CVE Certified

The Exploit Database

The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database.


Remote Exploits

Date D A V   Description Plat. Author
2014-11-26 - Verified   Pandora FMS SQLi Remote Code Execution php metasploit
2014-11-24 - Verified   Hikvision DVR RTSP Request Remote Code Execution linux metasploit
2014-11-20 - Verified   Internet Explorer OLE Pre-IE11 - Automation Array Remote Code Execution / Powershell VirtualAlloc (MS14-064) windows GradiusX & b33f
2014-11-18 - Verified   Samsung Galaxy KNOX Android Browser RCE android metasploit
2014-11-18 - Verified   MantisBT XmlImportExport Plugin PHP Code Injection Vulnerability php metasploit
2014-11-17 - Verified   Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.1 Bypass (MS12-037) windows ryujin & sickness
2014-11-17 - Waiting verification   .NET Remoting Services Remote Command Execution windows James Forshaw

Local Exploits

Date D A V   Description Plat. Author
2014-11-26 Download Vulnerable Application Waiting verification   Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 (.wax) SEH Buffer Overflow windows Muhamad Fadzil Ra.
2014-11-25 - Waiting verification   Linux Kernel libfutex Local Root for RHEL/CentOS 7.0.1406 linux Kaiqu Chen
2014-11-22 - Waiting verification   Privacyware Privatefirewall 7.0 - Unquoted Service Path Privilege Escalation windows LiquidWorm
2014-11-14 Download Vulnerable Application Verified   OSSEC 2.8 - Insecure Temporary File Creation Vulnerability Privilege Escalation linux skynet-13
2014-11-14 - Verified   MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python windows metasploit
2014-11-14 - Verified   MS14-064 Microsoft Windows OLE Package Manager Code Execution windows metasploit

Web Applications

Date D A V   Description Plat. Author
2014-11-24 - Waiting verification   RobotStats 1.0 - (robot param) SQL Injection Vulnerability php ZoRLu Bugrahan
2014-11-26 - Waiting verification   xEpan 1.0.1 - CSRF Vulnerability php High-Tech Bridge .
2014-11-26 - Waiting verification   Device42 WAN Emulator 2.3 Traceroute Command Injection cgi Brandon Perry
2014-11-26 - Waiting verification   Device42 WAN Emulator 2.3 Ping Command Injection cgi Brandon Perry
2014-11-26 - Waiting verification   Slider Revolution/Showbiz Pro Shell Upload Exploit php Simo Ben Youssef
2014-11-24 - Waiting verification   Wordpress wpDataTables Plugin 1.5.3 - SQL Injection Vulnerability php Claudio Viviani
2014-11-24 - Waiting verification   Wordpress wpDataTables Plugin 1.5.3 - Unauthenticated Shell Upload Vulnerability php Claudio Viviani

DoS/PoC

Date D A V   Description Plat. Author
2014-11-24 - Waiting verification   RobotStats 1.0 - HTML Injection Vulnerability aix ZoRLu Bugrahan
2014-11-26 - Waiting verification   Elipse E3 HTTP Denial of Service windows firebitsbr
2014-11-26 - Waiting verification   Android WAPPushManager - SQL Injection android Baidu X-Team
2014-11-25 - Waiting verification   TRENDnet SecurView Wireless Network Camera TV-IP422WN (UltraCamX.ocx) Stack BoF windows LiquidWorm
2014-11-24 - Waiting verification   PHP 5.5.12 Locale::parseLocale Memory Corruption php John Leitch
2014-11-24 - Waiting verification   tcpdump 4.6.2 Geonet Decoder Denial of Service multiple Steffen Bauch
2014-11-19 - Waiting verification   MINIX 3.3.0 Remote TCP/IP Stack DoS linux nitr0us

Shellcode

Date D   Description Plat. Author
2014-11-10   Position independent & Alphanumeric 64-bit execve("/bin/sh\0",NULL,NULL); (87 bytes) linux Breaking.Technolo.
2014-09-25   Linux/x86 Add map in /etc/hosts file lin_x86 Javier Tejedor
2014-09-15   Connect Back Shellcode - 139 bytes linux MadMouse
2014-09-09   Obfuscated Shellcode Linux x86 - chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User & Execute /bin/bash linux Ali Razmjoo
2014-08-04   Shellcode Linux x86 - chmod (777 /etc/passwd & /etc/shadow), Add New Root User (ALI/ALI) & Execute /bin/sh linux Ali Razmjoo
2014-06-22   Windows All Versions - Add Admin User Shellcode (194 bytes) windows Giuseppe D'Amore
2014-07-14   Socket Re-use Shellcode for Linux x86 (50 bytes) lin_x86 ZadYree

Papers

Date D   Description Author
2014-11-25 [Turkish] Embedded Device Security & Zollard Botnet Analysis ibrahim balic
2014-11-24 Deep Dive into ROP Payload Analysis Sudeep Singh
2014-11-06 [Hebrew] Digital Whisper Security Magazine #53 cp77fk4r & UnderW.
2014-11-06 [Hebrew] Digital Whisper Security Magazine #54 cp77fk4r & UnderW.
2014-11-06 [Hebrew] Digital Whisper Security Magazine #55 cp77fk4r & UnderW.