Blog RSSExploits RSSFacebook
CVE Certified

The Exploit Database

GHDB

 

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D   Description Plat. Author
2018-08-16   Foxit Reader 9.0.1.1049 Buffer Overflow 7 REMOTE Manoj Ahuje
2018-08-15   Cloudme 1.9 - Buffer Overflow (DEP) (Metasploit) 4 REMOTE Raymond Wellnitz
2018-08-14   Oracle GlassFish Server 4.1 Directory Traversal 14 REMOTE Mishra Dhiraj
2018-08-14   Microsoft DirectX SDK (June 2010) Xact3.exe DLL Hijacking 5 REMOTE hyp3rlinx
2018-08-13   Oracle Weblogic Server Deserialization Remote Code Execution 17 REMOTE Jacob Robles
2018-08-13   Microsoft DirectX SDK - 'Xact.exe' Remote Code Execution 7 REMOTE hyp3rlinx
2018-08-13   Dicoogle PACS 2.5.0 Web Server Directory Traversal Exploit 5 REMOTE h00die
2018-08-10   Mikrotik WinBox 6.42 - Credential Disclosure (Metasploit) 14 REMOTE Omid Shojaei
2018-08-09   reSIProcate 1.10.2 Heap Overflow 5 REMOTE Joachim De Zutter
2018-08-02   My Video Converter 1.5.24 Buffer Overflow 18 REMOTE Shubham Singh

Local Exploits

Date D   Description Plat. Author
2018-08-14   PostgreSQL 9.4-0.5.3 - Privilege Escalation 10 LOCAL Johannes Segitz
2018-08-13   IP Finder 1.5 - Denial of Service (PoC) 8 LOCAL Shubham Singh
2018-08-13   Monitoring software iSmartViewPro 1.5 - 'SavePath for ScreenShots' Buffer Overfl 4 LOCAL Shubham Singh
2018-08-13   iSmartViewPro 1.5 - 'Password' Buffer Overflow 2 LOCAL Javier Enrique Rodriguez Gutierrez
2018-08-10   Linux Kernel 4.14.7 (Ubuntu 16.04 / CentOS 7) - (KASLR & SMEP Bypass) Arbit 7 LOCAL Andrey Konovalov
2018-08-10   CloudMe Sync 1.10.9 - Buffer Overflow (SEH)(DEP Bypass) 3 LOCAL Manoj Ahuje
2018-08-10   AgataSoft Auto PingMaster 1.5 - Buffer Overflow (SEH) 4 LOCAL bzyo
2018-08-09   iSmartViewPro 1.5 Account Buffer Overflow 2 LOCAL Alan Joaquin Baeza Meza
2018-08-09   iSmartViewPro 1.5 Device Alias Buffer Overflow 4 LOCAL Rodrigo Eduardo Rodriguez
2018-08-06   Wedding Slideshow Studio 1.36 - Buffer Overflow 5 LOCAL Achilles

Web Applications

Date D   Description Plat. Author
2018-08-16   cPanel 76 Cross Site Scripting 5 WEB Numan OZDEMIR
2018-08-15   cgit 1.2.1 - Directory Traversal (Metasploit) 4 WEB Dhiraj Mishra
2018-08-10   TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery (Information Disclosu 10 WEB Wadeek
2018-08-10   TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery (Remote Reboot) 4 WEB Wadeek
2018-08-07   OpenEMR < 5.0.1 - Remote Code Execution 15 WEB Cody Zacharias
2018-08-03   Seq 4.2.476 Authentication Bypass 14 WEB Daniel Chactoura
2018-08-03   CoSoSys Endpoint Protector 4.5.0.1 - Authenticated Remote Root Command Injection 5 WEB 0x09AL
2018-08-01   SonicWall Global Management System XMLRPC 12 WEB Michael Flanders
2018-08-01   Vtiger CRM 6.3.0 Authenticated Logo Upload Remote Command Execution 8 WEB Touhid M.Shaikh
2018-07-31   H2 Database 1.4.197 Information Disclosure 12 WEB owodelta

