The Exploit Database
The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.
Remote Exploits
| Date | D | A | V | Description | Plat. | Author | |
|---|---|---|---|---|---|---|---|
| 2012-05-13 |
|
- |
|
Firefox 8/9 AttributeChildRemoved() Use-After-Free | 2552 | windows | metasploit |
| 2012-05-12 |
|
- |
|
Distinct TFTP 3.01 Writable Directory Traversal Execution | 1023 | windows | metasploit |
| 2012-05-09 |
|
- |
|
Firefox 7/8 (<= 8.0.1) nsSVGValue Out-of-Bounds Access Vulnerability | 3318 | windows | metasploit |
| 2012-05-05 |
|
- |
|
PHP CGI Argument Injection Exploit | 8897 | php | rayh4c |
| 2012-05-04 |
|
- |
|
PHP CGI Argument Injection | 5137 | php | metasploit |
| 2012-05-04 |
|
- |
|
Solarwinds Storage Manager 5.1.0 SQL Injection | 1749 | windows | metasploit |
| 2012-05-03 |
|
|
|
VLC MMS Stream Handling Buffer Overflow | 2329 | windows | metasploit |
Local Exploits
| Date | D | A | V | Description | Plat. | Author | |
|---|---|---|---|---|---|---|---|
| 2012-05-11 |
|
- |
|
PHP 5.4 (5.4.3) Code Execution (Win32) | 2321 | windows | 0in |
| 2012-05-12 |
|
- |
|
AnvSoft Any Video Converter 4.3.6 Unicode Buffer Overflow | 505 | windows | h1ch4m |
| 2012-05-11 |
|
- |
|
Adobe Photoshop CS5.1 U3D.8BI Collada Asset Elements Stack Overflow | 1066 | windows | rgod |
| 2012-05-03 |
|
- |
|
AnvSoft Any Video Converter 4.3.6 Stack Overflow Exploit | 976 | windows | cikumel |
| 2012-05-02 |
|
- |
|
Symantec pcAnywhere Insecure File Permissions Local Privilege Escalation | 1016 | windows | Edward Torkington |
| 2012-05-01 |
|
- |
|
SAMSUNG NET-i Viewer 1.37 SEH Overwrite | 753 | windows | Blake |
| 2012-04-27 |
|
|
|
CPE17 Autorun Killer <= 1.7.1 Stack Buffer Overflow Exploit | 1243 | windows | Xenithz xpt |
Web Applications
| Date | D | A | V | Description | Plat. | Author | |
|---|---|---|---|---|---|---|---|
| 2012-05-16 |
|
|
|
Artiphp CMS 5.5.0 Database Backup Disclosure Exploit | 810 | php | LiquidWorm |
| 2012-01-03 |
|
- |
|
OpenKM Document Management System 5.1.7 Command Execution | 393 | jsp | Cyrill Brunschwil. |
| 2012-05-16 |
|
|
|
Axous 1.1.1 Multiple Vulnerabilities (CSRF - Persistent XSS) | 470 | php | Ivano Binetti |
| 2012-05-08 |
|
|
|
Serendipity 1.6 Backend XSS And SQLi Vulnerability | 701 | php | Stefan Schurtz |
| 2012-05-13 |
|
- |
|
Liferay Portal 6.1 - 6.0.x Privilege Escalation | 458 | java | Jelmer Kuperus |
| 2012-05-15 |
|
|
|
b2ePMS 1.0 Authentication Bypass Vulnerability | 703 | php | Jean Pascal Perei. |
| 2012-05-13 |
|
- |
|
Galette (picture.php) SQL Injection Vulnerability | 1960 | php | sbz |
DoS/PoC
| Date | D | A | V | Description | Plat. | Author | |
|---|---|---|---|---|---|---|---|
| 2012-05-16 |
|
- |
|
Trigerring Java Code from a SVG Image | 732 | multiple | Nicolas Gregoire |
| 2012-05-15 |
|
- |
|
Multimedia Builder 4.9.8 Malicious mef Crash | 392 | windows | Ahmed Elhady Moha. |
| 2012-05-14 |
|
- |
|
FlexNet License Server Manager Stack Overflow In lmgrd | 652 | multiple | Luigi Auriemma |
| 2012-05-14 |
|
- |
|
Pro-face Pro-Server EX WinGP PC Runtime Multiple Vulnerabilities | 422 | windows | Luigi Auriemma |
| 2012-05-11 |
|
- |
|
QNX phrelay/phindows/phditto Multiple Vulnerabilities | 548 | windows | Luigi Auriemma |
| 2012-03-15 |
|
- |
|
Asterisk 'ast_parse_digest()' Stack Buffer Overflow Vulnerability | 709 | linux | Russell Bryant |
| 2012-05-09 |
|
- |
|
SAP Netweaver Dispatcher Multiple Vulnerabilities | 742 | windows | Core Security |
Shellcode
| Date | D | Description | Plat. | Author | |
|---|---|---|---|---|---|
| 2009-06-18 |
|
netbsd/x86 kill all processes shellcode 23 bytes | 3760 | netbsd/x86 | Anonymous |
| 2009-12-14 |
|
win xp sp2 PEB ISbeingdebugged shellcode | 3417 | windows | Anonymous |
| 2010-04-02 |
|
linux x86 nc -lvve/bin/sh -p13377 shellcode | 3132 | linux | Anonymous |
| 2012-03-12 |
|
Linux x86_64 - add user with passwd (189 bytes) | 4102 | lin/x86-64 | 0_o |
| 2012-01-17 |
|
Linux/x86 Search For php,html Writable Files and Add Your Code | 5201 | lin/x86 | rigan |
| 2011-12-31 |
|
Linux/x86 Polymorphic ShellCode - setuid(0)+setgid(0)+add user 'iph' without password to /etc/passwd | 7311 | lin/x86 | pentesters.ir |
| 2011-12-10 |
|
Linux/MIPS - reboot() - 32 bytes. | 5786 | linux/mips | rigan |
Papers
| Date | D | Description | Author |
|---|---|---|---|
| 2012-05-09 |
|
Hyperion: Implementation of a PE Crypter | belial |
| 2012-05-06 |
|
[Hebrew] Digital Whisper Security Magazine #31 | cp77fk4r and Unde. |
| 2012-05-01 |
|
Reverse Engineering Malware Part 1 | Arunpreet Singh |
| 2012-05-04 |
|
iOS Application (In)Security | dmc |
| 2012-05-01 |
|
[French] Pas Pas Vers L'Assembleur | Notewothy Lord |
| 2012-04-17 |
|
JavaScript Deobfuscation - A Manual Approach | Sudeep Singh |
| 2012-04-15 |
|
Address Space Layout Randomization | TheXero |






