Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24745Exploits

日期	标题	类型	平台	作者
2019-01-18	One Search 1.1.0.0 – Denial of Service (PoC)	dos	windows	0xB9
2019-01-18	Watchr 1.1.0.0 – Denial of Service (PoC)	dos	windows	0xB9
2019-01-18	SCP Client – Multiple Vulnerabilities (SSHtranger Things)	remote	multiple	Mark E. Haase
2019-01-18	phpTransformer 2016.9 – Directory Traversal	webapps	php	Ihsan Sencan
2019-01-18	phpTransformer 2016.9 – SQL Injection	webapps	php	Ihsan Sencan
2019-01-18	Pydio / AjaXplorer < 5.0.4 - (Unauthenticated) Arbitrary File Upload	webapps	php	_jazz______
2019-01-18	SeoToaster Ecommerce / CRM / CMS 3.0.0 – Local File Inclusion	webapps	php	Ihsan Sencan
2019-01-18	Microsoft Edge Chakra – ‘JsBuiltInEngineInterfaceExtensionObject::InjectJsBuiltInLibraryCode’ Use-After-Free	dos	windows	Google Security Research
2019-01-18	Microsoft Edge Chakra – ‘InitClass’ Type Confusion	dos	windows	Google Security Research
2019-01-17	Check Point ZoneAlarm 8.8.1.110 – Local Privilege Escalation	local	windows	Chris Anastasio
2019-01-17	Microsoft Windows CONTACT – Remote Code Execution	local	windows	hyp3rlinx
2019-01-17	Oracle Reports Developer Component 12.2.1.3 – Cross-site Scripting	webapps	multiple	Mohamed M.Fouad
2019-01-16	GL-AR300M-Lite 2.27 – (Authenticated) Command Injection / Arbitrary File Download / Directory Traversal	webapps	hardware	Pasquale Turi
2019-01-16	NTPsec 1.1.2 – ‘config’ (Authenticated) Out-of-Bounds Write Denial of Service (PoC)	dos	linux	Magnus Klaaborg Stubman
2019-01-16	NTPsec 1.1.2 – ‘ntp_control’ (Authenticated) NULL Pointer Dereference (PoC)	dos	linux	Magnus Klaaborg Stubman
2019-01-16	NTPsec 1.1.2 – ‘ntp_control’ Out-of-Bounds Read (PoC)	dos	linux	Magnus Klaaborg Stubman
2019-01-16	NTPsec 1.1.2 – ‘ctl_getitem’ Out-of-Bounds Read (PoC)	dos	linux	Magnus Klaaborg Stubman
2019-01-16	ShoreTel / Mitel Connect ONSITE 19.49.5200.0 – Remote Code Execution	webapps	php	twosevenzero
2019-01-16	doorGets CMS 7.0 – Arbitrary File Download	webapps	php	Ihsan Sencan
2019-01-16	Roxy Fileman 1.4.5 – Arbitrary File Download	webapps	php	Ihsan Sencan
2019-01-16	Fortinet FortiGate FortiOS < 6.0.3 - LDAP Credential Disclosure	webapps	hardware	Julio Ureña
2019-01-16	blueman – set_dhcp_handler D-Bus Privilege Escalation (Metasploit)	local	linux	Metasploit
2019-01-16	Spotify 1.0.96.181 – ‘Proxy configuration’ Denial of Service (PoC)	dos	windows	Aaron V. Hernandez
2019-01-16	Microsoft Windows 10 – XmlDocument Insecure Sharing Privilege Escalation	local	windows	Google Security Research
2019-01-16	Microsoft Windows 10 – ‘RestrictedErrorInfo’ Unmarshal Section Handle Use-After-Free	dos	windows	Google Security Research
2019-01-16	WebKit JSC JIT – GetIndexedPropertyStorage Use-After-Free	dos	multiple	Google Security Research
2019-01-16	Blueimp’s jQuery File Upload 9.22.0 – Arbitrary File Upload Exploit	webapps	php	Larry W. Cashdollar
2019-01-16	Google Chrome V8 JavaScript Engine 71.0.3578.98 – Out-of-Memory in Invalid Array Length	dos	multiple	Bogdan Kurinnoy
2019-01-16	Coship Wireless Router 4.0.0.48 / 4.0.0.40 / 5.0.0.54 / 5.0.0.55 / 10.0.0.49 – Unauthenticated Admin Password Reset	webapps	hardware	Adithyan AK
2019-01-15	ownDMS 4.7 – SQL Injection	webapps	php	Ihsan Sencan
2019-01-15	Microsoft Windows VCF – Remote Code Execution	local	windows	hyp3rlinx
2019-01-15	1Password < 7.0 - Denial of Service	dos	android	Valerio Brussani
2019-01-14	Bigcart – Ecommerce Multivendor System 1.0 – SQL Injection	webapps	php	Ihsan Sencan
2019-01-14	Modern POS 1.3 – SQL Injection	webapps	php	Ihsan Sencan
2019-01-14	Umbraco CMS 7.12.4 – (Authenticated) Remote Code Execution	webapps	aspx	Gregory Draperi
2019-01-14	Modern POS 1.3 – Arbitrary File Download	webapps	php	Ihsan Sencan
2019-01-14	Job Portal Platform 1.0 – SQL Injection	webapps	php	Ihsan Sencan
2019-01-14	Horde Imp – ‘imap_open’ Remote Command Execution	webapps	php	Paolo Serracino, Pietro Minniti, Damiano Proietti
2019-01-14	Real Estate Custom Script 2.0 – SQL Injection	webapps	php	Ihsan Sencan
2019-01-14	i-doit CMDB 1.12 – SQL Injection	webapps	php	Ihsan Sencan
2019-01-14	ThinkPHP 5.X – Remote Command Execution	webapps	php	vr_system
2019-01-14	i-doit CMDB 1.12 – Arbitrary File Download	webapps	php	Ihsan Sencan
2019-01-14	Hucart CMS 5.7.4 – Cross-Site Request Forgery (Add Administrator Account)	webapps	php	AllenChen
2019-01-14	Across DR-810 ROM-0 – Backup File Disclosure	webapps	hardware	SajjadBnd
2019-01-14	AudioCode 400HD – Command Injection	webapps	cgi	Sysdream
2019-01-14	HealthNode Hospital Management System 1.0 – SQL Injection	webapps	php	Ihsan Sencan
2019-01-14	Portier Vision 4.4.4.2 / 4.4.4.6 – SQL Injection	webapps	windows	SySS GmbH
2019-01-14	Lenovo R2105 – Cross-Site Request Forgery (Command Execution)	webapps	hardware	Nathu Nandwani
2019-01-14	Microsoft Windows 10 – COM Desktop Broker Privilege Escalation	local	windows	Google Security Research
2019-01-14	Cleanto 5.0 – SQL Injection	webapps	php	Ihsan Sencan