CVE Certified

The Exploit Database

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D A V   Description Plat. Author
2014-07-28 Download Vulnerable Application Waiting verification   Oxwall 1.7.0 - Remote Code Execution Exploit php LiquidWorm
2014-07-24 Download Vulnerable Application Verified   Omeka 2.2.1 - Remote Code Execution Exploit php LiquidWorm
2014-07-14 Download Vulnerable Application Verified   Kolibri WebServer 2.0 - GET Request SEH Exploit windows Revin Hadi Saputr.
2014-07-10 Download Vulnerable Application Waiting verification   OpenVAS Manager 4.0 - Authentication Bypass Vulnerability PoC linux EccE
2014-07-21 - Verified   IBM GCM16/32 1.20.0.22575 - Multiple Vulnerabilities php Alejandro Alvarez.
2014-07-16 - Waiting verification   Boat Browser 8.0 and 8.0.1 - Remote Code Execution Vulnerability android c0otlass
2014-07-14 - Verified   D-Link info.cgi POST Request Buffer Overflow hardware metasploit

Local Exploits

Date D A V   Description Plat. Author
2014-07-25 - Verified   MQAC.sys Arbitrary Write Privilege Escalation win32 metasploit
2014-07-19 - Waiting verification   Microsoft XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation windows KoreLogic
2014-07-21 - Waiting verification   Microsoft XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation windows KoreLogic
2014-07-21 - Waiting verification   Linux Kernel ptrace/sysret - Local Privilege Escalation lin_amd64 Vitaly Nikolenko
2014-07-12 - Waiting verification   OpenVPN Private Tunnel Core Service - Unquoted Service Path Elevation Of Privilege win32 LiquidWorm
2014-07-03 - Verified   Ubisoft Uplay 4.6 - Insecure File Permissions Local Privilege Escalation windows LiquidWorm
2014-06-28 Download Vulnerable Application Verified   chkrootkit 0.49 - Local Root Vulnerability linux Thomas Stangner

Web Applications

Date D A V   Description Plat. Author
2014-07-29 - Waiting verification   WiFi HD v7.3.0 iOS - Multiple Vulnerabilities ios Vulnerability-Lab
2014-07-28 Download Vulnerable Application Verified   Sphider 1.3.6 - Multiple Vulnerabilities php Mike Manzotti
2014-07-28 - Waiting verification   Ubiquiti UbiFi / mFi / AirVision - CSRF Vulnerability hardware Seth Art

DoS/PoC

Date D A V   Description Plat. Author
2014-07-24 Download Vulnerable Application Verified   BulletProof FTP Client 2010 - Buffer Overflow (SEH) windows Gabor Seljan
2014-07-24 - Verified   Make 3.81 - Heap Overflow PoC linux HyP
2014-07-22 Download Vulnerable Application Waiting verification   DjVuLibre <= 3.5.25.3 - Out of Bounds Access Violation windows drone
2014-07-21 - Waiting verification   World Of Warcraft 3.3.5a (macros-cache.txt) - Stack Overflow windows Alireza Chegini
2014-07-21 - Waiting verification   Apache 2.4.7 mod_status Scoreboard Handling Race Condition linux Marek Kroemeke
2014-07-18 Download Vulnerable Application Waiting verification   ACME micro_httpd - Denial of Service linux Yuval tisf Nativ
2014-07-16 Download Vulnerable Application Waiting verification   Node Browserify 4.2.0 - Remote Code Execution Vulnerability multiple Cal Leeming

Shellcode

Date D   Description Plat. Author
2014-06-22   Windows All Versions - Add Admin User Shellcode (194 bytes) windows Giuseppe D'Amore
2014-07-14   Socket Re-use Shellcode for Linux x86 (50 bytes) lin_x86 ZadYree
2013-11-04   MIPS Little Endian Reverse Shell Shellcode (Linux) hardware Jacob Holcomb
2013-10-16   Messagebox Shellcode (113 bytes) - Any Windows Version windows Giuseppe D'Amore
2013-09-23   Linux/x86 Multi-Egghunter lin_x86 Ryan Fenno
2013-07-28   Windows RT ARM Bind Shell (Port 4444) arm Matthew Graeber
2013-07-27   MIPS Little Endian Shellcode mips Jacob Holcomb

Papers

Date D   Description Author
2014-07-29 [Turkish] SQLMap CSRF Bypass ibrahim balic
2014-07-02 [Hebrew] Digital Whisper Security Magazine #52 cp77fk4r & UnderW.
2014-06-30   Back To The Future: Unix Wildcards Gone Wild Leon Juranic
2014-06-29   Asterisk Phreaking How-To Akra Macha
2014-06-30 The Ultimate XSS Protection Cheat Sheet for Developers Ajin Abraham
2014-06-28 PoC || GTFO 0x04 Rt. Revd. Dr.
2014-06-25 Hacking Blind Andrea Bittau