CVE Certified

The Exploit Database

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D A V   Description Plat. Author
2014-09-29 - Verified   Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.0 Bypass (MS12-037) windows ryujin & sickness
2014-09-25 - Verified   GNU bash Environment Variable Command Injection linux Stephane Chazelas
2014-09-25 - Verified   Bash Environment Variables Code Injection Exploit linux Prakhar Prasad & .
2014-09-25 - Verified   GNU bash Environment Variable Command Injection (MSF) cgi Shaun Colley
2014-09-24 - Verified   EMC AlphaStor Device Manager Opcode 0x75 Command Injection windows metasploit
2014-09-24 - Verified   Advantech WebAccess dvs.ocx GetColor Buffer Overflow windows metasploit
2014-09-15 Download Vulnerable Application Verified   Http File Server 2.3.x - Remote Command Execution windows Daniele Linguaglo.

Local Exploits

Date D A V   Description Plat. Author
2014-08-31 Download Vulnerable Application Verified   HTML Help Workshop 1.4 - Local Buffer Overflow Exploit (SEH) windows mr.pr0n
2014-09-01 Download Vulnerable Application Verified   LeapFTP 3.1.0 - URL Handling SEH Buffer Overflow windows k3170makan
2014-08-27 - Verified   glibc Off-by-One NUL Byte gconv_translit_find Exploit linux taviso and scaryb.
2014-08-20 Download Vulnerable Application Verified   BlazeDVD Pro 7.0 (.plf) - Buffer Overflow (SEH) windows metacom
2014-08-13 - Verified   VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation windows metasploit
2014-08-12 Download Vulnerable Application Verified   BlazeDVD Pro 7.0 - (.plf) Stack Based Buffer Overflow (Direct RET) windows Giovanni Bartolom.
2014-08-05 - Verified   Symantec Endpoint Protection 11.x, 12.x - Kernel Pool Overflow windows ryujin & sickness

Web Applications

Date D A V   Description Plat. Author
2014-09-29 - Waiting verification   GS Foto Uebertraeger 3.0 iOS - File Include Vulnerability ios Vulnerability-Lab
2014-09-29 - Waiting verification   Microsoft Exchange IIS HTTP Internal IP Address Disclosure windows Nate Power
2014-09-29 - Waiting verification   OpenFiler 2.99.1 - CSRF Vulnerability php Dolev Farhi
2014-09-25 Download Vulnerable Application Waiting verification   Wordpress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities php dxw
2014-09-25 Download Vulnerable Application Verified   OsClass 3.4.1 (index.php, file param) - Local File Inclusion php Netsparker
2014-09-25 Download Vulnerable Application Waiting verification   Cart Engine 3.0 - Multiple Vulnerabilities php Quantum Leap
2014-09-25 - Waiting verification   Nucom ADSL ADSLR5000UN ISP Credentials Disclosure hardware Sebastián Magof

DoS/PoC

Date D A V   Description Plat. Author
2014-09-24 - Waiting verification   WS10 Data Server SCADA Exploit Overflow PoC windows Pedro Sánchez
2014-09-20 - Waiting verification   Fast Image Resizer 098 - Local Crash Poc windows niko sec
2014-09-20 - Waiting verification   Seafile-server <= 3.1.5 - Remote DoS windows nop nop
2014-09-09 Download Vulnerable Application Waiting verification   PHP Stock Management System 1.02 - Multiple Vulnerabilty aix jsass
2014-09-05 Download Vulnerable Application Verified   BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit windows Robert Kugler
2014-08-29 Download Vulnerable Application Verified   HTML Help Workshop 1.4 - (SEH) Buffer Overflow windows Moroccan Kingdom .
2014-08-28 - Waiting verification   Internet Explorer MS14-029 Memory Corruption PoC windows PhysicalDrive0

Shellcode

Date D   Description Plat. Author
2014-09-15   Connect Back Shellcode - 139 bytes linux MadMouse
2014-09-09   Obfuscated Shellcode Linux x86 - chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User & Execute /bin/bash linux Ali Razmjoo
2014-08-04   Shellcode Linux x86 - chmod (777 /etc/passwd & /etc/shadow), Add New Root User (ALI/ALI) & Execute /bin/sh linux Ali Razmjoo
2014-06-22   Windows All Versions - Add Admin User Shellcode (194 bytes) windows Giuseppe D'Amore
2014-07-14   Socket Re-use Shellcode for Linux x86 (50 bytes) lin_x86 ZadYree
2013-11-04   MIPS Little Endian Reverse Shell Shellcode (Linux) hardware Jacob Holcomb
2013-10-16   Messagebox Shellcode (113 bytes) - Any Windows Version windows Giuseppe D'Amore

Papers

Date D   Description Author
2014-09-09 Breaking the Sandbox Sudeep Singh
2014-09-01 [Spanish] Design and Implementation of a Voice Encryption System for Telephone Networks Fabian Valero Duq.
2014-09-01 Outsmarted - Why Malware Works in the Face of Antivirus Software SySS GmbH
2014-08-09 [Romanian] Stack Based Buffer Overflow Poyo VL
2014-07-29 [Turkish] SQLMap CSRF Bypass ibrahim balic
2014-07-02 [Hebrew] Digital Whisper Security Magazine #52 cp77fk4r & UnderW.
2014-06-30   Back To The Future: Unix Wildcards Gone Wild Leon Juranic