A mirror of the Gitlab repo: https://gitlab.com/exploit-database/exploitdb
f27338c1f7
12 new exploits Apache 2.0.52 - GET Request Denial of Service Apache 2.0.52 - GET Denial of Service CUPS Server 1.1 - GET Request Denial of Service CUPS Server 1.1 - GET Denial of Service BlueCoat WinProxy 6.0 R1c - GET Request Denial of Service BlueCoat WinProxy 6.0 R1c - GET Denial of Service TFTPD32 2.81 - GET Request Format String Denial of Service (PoC) TFTPD32 2.81 - GET Format String Denial of Service (PoC) ImgSvr 0.6.5 - (long http post) Denial of Service ImgSvr 0.6.5 - POST Denial of Service Multi-Threaded TFTP 1.1 - Long GET Request Denial of Service Multi-Threaded TFTP 1.1 - GET Denial of Service Essentia Web Server 2.15 - GET Request Remote Denial of Service Essentia Web Server 2.15 - GET Remote Denial of Service Sami HTTP Server 2.0.1 - POST Request Denial of Service Sami HTTP Server 2.0.1 - POST Denial of Service Xserver 0.1 Alpha - Post Request Remote Buffer Overflow Xserver 0.1 Alpha - POST Remote Buffer Overflow XBMC 8.10 - GET Requests Multiple Remote Buffer Overflow (PoC) XBMC 8.10 - GET Multiple Remote Buffer Overflow (PoC) Zervit Web Server 0.04 - GET Request Remote Buffer Overflow (PoC) Mereo 1.8.0 - GET Request Remote Denial of Service Zervit Web Server 0.04 - GET Remote Buffer Overflow (PoC) Mereo 1.8.0 - GET Remote Denial of Service ARD-9808 DVR Card Security Camera - GET Request Remote Denial of Service ARD-9808 DVR Card Security Camera - GET Remote Denial of Service Kolibri+ Web Server 2 - GET Request Denial of Service Kolibri+ Web Server 2 - GET Denial of Service Adobe InDesign CS3 - '.INDD' File Handling Buffer Overflow Adobe InDesign CS3 - '.INDD' Handling Buffer Overflow Sami HTTP Server 2.0.1 - GET Request Denial of Service Sami HTTP Server 2.0.1 - GET Denial of Service Netscape Enterprise Server 3.6 SP2/FastTrack Server 2.0.1 - GET Request Netscape Enterprise Server 3.6 SP2/FastTrack Server 2.0.1 - GET Exploit (Linux Kernel) ReiserFS 3.5.28 - Potential Code Execution / Denial of Service (Linux Kernel) ReiserFS 3.5.28 - Code Execution / Denial of Service WebTrends Reporting Center for Windows 4.0 d - GET Request Buffer Overflow WebTrends Reporting Center for Windows 4.0 d - GET Buffer Overflow Working Resources BadBlue 1.7.3 - GET Request Denial of Service Working Resources BadBlue 1.7.3 - GET Denial of Service PlanetWeb 1.14 - Long GET Request Buffer Overflow PlanetWeb 1.14 - GET Buffer Overflow My Web Server 1.0.1/1.0.2 - Long GET Request Denial of Service My Web Server 1.0.1/1.0.2 - GET Denial of Service Monkey HTTP Server 0.4/0.5 - Invalid POST Request Denial of Service Monkey HTTP Server 0.4/0.5 - Invalid POST Denial of Service Linksys Devices 1.42/1.43 - GET Request Buffer Overflow Linksys Devices 1.42/1.43 - GET Buffer Overflow Netgear ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service NETGEAR ProSafe 1.x - VPN Firewall Web Interface Login Denial of Service VisNetic ActiveDefense 1.3.1 - Multiple GET Request Denial of Service VisNetic ActiveDefense 1.3.1 - GET Multiple Denial of Service Pi3Web 2.0.1 - GET Request Denial of Service Pi3Web 2.0.1 - GET Denial of Service Snowblind Web Server 1.0/1.1 - GET Request Buffer Overflow Snowblind Web Server 1.0/1.1 - GET Buffer Overflow ArGoSoft Mail Server 1.8.3.5 - Multiple GET Requests Denial of Service