![]() 9 new exploits Serv-U 3x - 5.x - Local Privilege Escalation Exploit Serv-U 3.x - 5.x - Local Privilege Escalation Exploit SHOUTcast 1.9.4 File Request Format String Remote Exploit (win) SHOUTcast 1.9.4 - File Request Format String Remote Exploit (Windows) Monstra CMS 3.0.3 - Multiple Vulnerabilities pragmaMX Module Landkarten 2.1 - Local File Inclusion Exploit (win) GeBlog 0.1 - GLOBALS[tplname] Local File Inclusion Exploit (win) pragmaMX Module Landkarten 2.1 - Local File Inclusion Exploit (Windows) GeBlog 0.1 - GLOBALS[tplname] Local File Inclusion Exploit (Windows) PicoFlat CMS 0.5.9 - Local File Inclusion Vulnerabilitty (win) PicoFlat CMS 0.5.9 - Local File Inclusion Vulnerabilitty (Windows) Tribiq CMS 5.0.10a - Local File Inclusion Vulnerability (win) Tribiq CMS 5.0.10a - Local File Inclusion Vulnerability (Windows) Apache Tomcat - runtime.getRuntime().exec() Privilege Escalation (win) Apache Tomcat - runtime.getRuntime().exec() Privilege Escalation (Windows) AJA Portal 1.2 - Local File Inclusion Vulnerabilities (win) AJA Portal 1.2 - Local File Inclusion Vulnerabilities (Windows) Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption PoC (MS09-002) Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption PoC (MS09-002) XBMC 8.10 (Get Request) Remote Buffer Overflow Exploit (win) XBMC 8.10 - (GET Request) Remote Buffer Overflow Exploit (Windows) MonGoose 2.4 Webserver Directory Traversal Vulnerability (win) MonGoose 2.4 - Webserver Directory Traversal Vulnerability (Windows) Apple iTunes 8.1.1.10 - (itms/itcp) Remote Buffer Overflow Exploit (win) Apple iTunes 8.1.1.10 - (itms/itcp) Remote Buffer Overflow Exploit (Windows) Adobe Related Service - (getPlus_HelperSvc.exe) Local Privilege Escalation Adobe 9.x Related Service - (getPlus_HelperSvc.exe) Local Privilege Escalation PulseAudio setuid - Local Privilege Escalation Exploit Adobe Acrobat 9.1.2 - NOS Local Privilege Escalation Exploit Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (C) Adobe Acrobat 9.1.2 - NOS Local Privilege Escalation Exploit (py) Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (Python) Serv-u Web client 9.0.0.5 - Buffer Overflow Serv-U Web Client 9.0.0.5 - Buffer Overflow (2) Serv-u Web client 9.0.0.5 - Buffer Overflow Serv-U Web Client 9.0.0.5 - Buffer Overflow (1) Qihoo 360 Security Guard breg device drivers Privilege Escalation Vulnerability Qihoo 360 Security Guard 6.1.5.1009 - breg device drivers Privilege Escalation Vulnerability Sysax Multi Server (SFTP module) Multiple Commands DoS Vulnerabilities Sysax Multi Server < 5.25 - (SFTP Module) Multiple Commands DoS Vulnerabilities Integard Pro 2.2.0.9026 - Windows 7 ROP-Code (Metasploit) Integard Pro 2.2.0.9026 - Windows 7 ROP-Code (Metasploit) WordPress Plugin mingle forum <= 1.0.26 - Multiple Vulnerabilities WordPress Plugin mingle forum <= 1.0.26 - Multiple Vulnerabilities Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067) Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067) WordPress Plugin ajax category dropdown 0.1.5 - Multiple Vulnerabilities WordPress Plugin ajax category dropdown 0.1.5 - Multiple Vulnerabilities Sysax Multi Server 5.50 Create Folder BOF Sysax Multi Server 5.50 - Create Folder BOF Sysax Multi Server <= 5.52 File Rename BoF RCE (Egghunter) Sysax Multi Server <= 5.52 - File Rename BoF RCE (Egghunter) Sysax Multi Server 5.53 SFTP Post Auth SEH Exploit Sysax <= 5.53 SSH Username BoF Pre Auth RCE (Egghunter) Sysax Multi Server 5.53 - SFTP Post Auth SEH Exploit Sysax <= 5.53 - SSH Username BoF Pre Auth RCE (Egghunter) Sysax 5.53 SSH Username Buffer Overflow (Metasploit) Sysax 5.53 - SSH Username Buffer Overflow (Metasploit) sysax <= 5.57 - Directory Traversal Sysax <= 5.57 - Directory Traversal Sysax <= 5.60 Create SSL Certificate Buffer Overflow Sysax <= 5.60 - Create SSL Certificate Buffer Overflow Sysax <= 5.62 Admin Interface Local Buffer Overflow Sysax <= 5.62 - Admin Interface Local Buffer Overflow Sysax Multi-Server 5.64 Create Folder Buffer Overflow Sysax Multi Server 5.64 Create Folder Buffer Overflow Sysax Multi Server 5.64 - Create Folder Buffer Overflow ActFax 4.31 - Local Privilege Escalation Exploit ActFax Server 4.31 Build 0225 - Local Privilege Escalation Exploit PHP-Nuke Search Module - Modules.PHP Remote Directory Traversal Vulnerability PHP-Nuke Search Module - Modules.PHP Remote Directory Traversal Vulnerability STHS v2 Web Portal prospects.php team Parameter SQL Injection STHS v2 Web Portal prospect.php team Parameter SQL Injection STHS v2 Web Portal team.php team Parameter SQL Injection STHS v2 Web Portal - prospects.php team Parameter SQL Injection STHS v2 Web Portal - prospect.php team Parameter SQL Injection STHS v2 Web Portal - team.php team Parameter SQL Injection WK UDID v1.0.1 iOS - Command Inject Vulnerability WK UDID 1.0.1 iOS - Command Inject Vulnerability Hawkeye-G v3.0.1.4912 CSRF Vulnerability Hawkeye-G 3.0.1.4912 - CSRF Vulnerability Hawkeye-G