bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/dos
History
Offensive Security a250e82458 DB: 2021-10-12 
176 changes to exploits/shellcodes

Yenkee Hornet Gaming Mouse - 'GM312Fltr.sys' Denial-Of-Service (PoC)

Product Key Explorer 4.2.7 - 'multiple' Denial of Service (PoC)

jQuery UI 1.12.1 - Denial of Service (DoS)
AgataSoft PingMaster Pro 2.1 - Denial of Service (PoC)
Nsauditor 3.2.2.0 - 'Event Description' Denial of Service (PoC)
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Device Reboot (Unauthenticated)
ProFTPD 1.3.7a - Remote Denial of Service
glFTPd 2.11a - Remote Denial of Service
Hasura GraphQL 1.3.3 - Denial of Service
WordPress Plugin WPGraphQL 1.3.5 - Denial of Service
Telegram Desktop 2.9.2 - Denial of Service (PoC)
SmartFTP Client 10.0.2909.0 - 'Multiple' Denial of Service
Redragon Gaming Mouse - 'REDRAGON_MOUSE.sys' Denial-Of-Service (PoC)
GeoGebra Graphing Calculato‪r‬ 6.0.631.0 - Denial Of Service (PoC)
GeoGebra Classic 5.0.631.0-d - Denial of Service (PoC)
GeoGebra CAS Calculato‪r‬ 6.0.631.0 - Denial of Service (PoC)

Microsoft Internet Explorer 8/11 and WPAD service 'Jscript.dll' - Use-After-Free

MySQL User-Defined (Linux) x32 / x86_64 - 'sys_exec' Local Privilege Escalation (2)

Cyberfox Web Browser 52.9.1 - Denial-of-Service (PoC)

Cmder Console Emulator 1.3.18 - 'Cmder.exe' Denial-of-Service (PoC)
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Hard coded Credentials Shell Access
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Weak Default WiFi Password Algorithm
vsftpd 3.0.3 - Remote Denial of Service

GNU Wget < 1.18 - Arbitrary File Upload / Remote Code Execution (2)

PEEL Shopping 9.3.0 - 'Comments/Special Instructions' Stored Cross-Site Scripting

Arteco Web Client DVR/NVR - 'SessionId' Brute Force

Resumes Management and Job Application Website 1.0 - Multiple Stored XSS

Library System 1.0 - Authentication Bypass Via SQL Injection

MyBB Timeline Plugin 1.0 - Cross-Site Scripting / CSRF

SonicWall SSL-VPN 8.0.0.0 - 'shellshock/visualdoor' Remote Code Execution (Unauthenticated)

Web Based Quiz System 1.0 - 'MCQ options' Persistent/Stored Cross-Site Scripting

Web Based Quiz System 1.0 - 'name' Persistent/Stored Cross-Site Scripting

Online Ordering System 1.0 - Arbitrary File Upload to Remote Code Execution

MagpieRSS 0.72 - 'url' Command Injection and Server Side Request Forgery
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Command Injection (Authenticated)
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Authentication Bypass
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Remote Code Execution
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Factory Reset (Unauthenticated)
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Config Download (Unauthenticated)
GetSimple CMS Custom JS Plugin 0.1 - CSRF to Persistent XSS
Regis Inventory And Monitoring System 1.0 - 'Item List' Stored XSS

rConfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) (1)

Mini Mouse 9.3.0 - Local File inclusion / Path Traversal

GetSimple CMS My SMTP Contact Plugin 1.1.1 - CSRF to RCE

Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass

rconfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) (2)

GravCMS 1.10.7 - Unauthenticated Arbitrary YAML Write/Update (Metasploit)

GetSimple CMS My SMTP Contact Plugin 1.1.2 - CSRF to Stored XSS to RCE

Sipwise C5 NGCP CSC - 'Multiple' Stored/Reflected Cross-Site Scripting (XSS)

Cacti 1.2.12 - 'filter' SQL Injection / Remote Code Execution

Zenario CMS 8.8.52729 - 'cID' Blind & Error based SQL injection (Authenticated)

OpenEMR 5.0.1.3 - '/portal/account/register.php' Authentication Bypass

VMware vCenter Server RCE 6.5 / 6.7 / 7.0 - Remote Code Execution (RCE) (Unauthenticated)

