Blog RSSExploits RSSFacebook
CVE Certified

The Exploit Database

GHDB

 

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D   Description Plat. Author
2016-08-29   INTELLINET IP Camera INT-L100M20N Change Admin Password 1 REMOTE Todor Donev
2016-08-29   NECROSOFT NScan 0.9.1 Buffer Overflow 3 REMOTE hyp3rlinx
2016-08-23   Phoenix Exploit Kit Remote Code Execution 10 REMOTE Jay Turla
2016-08-17   Actiontec T2200H Remote Reverse Root Shell 5 REMOTE Andrew Klaus
2016-08-15   Samsung Smart Home Camera SNH-P-6410 - Command Injection 2 REMOTE PentestPartners
2016-08-15   FreePBX 13 / 14 - Remote Command Execution With Privilege Escalation 3 REMOTE pgt
2016-08-15   WebNMS Framework Server 5.2 Arbitrary File Upload 3 REMOTE Pedro Ribeiro
2016-08-12   DLL Side Loading In VMware Host Guest Client Redirector 1 REMOTE Yorick Koster
2016-08-12   NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Unauthenticated Remote Code Execu 10 REMOTE Pedro Ribeiro
2016-08-12   NUUO NVRmini 2 / Crystal / NETGEAR ReadyNAS Surveillance Authenticated Remote Co 4 REMOTE Pedro Ribeiro

Local Exploits

Date D   Description Plat. Author
2016-08-30   NScan 0.9.1 - (Target) Buffer Overflow 2 LOCAL hyp3rlinx
2016-08-23   Windows - Fileless UAC Protection Bypass Privilege Escalation (Metasploit) 5 LOCAL Pablo González
2016-08-19   Metasploit Cron Persistence Module 2 LOCAL h00die
2016-08-19   Metasploit Service Persistence Module 1 LOCAL h00die
2016-08-11   EyeLock Myris 3.3.2 - SDK Service Unquoted Service Path Privilege Escalation 2 LOCAL LiquidWorm
2016-08-09   zFTP Client 20061220 - (Connection Name) Local Buffer Overflow 4 LOCAL Juan Sacco
2016-07-29   VUPlayer 2.49 - (.pls) Stack Buffer Overflow (DEP Bypass) 7 LOCAL vportal
2016-07-29   Zortam Media Studio 20.60 Buffer Overflow 2 LOCAL ZwX
2016-07-28   VMWare - Setuid vmware-mount Popen lsb_release Privilege Escalation (VMSA-2013-0 3 LOCAL Tavis Ormandy
2016-07-27   CoolPlayer+ Portable 2.19.6 - .m3u Stack Overflow (Egghunter+ASLR bypass) 4 LOCAL Karn Ganeshen

Web Applications

Date D   Description Plat. Author
2016-08-30   HelpDeskZ 1.0.2 - Unauthenticated Shell Upload 1 WEB Lars Morgenroth
2016-08-29   Prestashop VtermSlideShow Module Arbitrary File Upload Exploit 2 WEB PentesterDesk
2016-08-29   Prestashop Attributewizardpro Module Arbitrary File Upload Exploit 2 WEB PentesterDesk
2016-08-29   Prestashop Multi Modules Arbitrary File Upload Exploit 3 WEB PentesterDesk
2016-08-23   WordPress 4.5.3 - Directory Traversal / Denial of Service 11 WEB Yorick Koster
2016-08-23   VideoIQ Camera - Local File Disclosure 4 WEB Yakir Wizman
2016-08-23   MESSOA IP Cameras (Multiple Models) - Unauthenticated Password Change 1 WEB Todor Donev
2016-08-23   ZYCOO IP Phone System - Remote Command Execution 1 WEB 0x4148
2016-08-19   SIEMENS IP Camera CCMW1025 x.2.2.1798 - Remote Admin Credentials Change 1 WEB Todor Donev
2016-08-11   EyeLock nano NXT 3.5 - Remote Root Exploit 1 WEB LiquidWorm

DoS/PoC

Date D   Description Plat. Author
2016-08-30   PHP 5.0.0 - xmldocfile() Local Denial of Service 3 DOS Yakir Wizman
2016-08-30   PHP 5.0.0 - simplexml_load_file() Local Denial of Service 2 DOS Yakir Wizman
2016-08-30   PHP 5.0.0 - domxml_open_file() Local Denial of Service 1 DOS Yakir Wizman
2016-08-30   PHP 7.0 - Object Cloning Local Denial of Service 1 DOS Yakir Wizman
2016-08-30   Goron Webserver 2.0 - Multiple Vulnerabilities 2 DOS Guillaume Kaddouch
2016-08-23   OpenSSHD 7.2p2 - User Enumeration Exploit 6 DOS expku
2016-08-17   Internet Explorer - MSHTML!CMultiReadStreamLifetimeManager::ReleaseThreadStateIn 10 DOS Google Security Research
2016-08-17   Google Chrome 26.0.1410.43 (Webkit) - OBJECT Element Use After Free PoC 2 DOS Google Security Research
2016-08-16   Telegram Bot API Cross Site Request Forgery / Denial Of Service 3 DOS 4L1R3Z4
2016-08-11   SAP SAPCAR - Multiple Vulnerabilities 7 DOS Core Security

Shellcode

Date D   Description Plat. Author
2016-08-19   Windows x86 - InitiateSystemShutdownA() Shellcode (599 bytes) 5 SHELLCODE Roziul Hasan Khan Shifat
2016-08-17   Windows x86 - CreateProcessA cmd.exe Shellcode (253 bytes) 9 SHELLCODE Roziul Hasan Khan Shifat
2016-08-17   Windows x86 - MessageBoxA Shellcode (242 bytes) 2 SHELLCODE Roziul Hasan Khan Shifat
2016-08-11   Linux/x86 - zsh Reverse TCP Shellcode port 9090 (80 bytes) 6 SHELLCODE thryb
2016-08-11   Linux/x86 - zsh TCP Bind Shell Port 9090 (96 bytes) 4 SHELLCODE thryb
2016-08-09   Linux/x86 - NetCat Bind Shell with Port (44 / 52 bytes) 2 SHELLCODE CripSlick
2016-07-29   Windows x86 - localhost Port Scanner Shellcode (556 bytes) 8 SHELLCODE Roziul Hasan Khan Shifat
2016-07-28   Linux/x86_64 syscall(SYS_execve,"/bin/sh", ["/bin/sh", NULL], NULL) 55 bytes 1 SHELLCODE tesla_
2016-07-22   Linux/x86-64 - Subtle Probing Reverse Shell, Timer, Burst, Password, Multi-Termi 5 SHELLCODE CripSlick
2016-07-21   Linux/x86 - execve /bin/sh Shellcode (19 bytes) 4 SHELLCODE sajith

Papers

Date D   Description Plat. Author
2014-08-27   SSDP Amplification Scanner 95 PAPERS SaMaN
2014-06-26   [Hacking-Contest] SSH Server wrapper 66 PAPERS Jakob Lell
2012-03-20   Full MSSQL Injection PWNage 199 PAPERS CWH Underground
2011-10-12   Reverse Shell Cheat Sheet 108 PAPERS pentestmonkey
2011-10-09   Beyond SQLi: Obfuscate and Bypass 93 PAPERS ZeQ3uL
2011-06-02   Local File Inclusion to Remote Command Execution using SSH 128 PAPERS LaNMaSteR53
2011-04-27   offsec官方渗透测试报告 309 PAPERS admin