WebBBS Pro 1.18 - GET Request Denial of Service ArGoSoft Mail Server 1.8.3.5 - GET Multiple Denial of Service WebBBS Pro 1.18 - GET Denial of Service Proxomitron Proxy Server - Long GET Request Remote Denial of Service Proxomitron Proxy Server - GET Remote Denial of Service Armida Databased Web Server 1.0 - Remote GET Request Denial of Service Armida Databased Web Server 1.0 - GET Remote Denial of Service Twilight WebServer 1.3.3.0 - 'GET' Request Buffer Overflow Twilight WebServer 1.3.3.0 - GET Buffer Overflow Sami FTP Server 1.1.3 - Library Crafted GET Request Remote Denial of Service Sami FTP Server 1.1.3 - Library Crafted GET Remote Denial of Service Loom Software SurfNow 1.x/2.x - Remote GET Request Denial of Service Loom Software SurfNow 1.x/2.x - GET Remote Denial of Service Sambar Server 6.0 - 'results.stm' POST Request Buffer Overflow Sambar Server 6.0 - 'results.stm' POST Buffer Overflow Linksys PSUS4 PrintServer - POST Request Denial of Service Linksys PSUS4 PrintServer - POST Denial of Service Thomson TCW690 Cable Modem ST42.03.0a - Long GET Request Denial of Service Thomson TCW690 Cable Modem ST42.03.0a - GET Denial of Service Netgear ProSafe - Denial of Service NETGEAR ProSafe - Denial of Service Multiple IEA Software Products - POST Request Denial of Service Multiple IEA Software Products - POST Denial of Service Netgear WGR614 - Administration Interface Remote Denial of Service NETGEAR WGR614 - Administration Interface Remote Denial of Service Remote Help HTTP 0.0.7 - GET Request Format String Denial of Service Remote Help HTTP 0.0.7 - GET Format String Denial of Service Geo++ GNCASTER 1.4.0.7 - GET Request Denial of Service Geo++ GNCASTER 1.4.0.7 - GET Denial of Service D-Link WBR-2310 1.0.4 - GET Request Remote Buffer Overflow D-Link WBR-2310 1.0.4 - GET Remote Buffer Overflow Polipo 1.0.4.1 - POST/PUT Requests HTTP Header Processing Denial of Service Polipo 1.0.4.1 - POST/PUT HTTP Header Processing Denial of Service CoDeSys 3.4 - HTTP POST Request Null Pointer Content-Length Parsing Remote Denial of Service CoDeSys 3.4 - HTTP POST Null Pointer Content-Length Parsing Remote Denial of Service Zoom Player - '.avi' File Divide-by-Zero Denial of Service Zoom Player - '.avi' Divide-by-Zero Denial of Service Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated '.SWF' File (1) Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated '.SWF' File (2) Adobe Flash - '.SWF' Out-of-Bounds Memory Read (1) Adobe Flash - '.SWF' Out-of-Bounds Memory Read (2) Microsoft Windows - Cursor Object Potential Memory Leak (MS15-115) Microsoft Windows - Cursor Object Memory Leak (MS15-115) Adobe Photoshop CC / Bridge CC - '.png' File Parsing Memory Corruption (1) Adobe Photoshop CC / Bridge CC - '.png' File Parsing Memory Corruption (2) Adobe Photoshop CC & Bridge CC - '.iff' File Parsing Memory Corruption Adobe Photoshop CC / Bridge CC - '.png' Parsing Memory Corruption (1) Adobe Photoshop CC / Bridge CC - '.png' Parsing Memory Corruption (2) Adobe Photoshop CC & Bridge CC - '.iff' Parsing Memory Corruption Adobe Flash - '.MP4' File Stack Corruption Adobe Flash - '.MP4' Stack Corruption Adobe Photoshop CS2 / CS3 - Unspecified '.bmp' File Buffer Overflow Adobe Photoshop CS2 / CS3 - '.bmp' Buffer Overflow Zoom Player Pro 3.30 - '.m3u' File Buffer Overflow (SEH) Zoom Player Pro 3.30 - '.m3u' Buffer Overflow (SEH) Linux Kernel 2.2.x/2.4.x - '/proc' Filesystem Potential Information Disclosure Linux Kernel 2.2.x/2.4.x - '/proc' Filesystem Information Disclosure Adrenalin Player 2.2.5.3 - '.m3u' File Buffer Overflow (SEH) (ASLR + DEP Bypass) Adrenalin Player 2.2.5.3 - '.m3u' Buffer Overflow (SEH) (ASLR + DEP Bypass) Netgear Genie 2.4.32 - Unquoted Service Path Privilege Escalation NETGEAR Genie 2.4.32 - Unquoted Service Path Privilege Escalation CyberLink LabelPrint < 2.5 - Buffer Overflow (SEH Unicode) LimeWire 4.1.2 < 4.5.6 - Inappropriate GET Request Remote Exploit LimeWire 4.1.2 < 4.5.6 - Inappropriate GET Remote Exploit PMSoftware Simple Web Server - GET Request Remote Buffer Overflow PMSoftware Simple Web Server - GET Remote Buffer Overflow Fenice Oms 1.10 - Long GET Request Remote Buffer Overflow Fenice Oms 1.10 - GET Remote Buffer Overflow webdesproxy 0.0.1 - GET Request Remote Buffer Overflow webdesproxy 0.0.1 - GET Remote Buffer Overflow webdesproxy 0.0.1 - (exec-shield) GET Request Remote Code Execution webdesproxy 0.0.1 - (exec-shield) GET Remote Code Execution Savant Web Server 3.1 - GET Request Remote Overflow (Universal) Savant Web Server 3.1 - GET Remote Overflow (Universal) Belkin Wireless G Plus MIMO Router F5D9230-4 - Authentication Bypass Belkin F5D9230-4 Wireless G Plus MIMO Router - Authentication Bypass Netgear WG102 - Leaks SNMP Write Password With Read Access NETGEAR WG102 - Leaks SNMP Write Password With Read Access XBMC 8.10 (Windows) - GET Request Remote Buffer Overflow XBMC 8.10 (Windows) - GET Remote Buffer Overflow XBMC 8.10 - GET Request Remote Buffer Overflow (SEH) (Universal) XBMC 8.10 - GET Remote Buffer Overflow (SEH) (Universal) Netgear WNR2000 FW 1.2.0.8 - Information Disclosure NETGEAR WNR2000 FW 1.2.0.8 - Information Disclosure Kolibri+ Web Server 2 - GET Request Remote Overwrite (SEH) Kolibri+ Web Server 2 - GET Remote Overwrite (SEH) BigAnt Server 2.50 - GET Request Remote Buffer Overflow (SEH) BigAnt Server 2.50 - GET Remote Buffer Overflow (SEH) BigAnt Server 2.50 - GET Request Universal Remote Buffer Overflow (SEH) BigAnt Server 2.50 - GET Universal Remote Buffer Overflow (SEH) httpdx 1.4 - GET Request Buffer Overflow httpdx 1.4 - GET Buffer Overflow Netgear WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit) NETGEAR WG111v2 Wireless Driver - Long Beacon Overflow (Metasploit) Proxy-Pro Professional GateKeeper 4.7 - GET Request Overflow (Metasploit) Proxy-Pro Professional GateKeeper 4.7 - GET Overflow (Metasploit) Linksys WRT54 (Access Point) - apply.cgi Buffer Overflow (Metasploit) Linksys WRT54 Access Point - apply.cgi Buffer Overflow (Metasploit) Oracle Weblogic Apache Connector - POST Request Buffer Overflow (Metasploit) Oracle Weblogic Apache Connector - POST Buffer Overflow (Metasploit) Berkeley Sendmail 5.58 - Debug exploit Berkeley Sendmail 5.58 - Debug Exploit A-V Tronics InetServ 3.0 - WebMail Long GET Request A-V Tronics InetServ 3.0 - WebMail GET Exploit Light HTTPD 0.1 - GET Request Buffer Overflow (1) Light HTTPD 0.1 - GET Request Buffer Overflow (2) Light HTTPD 0.1 - GET Buffer Overflow (1) Light HTTPD 0.1 - GET Buffer Overflow (2) Netgear FM114P Wireless Firewall - File Disclosure NETGEAR FM114P Wireless Firewall - File Disclosure Athttpd 0.4b - Remote GET Request Buffer Overrun Athttpd 0.4b - GET