Scratch Desktop 3.17 - Cross-Site Scripting/Remote Code Execution (XSS/RCE)

Church Management System 1.0 - Unrestricted File Upload to Remote Code Execution (Authenticated)

Zoo Management System 1.0 - 'Multiple' Stored Cross-Site-Scripting (XSS)

WordPress Plugin Current Book 1.0.1 - 'Book Title and Author field' Stored Cross-Site Scripting (XSS)

KevinLAB BEMS 1.0 - Unauthenticated SQL Injection / Authentication Bypass

Event Registration System with QR Code 1.0 - Authentication Bypass & RCE

CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF) to Remote Code Execution (RCE)

Panasonic Sanyo CCTV Network Camera 2.03-0x - 'Disable Authentication / Change Password' CSRF

ApacheOfBiz 17.12.01 - Remote Command Execution (RCE) via Unsafe Deserialization of XMLRPC arguments

WordPress Plugin LifterLMS 4.21.1 - Access Other Student Grades/Answers via IDOR

GeoVision Geowebserver 5.3.3 - LFI / XSS / HHI / RCE

Umbraco CMS 8.9.1 - Path traversal and Arbitrary File Write (Authenticated)

Traffic Offense Management System 1.0 - SQLi to Remote Code Execution (RCE) (Unauthenticated)

Compro Technology IP Camera - 'killps.cgi' Denial-of-Service (DoS)

OpenSIS 8.0 'modname' - Directory/Path Traversal

Patient Appointment Scheduler System 1.0 - Persistent/Stored XSS

Apartment Visitor Management System (AVMS) 1.0 - SQLi to RCE

FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 - 'Add Admin' Cross-Site Request Forgery (CSRF)

Wordpress Plugin JS Jobs Manager 1.1.7 - Unauthenticated Plugin Install/Activation

PlaceOS 1.2109.1 - Open Redirection

Blood Bank System 1.0 - SQL Injection / Authentication Bypass

Lodging Reservation Management System 1.0 - SQL Injection / Authentication Bypass

Atlassian Jira Server/Data Center 8.16.0 - Arbitrary File Read

Linux/x64 - Reverse (127.1.1.1:4444/TCP) Shell (/bin/sh) Shellcode (123 Bytes)
Linux/x86 - Bind Socat (0.0.0.0:1000/TCP) Shell (Bash) Shellcode (113 bytes)
Linux/x86 - Bind (0.0.0.0:13377/TCP) Shell (/bin/sh) Shellcode (65 bytes)
Windows/x86 - Download File (http://10.10.10.5:8080/2NWyfQ9T.hta) Via mshta + Execute + Stager Shellcode (143 bytes)
Linux/x64 - Bind_tcp (0.0.0.0:4444) + Password (12345678) + Shell (/bin/sh) Shellcode (142 bytes)
Linux/x64 - execve _cat /etc/shadow_ Shellcode (66 bytes)
Windows/x86 - Add User Alfred to Administrators/Remote Desktop Users Group Shellcode (240 bytes)
Windows/x64 - Dynamic Null-Free WinExec PopCalc Shellcode (205 Bytes)
Windows/x64 - Dynamic NoNull Add RDP Admin (BOKU:SP3C1ALM0V3) Shellcode (387 Bytes)

