Skip to content

Commit

Permalink
DB: 2015-06-02
Browse files Browse the repository at this point in the history 
19 new exploits
Offensive Security committed Jun 2, 2015
1 parent 75bd2ae commit 3df3d6d
Showing 20 changed files with 1,493 additions and 8 deletions.
35 changes: 27 additions & 8 deletions files.csv
View file
Original file line number Diff line number Diff line change
@@ -591,7 +591,7 @@ id,file,description,date,author,platform,type,port
764,platforms/linux/remote/764.c,"Apache OpenSSL - Remote Exploit (Multiple Targets) (OpenFuckV2.c)",2003-04-04,spabam,linux,remote,80
765,platforms/windows/remote/765.c,"Microsoft Internet Explorer .ANI files handling Universal Exploit (MS05-002)",2005-01-22,houseofdabus,windows,remote,0
766,platforms/osx/local/766.c,"Mac OS X <= 10.3.7 mRouter Local Privilege Escalation Exploit",2005-01-22,nemo,osx,local,0
767,platforms/windows/remote/767.pl,"Golden FTP Server <= 2.02b Remote Buffer Overflow Exploit",2005-01-22,Barabas,windows,remote,21
767,platforms/windows/remote/767.pl,"Golden FTP Server <= 2.02b - Remote Buffer Overflow Exploit",2005-01-22,Barabas,windows,remote,21
769,platforms/windows/local/769.c,"Funduc Search and Replace Compressed File Local BoF Exploit",2005-01-24,ATmaCA,windows,local,0
770,platforms/windows/dos/770.txt,"Apple QuickTime <= 6.5.2.10 - (.qtif) Image Parsing Vulnerability",2005-01-24,ATmaCA,windows,dos,0
771,platforms/windows/remote/771.cpp,"Microsoft Internet Explorer .ANI files handling Downloader Exploit (MS05-002)",2005-01-24,Vertygo,windows,remote,0
@@ -959,7 +959,7 @@ id,file,description,date,author,platform,type,port
1157,platforms/cgi/webapps/1157.pl,"GTChat <= 0.95 Alpha Remote Denial of Service Exploit",2005-08-18,RusH,cgi,webapps,0
1158,platforms/windows/dos/1158.pl,"WS_FTP Server <= 5.03 (RNFR) Buffer Overflow Exploit",2004-11-29,"Reed Arvin",windows,dos,0
1159,platforms/windows/dos/1159.pl,"Mercury/32 Mail Server <= 4.01a (check) Buffer Overflow Exploit",2004-12-01,"Reed Arvin",windows,dos,0
1160,platforms/windows/dos/1160.pl,"Golden FTP Server Pro <= 2.52 (USER) Remote Buffer Overflow Exploit",2005-04-27,"Reed Arvin",windows,dos,0
1160,platforms/windows/dos/1160.pl,"Golden FTP Server Pro <= 2.52 - (USER) Remote Buffer Overflow Exploit",2005-04-27,"Reed Arvin",windows,dos,0
1161,platforms/windows/local/1161.c,"BakBone NetVault 7.1 - Local Privilege Escalation Exploit",2005-04-27,"Reed Arvin",windows,local,0
1162,platforms/windows/dos/1162.pl,"GoodTech SMTP Server <= 5.14 - Denial of Service Exploit",2005-06-07,"Reed Arvin",windows,dos,0
1163,platforms/windows/dos/1163.pl,"IA eMailServer Corporate Edition <= 5.2.2 - DoS Exploit",2005-06-26,"Reed Arvin",windows,dos,0
@@ -1150,7 +1150,7 @@ id,file,description,date,author,platform,type,port
1378,platforms/windows/remote/1378.py,"MailEnable Enterprise Edition 1.1 (EXAMINE) Buffer Overflow Exploit",2005-12-19,muts,windows,remote,0
1379,platforms/php/webapps/1379.php,"PHPGedView <= 3.3.7 - Arbitrary Remote Code Execution Exploit",2005-12-20,rgod,php,webapps,0
1380,platforms/windows/remote/1380.py,"Eudora Qualcomm WorldMail 3.0 (IMAPd) Remote Overflow Exploit",2005-12-20,muts,windows,remote,143
