Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24745Exploits

日期	标题	类型	平台	作者
2019-05-07	Prinect Archive System 2015 Release 2.6 – Cross-Site Scripting	webapps	multiple	alt3kx
2019-05-06	iOS 12.1.3 – ‘cfprefsd’ Memory Corruption	dos	ios	ZecOps
2019-05-06	NSClient++ 0.5.2.35 – Privilege Escalation	local	windows	bzyo
2019-05-06	microASP (Portal+) CMS – ‘pagina.phtml?explode_tree’ SQL Injection	webapps	asp	felipe andrian
2019-05-06	PHPads 2.0 – ‘click.php3?bannerID’ SQL Injection	webapps	php	felipe andrian
2019-05-06	Xitami Web Server 2.5 – Remote Buffer Overflow (SEH + Egghunter)	remote	windows	ElSoufiane
2019-05-06	ReadyAPI 2.5.0 / 2.6.0 – Remote Code Execution	webapps	multiple	Gilson Camelo
2019-05-06	LG Supersign EZ CMS – Remote Code Execution (Metasploit)	remote	hardware	Alejandro Fanjul
2019-05-03	SolarWinds DameWare Mini Remote Control 10.0 – Denial of Service	dos	windows	Dino Barlattani
2019-05-03	Blue Angel Software Suite – Command Execution	remote	linux	Paolo Serracino, Pietro Minniti, Damiano Proietti
2019-05-03	Microsoft Windows PowerShell ISE – Remote Code Execution	remote	windows	hyp3rlinx
2019-05-03	Zotonic < 0.47.0 mod_admin - Cross-Site Scripting	webapps	multiple	Ramòn Janssen
2019-05-03	Instagram Auto Follow – Authentication Bypass	webapps	php	Veyselxan
2019-05-03	Crestron AM/Barco wePresent WiPG/Extron ShareLink/Teq AV IT/SHARP PN-L703WA/Optoma WPS-Pro/Blackbox HD WPS/InFocus LiteShow – Remote Command Injection	webapps	hardware	Jacob Baines
2019-05-03	WordPress Plugin Social Warfare < 3.5.3 - Remote Code Execution	webapps	php	hash3liZer
2019-05-02	Ruby On Rails – DoubleTap Development Mode secret_key_base Remote Code Execution (Metasploit)	remote	linux	Metasploit
2019-05-01	CentOS Web Panel 0.9.8.793 (Free) / v0.9.8.753 (Pro) / 0.9.8.807 (Pro) – Domain Field (Add DNS Zone) Cross-Site Scripting	webapps	linux	DKM
2019-04-30	Joomla! Component JiFile 2.3.1 – Arbitrary File Download	webapps	php	Mr Winst0n
2019-04-30	Domoticz 4.10577 – Unauthenticated Remote Command Execution	webapps	multiple	Fabio Carretto
2019-04-30	Spring Cloud Config 2.1.x – Path Traversal (Metasploit)	webapps	java	Dhiraj Mishra
2019-04-30	HumHub 1.3.12 – Cross-Site Scripting	webapps	php	Kağan EĞLENCE
2019-04-30	Intelbras IWR 3000N 1.5.0 – Cross-Site Request Forgery	webapps	hardware	Social Engineering Neo
2019-04-30	Joomla! Component ARI Quiz 3.7.4 – SQL Injection	webapps	php	Mr Winst0n
2019-04-30	Intelbras IWR 3000N – Denial of Service (Remote Reboot)	dos	hardware	Social Engineering Neo
2019-04-30	Pimcore < 5.71 - Unserialize Remote Code Execution (Metasploit)	remote	php	Metasploit
2019-04-30	Veeam ONE Reporter 9.5.0.3201 – Persistent Cross-site Scripting (Add/Edit Widget)	webapps	ashx	Seyed Sadegh Khatami
2019-04-30	AIS logistics ESEL-Server – Unauthenticated SQL Injection Remote Code Execution (Metasploit)	remote	windows	Metasploit
2019-04-30	Veeam ONE Reporter 9.5.0.3201 – Persistent Cross-Site Scripting	webapps	ashx	Seyed Sadegh Khatami
2019-04-30	Linux – Missing Locking Between ELF coredump code and userfaultfd VMA Modification	dos	linux	Google Security Research
2019-04-30	Veeam ONE Reporter 9.5.0.3201 – Multiple Cross-Site Request Forgery	webapps	ashx	Seyed Sadegh Khatami
2019-04-30	Oracle Weblogic 10.3.6.0.0 / 12.1.3.0.0 – Remote Code Execution	webapps	windows	Avinash Kumar Thapa
2019-04-30	Netgear DGN2200 / DGND3700 – Admin Password Disclosure	webapps	hardware	Social Engineering Neo
2019-04-30	DeviceViewer 3.12.0.1 – ‘user’ SEH Overflow	local	windows	Hayden Wright
2019-04-30	Freefloat FTP Server 1.0 – ‘STOR’ Remote Buffer Overflow	remote	windows	Kevin Randall
2019-04-30	SpotAuditor 5.2.6 – ‘Name’ Denial of Service (PoC)	dos	windows	Victor Mondragón
2019-04-30	Freefloat FTP Server 1.0 – ‘SIZE’ Remote Buffer Overflow	remote	windows	Kevin Randall
2019-04-30	Agent Tesla Botnet – Information Disclosure	webapps	php	n4pst3r
2019-04-30	Hyvikk Fleet Manager – Shell Upload	webapps	php	saxgy1331
2019-04-30	Moodle 3.6.3 – ‘Install Plugin’ Remote Command Execution (Metasploit)	remote	php	AkkuS
2019-04-26	systemd – DynamicUser can Create setuid Binaries when Assisted by Another Process	dos	linux	Google Security Research
2019-04-26	Apache Pluto 3.0.0 / 3.0.1 – Persistent Cross-Site Scripting	webapps	java	Dhiraj Mishra
2019-04-26	NSauditor 3.1.2.0 – ‘Name’ Denial of Service (PoC)	dos	windows	Victor Mondragón
2019-04-26	NSauditor 3.1.2.0 – ‘Community’ Denial of Service (PoC)	dos	windows	Victor Mondragón
2019-04-25	JioFi 4G M2S 1.0.2 – ‘mask’ Cross-Site Scripting	webapps	hardware	Vikas Chaudhary
2019-04-25	Backup Key Recovery 2.2.4 – Denial of Service (PoC)	dos	windows	Victor Mondragón
2019-04-25	HeidiSQL 10.1.0.5464 – Denial of Service (PoC)	dos	windows	Victor Mondragón
2019-04-25	RARLAB WinRAR 5.61 – ACE Format Input Validation Remote Code Execution (Metasploit)	local	windows	Metasploit
2019-04-25	Lavavo CD Ripper 4.20 – ‘License Activation Name’ Buffer Overflow (SEH)	local	windows	Achilles
2019-04-25	AnMing MP3 CD Burner 2.0 – Denial of Service (PoC)	dos	windows	Achilles
2019-04-25	osTicket 1.11 – Cross-Site Scripting / Local File Inclusion	webapps	php	AkkuS