Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2019-02-19	XAMPP 5.6.8 – SQL Injection / Persistent Cross-Site Scripting	webapps	php	Rafael Pedrero
2019-02-19	Ask Expert Script 3.0.5 – Cross Site Scripting / SQL Injection	webapps	php	Mr Winst0n
2019-02-19	Listing Hub CMS 1.0 – ‘pages.php id’ SQL Injection	webapps	php	Deyaa Muhammad
2019-02-19	Find a Place CMS Directory 1.5 – ‘assets/external/data_2.php cate’ SQL Injection	webapps	php	Deyaa Muhammad
2019-02-19	Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 – Path Traversal / Cross-Site Scripting	webapps	jsp	Rafael Pedrero
2019-02-18	Oracle Java Runtime Environment – Heap Out-of-Bounds Read During TTF Font Rendering in AlternateSubstitutionSubtable::process	dos	java	Google Security Research
2019-02-18	Apache CouchDB 2.3.0 – Cross-Site Scripting	webapps	multiple	Ozer Goker
2019-02-18	Webiness Inventory 2.3 – ‘ProductModel’ Arbitrary File Upload	webapps	php	Mehmet EMIROGLU
2019-02-18	MISP 2.4.97 – SQL Command Execution via Command Injection in STIX Module	webapps	php	Tm9jdGlz
2019-02-18	CMSsite 1.0 – ‘post’ SQL Injection	webapps	php	Mr Winst0n
2019-02-18	Realterm Serial Terminal 2.0.0.70 – Local Buffer Overflow (SEH)	dos	windows	Alejandra Sánchez
2019-02-18	Realterm Serial Terminal 2.0.0.70 – Denial of Service	dos	windows	Alejandra Sánchez
2019-02-18	qdPM 9.1 – ‘search[keywords]’ Cross-Site Scripting	webapps	php	Mehmet EMIROGLU
2019-02-18	Master IP CAM 01 3.3.4.2103 – Remote Command Execution	webapps	cgi	Raffaele Sabato
2019-02-18	NBMonitor 1.6.5.0 – ‘Key’ Denial of Service (PoC)	dos	windows	Alejandra Sánchez
2019-02-18	mIRC < 7.55 - 'Custom URI Protocol Handlers' Remote Command Execution	remote	windows	ProofOfCalc
2019-02-18	M/Monit 3.7.2 – Privilege Escalation	webapps	multiple	Dolev Farhi
2019-02-18	Oracle Java Runtime Environment – Heap Out-of-Bounds Read During TTF Font Rendering in OpenTypeLayoutEngine::adjustGlyphPositions	dos	java	Google Security Research
2019-02-18	Oracle Java Runtime Environment – Heap Out-of-Bounds Read During TTF Font Rendering in ExtractBitMap_blocClass	dos	java	Google Security Research
2019-02-18	qdPM 9.1 – ‘type’ Cross-Site Scripting	webapps	php	Mehmet EMIROGLU
2019-02-18	Oracle Java Runtime Environment – Heap Out-of-Bounds Read During OTF Font Rendering in glyph_CloseContour	dos	java	Google Security Research
2019-02-18	WordPress Plugin WooCommerce – GloBee (cryptocurrency) Payment Gateway 1.1.1 – Payment Bypass / Unauthorized Order Status Spoofing	webapps	php	GeekHack
2019-02-18	Comodo Dome Firewall 2.7.0 – Cross-Site Scripting	webapps	multiple	Ozer Goker
2019-02-18	Zoho ManageEngine ServiceDesk Plus (SDP) < 10.0 build 10012 - Arbitrary File Upload	webapps	jsp	Dao Duy Hung
2019-02-18	ArangoDB Community Edition 3.4.2-1 – Cross-Site Scripting	webapps	multiple	Ozer Goker
2019-02-15	Jinja2 2.10 – ‘from_string’ Server Side Template Injection	webapps	Python	JameelNabbo
2019-02-15	AirMore 1.6.1 – Denial of Service (PoC)	dos	android	s4vitar
2019-02-15	qdPM 9.1 – ‘search_by_extrafields[]’ SQL Injection	webapps	php	Mehmet EMIROGLU
2019-02-15	Linux – ‘kvm_ioctl_create_device()’ NULL Pointer Dereference	dos	linux	Google Security Research
2019-02-15	Free IP Switcher 3.1 – ‘Computer Name’ Denial of Service (PoC)	dos	windows	Victor Mondragón
2019-02-15	UniSharp Laravel File Manager 2.0.0-alpha7 – Arbitrary File Upload	webapps	php	Mohammad Danish
2019-02-15	MyBB Trash Bin Plugin 1.1.3 – Cross-Site Scripting / Cross-Site Request Forgery	webapps	php	0xB9
2019-02-15	VSCO 1.1.1.0 – Denial of Service (PoC)	dos	windows	0xB9
2019-02-15	Navicat for Oracle 12.1.15 – “Password” Denial of Service (PoC)	dos	windows	Victor Mondragón
2019-02-14	MediaMonkey 4.1.23 – ‘.mp3’ URL Denial of Service (PoC)	dos	windows	Alejandra Sánchez
2019-02-14	exacqVision ESM 5.12.2 – Privilege Escalation	local	windows	bzyo
2019-02-14	ApowerManager 3.1.7 – Phone Manager Remote Denial of Service (PoC)	dos	android	s4vitar
2019-02-14	DomainMOD 4.11.01 – ‘ssl-accounts.php username’ Cross-Site Scripting	webapps	php	Mohammed Abdul Raheem
2019-02-14	Core FTP/SFTP Server 1.2 Build 589.42 – ‘User domain’ Denial of Service (PoC)	dos	windows	Victor Mondragón
2019-02-14	LayerBB 1.1.2 – Cross-Site Request Forgery (Add Admin)	webapps	php	0xB9
2019-02-14	DomainMOD 4.11.01 – ‘category.php CatagoryName, StakeHolder’ Cross-Site Scripting	webapps	php	Mohammed Abdul Raheem
2019-02-14	DomainMOD 4.11.01 – ‘ssl-provider-name’ Cross-Site Scripting	webapps	php	Mohammed Abdul Raheem
2019-02-14	DomainMOD 4.11.01 – ‘assets/add/dns.php’ Cross-Site Scripting	webapps	php	Mohammed Abdul Kareem
2019-02-14	DomainMOD 4.11.01 – ‘assets/edit/host.php?whid=5’ Cross-Site Scripting	webapps	php	Mohammed Abdul Kareem
2019-02-14	WordPress Plugin Booking Calendar 8.4.3 – (Authenticated) SQL Injection	webapps	php	B0UG
2019-02-13	snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (1)	local	linux	Chris Moberly
2019-02-13	snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (2)	local	linux	Chris Moberly
2019-02-13	Rukovoditel Project Management CRM 2.4.1 – Cross-Site Scripting	webapps	php	Mehmet EMIROGLU
2019-02-13	NetworkSleuth 3.0 – ‘Name’ Denial of Service (PoC)	dos	windows	Alejandra Sánchez
2019-02-13	Apple macOS 10.13.5 – Local Privilege Escalation	local	macos	Synacktiv