-U 3.x - 5.x - Local Privilege Escalation Exploit

SHOUTcast 1.9.4 File Request Format String Remote Exploit (win)
SHOUTcast 1.9.4 - File Request Format String Remote Exploit (Windows)

Monstra CMS 3.0.3 - Multiple Vulnerabilities
pragmaMX Module Landkarten 2.1 - Local File Inclusion Exploit (win)
GeBlog 0.1 - GLOBALS[tplname] Local File Inclusion Exploit (win)
pragmaMX Module Landkarten 2.1 - Local File Inclusion Exploit (Windows)
GeBlog 0.1 - GLOBALS[tplname] Local File Inclusion Exploit (Windows)

PicoFlat CMS 0.5.9 - Local File Inclusion Vulnerabilitty (win)
PicoFlat CMS 0.5.9 - Local File Inclusion Vulnerabilitty (Windows)

Tribiq CMS 5.0.10a - Local File Inclusion Vulnerability (win)
Tribiq CMS 5.0.10a - Local File Inclusion Vulnerability (Windows)

Apache Tomcat - runtime.getRuntime().exec() Privilege Escalation (win)
Apache Tomcat - runtime.getRuntime().exec() Privilege Escalation (Windows)

AJA Portal 1.2 - Local File Inclusion Vulnerabilities (win)
AJA Portal 1.2 - Local File Inclusion Vulnerabilities (Windows)

Microsoft Internet Explorer 7 (Windows 2003 SP2)  - Memory Corruption PoC (MS09-002)
Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption PoC (MS09-002)

XBMC 8.10 (Get Request) Remote Buffer Overflow Exploit (win)
XBMC 8.10 - (GET Request) Remote Buffer Overflow Exploit (Windows)

MonGoose 2.4 Webserver Directory Traversal Vulnerability (win)
MonGoose 2.4 - Webserver Directory Traversal Vulnerability (Windows)

Apple iTunes 8.1.1.10 - (itms/itcp) Remote Buffer Overflow Exploit (win)
Apple iTunes 8.1.1.10 - (itms/itcp) Remote Buffer Overflow Exploit (Windows)

Adobe Related Service - (getPlus_HelperSvc.exe) Local Privilege Escalation
Adobe 9.x Related Service - (getPlus_HelperSvc.exe) Local Privilege Escalation

PulseAudio setuid - Local Privilege Escalation Exploit

Adobe Acrobat 9.1.2 - NOS Local Privilege Escalation Exploit
Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (C)

Adobe Acrobat 9.1.2 - NOS Local Privilege Escalation Exploit (py)
Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (Python)

Serv-u Web client 9.0.0.5 - Buffer Overflow
Serv-U Web Client 9.0.0.5 - Buffer Overflow (2)

Serv-u Web client 9.0.0.5 - Buffer Overflow
Serv-U Web Client 9.0.0.5 - Buffer Overflow (1)

Qihoo 360 Security Guard breg device drivers Privilege Escalation Vulnerability
Qihoo 360 Security Guard 6.1.5.1009 - breg device drivers Privilege Escalation Vulnerability

Sysax Multi Server (SFTP module) Multiple Commands DoS Vulnerabilities
Sysax Multi Server < 5.25 - (SFTP Module) Multiple Commands DoS Vulnerabilities

Integard Pro 2.2.0.9026 - Windows 7 ROP-Code  (Metasploit)
Integard Pro 2.2.0.9026 - Windows 7 ROP-Code (Metasploit)

WordPress Plugin mingle forum  <= 1.0.26 - Multiple Vulnerabilities
WordPress Plugin mingle forum <= 1.0.26 - Multiple Vulnerabilities

Microsoft Windows Server  - Service Relative Path Stack Corruption (MS08-067)
Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067)

WordPress Plugin ajax category dropdown  0.1.5 - Multiple Vulnerabilities
WordPress Plugin ajax category dropdown 0.1.5 - Multiple Vulnerabilities

Sysax Multi Server 5.50 Create Folder BOF
Sysax Multi Server 5.50 - Create Folder BOF