1381,platforms/windows/remote/1381.pm,"Golden FTP Server <= 1.92 (APPE) Remote Overflow Exploit (meta)",2005-12-20,redsand,windows,remote,21
1381,platforms/windows/remote/1381.pm,"Golden FTP Server <= 1.92 - (APPE) Remote Overflow Exploit (meta)",2005-12-20,redsand,windows,remote,21
1382,platforms/php/webapps/1382.pl,"phpBB <= 2.0.18 - Remote Bruteforce/Dictionary Attack Tool (updated)",2006-02-20,DarkFig,php,webapps,0
1383,platforms/php/webapps/1383.txt,"phpBB <= 2.0.18 - Remote XSS Cookie Disclosure Exploit",2005-12-21,jet,php,webapps,0
1385,platforms/php/webapps/1385.pl,"PHP-Fusion 6.00.3 (rating) Parameter Remote SQL Injection Exploit",2005-12-23,krasza,php,webapps,0
@@ -1458,7 +1458,7 @@ id,file,description,date,author,platform,type,port
1740,platforms/php/webapps/1740.pl,"Fast Click <= 1.1.3 / <= 2.3.8 - (show.php) Remote File Inclusion Exploit",2006-05-02,R@1D3N,php,webapps,0
1741,platforms/linux/remote/1741.c,"MySQL <= 5.0.20 COM_TABLE_DUMP Memory Leak/Remote BoF Exploit",2006-05-02,"Stefano Di Paola",linux,remote,3306
1742,platforms/linux/remote/1742.c,"MySQL <= 4.1.18 / 5.0.20 - Local/Remote Information Leakage Exploit",2006-05-02,"Stefano Di Paola",linux,remote,0
1743,platforms/windows/dos/1743.pl,"Golden FTP Server Pro 2.70 (APPE) Remote Buffer Overflow PoC",2006-05-03,"Jerome Athias",windows,dos,0
1743,platforms/windows/dos/1743.pl,"Golden FTP Server Pro 2.70 - (APPE) Remote Buffer Overflow PoC",2006-05-03,"Jerome Athias",windows,dos,0
1744,platforms/php/webapps/1744.pl,"Albinator <= 2.0.6 (Config_rootdir) Remote File Inclusion Exploit",2006-05-03,webDEViL,php,webapps,0
1746,platforms/linux/dos/1746.pl,"zawhttpd <= 0.8.23 (GET) Remote Buffer Overflow DoS",2006-05-04,"Kamil Sienicki",linux,dos,0
1747,platforms/php/webapps/1747.pl,"Auction <= 1.3m (phpbb_root_path) Remote File Include Exploit",2006-05-04,webDEViL,php,webapps,0
@@ -2590,7 +2590,7 @@ id,file,description,date,author,platform,type,port
2913,platforms/php/webapps/2913.php,"phpAlbum <= 0.4.1 Beta 6 (language.php) Local File Inclusion Exploit",2006-12-10,Kacper,php,webapps,0
2914,platforms/windows/dos/2914.php,"Filezilla FTP Server <= 0.9.21 (LIST/NLST) Denial of Service Exploit",2006-12-11,shinnai,windows,dos,0
2915,platforms/hardware/dos/2915.c,"D-Link DWL-2000AP 2.11 (ARP Flood) Remote Denial of Service Exploit",2006-12-11,poplix,hardware,dos,0
2916,platforms/windows/dos/2916.php,"Golden FTP server 1.92 (USER/PASS) Heap Overflow PoC",2006-12-11,rgod,windows,dos,0
2916,platforms/windows/dos/2916.php,"Golden FTP server 1.92 - (USER/PASS) Heap Overflow PoC",2006-12-11,rgod,windows,dos,0
2917,platforms/php/webapps/2917.txt,"mxBB Module ErrorDocs 1.0 (common.php) Remote Inclusion Vulnerability",2006-12-11,bd0rk,php,webapps,0
2919,platforms/php/webapps/2919.pl,"mxBB Module Activity Games 0.92 - Remote File Include Vulnerability",2006-12-11,3l3ctric-Cracker,php,webapps,0
2920,platforms/php/webapps/2920.txt,"Barman 0.0.1r3 (interface.php) Remote File Include Vulnerability",2006-12-11,DeltahackingTEAM,php,webapps,0
@@ -9558,7 +9558,7 @@ id,file,description,date,author,platform,type,port
10255,platforms/bsd/local/10255.txt,"FreeBSD Run-Time Link-Editor Local r00t (0day)",2009-11-30,kingcope,bsd,local,0
