CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/01/15 12:0 a.m.•8 views

PT-2026-3055

Visual Tools DVR VX16 version 4.2.28 contains a local privilege escalation vulnerability in its Sudo configuration that allows attackers to gain root access. Attackers can exploit the unsafe Sudo settings by using mount commands to bind a shell, enabling unauthorized system-level privileges...

8.5CVSS7.3AI score0.00008EPSS

Exploits0References3

exploitpack•added 2015/01/04 4:34 p.m.•15 views

Apache-mod_cgi-Shellshock

Shellshock apache modcgi remote exploit rhost: victim host rport: victim port for TCP shell binding lhost: attacker host for TCP shell reversing lport: attacker port for TCP shell reversing pages: specific cgi vulnerable pages separated by comma proxy: host:port proxy ! /usr/bin/env python from...

0.3AI score

seebug.org•added 2014/07/01 12:0 a.m.•20 views

Serial port shell binding, busybox Launching shellcode

No description provided by source. / General: Serial port shell binding, busybox launching shellcode.. yey! Specific: really wish i could tell you what i needed this for.. but meh.. this will bind a busybox sh shell to /dev/ttyS0, the shellcode does not alter the baudrate settings.. 9600 is the...

The Hacker News•added 2012/02/10 10:45 a.m.•9 views

Trixd00r v0.0.1 - An Invisible TCP/IP based backdoor for UNIX systems

Trixd00r v0.0.1 - An Invisible TCP/IP based backdoor for UNIX systems NullSecurity Team Releases "Trixd00r v0.0.1" an advanced and invisible TCP/IP based userlandbackdoor for UNIX systems. It consists of a server and a client. The server sits and waits for magic packets using a sniffer. If a magi...

7AI score

0day.today•added 2010/04/03 12:0 a.m.•64 views

Sun Microsystems Sun Java System Web Server remote exploit

Exploit for linux platform in category remote exploits ========================================================== Sun Microsystems Sun Java System Web Server remote exploit ========================================================== Sun Microsystems Sun Java System Web Server remote exploit for...

7.1AI score0.88394EPSS

Exploits20

Exploit DB•added 2009/04/30 12:0 a.m.•34 views

Serial port shell binding & busybox Launching shellcode

Serial port shell binding, busybox Launching shellcode. Shellcode exploit for linx86 platform / General: Serial port shell binding, busybox launching shellcode.. yey! Specific: really wish i could tell you what i needed this for.. but meh.. this will bind a busybox sh shell to /dev/ttyS0, the...

0.2AI score

seebug.org•added 2009/04/30 12:0 a.m.•9 views

Serial port shell binding busybox Launching shellcode

seebug.org•added 2008/07/07 12:0 a.m.•9 views

Apple iTunes Playlist Local Parsing Buffer Overflow Exploit

No description provided by source. / PoC for iTunes on OS X 10.3.7 - [email protected] - Generates a .pls file, when loaded in iTunes it binds a shell to port 4444. Shellcode contains no \x00 or \x0a's. sample output: -nemo@gir:$ ./fm-eyetewnz foo.pls - fm-eyetewnz - - [email protected] -...

myhack58•added 2007/02/14 12:0 a.m.•32 views

Create your own simple Backdoor-vulnerability warning-the black bar safety net

We all know nc is a powerful and flexible hacking tools, he can do many things, such as a telnet client port, such as the invasion of time to bounce back the shell, such as scanning...... But have you ever wondered will he build into a service-level Backdoor? Now much better with me as the rookie...

7.3AI score

Packet Storm•added 2007/01/13 12:0 a.m.•17 views

arcserve.py.txt

!/usr/bin/python Remote exploit for buffer overflow vulnerability in CA BrightStor Arcserve tapeeng.exe service. Tested on windows 2000 SP4. Binds shell to TCP port 4443 Winny M Thomas ;- Author shall bear no responsibility for any screw ups caused by using this code from impacket.dcerpc import...

Packet Storm•added 2006/06/26 12:0 a.m.•42 views

excelExploit.txt

/--------------------------------------------------------------------- Microsoft Excel Remote Code Execution Proof Of Concept. Tested against : Excel 2000 on Win XP SP1 , and Win2000 SP4 Description: Microsoft Excel is prone to a remote code execution issue which may be triggered when a malformed...

seebug.org•added 2006/05/05 12:0 a.m.•21 views

Quake 3 Engine 1.32b R_RemapShader() Remote Client BoF Exploit

No description provided by source. // remapthis.c - "RRemapShader" q3 engine 1.32b client remote bof exploit // by landser - landser at hotmail.co.il // // this code works as a preloaded shared library on a game server, // it hooks two functions on the running server: // svcdirectconnect that is...

exploitpack•added 2004/09/27 12:0 a.m.•51 views

Microsoft Windows - JPEG GDI+ BindReverseAdminFile Download

Microsoft Windows - JPEG GDI+ BindReverseAdminFile Download / Exploit Name: ============= JpegOfDeath.M.c v0.6.a All in one Bind/Reverse/Admin/FileDownload ============= Tweaked Exploit By M4Z3R For GSO All Credits & Greetings Go To: ========== FoToZ, Nick DeBaggis, MicroSoft, Anthony Rocha,...

0day.today•added 2003/11/13 12:0 a.m.•16 views

MS Frontpage Server Extensions fp30reg.dll Exploit (MS03-051)

Exploit for unknown platform in category remote exploits ============================================================= MS Frontpage Server Extensions fp30reg.dll Exploit MS03-051 ============================================================= / Frontpage fp30reg.dll Overflow MS03-051 discovered by...

exploitpack•added 2003/01/10 12:0 a.m.•20 views

Half-Life StatsMe 2.6.x Plugin - CMD_ARGV Buffer Overflow

Half-Life StatsMe 2.6.x Plugin - CMDARGV Buffer Overflow // source: https://www.securityfocus.com/bid/6575/info // The Half-Life StatsMe plug-in is prone to an exploitable buffer overflow condition. This issue may be exploited by an attacker who can authenticate with the rcon-password of the...

0.7AI score

Exploit DB•added 2003/01/10 12:0 a.m.•22 views

Half-Life StatsMe 2.6.x Plugin - MakeStats Format String

// source: https://www.securityfocus.com/bid/6578/info // The Half-Life StatsMe plug-in is prone to an exploitable format string vulnerability. This issue may be exploited by an attacker who can authenticate with the rcon-password of the Half-Life server to execute arbitrary code in the context o...

CERT•added 2002/03/03 12:0 a.m.•28 views

cryptcat does not encrypt data communications when -e command argument is used

Overview With certain options used, cryptcat does not encrypt network connections as expected. Description Cryptcat is an enhanced version of netcat that adds twofish encryption.If cryptcat is started in listen server mode binding a shell to a network port, cryptcat fails to enable encryption...

6.8AI score

Exploits0References1

Exploit DB•added 2000/11/17 12:0 a.m.•122 views

ListMail 112 - Command Execution

!/usr/bin/perl -w Listmail v112 by P.M.Systems / PoC Exploit Listmail is a powerful, hands-free mailing list manager which is exploitable due to an insecure open call. This exploit will attempt to bind a shell at port 60179/fido by using inetd. Code to spawn an xterm is as always included...

0day.today•added 2000/11/17 12:0 a.m.•64 views

UtilMind Mail List 1.7 - Users Can Execute Commands

Exploit for cgi platform in category web applications =================================================== UtilMind Mail List 1.7 - Users Can Execute Commands =================================================== !/usr/bin/perl -w Mailing List & News Version 1.7 / PoC Exploit. UtilMind Solutions /...