Sysax Multi Server <= 5.52 File Rename BoF RCE (Egghunter)
Sysax Multi Server <= 5.52 - File Rename BoF RCE (Egghunter)
Sysax Multi Server 5.53 SFTP Post Auth SEH Exploit
Sysax <= 5.53 SSH Username BoF Pre Auth RCE (Egghunter)
Sysax Multi Server 5.53 - SFTP Post Auth SEH Exploit
Sysax <= 5.53 - SSH Username BoF Pre Auth RCE (Egghunter)

Sysax 5.53 SSH Username Buffer Overflow (Metasploit)
Sysax 5.53 - SSH Username Buffer Overflow (Metasploit)

sysax <= 5.57 - Directory Traversal
Sysax <= 5.57 - Directory Traversal

Sysax <= 5.60 Create SSL Certificate Buffer Overflow
Sysax <= 5.60 - Create SSL Certificate Buffer Overflow

Sysax <= 5.62 Admin Interface Local Buffer Overflow
Sysax <= 5.62 - Admin Interface Local Buffer Overflow

Sysax Multi-Server 5.64 Create Folder Buffer Overflow

Sysax Multi Server 5.64 Create Folder Buffer Overflow
Sysax Multi Server 5.64 - Create Folder Buffer Overflow

ActFax 4.31 - Local Privilege Escalation Exploit
ActFax Server 4.31 Build 0225 - Local Privilege Escalation Exploit

PHP-Nuke  Search Module - Modules.PHP Remote Directory Traversal Vulnerability
PHP-Nuke Search Module - Modules.PHP Remote Directory Traversal Vulnerability
STHS v2 Web Portal prospects.php team Parameter SQL Injection
STHS v2 Web Portal prospect.php team Parameter SQL Injection
STHS v2 Web Portal team.php team Parameter SQL Injection
STHS v2 Web Portal - prospects.php team Parameter SQL Injection
STHS v2 Web Portal - prospect.php team Parameter SQL Injection
STHS v2 Web Portal - team.php team Parameter SQL Injection

WK UDID v1.0.1 iOS - Command Inject Vulnerability
WK UDID 1.0.1 iOS - Command Inject Vulnerability

Hawkeye-G v3.0.1.4912 CSRF Vulnerability
Hawkeye-G 3.0.1.4912 - CSRF Vulnerability

Hawkeye-G v3.0.1.4912 Persistent XSS & Information Leakage
Hawkeye-G 3.0.1.4912 - Persistent XSS & Information Leakage

Reaver Pro Local Privilege Escalation Vulnerability
Reaver Pro - Local Privilege Escalation Vulnerability

Sysax Multi Server 6.40  SSH Component Denial of Service
Sysax Multi Server 6.40 - SSH Component Denial of Service

WordPress CP Reservation Calendar Plugin 1.1.6  - SQL Injection
WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection

w3tw0rk / Pitbul IRC Bot  Remote Code Execution
w3tw0rk / Pitbul IRC Bot - Remote Code Execution

Dropbox < 3.3.x  - OSX FinderLoadBundle Local Root Exploit
Dropbox < 3.3.x - OSX FinderLoadBundle Local Root Exploit

Hitron Router CGN3ACSMR 4.5.8.16  - Arbitrary Code Execution
Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution
WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities
WordPress Plugin Sell Download v1.0.16  - Local File Disclosure
WordPress Plugin TheCartPress v1.4.7  - Multiple Vulnerabilities
WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities
WordPress Plugin Sell Download 1.0.16 - Local File Disclosure
WordPress Plugin TheCartPress 1.4.7 - Multiple Vulnerabilities

Cyclope Employee Surveillance  <= v8.6.1- Insecure File Permissions
Cyclope Employee Surveillance <= 8.6.1- Insecure File Permissions

XM Easy Personal FTP Server 5.8 - (HELP)  Remote DoS Vulnerability
XM Easy Personal FTP Server 5.8 - (HELP) Remote DoS Vulnerability

