CVE Certified

The Exploit Database

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D A V   Description Plat. Author
2015-03-24 - Verified   Firefox Proxy Prototype Privileged Javascript Injection multiple metasploit
2015-03-24 Download Vulnerable Application Verified   Bsplayer 2.68 - HTTP Response Exploit (Universal) windows Fady Mohammed Osm.
2015-03-19 Download Vulnerable Application Verified   TWiki Debugenableplugins Remote Code Execution php metasploit

Local Exploits

Date D A V   Description Plat. Author
2015-03-22 Download Vulnerable Application Verified   Free MP3 CD Ripper 2.6 - Local Buffer Overflow windows TUNISIAN CYBER
2015-03-19 - Waiting verification   Windows 8.1 - Local WebDAV NTLM Reflection Elevation of Privilege windows Google Security R.
2015-03-19 Download Vulnerable Application Verified   Publish-It PUI Buffer Overflow (SEH) windows metasploit
2015-03-17 - Waiting verification   Spybot Search & Destroy 1.6.2 Security Center Service - Privilege Escalation windows LiquidWorm
2015-02-18 Download Vulnerable Application Verified   Publish-It 3.6d - Buffer Overflow (SEH) Exploit windows Andrew Smith

Web Applications

Date D A V   Description Plat. Author
2015-03-21 - Waiting verification   Telescope <= 0.9.2 - Markdown Persistent XSS php shubs
2015-03-22 - Waiting verification   Joomla Spider FAQ Component - SQL Injection Vulnerability php Manish Tanwar
2015-03-22 - Waiting verification   Wordpress Marketplace 2.4.0 - Arbitrary File Download php Kacper Szurek
2015-03-24 - Waiting verification   WordPress Plugin InBoundio Marketing 1.0 - Shell Upload Vulnerability php KedAns-Dz
2015-03-19 Download Vulnerable Application Waiting verification   Chamilo LMS 1.9.10 - Multiple Vulnerabilities php Rehan Ahmed

DoS/PoC

Date D A V   Description Plat. Author
2015-03-19 Download Vulnerable Application Verified   FastStone Image Viewer 5.3 .tga Crash PoC windows ITDefensor Vulner.
2015-03-18 - Verified   Fortinet Single Sign On Stack Overflow windows Core Security
2015-03-14 - Waiting verification   Intel Network Adapter Diagnostic Driver - IOCTL Handling Vulnerability windows Glafkos Charalamb.
2015-03-16 - Waiting verification   WordPress SEO by Yoast 1.7.3.3 - Blind SQL Injection aix Ryan Dewhurst
2015-03-08 - Waiting verification   Sagem F@st 3304-V2 - Telnet Crash PoC hardware Loudiyi Mohamed
2015-03-11 - Waiting verification   Foxit Products GIF Conversion Memory Corruption (LZWMinimumCodeSize) windows Francis Provenche.
2015-03-11 - Waiting verification   Foxit Products GIF Conversion Memory Corruption (DataSubBlock) windows Francis Provenche.

Shellcode

Date D   Description Plat. Author
2015-03-16   Shellcode Win x86-64 - Download & execute (Generator) windows Ali Razmjoo
2015-03-05   Linux/MIPS (Little Endian) - Chmod 666 /etc/passwd (55 Bytes) linux_mips Sang Min Lee
2014-03-27   x86_64 Shellcode (118 Bytes) - Reads Data From /etc/passwd To /tmp/outfile (118 bytes) lin_x86-64 Chris Higgins
2015-03-16   Shellcode - linux/x86 - ROT13 encoded execve("/bin/sh") (68 bytes) lin_x86 Maximiliano Gomez.
2015-03-16   Shellcode - Linux/x86 - chmod 0777 /etc/shadow obfuscated (84 bytes) lin_x86 Maximiliano Gomez.
2015-03-16   Shellcode - linux/x86 - Obfuscated - map google.com to 127.1.1.1 (98 bytes) lin_x86 Maximiliano Gomez.
2015-03-16   Shellcode - linux/x86 - Obfuscated execve("/bin/sh") (40 bytes) lin_x86 Maximiliano Gomez.

Papers

Date D   Description Author
2015-03-22 PoC || GTFO 0x07 Rt. Revd. Dr.
2015-03-09 [Hebrew] Digital Whisper Security Magazine #59 cp77fk4r & UnderW.
2015-03-04 [TURKISH] Penetration and Security Testing on Microsoft SQL Server Halil Dalabasmaz
2015-02-13 [Hebrew] Digital Whisper Security Magazine #58 cp77fk4r & UnderW.
2015-02-09   Exploit-Sources (Part One) Flor Ian
2015-01-30 Ghost Vulnerability CVE-2015-0235 White Paper Rajivarnan
2015-01-29 Analysis of CVE-2014-4113 (Windows Privilege Escalation Vulnerability) Ronnie Johndas