v3.0.1.4912 Persistent XSS & Information Leakage Hawkeye-G 3.0.1.4912 - Persistent XSS & Information Leakage Reaver Pro Local Privilege Escalation Vulnerability Reaver Pro - Local Privilege Escalation Vulnerability Sysax Multi Server 6.40 SSH Component Denial of Service Sysax Multi Server 6.40 - SSH Component Denial of Service WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection w3tw0rk / Pitbul IRC Bot Remote Code Execution w3tw0rk / Pitbul IRC Bot - Remote Code Execution Dropbox < 3.3.x - OSX FinderLoadBundle Local Root Exploit Dropbox < 3.3.x - OSX FinderLoadBundle Local Root Exploit Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities WordPress Plugin Sell Download v1.0.16 - Local File Disclosure WordPress Plugin TheCartPress v1.4.7 - Multiple Vulnerabilities WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities WordPress Plugin Sell Download 1.0.16 - Local File Disclosure WordPress Plugin TheCartPress 1.4.7 - Multiple Vulnerabilities Cyclope Employee Surveillance <= v8.6.1- Insecure File Permissions Cyclope Employee Surveillance <= 8.6.1- Insecure File Permissions XM Easy Personal FTP Server 5.8 - (HELP) Remote DoS Vulnerability XM Easy Personal FTP Server 5.8 - (HELP) Remote DoS Vulnerability Liferay Portal 5.1.2 - Persistent XSS Trend Micro Deep Discovery Inspector 3.8_ 3.7 - CSRF Vulnerabilities Linux/x86_x64 - execve(/bin/sh) - 25 bytes Linux/x86_x64 - execve(/bin/bash) - 33 bytes TallSoft SNMP TFTP Server 1.0.0 - Denial of Service FireEye - Privilege Escalation to root from Malware Input Processor (uid=mip) Android One mt_wifi IOCTL_GET_STRUCT Privilege Escalation Cogent Datahub <= 7.3.9 Gamma Script Elevation of Privilege |
||
---|---|---|
platforms | ||
files.csv | ||
README.md | ||
searchsploit |
The Exploit-Database Git Repository
This is the official repository of The Exploit Database, a project sponsored by Offensive Security.
The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Its aim is to serve as the most comprehensive collection of exploits gathered through direct submissions, mailing lists, and other public sources, and present them in a freely-available and easy-to-navigate database. The Exploit Database is a repository for exploits and proof-of-concepts rather than advisories, making it a valuable resource for those who need actionable data right away.
This repository is updated daily with the most recently added submissions. Any additional resources can be found in our binary sploits repository.
Included with this repository is the searchsploit utility, which will allow you to search through the exploits using one or more terms.
root@kali:~# searchsploit -h
Usage: searchsploit [options] term1 [term2] ... [termN]
Example:
searchsploit afd windows local
searchsploit -t oracle windows
=========
Options
=========
-c, --case Perform a case-sensitive search (Default is inSEnsITiVe).
-e, --exact Perform an EXACT match on exploit title (Default is AND) [Implies "-t"].
-h, --help Show this help screen.
-o, --overflow Exploit title's are allowed to overflow their columns.
-p, --path Show the full path to an exploit (Copies path to clipboard if possible).
-t, --title Search just the exploit title (Default is title AND the file's path).
-u, --update Update exploit database from git.
-w, --www Show URLs to Exploit-DB.com rather than local path.
--id Display EDB-ID value rather than local path.
--colour Disable colour highlighting.
=======
Notes
=======
* Use any number of search terms.
* Search terms are not case sensitive, and order is irrelevant.
* Use '-c' if you wish to reduce results by case-sensitive searching.
* And/Or '-e' if you wish to filter results by using an exact match.
* Use '-t' to exclude the file's path to filter the search results.
* Remove false positives (especially when searching numbers/major versions).
* When updating from git or displaying help, search terms will be ignored.
root@kali:~# searchsploit afd windows local
--------------------------------------------------------------------------------- ----------------------------------
Exploit Title | Path
| (/usr/share/exploitdb/platforms)
--------------------------------------------------------------------------------- ----------------------------------
Microsoft Windows 2003/XP - AFD.sys Privilege Escalation Exploit (K-plugin) | ./windows/local/6757.txt
Microsoft Windows XP - AFD.sys Local Kernel DoS Exploit | ./windows/dos/17133.c
Microsoft Windows XP/2003 Afd.sys - Local Privilege Escalation Exploit (MS11-080)| ./windows/local/18176.py
Microsoft Windows - AfdJoinLeaf Privilege Escalation (MS11-080) | ./windows/local/21844.rb
Microsoft Windows - AFD.SYS Dangling Pointer Privilege Escalation (MS14-040) | ./win32/local/39446.py
Microsoft Windows 7 x64 - AFD.SYS Privilege Escalation (MS14-040) | ./win64/local/39525.py
--------------------------------------------------------------------------------- ----------------------------------
root@kali:~#