Grizz - Newest Exploit/0day List [UPDATED DAILY]

Is this thread useful to you?

  • Fuck Yes!

    Votes: 0 0.0%

  • No, you suck fat meat!

    Votes: 0 0.0%
  • Total voters
    0

Grizz

Member
Joined
Mar 19, 2011
Posts
30
Reacts
0
Reputation
0
Credits
0
I will be updating this thread on a daily basis with the newest vulnerabilities I know of and corresponding exploits to these vulnerabilities (if existent).
DISCLAIMER: I may or may not have any direct or indirect association with the following vulnerabilities or exploits. I will not be held responsible for what people may or may not do with such information. This information is here for SECURITY and LEARNING purposes ONLY!!

All Vulnerabilities/Exploits from 10/5/2011 and on will be listed, I will not even waste my time listing vulnerabilities older than this date. If you do not see a vulnerability in a certain catagory, check back in a few days and I'm sure I will have some fresh ones.

Web Applications/0days:

10/12/2011 - WordPress GD Star Rating plugin <= 1.9.10 SQL Injection - http://pastebin.com/XceE6A49

10/12/2011 - WP-SpamFree WordPress Spam Plugin SQL Injection Vulnerability - http://pastebin.com/wSi6Vvwe

10/11/2011 - Climeweb Blind SQL Injection Vulnerability - http://pastebin.com/vB1f8cjc

10/10/2011 - MyBB Forum Userbar Plugin (Userbar v2.2) SQL Injection - http://pastebin.com/VaNZDuiK

10/10/2011 - MyBB Advanced Forum Signatures (afsignatures-2.0.4) SQL Injection - http://pastebin.com/7fv0NcPx

10/10/2011 - POSH Multiple Vulnerabilities - http://pastebin.com/AnQmq4sY

10/10/2011 - Cotonti CMS v0.9.4 Multiple Remote Vulnerabilities - http://pastebin.com/ks7wwr72

10/10/2011 - RoundCube 0.3.1 XRF/SQL injection - http://pastebin.com/8M5GiSAb

10/10/2011 - 6kbbs Multiple Vulnerabilities - http://pastebin.com/kcYtBD11

10/10/2011 - Filmis 0.2 Beta Multiple Vulnerabilities - http://pastebin.com/7CMtHw7g

10/10/2011 - KaiBB 2.0.1 SQL Injection vulnerability - http://pastebin.com/ZKUmtbrw

10/10/2011 - Sparhawk (shop) SQL Injection Vulnerability - http://pastebin.com/wS9bWm8w

10/7/2011 - EFront <= 3.6.9 Community Edition Multiple Vulnerabilities - http://pastebin.com/tRPrEtf4

10/7/2011 - Url shortener script 1.0 sql injection Vulnerabilities - http://pastebin.com/BUgzFfzY

Local Host Exploits

10/12/2011 - FreeBSD 8.0 Local Root Exploit - http://pastebin.com/U4EX6kLQ

10/11/2011 - ACDSee FotoSlate PLP File id Parameter Overflow - http://pastebin.com/zwZrvjqB

10/11/2011 - TugZip 3.5 Zip File Parsing Buffer Overflow Vulnerability - http://pastebin.com/rEVUn2tb

10/9/2011 - Linux Kernel 2.6.9-34 Local root Exploit - http://pastebin.com/Nsw2WbQe

10/8/2011 - pkexec Race Condition Privilege Escalation Exploit - http://pastebin.com/YNYr29hS

10/8/2011 - Linux Kernel 2.6.22 Local root Exploit - http://pastebin.com/8FQUZ9Bw

10/7/2011 - Linux Kernel el5 Local root Exploit - http://pastebin.com/GPBmjwd8

10/6/2011 - Linux kernel-2.6.18-6 x86 Local Root Exploit - http://pastebin.com/W7V0H717

10/5/2011 - PolicyKit Pwnage: linux local privilege escalation on polkit-1 <= 0.101 - http://pastebin.com/N8imfKYz

Remote Host Exploits

10/12/2011 - Mozilla Firefox Array.reduceRight() Integer Overflow Exploit - http://pastebin.com/i4xt35dj

10/11/2011 - Apache mod_proxy Reverse Proxy Exposure Vulnerability PoC - http://pastebin.com/hhf28xPh

10/10/2011 - Opera Browser 10/11/12 (SVG layout) Memory Corruption (0day) - http://pastebin.com/W0vHm3c7

10/9/2011 - ScriptFTP <= 3.3 Remote Buffer Overflow (LIST) - http://pastebin.com/MkzmM8QT

10/7/2011 - Spreecommerce 0.60.1 Arbitrary Command Execution - http://pastebin.com/03Lf7NHc

10/6/2011 - Opera 10/11 (bad nesting with frameset tag) Memory Corruption - http://pastebin.com/FbYY9tZn

I will keep this thread updated daily, I just decided I would do this in case anyone wanted to easily keep tabs on the newest vulnerabilities and exploits floating around. Feel free to post any new/unknown vulnerabilities or exploits here and I will add them to the thread.
 
Great tutorial, although I recommend you go a bit more indepth for the noobies out there.

+ repped.

Keep it up.
 
I am the noob ^ he speaks of, but none the less, nice to see more people contributing!
 
thanks this is very interesting ive been trying to get into this for a while
 
Yeah I was thinking about a seperate tutorial on how you execute such exploits. But I thought to myself "This would be far more likely to create a ton of script kiddies, rather than legitimate hackers." So I didn't. :$
 
shelboi said:
grizz are you finding these yourself?
Click to expand...

Some may or may not be my personal discoveries. I'd rather not divulge such information for legal reasons.
 
Nice thanks for this =)
 
Thanks for the daily vulnerabilities Will try them.
 
Updated the thread with another 0day, I will update the thread twice today. ^^
 
You must log in or register to reply here.
Menu
Log in
Register
Cookies are required to use this site. You must accept them to continue using the site. Learn more…