Remote Buffer Overrun IA WebMail Server 3.0/3.1 - Long GET Request Buffer Overrun IA WebMail Server 3.0/3.1 - GET Buffer Overrun Monit 1.4/2.x/3/4 - Overly Long HTTP Request Buffer Overrun Monit 1.4/2.x/3/4 - Long HTTP Request Buffer Overrun KarjaSoft Sami HTTP Server 1.0.4 - GET Request Buffer Overflow KarjaSoft Sami HTTP Server 1.0.4 - GET Buffer Overflow MyWeb HTTP Server 3.3 - GET Request Buffer Overflow MyWeb HTTP Server 3.3 - GET Buffer Overflow Omnicron OmniHTTPd 2.x/3.0 - GET Request Buffer Overflow Omnicron OmniHTTPd 2.x/3.0 - GET Buffer Overflow Netgear RP114 3.26 - Content Filter Bypass NETGEAR RP114 3.26 - Content Filter Bypass Netgear DGN1000B - setup.cgi Remote Command Execution (Metasploit) NETGEAR DGN1000B - setup.cgi Remote Command Execution (Metasploit) Netgear DGN2200B - pppoe.cgi Remote Command Execution (Metasploit) NETGEAR DGN2200B - pppoe.cgi Remote Command Execution (Metasploit) Netgear MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow NETGEAR MA521 Wireless Driver 5.148.724 - Long Beacon Probe Buffer Overflow Netgear WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow NETGEAR WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow Netgear ReadyNAS - Perl Code Evaluation (Metasploit) NETGEAR ReadyNAS - Perl Code Evaluation (Metasploit) Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting NETGEAR SSL312 PROSAFE SSL VPN-Concentrator 25 - Error Page Cross-Site Scripting Zoom Player 3.30/5/6 - Crafted '.ZPL' File Error Message Arbitrary Code Execution Zoom Player 3.30/5/6 - '.ZPL' Error Message Arbitrary Code Execution Ultra Mini HTTPD 1.21 - POST Request Stack Buffer Overflow Ultra Mini HTTPD 1.21 - POST Stack Buffer Overflow Kolibri Web Server 2.0 - GET Request Stack Buffer Overflow Kolibri Web Server 2.0 - GET Stack Buffer Overflow NetGear WNR2000 - Multiple Information Disclosure Vulnerabilities NETGEAR WNR2000 - Multiple Information Disclosure Vulnerabilities HTTP 1.1 - GET Request Directory Traversal HTTP 1.1 - GET Directory Traversal Kolibri Web Server 2.0 - GET Request (SEH) D-Link Devices - 'info.cgi' POST Request Buffer Overflow (Metasploit) Kolibri Web Server 2.0 - GET Exploit (SEH) D-Link Devices - 'info.cgi' POST Buffer Overflow (Metasploit) Belkin n750 - jump login Parameter Buffer Overflow Belkin N750 - jump login Parameter Buffer Overflow Netgear WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities NETGEAR WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities Belkin Wireless Router Default - WPS PIN Security Belkin Wireless Router - Default WPS PIN Security Easy File Sharing Web Server 7.2 - GET Request Buffer Overflow (SEH) Easy File Sharing Web Server 7.2 - GET Buffer Overflow (SEH) Netgear D6300B - '/diag.cgi' 'IPAddr4' Parameter Remote Command Execution NETGEAR D6300B - '/diag.cgi' 'IPAddr4' Parameter Remote Command Execution Netgear ProSafe Network Management System NMS300 - Arbitrary File Upload (Metasploit) NETGEAR NMS300 ProSafe Network Management System - Arbitrary File Upload (Metasploit) NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vulnerabilities NUUO NVRmini2 / NVRsolo / Crystal Devices / NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities NETGEAR ADSL Router JNR1010 - Authenticated Remote File Disclosure NETGEAR ADSL Router WNR500/WNR612v3/JNR1010/JNR2010 - Authenticated Remote File