10256,platforms/php/webapps/10256.txt,"WP-Polls 2.x Incorrect Flood Filter",2009-11-30,Jbyte,php,webapps,0
10257,platforms/windows/dos/10257.py,"XM Easy Professional FTP Server 5.8.0 - Denial of Service",2009-11-30,"Mert SARICA",windows,dos,21
10258,platforms/windows/remote/10258.pl,"Golden FTP Server 4.30 File Deletion Vulnerability",2009-12-01,sharpe,windows,remote,21
10258,platforms/windows/remote/10258.pl,"Golden FTP Server 4.30 - File Deletion Vulnerability",2009-12-01,sharpe,windows,remote,21
10259,platforms/php/webapps/10259.txt,"Ciamos CMS <= 0.9.5 (module_path) Remote File Inclusion Vulnerability",2009-12-01,"cr4wl3r ",php,webapps,0
10260,platforms/php/webapps/10260.txt,"Robert Zimmerman PHP / MYSQL Scripts Admin Bypass",2009-12-01,DUNDEE,php,webapps,0
10261,platforms/linux/webapps/10261.txt,"Dotdefender Remote Command Execution 3.8-5",2009-12-01,"John Dos",linux,webapps,80
@@ -15085,7 +15085,7 @@ id,file,description,date,author,platform,type,port
17352,platforms/windows/remote/17352.rb,"7-Technologies IGSS 9 Data Server/Collector Packet Handling Vulnerabilities",2011-05-30,metasploit,windows,remote,0
17353,platforms/hardware/dos/17353.pl,"Brother HL-5370DW series auth bypass printer flooder",2011-05-31,chrisB,hardware,dos,0
17354,platforms/windows/remote/17354.py,"Easy Ftp Server 1.7.0.2 - Post-Authentication BoF",2011-06-01,b33f,windows,remote,0
17355,platforms/windows/remote/17355.rb,"GoldenFTP 4.70 PASS Stack Buffer Overflow",2011-06-02,metasploit,windows,remote,21
17355,platforms/windows/remote/17355.rb,"Golden FTP 4.70 - PASS Stack Buffer Overflow",2011-06-02,metasploit,windows,remote,21
17356,platforms/hardware/remote/17356.txt,"MODACOM URoad-5000 1450 - Remote Command Execution/Backdoor",2011-06-02,"Alex Stanev",hardware,remote,0
18716,platforms/windows/dos/18716.txt,"BulletProof FTP Client 2010 - Buffer Overflow Vulnerability",2012-04-08,Vulnerability-Lab,windows,dos,0
17359,platforms/windows/remote/17359.pl,"Xitami Web Server 2.5b4 - Remote Buffer Overflow Exploit",2011-06-03,mr.pr0n,windows,remote,0
@@ -31760,7 +31760,7 @@ id,file,description,date,author,platform,type,port
35241,platforms/windows/remote/35241.pl,"ESTsoft ALZip 8.12.0.3 - (.zip) Buffer Overflow Vulnerability",2011-01-19,"C4SS!0 G0M3S",windows,remote,0
35242,platforms/multiple/remote/35242.txt,"Eclipse 3.3.2 IDE Help Server help/advanced/searchView.jsp searchWord Parameter XSS",2008-04-24,Rob,multiple,remote,0
35243,platforms/multiple/remote/35243.txt,"Eclipse 3.3.2 IDE Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS",2008-04-24,Rob,multiple,remote,0
35244,platforms/windows/dos/35244.py,"Golden FTP Server 4.70 Malformed Message Denial Of Service Vulnerability",2011-01-19,"Craig Freyman",windows,dos,0
35244,platforms/windows/dos/35244.py,"Golden FTP Server 4.70 - Malformed Message Denial Of Service Vulnerability",2011-01-19,"Craig Freyman",windows,dos,0
35245,platforms/php/webapps/35245.txt,"PHPAuctions 'viewfaqs.php' SQL Injection Vulnerability",2011-01-19,"BorN To K!LL",php,webapps,0
35246,platforms/php/webapps/35246.py,"Joomla HD FLV Player < 2.1.0.1 - Arbitrary File Download Vulnerability",2014-11-15,"Claudio Viviani",php,webapps,0
