Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2019-01-25

WordPress Plugin Wisechat 2.6.3 – Reverse Tabnabbing
  • webapps
  • php
    		• MTK
    2019-01-25

    Lua 5.3.5 – ‘debug.upvaluejoin’ Use After Free
  • dos
  • multiple
    		• Fady Mohammed Osman
    2019-01-25

    GreenCMS 2.x – Arbitrary File Download
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-25

    Cisco RV320 Dual Gigabit WAN VPN Router 1.4.2.15 – Command Injection
  • webapps
  • hardware
    		• RedTeam Pentesting
    2019-01-25

    GreenCMS 2.x – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-24

    Splunk Enterprise 7.2.3 – (Authenticated) Custom App Remote Code Execution
  • webapps
  • windows
    		• Lee Mazzoleni
    2019-01-24

    Joomla! Component J-CruisePortal 6.0.4 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-24

    SirsiDynix e-Library 3.5.x – Cross-Site Scripting
  • webapps
  • cgi
    		• AkkuS
    2019-01-24

    AddressSanitizer (ASan) – SUID Executable Privilege Escalation (Metasploit)
  • local
  • linux
    		• Metasploit
    2019-01-24

    Joomla! Component JHotelReservation 6.0.7 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-24

    Zyxel NBG-418N v2 Modem 1.00(AAXM.6)C0 – Cross-Site Request Forgery
  • webapps
  • hardware
    		• Ali Can Gönüllü
    2019-01-24

    ImpressCMS 1.3.11 – ‘bid’ SQL Injection
  • webapps
  • php
    		• Mehmet Onder
    2019-01-24

    SimplePress CMS 1.0.7 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-24

    Ghostscript 9.26 – Pseudo-Operator Remote Code Execution
  • remote
  • linux
    		• Google Security Research
    2019-01-24

    Microsoft Remote Desktop 10.2.4(134) – Denial of Service (PoC)
  • dos
  • macos
    		• Saeed Hasanzadeh
    2019-01-23

    Joomla! Component vBizz 1.0.7 – Remote Code Execution
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-23

    Joomla! Component vWishlist 1.0.1 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-23

    Microsoft Windows CONTACT – HTML Injection / Remote Code Execution
  • local
  • windows
    		• hyp3rlinx
    2019-01-23

    Joomla! Component vBizz 1.0.7 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-23

    Nagios XI 5.5.6 – Remote Code Execution / Privilege Escalation
  • webapps
  • linux
    		• Chris Lyne
    2019-01-23

    Joomla! Component vAccount 2.0.2 – ‘vid’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-23

    Joomla! Component VMap 1.9.6 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-23

    Joomla! Component J-BusinessDirectory 4.9.7 – ‘type’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-23

    Joomla! Component J-ClassifiedsManager 3.0.5 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-23

    Joomla! Component JMultipleHotelReservation 6.0.7 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-23

    Joomla! Component vReview 1.9.11 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-23

    Joomla! Component vRestaurant 1.9.4 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-22

    Joomla! Component Easy Shop 1.2.3 – Local File Inclusion
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-22

    CloudMe Sync 1.11.2 – Buffer Overflow + Egghunt
  • remote
  • windows
    		• T3jv1l
    2019-01-22

    Microsoft Windows VCF or Contact’ File – URL Manipulation-Spoof Arbitrary Code Execution
  • remote
  • windows
    		• Eduardo Braun Prado
    2019-01-21

    PHP Dashboards NEW 5.8 – Local File Inclusion
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-21

    Kepler Wallpaper Script 1.1 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-21

    PHP Dashboards NEW 5.8 – ‘dashID’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-21

    MoneyFlux 1.0 – ‘id’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-21

    Adianti Framework 5.5.0 – SQL Injection
  • webapps
  • php
    		• Joner de Mello Assolin
    2019-01-21

    Coman 1.0 – ‘id’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-21

    Reservic 1.0 – ‘id’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-21

    Echo Mirage 3.1 – Buffer Overflow (PoC)
  • dos
  • windows
    		• InitD Community
    2019-01-21

    GattLib 0.2 – Stack Buffer Overflow
  • remote
  • linux
    		• Dhiraj Mishra
    2019-01-21

    PHP Uber-style GeoTracking 1.1 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-21

    Linux Kernel 4.13 – ‘compat_get_timex()’ Leak Kernel Pointer
  • dos
  • linux
    		• wally0813
    2019-01-18

    phpTransformer 2016.9 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-18

    FastTube 1.0.1.0 – Denial of Service (PoC)
  • dos
  • windows
    		• 0xB9
    2019-01-18

    phpTransformer 2016.9 – Directory Traversal
  • webapps
  • php
    		• Ihsan Sencan
    2019-01-18

    Pydio / AjaXplorer < 5.0.4 - (Unauthenticated) Arbitrary File Upload
  • webapps
  • php
    		• _jazz______
    2019-01-18

    VPN Browser+ 1.1.0.0 – Denial of Service (PoC)
  • dos
  • windows
    		• 0xB9
    2019-01-18

    Microsoft Edge Chakra – ‘JsBuiltInEngineInterfaceExtensionObject::InjectJsBuiltInLibraryCode’ Use-After-Free
  • dos
  • windows
    		• Google Security Research
    2019-01-18

    7 Tik 1.0.1.0 – Denial of Service (PoC)
  • dos
  • windows
    		• 0xB9
    2019-01-18

    Eco Search 1.0.2.0 – Denial of Service (PoC)
  • dos
  • windows
    		• 0xB9
    2019-01-18

    One Search 1.1.0.0 – Denial of Service (PoC)
  • dos
  • windows
    		• 0xB9