The Exploit Database

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.

Remote Exploits

Date	Description		Plat.	Author
2018-12-17	Cisco RV110W Password Disclosure / Command Execution	26	REMOTE	RySh
2018-12-14	Safari Proxy Object Type Confusion	17	REMOTE	saelo
2018-12-10	FutureNet NXR-G240 Series ShellShock Command Injection	10	REMOTE	Nassim Asrir
2018-12-05	OpenSSH < 7.7 - User Enumeration	40	REMOTE	LeapSecurity
2018-12-04	HP Intelligent Management Java Deserialization Remote Code Execution	10	REMOTE	Carsten MaartmannMoe
2018-12-04	NEC Univerge Sv9100 WebPro 6.00.00 Predictable Session ID / Cleartext Passwords	4	REMOTE	hyp3rlinx
2018-12-04	CyberArk 9.7 - Memory Disclosure	1	REMOTE	Thomas Zuk
2018-12-03	Apache Spark - Unauthenticated Command Execution (Metasploit)	19	REMOTE	Green-m
2018-11-29	PHP imap_open Remote Code Execution	38	REMOTE	h00die
2018-11-29	TeamCity Agent XML-RPC Command Execution	6	REMOTE	Dylan Pindur

Local Exploits

Date	Description		Plat.	Author
2018-12-19	Nsauditor 3.0.28.0 Buffer Overflow	0	LOCAL	Achilles
2018-12-18	Windows Persistent Service Installer	2	LOCAL	Green-m
2018-12-17	Zortam MP3 Media Studio 24.15 Local Buffer Overflow	1	LOCAL	Manpreet Singh Kheberi
2018-12-14	Windows UAC Protection Bypass	10	LOCAL	St0rn
2018-12-13	WebDAV Server Serving DLL	4	LOCAL	James Cook
2018-12-12	Linux userfaultfd tmpfs File Permission Bypass	8	LOCAL	jannh
2018-12-12	CyberLink LabelPrint 2.5 Stack Buffer Overflow	1	LOCAL	modpr0be
2018-12-12	Google Chrome 70.0.3538.77 Cross Site Scripting / Man-In-The-Middle	2	LOCAL	jannh
2018-12-12	XNU POSIX Shared Memory Mapping Issue	0	LOCAL	jannh
2018-12-05	Xorg X11 Server (AIX) - Local Privilege Escalation	8	LOCAL	0xdono

Web Applications

Date	Description		Plat.	Author
2018-12-17	Huawei Router HG532e Command Execution	8	WEB	Rebellion
2018-12-12	ThinkPHP 5.x Remote Code Execution	36	WEB	VulnSpy
2018-12-12	WordPress Snap Creek Duplicator Code Injection	24	WEB	Julien Legras
2018-12-12	PrestaShop 1.6.x / 1.7.x Remote Code Execution	10	WEB	farisv
2018-12-10	i-doit CMDB 1.11.2 - Remote Code Execution	7	WEB	AkkuS
2018-12-06	HasanMWB 1.0 SQL Injection	14	WEB	Ihsan Sencan
2018-12-05	NUUO NVRMini2 3.9.1 - Authenticated Command Injection	13	WEB	Artem Metla
2018-12-04	Apache Superset 0.23 - Remote Code Execution	19	WEB	David May
2018-12-04	Joomla! Component JE Photo Gallery 1.1 - 'categoryid' SQL Injection	5	WEB	Ihsan Sencan
2018-12-04	PaloAlto Networks Expedition Migration Tool 1.0.106 - Information Disclosure	4	WEB	ParagonSec

DoS/PoC

Date	Description		Plat.	Author
2018-12-19	Microsoft Windows jscript!JsArrayFunctionHeapSort Out-Of-Bounds Write	0	DOS	ifratric
2018-12-19	AnyBurn 4.3 Buffer Overflow / Denial Of Service	0	DOS	Achilles
2018-12-19	Exel Password Recovery 8.2.0.0 Buffer Overflow / Denial Of Service	0	DOS	Achilles
2018-12-19	MegaPing Buffer Overflow / Denial Of Service	0	DOS	Achilles
2018-12-17	Angry IP Scanner 3.5.3 Denial Of Service	2	DOS	Fernando Cruz
2018-12-17	UltraISO 9.7.1.3519 Output FileName Denial Of Service	2	DOS	Francisco Ramirez
2018-12-12	SmartFTP Client 9.0.2623.0 Denial Of Service	4	DOS	Alejandra Sanchez
2018-12-12	LanSpy 2.0.1.159 Buffer Overflow	2	DOS	Gionathan Reale
2018-12-12	WebKit JIT Proxy Object Issue	3	DOS	lokihardt
2018-12-10	MiniShare 1.4.1 HEAD / POST Buffer Overflow	4	DOS	Rafael Pedrero

Shellcode

Date	Description		Plat.	Author
2018-12-12	Linux/x86 - execve(/usr/bin/ncat -lvp 1337 -e /bin/bash)+Null-Free Shellcode (95	2	SHELLCODE	T3jv1l
2018-12-05	Linux/x64 - Reverse (0.0.0.0:1907/TCP) Shell Shellcode (119 Bytes)	7	SHELLCODE	Kağan Çapar
2018-12-05	Linux/x86 - /usr/bin/head -n99 cat etc/passwd Shellcode (61 Bytes)	6	SHELLCODE	Nelis
2018-11-14	Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shel	10	SHELLCODE	Javier Tello
2018-11-01	Windows/x64 - Remote (Bind TCP) Keylogger Shellcode (864 bytes) (Generator)	29	SHELLCODE	Roziul Hasan Khan Shifat
2018-10-25	Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes	12	SHELLCODE	Goutham Madhwaraj
2018-10-09	Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shel	16	SHELLCODE	cq674350529
2018-10-09	Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 byt	11	SHELLCODE	Kartik Durg
2018-10-08	Linux/x86 - execve(/bin/sh) + NOT/SHIFT-N/XOR-N Encoded Shellcode (50 byes)	6	SHELLCODE	Pedro Cabral
2018-09-27	Linux/ARM - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 By	15	SHELLCODE	Ken Kitahara

Papers

Date	Description		Plat.	Author
2018-11-16	The Powerful Resource of PHP Stream Wrappers	11	PAPERS	Netsparker
2018-11-01	Phrack: Viewer Discretion Advised: (De)coding an iOS Kernel Vulnerability (Adam	12	PAPERS	phrack
2018-10-09	A Red Teamer’s guide to pivoting	20	PAPERS	Artem Kondratenko
2018-10-08	Phrack: Twenty years of Escaping the Java Sandbox (Ieu Eauvidoum & disk noise)	8	PAPERS	phrack
2018-01-15	Phrack: .NET Instrumentation via MSIL bytecode injection (Antonio "s4tan" Parata	219	PAPERS	phrack
2017-08-28	Abusing Token Privileges For LPE	317	PAPERS	drone and breenmachine
2017-01-12	OpenSSL - Weak KDF	271	PAPERS	anonymous
2014-08-27	SSDP Amplification Scanner	305	PAPERS	SaMaN
2014-06-26	[Hacking-Contest] SSH Server wrapper	281	PAPERS	Jakob Lell
2012-03-20	Full MSSQL Injection PWNage	441	PAPERS	CWH Underground