35248,platforms/multiple/webapps/35248.txt,"clientResponse Client Management 4.1 - XSS Vulnerability",2014-11-15,"Halil Dalabasmaz",multiple,webapps,0
@@ -33251,6 +33251,7 @@ id,file,description,date,author,platform,type,port
36842,platforms/php/webapps/36842.pl,"OTRS < 3.1.x & < 3.2.x & < 3.3.x - Stored Cross-Site Scripting (XSS)",2015-04-27,"Adam Ziaja",php,webapps,0
36994,platforms/cgi/webapps/36994.txt,"WebGlimpse 2.18.7 'DOC' Parameter Directory Traversal Vulnerability",2009-04-17,MustLive,cgi,webapps,0
36995,platforms/hardware/remote/36995.txt,"F5 FirePass <= 7.0 SQL Injection Vulnerability",2012-03-14,anonymous,hardware,remote,0
37169,platforms/linux/remote/37169.rb,"Realtek SDK Miniigd UPnP SOAP Command Execution",2015-06-01,metasploit,linux,remote,52869
37065,platforms/windows/local/37065.txt,"Comodo GeekBuddy < 4.18.121 - Local Privilege Escalation",2015-05-20,"Jeremy Brown",windows,local,0
36847,platforms/windows/dos/36847.py,"i.FTP 2.21 - SEH Overflow Crash PoC",2015-04-28,"Avinash Thapa",windows,dos,0
36853,platforms/php/webapps/36853.txt,"Dolphin 7.0.x viewFriends.php Multiple Parameter XSS",2012-02-21,"Aung Khant",php,webapps,0
@@ -33435,6 +33436,7 @@ id,file,description,date,author,platform,type,port
37047,platforms/php/webapps/37047.html,"osCMax 2.5 admin/login.php username Parameter SQL Injection",2012-04-04,"High-Tech Bridge SA",php,webapps,0
37048,platforms/php/webapps/37048.txt,"osCMax 2.5 admin/stats_monthly_sales.php status Parameter SQL Injection",2012-04-04,"High-Tech Bridge SA",php,webapps,0
37049,platforms/windows/local/37049.txt,"Microsoft Windows - Local Privilege Escalation (MS15-051)",2015-05-18,hfiref0x,windows,local,0
37050,platforms/php/webapps/37050.txt,"Chronosite 5.12 - SQL Injection",2015-05-18,"Wad Deek",php,webapps,0
37051,platforms/linux/dos/37051.c,"OpenLitespeed 1.3.9 - Use After Free (DoS)",2015-05-18,"Denis Andzakovic",linux,dos,0
37052,platforms/windows/local/37052.c,"Windows - CNG.SYS Kernel Security Feature Bypass PoC (MS15-052)",2015-05-18,4B5F5F4B,windows,local,0
37053,platforms/multiple/dos/37053.c,"QEMU - Floppy Disk Controller (FDC) PoC",2015-05-18,"Marcus Meissner",multiple,dos,0
@@ -33481,6 +33483,7 @@ id,file,description,date,author,platform,type,port
37095,platforms/php/webapps/37095.txt,"Pendulab ChatBlazer 8.5 'username' Parameter Cross Site Scripting Vulnerability",2012-04-20,sonyy,php,webapps,0
37096,platforms/php/webapps/37096.html,"Anchor CMS 0.6-14-ga85d0a0 'id' Parameter Multiple HTML Injection Vulnerabilities",2012-04-20,"Gjoko Krstic",php,webapps,0
37097,platforms/ios/remote/37097.py,"FTP Media Server 3.0 - Authentication Bypass and Denial of Service",2015-05-25,"Wh1t3Rh1n0 (Michael Allen)",ios,remote,0
37098,platforms/windows/local/37098.txt,"Microsoft Windows - Local Privilege Escalation (MS15-010)",2015-05-25,"Sky lake",windows,local,0
37100,platforms/php/webapps/37100.txt,"Waylu CMS 'products_xx.php' SQL Injection and HTML Injection Vulnerabilities",2012-04-20,TheCyberNuxbie,php,webapps,0
37101,platforms/php/webapps/37101.txt,"Joomla CCNewsLetter Module 1.0.7 'id' Parameter SQL Injection Vulnerability",2012-04-23,E1nzte1N,php,webapps,0