Disclosure NETGEAR JNR1010 ADSL Router - Authenticated Remote File Disclosure NETGEAR WNR500/WNR612v3/JNR1010/JNR2010 ADSL Router - Authenticated Remote File Disclosure Netgear R7000 and R6400 - 'cgi-bin' Command Injection (Metasploit) NETGEAR R7000 / R6400 - 'cgi-bin' Command Injection (Metasploit) Easy File Sharing Web Server 7.2 - GET Request 'PassWD' Buffer Overflow (SEH) Easy File Sharing Web Server 7.2 - GET 'PassWD' Buffer Overflow (SEH) Supervisor 3.0a1 - 3.3.2 - XML-RPC Authenticated Remote Code Execution (Metasploit) Netgear DGN2200 - dnslookup.cgi Command Injection (Metasploit) NETGEAR DGN2200 - dnslookup.cgi Command Injection (Metasploit) Easy File Sharing Web Server 7.2 - GET Request 'PassWD' Buffer Overflow (DEP Bypass) Easy File Sharing Web Server 7.2 - GET 'PassWD' Buffer Overflow (DEP Bypass) Belkin NetCam F7D7601 - Multiple Vulnerabilities Belkin F7D7601 NetCam - Multiple Vulnerabilities Alienvault Open Source SIEM (OSSIM) < 4.8.0 - 'get_file' Information Disclosure (Metasploit) Alienvault Open Source SIEM (OSSIM) < 4.8.0 - 'get_file' Information Disclosure (Metasploit) Disk Pulse Enterprise 10.0.12 - GET Buffer Overflow (SEH) Oracle 9i XDB 9.2.0.1 - HTTP PASS Buffer Overflow Quezza BB 1.0 - (quezza_root_path) File Inclusion Quezza BB 1.0 - 'quezza_root_path' File Inclusion The Bible Portal Project 2.12 - (destination) File Inclusion The Bible Portal Project 2.12 - 'destination' File Inclusion Vivvo Article Manager 3.2 - (classified_path) File Inclusion Vivvo Article Manager 3.2 - 'classified_path' File Inclusion Forum82 < 2.5.2b - (repertorylevel) Multiple File Inclusion Forum82 < 2.5.2b - 'repertorylevel' Multiple File Inclusion OpenDock Easy Doc 1.4 - (doc_directory) File Inclusion OpenDock Easy Blog 1.4 - (doc_directory) File Inclusion WebYep 1.1.9 - (webyep_sIncludePath) File Inclusion OpenDock Easy Gallery 1.4 - (doc_directory) File Inclusion OpenDock Easy Doc 1.4 - 'doc_directory' File Inclusion OpenDock Easy Blog 1.4 - 'doc_directory' File Inclusion WebYep 1.1.9 - 'webyep_sIncludePath' File Inclusion OpenDock Easy Gallery 1.4 - 'doc_directory' File Inclusion Open Conference Systems 1.1.4 - (fullpath) File Inclusion Open Conference Systems 1.1.4 - 'fullpath' File Inclusion SpeedBerg 1.2beta1 - (SPEEDBERG_PATH) File Inclusion SpeedBerg 1.2beta1 - 'SPEEDBERG_PATH' File Inclusion PhpShop Core 0.9.0 RC1 - (PS_BASE) File Inclusion PhpShop Core 0.9.0 RC1 - 'PS_BASE' File Inclusion Phpjobscheduler 3.0 - (installed_config_file) File Inclusion Phpjobscheduler 3.0 - 'installed_config_file' File Inclusion Magic Photo Storage Website - _config[site_path] File Inclusion Magic Photo Storage Website - '_config[site_path]' File Inclusion Linksys Cisco WAG120N - Cross-Site Request Forgery Cisco Linksys WAG120N - Cross-Site Request Forgery Belkin G Wireless Router F5D7234-4 v5 - Exploit Belkin F5D7234-4 v5 G Wireless Router - Exploit Netgear Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery NETGEAR Wireless Cable Modem Gateway - Authentication Bypass / Cross-Site Request Forgery PHP-Nuke 6.x/7.x - Modpath Parameter Potential File Inclusion PHP-Nuke 6.x/7.x - 'Modpath' Parameter File Inclusion Netgear SPH200D - Multiple Vulnerabilities NETGEAR SPH200D - Multiple Vulnerabilities Netgear DGN1000B - Multiple Vulnerabilities NETGEAR DGN1000B - Multiple Vulnerabilities