combined exploit-db.com and osvdb.org unofficial mirror
A glimpse into one of the most elite zero-day trading networks of the world.




Remote Exploits
PCMAN FTP 2.0.7 - ls Command Buffer Overflow (Metasploit) quanyechavshuo 2016-06-22 win64
Wolf CMS 0.8.2 - Arbitrary File Upload Exploit (Metasploit) s0nk3y 2016-06-22 php
DarkComet Server Remote File Download Exploit (msf) Jos Wetzels 2016-06-21 windows
op5 v7.1.9 Configuration Command Execution metasploit 2016-06-17 linux
Bomgar Remote Support Unauthenticated Code Execution (msf) Markus Wulftange 2016-06-15 linux
Apache Continuum Arbitrary Command Execution metasploit 2016-06-14 linux
Poison Ivy 2.1.x C2 Buffer Overflow (msf) Jos Wetzels 2016-06-10 windows
IPFire proxy.cgi RCE metasploit 2016-06-10 cgi
IPFire Bash Environment Variable Injection (Shellshock) metasploit 2016-06-10 cgi
Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution metasploit 2016-06-10 multiple

Local Exploits
Panda Security Multiple Products - Privilege Escalation Security-Assessment.com 2016-06-27 windows
PInfo 0.6.9-5.1 - Local Buffer Overflow Juan Sacco 2016-06-27 linux
HNB 1.9.18-10 - Local Buffer Overflow Juan Sacco 2016-06-27 linux
Linux - ecryptfs and /proc/$pid/environ Privilege Escalation Google Security Research 2016-06-21 linux
Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow (msf) s0nk3y 2016-06-20 windows
ACROS Security 0patch 2016.05.19.539 - (0PatchServicex64.exe) Unquoted Service Path Privilege Escalation LiquidWorm 2016-06-20 windows
Solarwinds Virtualization Manager - Privilege Escalation Nate Kettlewell 2016-06-16 linux
AdobeUpdateService 3.6.0.248 - Unquoted Service Path Privilege Escalation Cyril Vallicari 2016-06-15 windows
Easy RM to MP3 Converter 2.7.3.700 - (.m3u) Exploit with Universal DEP+ASLR Bypass Fitzl Csaba 2016-06-13 windows
iSQL 1.0 - Shell Command Injection HaHwul 2016-06-13 linux

Web Application Exploits
Untangle NGFW 12.1.0 beta - execEvil() Command Injection Matt Bush 2016-06-28 json
WordPress Ultimate Product Catalog Plugin 3.8.6 - Arbitrary File Upload i0akiN SEC-LABORATORY 2016-06-27 php
OPAC KpwinSQL - SQL Injection bRpsd 2016-06-27 php
Option CloudGate CG0192-11897 - Multiple Vulnerabilities LiquidWorm 2016-06-27 hardware
Kagao 3.0 - Multiple Vulnerabilities N4TuraL 2016-06-27 php
MyLittleForum 2.3.5 - PHP Command Injection hyp3rlinx 2016-06-27 php
iBilling 3.7.0 - Stored and Reflected XSS Bikramaditya Guha 2016-06-27 php
BigTree CMS 4.2.11 - SQL Injection Mehmet Ince 2016-06-27 php
SugarCRM 6.5.18 - PHP Code Injection Egidio Romano 2016-06-27 php
Riverbed SteelCentral NetProfiler & NetExpress 10.8.7 - Multiple Vulnerabilities Security-Assessment.com 2016-06-27 php

DoS/PoC Exploits
Magnet Networks Tesley CPVA 642 Router – Weak WPA-PSK Passphrase Algorithm Matt O'Connor 2016-06-27 hardware
Banshee 2.6.2 - .mp3 Crash PoC Ilca Lucian 2016-06-21 linux
Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap-Based Out-of-Bounds Reads/Memory Disclosure (MS16-074) Google Security Research 2016-06-21 windows
Windows Kernel - ATMFD.DLL NamedEscape 0x250C Pool Corruption (MS16-074) Google Security Research 2016-06-21 windows
Windows - Custom Font Disable Policy Bypass Google Security Research 2016-06-21 win32
Internet Explorer 11 - Garbage Collector Attribute Type Confusion (MS16-063) Skylined 2016-06-21 windows
Blat 3.2.14 - Stack Overflow Vishnu 2016-06-16 windows
Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (1) Nils Sommer 2016-06-15 windows
Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (2) Nils Sommer 2016-06-15 windows
Google Chrome - GPU Process MailboxManagerImpl Double-Read Google Security Research 2016-06-15 linux

Shellcode
Linux x86_64 /etc/passwd File Sender Shellcode Roziul Hasan Khan Shifat 2016-06-28 lin_x86-64
Linux x86 /bin/sh Shellcode + ASLR Bruteforce Pawan Lal 2016-06-27 lin_x86
Linux Netcat Reverse Shell - 32bit - 77 bytes CripSlick 2016-06-23 lin_x86
Windows x86 ShellExecuteA(NULL_NULL__cmd.exe__NULL_NULL_1) Shellcode Roziul Hasan Khan Shifat 2016-06-22 win32
Linux x86_64 execve Shellcode - 15 bytes CripSlick 2016-06-20 lin_x86-64
Windows XP - 10 - Download & Execute Shellcode B3mB4m 2016-06-20 windows
Windows x86 system(_systeminfo_) Shellcode Roziul Hasan Khan Shifat 2016-06-10 win32
Windows x86 WinExec(_cmd.exe__0) Shellcode Roziul Hasan Khan Shifat 2016-06-07 win32
Linux x86 /bin/nc -le /bin/sh -vp13337 Shellcode (56 bytes) sajith 2016-06-07 lin_x86
Linux/Windows/BSD x86_64 execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode odzhancode 2016-06-06 multiple