37102,platforms/php/webapps/37102.txt,"Joomla! Video Gallery component Local File Include and SQL Injection Vulnerabilities",2012-04-24,KedAns-Dz,php,webapps,0
@@ -33532,4 +33535,20 @@ id,file,description,date,author,platform,type,port
37148,platforms/php/webapps/37148.txt,"Chevereto 1.91 Upload/engine.php v Parameter Traversal Arbitrary File Enumeration",2012-05-10,AkaStep,php,webapps,0
37149,platforms/windows/dos/37149.py,"Private Shell SSH Client 3.3 - Crash PoC",2015-05-29,3unnym00n,windows,dos,22
37151,platforms/php/webapps/37151.txt,"TCPDF Library 5.9 Arbitrary File Deletion",2015-05-29,"Filippo Roncari",php,webapps,80
37170,platforms/hardware/remote/37170.rb,"Airties login-cgi Buffer Overflow",2015-06-01,metasploit,hardware,remote,0
37154,platforms/hardware/webapps/37154.rb,"ESC 8832 Data Controller Multiple Vulnerabilities",2015-05-29,"Balazs Makany",hardware,webapps,80
37155,platforms/php/webapps/37155.txt,"WordPress WP-FaceThumb 0.1 'pagination_wp_facethum' Parameter Cross Site Scripting Vulnerability",2012-05-13,d3v1l,php,webapps,0
37156,platforms/php/webapps/37156.txt,"GetSimple CMS 3.1 admin/theme.php err Parameter Reflected XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0
37157,platforms/php/webapps/37157.txt,"GetSimple CMS 3.1 admin/pages.php error Parameter Reflected XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0
37158,platforms/php/webapps/37158.txt,"GetSimple CMS 3.1 admin/index.php Multiple Parameter Reflected XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0
37159,platforms/php/webapps/37159.txt,"GetSimple CMS 3.1 admin/upload.php path Parameter XSS",2012-05-12,"Chokri Ben Achor",php,webapps,0
37160,platforms/windows/dos/37160.pl,"Universal Reader 1.16.740.0 'uread.exe' Denial Of Service Vulnerability",2012-05-14,demonalex,windows,dos,0
37161,platforms/php/webapps/37161.txt,"WordPress GRAND Flash Album Gallery 1.71 'admin.php' Cross Site Scripting Vulnerability",2012-05-15,"Heine Pedersen",php,webapps,0
37162,platforms/php/webapps/37162.txt,"Dynamic Widgets WordPress Plugin 1.5.1 'themes.php' Cross Site Scripting Vulnerability",2012-05-15,"Heine Pedersen",php,webapps,0
37163,platforms/windows/remote/37163.py,"IBM Security AppScan Standard <= 9.0.2 - OLE Automation Array Remote Code Execution",2015-06-01,"Naser Farhadi",windows,remote,0
37165,platforms/windows/remote/37165.py,"WebDrive 12.2 (Build # 4172) - Buffer OverFlow PoC",2015-06-01,metacom,windows,remote,0
37166,platforms/php/webapps/37166.php,"WordPress dzs-zoomsounds Plugins <= 2.0 - Remote File Upload Vulnerability",2015-06-01,"nabil chris",php,webapps,0
37167,platforms/linux/local/37167.c,"PonyOS <= 3.0 - VFS Permissions Exploit",2015-06-01,"Hacker Fantastic",linux,local,0
37168,platforms/linux/local/37168.txt,"PonyOS <= 3.0 - ELF Loader Privilege Escalation",2015-06-01,"Hacker Fantastic",linux,local,0
37171,platforms/hardware/remote/37171.rb,"D-Link Devices HNAP SOAPAction-Header Command Execution",2015-06-01,metasploit,hardware,remote,0
37172,platforms/hardware/webapps/37172.txt,"Aruba ClearPass Policy Manager Stored XSS",2015-06-01,"Cristiano Maruti",hardware,webapps,0
Loading
Oops, something went wrong.

0 comments on commit 3df3d6d

Please sign in to comment.