Netgear DGN2200B - Multiple Vulnerabilities NETGEAR DGN2200B - Multiple Vulnerabilities Netgear WNR1000 - Authentication Bypass NETGEAR WNR1000 - Authentication Bypass PHPMyVisites 1.3 - Set_Lang File Inclusion PHPMyVisites 1.3 - 'Set_Lang' File Inclusion PPA 0.5.6 - ppa_root_path File Inclusion PPA 0.5.6 - 'ppa_root_path' File Inclusion Netgear WPN824v3 - Unauthorized Config Download NETGEAR WPN824v3 - Unauthorized Config Download Netgear DGN1000 / DGN2200 - Multiple Vulnerabilities NETGEAR DGN1000 / DGN2200 - Multiple Vulnerabilities Netgear ProSafe - Information Disclosure NETGEAR ProSafe - Information Disclosure Netgear WNR1000v3 - Password Recovery Credential Disclosure (Metasploit) NETGEAR WNR1000v3 - Password Recovery Credential Disclosure (Metasploit) Simple Machines Forum (SMF) 1.1.6 - POST Request Filter Security Bypass Simple Machines Forum (SMF) 1.1.6 - POST Filter Security Bypass Netgear N600 Wireless Dual Band WNDR3400 - Multiple Vulnerabilities NETGEAR WNDR3400 N600 Wireless Dual Band - Multiple Vulnerabilities Belkin Router AC1200 Firmware 1.00.27 - Authentication Bypass Belkin AC1200 Router Firmware 1.00.27 - Authentication Bypass Netgear DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting Netgear DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure ManageEngine ADSelfService Plus 4.4 - POST Request Manipulation Security Question ManageEngine ADSelfService Plus 4.4 - POST Manipulation Security Question Netgear ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure NETGEAR ReadyNAS LAN /dbbroker 6.2.4 - Credential Disclosure Netgear Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation Netgear Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities NETGEAR Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities Belkin Router N150 1.00.08/1.00.09 - Directory Traversal Belkin N150 Router 1.00.08/1.00.09 - Directory Traversal eBay Magento CE 1.9.2.1 - Unrestricted Cron Script (Potential Code Execution / Denial of Service) eBay Magento CE 1.9.2.1 - Unrestricted Cron Script (Code Execution / Denial of Service) Belkin N150 Wireless Home Router F9K1009 v1 - Multiple Vulnerabilities Belkin N150 Wireless Router F9K1009 v1 - Multiple Vulnerabilities Netgear WNR1000v4 - Authentication Bypass NETGEAR WNR1000v4 - Authentication Bypass Netgear ProSafe Network Management System NMS300 - Multiple Vulnerabilities NETGEAR NMS300 ProSafe Network Management System - Multiple Vulnerabilities Netgear R7000 - Command Injection Netgear R7000 - Cross-Site Scripting NETGEAR R7000 - Command Injection NETGEAR R7000 - Cross-Site Scripting Tenda N3 Wireless N150 Home Router - Authentication Bypass Tenda N3 Wireless N150 Router - Authentication Bypass DenyAll WAF < 6.3.0 - Remote Code Execution (Metasploit) Lending And Borrowing - 'pid' Parameter SQL Injection Multi Level Marketing - SQL Injection Cash Back Comparison Script 1.0 - SQL Injection Claydip Airbnb Clone 1.0 - Arbitrary File Upload Secure E-commerce Script 1.02 - 'sid' Parameter SQL Injection PHP Auction Ecommerce Script 1.6 - SQL Injection JitBit HelpDesk < 9.0.2 - Authentication Bypass |
||
|---|---|---|
| platforms | ||
| files.csv | ||
| README.md | ||
| searchsploit | ||
The Exploit Database Git Repository
This is the official repository of The Exploit Database, a project sponsored by Offensive Security.
