Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2019-02-13

Apple macOS 10.13.5 – Local Privilege Escalation
  • local
  • macos
    		• Synacktiv
    2019-02-13

    PilusCart 1.4.1 – ‘send’ SQL Injection
  • webapps
  • php
    		• Mehmet EMIROGLU
    2019-02-12

    Skyworth GPON HomeGateways and Optical Network Terminals – Stack Overflow
  • dos
  • asp
    		• Kaustubh G. Padwad
    2019-02-12

    OPNsense < 19.1.1 - Cross-Site Scripting
  • webapps
  • php
    		• Ozer Goker
    2019-02-12

    Jenkins 2.150.2 – Remote Command Execution (Metasploit)
  • webapps
  • linux
    		• AkkuS
    2019-02-12

    runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout (1)
  • local
  • linux
    		• feexd
    2019-02-12

    Android – binder Use-After-Free of VMA via race Between reclaim and munmap
  • dos
  • android
    		• Google Security Research
    2019-02-12

    LayerBB 1.1.2 – Cross-Site Scripting
  • webapps
  • php
    		• 0xB9
    2019-02-12

    BlogEngine.NET 3.3.6 – Directory Traversal / Remote Code Execution
  • webapps
  • aspx
    		• Dustin Cobb
    2019-02-12

    Android – binder Use-After-Free via fdget() Optimization
  • dos
  • android
    		• Google Security Research
    2019-02-11

    Webiness Inventory 2.3 – ’email’ SQL Injection
  • webapps
  • php
    		• Mehmet EMIROGLU
    2019-02-11

    Evince – CBT File Command Injection (Metasploit)
  • local
  • linux
    		• Metasploit
    2019-02-11

    River Past Video Cleaner 7.6.3 – Local Buffer Overflow (SEH)
  • local
  • windows
    		• crash_manucoot
    2019-02-11

    River Past Cam Do 3.7.6 – Local Buffer Overflow (SEH)
  • local
  • windows
    		• Achilles
    2019-02-11

    Avast Anti-Virus < 19.1.2360 - Local Credentials Disclosure
  • local
  • windows
    		• Nathu Nandwani
    2019-02-11

    NUUO NVRmini – upgrade_handle.php Remote Command Execution (Metasploit)
  • remote
  • php
    		• Metasploit
    2019-02-11

    Adobe Flash Player – DeleteRangeTimelineOperation Type Confusion (Metasploit)
  • remote
  • osx
    		• Metasploit
    2019-02-11

    IPFire 2.21 – Cross-Site Scripting
  • webapps
  • cgi
    		• Ozer Goker
    2019-02-11

    MyBB Bans List 1.0 – Cross-Site Scripting
  • webapps
  • php
    		• 0xB9
    2019-02-11

    FutureDj Pro 1.7.2.0 – Denial of Service
  • dos
  • windows
    		• Achilles
    2019-02-11

    NordVPN 6.19.6 – Denial of Service (PoC)
  • dos
  • windows
    		• Alejandra Sánchez
    2019-02-11

    CentOS Web Panel 0.9.8.763 – Persistent Cross-Site Scripting
  • webapps
  • linux
    		• DKM
    2019-02-11

    AirDroid 4.2.1.6 – Denial of Service
  • dos
  • android
    		• s4vitar
    2019-02-11

    Smoothwall Express 3.1-SP4 – Cross-Site Scripting
  • webapps
  • cgi
    		• Ozer Goker
    2019-02-11

    Indusoft Web Studio 8.1 SP2 – Remote Code Execution
  • remote
  • multiple
    		• Jacob Baines
    2019-02-11

    VA MAX 8.3.4 – (Authenticated) Remote Code Execution
  • webapps
  • php
    		• Cody Sixteen
    2019-02-11

    Coship Wireless Router 4.0.0.x/5.0.0.x – WiFi Password Reset
  • webapps
  • hardware
    		• Adithyan AK
    2019-02-11

    IP-Tools 2.5 – ‘Log to file’ Local Buffer Overflow (SEH) (Egghunter)
  • local
  • windows
    		• Juan Prescotto
    2019-02-06

    osCommerce 2.3.4.1 – ‘currency’ SQL Injection
  • webapps
  • php
    		• Mehmet EMIROGLU
    2019-02-06

    osCommerce 2.3.4.1 – ‘reviews_id’ SQL Injection
  • webapps
  • php
    		• Mehmet EMIROGLU
    2019-02-06

    River Past Audio Converter 7.7.16 – Buffer Overflow (SEH)
  • local
  • windows
    		• Matteo Malvica
    2019-02-06

    Skia – Incorrect Convexity Assumptions Leading to Buffer Overflows
  • dos
  • multiple
    		• Google Security Research
    2019-02-06

    osCommerce 2.3.4.1 – ‘products_id’ SQL Injection
  • webapps
  • php
    		• Mehmet EMIROGLU
    2019-02-05

    River Past Audio Converter 7.7.16 – Denial of Service (PoC)
  • dos
  • windows
    		• Achilles
    2019-02-05

    devolo dLAN 550 duo+ Starter Kit – Remote Code Execution
  • webapps
  • hardware
    		• sm
    2019-02-05

    BEWARD N100 H.264 VGA IP Camera M2.1.6 – RTSP Stream Disclosure
  • webapps
  • hardware
    		• LiquidWorm
    2019-02-05

    OpenMRS Platform < 2.24.0 - Insecure Object Deserialization
  • webapps
  • java
    		• Bishop Fox
    2019-02-05

    devolo dLAN 550 duo+ Starter Kit – Cross-Site Request Forgery
  • webapps
  • hardware
    		• sm
    2019-02-05

    BEWARD N100 H.264 VGA IP Camera M2.1.6 – Cross-Site Request Forgery (Add Admin)
  • webapps
  • hardware
    		• LiquidWorm
    2019-02-05

    BEWARD N100 H.264 VGA IP Camera M2.1.6 – Arbitrary File Disclosure
  • webapps
  • hardware
    		• LiquidWorm
    2019-02-05

    Device Monitoring Studio 8.10.00.8925 – Denial of Service (PoC)
  • dos
  • windows
    		• Victor Mondragón
    2019-02-05

    Zyxel VMG3312-B10B DSL-491HNU-B1B v2 Modem – Cross-Site Request Forgery
  • webapps
  • hardware
    		• Yusuf Furkan
    2019-02-05

    BEWARD N100 H.264 VGA IP Camera M2.1.6 – Remote Code Execution
  • webapps
  • hardware
    		• LiquidWorm
    2019-02-04

    SuiteCRM 7.10.7 – ‘parentTab’ SQL Injection
  • webapps
  • php
    		• Mehmet EMIROGLU
    2019-02-04

    SuiteCRM 7.10.7 – ‘record’ SQL Injection
  • webapps
  • php
    		• Mehmet EMIROGLU
    2019-02-04

    MyVideoConverter Pro 3.14 – Denial of Service
  • dos
  • windows
    		• Achilles
    2019-02-04

    pfSense 2.4.4-p1 – Cross-Site Scripting
  • webapps
  • multiple
    		• Ozer Goker
    2019-02-04

    ResourceSpace 8.6 – ‘watched_searches.php’ SQL Injection
  • webapps
  • php
    		• dd_
    2019-02-04

    River Past Ringtone Converter 2.7.6.1601 – Denial of Service (PoC)
  • dos
  • windows
    		• Rafael Pedrero
    2019-02-04

    Nessus 8.2.1 – Cross-Site Scripting
  • webapps
  • multiple
    		• Ozer Goker