CVE Certified

The Exploit Database

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D A V   Description Plat. Author
2014-09-15 Download Vulnerable Application Verified   Http File Server 2.3.x - Remote Command Execution windows Daniele Linguaglo.
2014-09-15 - Verified   Railo Remote File Include multiple metasploit
2014-09-15 - Verified   ManageEngine Eventlog Analyzer Arbitrary File Upload multiple metasploit
2014-09-15 - Verified   SolarWinds Storage Manager Authentication Bypass java metasploit
2014-09-09 - Verified   ManageEngine Desktop Central StatusUpdate Arbitrary File Upload windows metasploit
2014-09-09 - Waiting verification   ALCASAR 2.8 Remote Root Code Execution Vulnerability linux eF
2014-09-01 Download Vulnerable Application Verified   Wing FTP Server Authenticated Command Execution windows metasploit

Local Exploits

Date D A V   Description Plat. Author
2014-08-31 Download Vulnerable Application Verified   HTML Help Workshop 1.4 - Local Buffer Overflow Exploit (SEH) windows mr.pr0n
2014-09-01 Download Vulnerable Application Verified   LeapFTP 3.1.0 - URL Handling SEH Buffer Overflow windows k3170makan
2014-08-27 - Verified   glibc Off-by-One NUL Byte gconv_translit_find Exploit linux taviso and scaryb.
2014-08-20 Download Vulnerable Application Verified   BlazeDVD Pro 7.0 (.plf) - Buffer Overflow (SEH) windows metacom
2014-08-13 - Verified   VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation windows metasploit
2014-08-12 Download Vulnerable Application Verified   BlazeDVD Pro 7.0 - (.plf) Stack Based Buffer Overflow (Direct RET) windows Giovanni Bartolom.
2014-08-05 - Verified   Symantec Endpoint Protection 11.x, 12.x - Kernel Pool Overflow windows ryujin & sickness

Web Applications

Date D A V   Description Plat. Author
2014-09-15 - Waiting verification   Briefcase 4.0 iOS - Code Execution & File Include Vulnerability ios Vulnerability-Lab
2014-09-16 - Waiting verification   USB&WiFi Flash Drive 1.3 iOS - Code Execution Vulnerability ios Vulnerability-Lab
2014-09-15 - Waiting verification   ALCASAR <= 2.8.1 - Remote Root Code Execution Vulnerability php eF
2014-09-15 - Waiting verification   CacheGuard-OS 5.7.7 - CSRF Vulnerability linux William Costa
2014-09-09 - Verified   Wordpress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities php Fikri Fadzil

DoS/PoC

Date D A V   Description Plat. Author
2014-09-09 Download Vulnerable Application Waiting verification   PHP Stock Management System 1.02 - Multiple Vulnerabilty aix jsass
2014-09-05 Download Vulnerable Application Verified   BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit windows Robert Kugler
2014-08-29 Download Vulnerable Application Verified   HTML Help Workshop 1.4 - (SEH) Buffer Overflow windows Moroccan Kingdom .
2014-08-28 - Waiting verification   Internet Explorer MS14-029 Memory Corruption PoC windows PhysicalDrive0
2014-08-09 - Waiting verification   SHARP MX Series - Denial of Service hardware pws
2014-08-09 - Waiting verification   Sky Broadband Router SR101 - Weak WPA-PSK Generation Algorithm hardware Matt O'Connor

Shellcode

Date D   Description Plat. Author
2014-09-09   Obfuscated Shellcode Linux x86 - chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User & Execute /bin/bash linux Ali Razmjoo
2014-08-04   Shellcode Linux x86 - chmod (777 /etc/passwd & /etc/shadow), Add New Root User (ALI/ALI) & Execute /bin/sh linux Ali Razmjoo
2014-06-22   Windows All Versions - Add Admin User Shellcode (194 bytes) windows Giuseppe D'Amore
2014-07-14   Socket Re-use Shellcode for Linux x86 (50 bytes) lin_x86 ZadYree
2013-11-04   MIPS Little Endian Reverse Shell Shellcode (Linux) hardware Jacob Holcomb
2013-10-16   Messagebox Shellcode (113 bytes) - Any Windows Version windows Giuseppe D'Amore
2013-09-23   Linux/x86 Multi-Egghunter lin_x86 Ryan Fenno

Papers

Date D   Description Author
2014-09-09 Breaking the Sandbox Sudeep Singh
2014-09-01 [Spanish] Design and Implementation of a Voice Encryption System for Telephone Networks Fabian Valero Duq.
2014-09-01 Outsmarted - Why Malware Works in the Face of Antivirus Software SySS GmbH
2014-08-09 [Romanian] Stack Based Buffer Overflow Poyo VL
2014-07-29 [Turkish] SQLMap CSRF Bypass ibrahim balic
2014-07-02 [Hebrew] Digital Whisper Security Magazine #52 cp77fk4r & UnderW.
2014-06-30   Back To The Future: Unix Wildcards Gone Wild Leon Juranic