The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Its aim is to serve as the most comprehensive collection of exploits gathered through direct submissions, mailing lists, and other public sources, and present them in a freely-available and easy-to-navigate database. The Exploit Database is a repository for exploits and proof-of-concepts rather than advisories, making it a valuable resource for those who need actionable data right away.
This repository is updated daily with the most recently added submissions. Any additional resources can be found in our binary sploits repository.
Included with this repository is the searchsploit utility, which will allow you to search through the exploits using one or more terms. For more information, please see the SearchSploit manual.
root@kali:~# searchsploit -h
Usage: searchsploit [options] term1 [term2] ... [termN]
==========
Examples
==========
searchsploit afd windows local
searchsploit -t oracle windows
searchsploit -p 39446
searchsploit linux kernel 3.2 --exclude="(PoC)|/dos/"
For more examples, see the manual: https://www.exploit-db.com/searchsploit/
=========
Options
=========
-c, --case [Term] Perform a case-sensitive search (Default is inSEnsITiVe).
-e, --exact [Term] Perform an EXACT match on exploit title (Default is AND) [Implies "-t"].
-h, --help Show this help screen.
-j, --json [Term] Show result in JSON format.
-m, --mirror [EDB-ID] Mirror (aka copies) an exploit to the current working directory.
-o, --overflow [Term] Exploit titles are allowed to overflow their columns.
-p, --path [EDB-ID] Show the full path to an exploit (and also copies the path to the clipboard if possible).
-t, --title [Term] Search JUST the exploit title (Default is title AND the file's path).
-u, --update Check for and install any exploitdb package updates (deb or git).
-w, --www [Term] Show URLs to Exploit-DB.com rather than the local path.
-x, --examine [EDB-ID] Examine (aka opens) the exploit using $PAGER.
--colour Disable colour highlighting in search results.
--id Display the EDB-ID value rather than local path.
--nmap [file.xml] Checks all results in Nmap's XML output with service version (e.g.: nmap -sV -oX file.xml).
Use "-v" (verbose) to try even more combinations
--exclude="term" Remove values from results. By using "|" to separated you can chain multiple values.
e.g. --exclude="term1|term2|term3".
=======
Notes
=======
* You can use any number of search terms.
* Search terms are not case-sensitive (by default), and ordering is irrelevant.
* Use '-c' if you wish to reduce results by case-sensitive searching.
* And/Or '-e' if you wish to filter results by using an exact match.
* Use '-t' to exclude the file's path to filter the search results.
* Remove false positives (especially when searching using numbers - i.e. versions).
* When updating or displaying help, search terms will be ignored.
root@kali:~#
root@kali:~# searchsploit afd windows local
---------------------------------------------------------------------------------------- -----------------------------------
Exploit Title | Path
| (/usr/share/exploitdb/platforms/)
---------------------------------------------------------------------------------------- -----------------------------------
Microsoft Windows XP - 'afd.sys' Local Kernel Denial of Service | windows/dos/17133.c
Microsoft Windows - 'afd.sys' Local Kernel Exploit (PoC) (MS11-046) | windows/dos/18755.c
Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066) | windows/local/6757.txt
Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (MS11-080) | windows/local/18176.py
Microsoft Windows - 'AfdJoinLeaf' Privilege Escalation (MS11-080) (Metasploit) | windows/local/21844.rb
Microsoft Windows 7 (x86) - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040) | win_x86/local/39446.py
Microsoft Windows 7 (x64) - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040) | win_x86-64/local/39525.py
Microsoft Windows (x86) - 'afd.sys' Privilege Escalation (MS11-046) | win_x86/local/40564.c
---------------------------------------------------------------------------------------- -----------------------------------
root@kali:~#
root@kali:~# searchsploit -p 39446
Exploit: Microsoft Windows 7 (x86) - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040)
URL: https://www.exploit-db.com/exploits/39446/
Path: /usr/share/exploitdb/platforms/win_x86/local/39446.py
Copied EDB-ID 39446's path to the clipboard.
root@kali:~#
SearchSploit requires either "CoreUtils" or "utilities" (e.g. bash, sed, grep, awk, etc.) for the core features to work. The self updating function will require git, and the Nmap XML option to work, will require xmllint (found in the libxml2-utils package in Debian-based systems).