DoS/PoC

Date D   Description Plat. Author
2018-08-15   Wansview 1.0.2 - Denial of Service (PoC) 3 DOS Gionathan Reale
2018-08-14   iSmartViewPro 1.5 Buffer Overflow 5 DOS Shubham Singh
2018-08-14   Switch Port Mapping Tool 2.81.2 - 'Name Field' Denial of Service (PoC) 2 DOS Shubham Singh
2018-08-14   PLC Wireless Router GPN2.4P21-C-CN - Denial of Service 2 DOS Chris Rose
2018-08-14   Acunetix WVS 10.0 Build 20150623 - Denial of Service (PoC) 2 DOS Javier Enrique Rodriguez Gutierrez
2018-08-10   reSIProcate 1.10.2 - Heap Overflow 6 DOS Joachim De Zutter
2018-08-08   QNap QVR Client 5.0.3.23100 - Denial of Service (PoC) 2 DOS Rodrigo Eduardo Rodriguez
2018-08-03   Linkedin iOS 9.11.8592.4 CPU Resource Exhaustion 6 DOS Juan Sacco
2018-08-02   Allok Fast AVI MPEG Splitter 1.2 SEH Overwrite 3 DOS Shubham Singh
2018-08-02   Switch Port Mapping Tool 2.81 - 'SNMP Community Name' Denial of Service (PoC) 3 DOS Luis Martínez

Shellcode

Date D   Description Plat. Author
2018-08-14   Linux/x64 - Add Root User (toor/toor) Shellcode (99 bytes) 8 SHELLCODE epi
2018-08-06   Linux/ARM - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (128 Bytes) 6 SHELLCODE Ken Kitahara
2018-08-06   Linux/x86 - Reverse TCP (::FFFF:192.168.1.5:4444/TCP) Shell (/bin/sh) + Null-Fre 2 SHELLCODE Kartik Durg
2018-08-02   Linux/ARM - Reverse (::1:4444/TCP) Shell (/bin/sh) +IPv6 Shellcode (116 Bytes) 3 SHELLCODE Ken Kitahara
2018-07-25   Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (100 bytes) 15 SHELLCODE Kartik Durg
2018-07-17   Linux/x64 - Reverse (::1:1337/TCP) + IPv6 + Password (pwnd) Shellcode (115 bytes 6 SHELLCODE Hashim Jawad
2018-07-17   Linux/ARM - Bind (1234/TCP) Shell (/bin/sh) Shellcode (104 bytes) 5 SHELLCODE odzhancode
2018-07-10   Linux/x86 - Kill Process Shellcode (20 bytes) 18 SHELLCODE Nathu Nandwani
2018-07-03   Linux/x86 - Execve /bin/cat /etc/passwd Shellcode (37 bytes) 16 SHELLCODE Anurag Srivastava
2018-06-11   Linux/ARM - Egghunter (0x50905090) + execve('/bin/sh') Shellcode (60 bytes) 31 SHELLCODE rtmcx

Papers

Date D   Description Plat. Author
2018-01-15   Phrack: .NET Instrumentation via MSIL bytecode injection (Antonio "s4tan" Parata 192 PAPERS phrack
2017-08-28   Abusing Token Privileges For LPE 244 PAPERS drone and breenmachine
2017-01-12   OpenSSL - Weak KDF 201 PAPERS anonymous
2014-08-27   SSDP Amplification Scanner 271 PAPERS SaMaN
2014-06-26   [Hacking-Contest] SSH Server wrapper 267 PAPERS Jakob Lell
2012-03-20   Full MSSQL Injection PWNage 397 PAPERS CWH Underground
2011-10-12   Reverse Shell Cheat Sheet 272 PAPERS pentestmonkey
2011-10-09   Beyond SQLi: Obfuscate and Bypass 251 PAPERS ZeQ3uL
2011-06-02   Local File Inclusion to Remote Command Execution using SSH 354 PAPERS LaNMaSteR53
2011-04-27   offsec官方渗透测试报告 785 PAPERS admin