Liferay Portal 5.1.2 - Persistent XSS

Trend Micro Deep Discovery Inspector 3.8_ 3.7 - CSRF Vulnerabilities
Linux/x86_x64 - execve(/bin/sh) - 25 bytes
Linux/x86_x64 - execve(/bin/bash) - 33 bytes
TallSoft SNMP TFTP Server 1.0.0 - Denial of Service
FireEye - Privilege Escalation to root from Malware Input Processor (uid=mip)
Android One mt_wifi IOCTL_GET_STRUCT Privilege Escalation
Cogent Datahub <= 7.3.9 Gamma Script Elevation of Privilege
2016-03-29 05:02:00 +00:00
platforms DB: 2016-03-29 2016-03-29 05:02:00 +00:00
files.csv DB: 2016-03-29 2016-03-29 05:02:00 +00:00
README.md SearchSploit v3.3 - Adds '-p' for copying path 2016-03-19 09:53:07 +00:00
searchsploit [UPD] improve git clone performances 2016-03-27 15:16:28 +02:00

The Exploit-Database Git Repository

This is the official repository of The Exploit Database, a project sponsored by Offensive Security.

The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Its aim is to serve as the most comprehensive collection of exploits gathered through direct submissions, mailing lists, and other public sources, and present them in a freely-available and easy-to-navigate database. The Exploit Database is a repository for exploits and proof-of-concepts rather than advisories, making it a valuable resource for those who need actionable data right away.

This repository is updated daily with the most recently added submissions. Any additional resources can be found in our binary sploits repository.

Included with this repository is the searchsploit utility, which will allow you to search through the exploits using one or more terms.

root@kali:~# searchsploit -h
  Usage: searchsploit [options] term1 [term2] ... [termN]
Example:
  searchsploit afd windows local
  searchsploit -t oracle windows

=========
 Options
=========
   -c, --case      Perform a case-sensitive search (Default is inSEnsITiVe).
   -e, --exact     Perform an EXACT match on exploit title (Default is AND) [Implies "-t"].
   -h, --help      Show this help screen.
   -o, --overflow  Exploit title's are allowed to overflow their columns.
   -p, --path      Show the full path to an exploit (Copies path to clipboard if possible).
   -t, --title     Search just the exploit title (Default is title AND the file's path).
   -u, --update    Update exploit database from git.
   -w, --www       Show URLs to Exploit-DB.com rather than local path.
       --id        Display EDB-ID value rather than local path.
       --colour    Disable colour highlighting.

=======
 Notes
=======
 * Use any number of search terms.
 * Search terms are not case sensitive, and order is irrelevant.
   * Use '-c' if you wish to reduce results by case-sensitive searching.
   * And/Or '-e' if you wish to filter results by using an exact match.
 * Use '-t' to exclude the file's path to filter the search results.
   * Remove false positives (especially when searching numbers/major versions).
 * When updating from git or displaying help, search terms will be ignored.

root@kali:~# searchsploit afd windows local
--------------------------------------------------------------------------------- ----------------------------------
 Exploit Title                                                                   |  Path
                                                                                 | (/usr/share/exploitdb/platforms)
--------------------------------------------------------------------------------- ----------------------------------
Microsoft Windows 2003/XP - AFD.sys Privilege Escalation Exploit (K-plugin)      | ./windows/local/6757.txt
Microsoft Windows XP - AFD.sys Local Kernel DoS Exploit                          | ./windows/dos/17133.c
Microsoft Windows XP/2003 Afd.sys - Local Privilege Escalation Exploit (MS11-080)| ./windows/local/18176.py
Microsoft Windows - AfdJoinLeaf Privilege Escalation (MS11-080)                  | ./windows/local/21844.rb
Microsoft Windows - AFD.SYS Dangling Pointer Privilege Escalation (MS14-040)     | ./win32/local/39446.py
Microsoft Windows 7 x64 - AFD.SYS Privilege Escalation (MS14-040)                | ./win64/local/39525.py
--------------------------------------------------------------------------------- ----------------------------------
root@kali:~#