The Exploit Database
The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.
Remote Exploits
| Date | D | A | V | Description | Plat. | Author | |
|---|---|---|---|---|---|---|---|
| 2010-07-28 |
|
|
|
UPlusFTP Server v1.7.1.01 [ HTTP ] Remote Buffer Overflow [ Post Auth ] | 385 | windows | Karn Ganeshen and. |
| 2010-07-28 |
|
- |
|
Symantec AMS Intel Alert Handler Service Design Flaw | 339 | windows | Spider |
| 2010-07-28 |
|
- |
|
Apache Tomcat < 6.0.18 UTF8 Directory Traversal Vulnerability | 1180 | unix | mywisdom |
| 2010-07-24 |
|
- |
|
IBM AIX 5l FTPd Remote DES Hash Exploit | 1041 | aix | Kingcope |
| 2010-07-23 |
|
|
|
Easy FTP Server v1.7.0.11 LIST Command Remote BoF Exploit (Post Auth) - (meta) | 850 | windows | Muhamad Fadzil Ra. |
| 2010-07-23 |
|
|
|
Multiple Web Browser Clickjacking Vulnerability (FF3.6.7/SM 2.0.6) | 1749 | windows | Pouya Daneshmand |
| 2010-07-20 |
|
- |
|
SapGUI BI v7100.1.400.8 Heap Corruption Exploit | 1326 | windows | Elazar Broad |
Local Exploits
| Date | D | A | V | Description | Plat. | Author | |
|---|---|---|---|---|---|---|---|
| 2010-07-28 |
|
|
|
WM Downloader 3.1.2.2 2010.04.15 Buffer Overflow (SEH) | 167 | windows | fdisk |
| 2010-07-28 |
|
- |
|
Zemana AntiLogger AntiLog32.sys <= 1.5.2.755 Local Privilege Escalation Vulnerability | 250 | windows | th_decoder |
| 2010-07-27 |
|
|
|
QQPlayer smi File Buffer Overflow Exploit | 434 | windows | Lufeng Li |
| 2010-07-24 |
|
|
|
Mediacoder v0.7.3.4682 (.m3u) File Universal Buffer Overflow Exploit | 436 | windows | hadji samir |
| 2010-07-21 |
|
|
|
ZipCentral (.zip) Buffer Overflow (SEH) | 821 | windows | Jiten Pathy |
| 2010-07-21 |
|
|
|
QQPlayer cue File Buffer Overflow Exploit | 1091 | windows | Lufeng Li |
| 2010-07-21 |
|
|
|
QQPlayer asx File Processing Buffer Overflow Exploit | 697 | windows | Li Qingshan |
Web Applications
| Date | D | A | V | Description | Plat. | Author | |
|---|---|---|---|---|---|---|---|
| 2010-07-29 |
|
- |
|
Joomla Component PBBooking 1.0.4_3 Multiple Blind SQL Injection | 73 | php | Salvatore Fresta |
| 2010-07-28 |
|
- |
|
Joomla Component PhotoMap Gallery 1.6.0 Multiple Blind SQL Injection | 475 | php | Salvatore Fresta |
| 2010-07-28 |
|
- |
|
AV Arcade v3 Cookie Authentication Bypass | 293 | php | saudi0hacker |
| 2010-07-28 |
|
- |
|
nuBuilder Remote File inclusion Vulnerability | 429 | php | Ahlspiess |
| 2010-07-27 |
|
- |
|
Joomla Component Appointinator 1.0.1 Multiple Remote Vulnerabilities | 480 | php | Salvatore Fresta |
| 2010-07-27 |
|
|
|
nuBuilder 10.04.20 Local File Inclusion Vulnerability | 486 | php | John Leitch |
| 2010-07-27 |
|
|
|
PunBB <= 1.3.4 and Pun_PM <= v1.2.6 Remote Blind SQL Injection Exploit | 588 | php | Dante90 |
DoS/PoC
| Date | D | A | V | Description | Plat. | Author | |
|---|---|---|---|---|---|---|---|
| 2010-07-27 |
|
- |
|
IE6 / 7 Remote Dos vulnerability | 1065 | windows | Richard Leahy |
| 2010-07-26 |
|
- |
|
Media Player Classic Heap Overflow/DoS Vulnerability | 430 | windows | Praveen Darshanam |
| 2010-07-23 |
|
- |
|
Ubuntu 10.04 LTS - Lucid Lynx ftp Client v0.17-19build1 ACCT Buffer Overflow | 821 | linux | d0lc3 |
| 2010-07-20 |
|
- |
|
Lithtech Engine Memory Corruption Vulnerability | 299 | windows | Luigi Auriemma |
| 2010-07-20 |
|
- |
|
libpng <= 1.4.2 Denial of Service Vulnerability | 497 | multiple | kripthor |
| 2010-07-20 |
|
- |
|
Unreal Tournament 3 2.1 'STEAMBLOB' Command Remote Denial of Service Vulnerability | 400 | windows | Luigi Auriemma |
| 2010-07-20 |
|
- |
|
IE 7.0 - DoS Microsoft Clip Organizer Multiple Insecure ActiveX Control | 797 | windows | Beenu Arora |
Shellcode
| Date | D | Description | Plat. | Author | |
|---|---|---|---|---|---|
| 2010-07-11 |
|
Linux x86 netcat connect back port 8080 (76 bytes) | 1759 | lin/x86 | Blake |
| 2010-07-11 |
|
Linux x86 netcat bindshell port 8080 (75 bytes) | 776 | linux | Blake |
| 2010-07-09 |
|
Linux/x86-64 - execve("/sbin/iptables", ["/sbin/iptables", "-F"], NULL) - 49 bytes | 668 | linux | 10n1z3d |
| 2010-07-09 |
|
Write-to-file Shellcode (Win32) | 1208 | multiple | Brett Gervasoni |
| 2010-07-08 |
|
91 bytes Find all writeable folder in filesystem linux polymorphic shellcode | 590 | linux | gunslinger_ |
| 2010-07-07 |
|
ARM Polymorphic execve("/bin/sh", ["/bin/sh"], NULL) Shellcode Generator | 567 | arm | Jonathan Salwan |
| 2010-07-05 |
|
125 bind port to 6778 XOR encoded polymorphic linux shellcode . | 496 | linux | gunslinger_ |
Papers
| Date | D | Description | Author |
|---|---|---|---|
| 2010-07-26 |
|
SQL Injection Tutorial | Prashant Uniyal |
| 2010-07-24 |
|
Cisco VoIP Phones - A Hackers Perspective | chap0 |
| 2010-07-24 |
|
[Indonesian] Linux Buffer Overflow Tutorial III | gunslinger_ |
| 2010-07-20 |
|
[Indonesian] Simple Technique for SQLi Form Login Bypass | haripinter |
| 2010-07-12 |
|
SQL Injection Authentication Bypass | novaca!ne |
| 2010-07-10 |
|
HoneyPot: Explained | s1ayer |
| 2010-07-03 |
|
[Hebrew] Digital Whisper Security Magazine #9 | cp77fk4r and Unde. |