The ultimate archive of exploits and vulnerable software - A great resource for vulnerability researchers and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.
We are running a general cleanup on the DB and have changed our submission policy - please check it out before submitting exploits to us.
Due to recent DOS attacks, our application downloads are now captcha protected.
We are running a general cleanup on the DB and have changed our submission policy - please check it out before submitting exploits to us.
Due to recent DOS attacks, our application downloads are now captcha protected.
Remote Exploits
| 2010-03-11 | D | - | ![]() |
Skype - URI Handler Input Validation | windows | Paul Craig |
| 2010-03-10 | D | - | ![]() |
Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta) | windows | Trancer |
| 2010-03-09 | D | A | ![]() |
Easy FTP Server v1.7.0.2 CWD Remote BoF - MSF Module | windows | Blake |
| 2010-03-09 | D | - | ![]() |
Apache Spamassassin Milter Plugin Remote Root Command Execution | multiple | Kingcope |
| 2010-03-09 | D | - | ![]() |
SAP GUI version 7.10 WebViewer3D Active-X JIT-Spray Exploit | windows | Alexey Sintsov |
| 2010-03-07 | D | - | ![]() |
Apache 2.2.14 mod_isapi Dangling Pointer Remote SYSTEM Exploit | windows | Brett Gervasoni |
| 2010-03-02 | D | A | ![]() |
ProSSHD v1.2 20090726 Buffer Overflow Exploit | windows | S2 Crew |
Local Exploits
| 2010-03-10 | D | - | ![]() |
Mini-stream Ripper 3.0.1.1 (.m3u) HREF Buffer Overflow | windows | l3D |
| 2010-03-09 | D | - | ![]() |
Lenovo Hotkey Driver <= v5.33 Privilege Escalation | windows | Chilik Tamir |
| 2010-03-08 | D | A | ![]() |
QuickZip 4.x (.zip) 0day Local Universal Buffer Overflow PoC Exploit | windows | corelanc0d3r and mr_me |
| 2010-03-07 | D | - | ![]() |
Tod Miller Sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4 | multiple | kingcope |
| 2010-03-07 | D | A | ![]() |
Yahoo Player v1.0 (.m3u/.pls/.ypl) Buffer Overflow Exploit (SEH) | windows | Mr.tro0oqy |
| 2010-02-26 | D | A | ![]() |
Orbital Viewer v1.04 (.orb) 0day Local Universal SEH Overflow Exploit | windows | mr_me |
| 2010-02-24 | D | A | ![]() |
MediaCoder v0.7.3.4605 Local Buffer Overflow Exploit | windows | fl0 fl0w |
Web Applications
| 2010-03-11 | D | - | ![]() |
Joomla Component com_party SQL Injection Vulnerability | php | DevilZ TM |
| 2010-03-11 | D | - | ![]() |
Joomla Component com_color SQL Injection Vulnerability | php | DevilZ TM |
| 2010-03-11 | D | - | ![]() |
Joomla Component com_gigfe SQL Injection Vulnerability | php | DevilZ TM |
| 2010-03-11 | D | - | ![]() |
Joomla com_products 'intCategoryId' Remote Sql Injection Vulnerability | php | N2n-Hacker |
| 2010-03-11 | D | - | ![]() |
Eros Erotik Webkatalog start.php (rubrik&id) SQL Injection Vulnerability | php | Easy Laster |
| 2010-03-11 | D | - | ![]() |
Joomla Component com_blog SQL Injection Vulnerability | php | DevilZ TM |
| 2010-03-11 | D | A | ![]() |
ANE CMS 1 Persistent XSS Vulnerability | php | Pratul Agrawal |
DoS/PoC
| 2010-03-09 | D | A | ![]() |
JAD java decompiler 1.5.8g (.class) Stack Overflow DoS | windows | l3D |
| 2010-03-09 | D | A | ![]() |
JAD java decompiler 1.5.8g (argument) Local Crash | windows | l3D |
| 2010-03-07 | D | A | ![]() |
TopDownloads MP3 Player 1.0 m3u crash | windows | l3D |
| 2010-03-06 | D | A | ![]() |
Flare <= 0.6 Local Heap Overflow DoS | multiple | l3D |
| 2010-03-06 | D | - | ![]() |
Google Chrome v4.0.249 XML Denial of Service PoC | windows | Blade |
| 2010-03-04 | D | - | ![]() |
Sagem Routers Remote Reset Exploit | hardware | AlpHaNiX |
| 2010-03-04 | D | - | ![]() |
Orb v2.0.01.0049-V2.54.0018 DirectShow DOS | windows | Matthew Bergin |
Shellcode
| 2010-03-11 | D | Windows XP Professional SP2 ita calc.exe shellcode 36 bytes | win32 | Stoke |
| 2010-03-08 | D | JITed exec notepad Shellcode | win32 | Alexey Sintsov |
| 2010-03-07 | D | JITed stage-0 shellcode | win32 | Alexey Sintsov |
| 2010-03-04 | D | Linux x86 - disabled modsecurity - 64 bytes | linux/x86 | sekfault |
| 2010-03-01 | D | Windows XP Home Edition SP3 English ( calc.exe ) 37 bytes | win32 | Hazem mofeed |
| 2010-02-28 | D | Windows Xp Home Edition SP2 English ( calc.exe ) 37 bytes | win32 | Hazem mofeed |
| 2010-02-27 | D | Linux x86 - execve /bin/sh - 21 bytes | linux/x86 | ipv |
Papers
| 2010-03-09 | D | Exploit Writing Tutorial Part 9 - Introduction to Win32 shellcoding | corelanc0d3r | |
| 2010-03-09 | D | Exploit Writing Tutorial Part 8 - Win32 Egg Hunting | corelanc0d3r | |
| 2010-03-06 | D | [Portuguese] Sockets em linguagem C | Cooler_ | |
| 2010-03-04 | D | Joomla's RFI Summary | Mr.aFiR | |
| 2010-02-27 | D | [Spanish] Wide WiFi Security | Roberto Amado Gimenez | |
| 2010-02-22 | D | Hacking Oracle from the Web: Exploiting SQL Injection from Web Applications | Sumit Siddharth | |
| 2010-02-22 | D | [Portuguese] Remote Buffer Overflow Exploitation | FuRt3X |