Linux/x86 - execve /bin/sh Shellcode (fstenv eip GetPC technique) (70 bytes_ xor encoded)
Windows/x86 - WinExec PopCalc PEB & Export Directory Table NullFree Dynamic Shellcode (178 bytes)
Windows/x86 - Bind TCP shellcode / Dynamic PEB & EDT method null-free Shellcode (415 bytes)
2021-10-12 05:02:16 +00:00
..
738.c DB: 2021-09-03 2021-09-03 20:19:21 +00:00
1063.pl DB: 2021-09-03 2021-09-03 20:19:21 +00:00
1064.c DB: 2021-09-03 2021-09-03 20:19:21 +00:00
1345.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
1517.c DB: 2021-09-03 2021-09-03 20:19:21 +00:00
1573.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
1651.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
6481.c DB: 2021-09-03 2021-09-03 20:19:21 +00:00
10242.py DB: 2021-09-03 2021-09-03 14:58:20 +00:00
10243.py DB: 2021-09-03 2021-09-03 14:58:20 +00:00
10820.sh DB: 2021-09-03 2021-09-03 13:39:06 +00:00
10825.sh DB: 2021-09-03 2021-09-03 13:39:06 +00:00
10826.sh DB: 2021-09-03 2021-09-03 13:39:06 +00:00
10829.pl DB: 2021-09-03 2021-09-03 13:39:06 +00:00
11397.txt DB: 2021-09-03 2021-09-03 13:39:06 +00:00
12154.txt DB: 2021-09-03 2021-09-03 13:39:06 +00:00
12259.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
12554.txt DB: 2021-09-03 2021-09-03 13:39:06 +00:00
14678.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
15431.txt DB: 2021-09-03 2021-09-03 13:39:06 +00:00
18023.java DB: 2021-09-03 2021-09-03 20:19:21 +00:00
18296.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
18305.py DB: 2021-09-03 2021-09-03 20:19:21 +00:00
18458.txt DB: 2021-09-03 2021-09-03 13:39:06 +00:00
18460.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
18909.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
18910.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
18976.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
18977.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
18978.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
21428.txt DB: 2021-09-03 2021-09-03 13:39:06 +00:00
22110.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
22419.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
22425.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
22426.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
22435.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
22494.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
22660.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
23311.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
23460.pl DB: 2021-09-03 2021-09-03 20:19:21 +00:00
23750.txt DB: 2021-09-03 2021-09-03 13:39:06 +00:00
24621.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
24854.txt DB: 2021-09-03 2021-09-03 13:39:06 +00:00
24855.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
25752.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
29577.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
29692.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
29693.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
29823.c DB: 2021-09-03 2021-09-03 20:19:21 +00:00
30395.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
30401.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
30753.txt DB: 2021-09-03 2021-09-03 13:39:06 +00:00
30760.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
32715.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
32769.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
33625.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
33677.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
33755.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
34505.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
35164.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
35354.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
35358.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
35413.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
35414.txt DB: 2021-09-03 2021-09-03 13:39:06 +00:00
35415.txt DB: 2021-09-03 2021-09-03 13:39:06 +00:00
35483.txt DB: 2021-09-03 2021-09-03 13:39:06 +00:00
35484.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
35485.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
35486.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
35487.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
35539.txt DB: 2021-09-03 2021-09-03 13:39:06 +00:00
36070.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
36158.txt DB: 2021-09-03 2021-09-03 13:39:06 +00:00
36682.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
36789.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
37566.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
37728.py DB: 2021-09-03 2021-09-03 20:19:21 +00:00
38120.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
38121.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
38122.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
38123.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
38125.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
38442.txt DB: 2021-09-03 2021-09-03 13:39:06 +00:00
39091.pl DB: 2021-09-03 2021-09-03 20:19:21 +00:00
39092.pl DB: 2021-09-03 2021-09-03 20:19:21 +00:00
39095.pl DB: 2021-09-03 2021-09-03 20:19:21 +00:00
39653.txt DB: 2021-09-03 2021-09-03 13:39:06 +00:00
40155.py DB: 2021-09-03 2021-09-03 20:19:21 +00:00
40301.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
40302.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
40305.txt DB: 2021-09-03 2021-09-03 13:39:06 +00:00
40306.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
40313.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
40314.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
40315.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
40316.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
40317.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
40318.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
40319.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
40320.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
40321.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
40329.php DB: 2021-09-03 2021-09-03 13:39:06 +00:00
40996.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
43852.php DB: 2021-09-03 2021-09-03 20:19:21 +00:00
43968.py DB: 2021-09-03 2021-09-03 20:19:21 +00:00
44057.md DB: 2021-09-03 2021-09-03 20:19:21 +00:00
44336.py DB: 2021-09-03 2021-09-03 13:39:06 +00:00
44768.txt DB: 2021-09-03 2021-09-03 13:39:06 +00:00
44846.txt DB: 2021-09-03 2021-09-03 20:19:21 +00:00
44927.pl DB: 2021-09-03 2021-09-03 20:19:21 +00:00
46921.sh DB: 2021-09-03 2021-09-03 20:19:21 +00:00
47800.py DB: 2021-09-03 2021-09-03 20:19:21 +00:00