Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24745Exploits
日期 标题 类型 平台 作者
2018-12-14

Facebook And Google Reviews System For Businesses 1.1 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-12-13

    CyberLink LabelPrint 2.5 – Stack Buffer Overflow (Metasploit)
  • local
  • windows
    		• Metasploit
    2018-12-13

    WebKit JIT – Int32/Double Arrays can have Proxy Objects in the Prototype Chains
  • dos
  • multiple
    		• Google Security Research
    2018-12-13

    Linux – ‘userfaultfd’ Bypasses tmpfs File Permissions
  • dos
  • linux
    		• Google Security Research
    2018-12-12

    phpBB 3.2.3 – Remote Code Execution
  • webapps
  • php
    		• allyshka
    2018-12-11

    DomainMOD 4.11.01 – Cross-Site Scripting
  • webapps
  • php
    		• Mohammed Abdul Raheem
    2018-12-11

    SmartFTP Client 9.0.2623.0 – Denial of Service (PoC)
  • dos
  • windows
    		• Alejandra Sánchez
    2018-12-11

    PrestaShop 1.6.x/1.7.x – Remote Code Execution
  • webapps
  • php
    		• Fariskhi Vidyan
    2018-12-11

    Alumni Tracer SMS Notification – SQL Injection / Cross-Site Request Forgery
  • webapps
  • php
    		• Ihsan Sencan
    2018-12-11

    Tourism Website Blog – Remote Code Execution / SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-12-11

    GNU inetutils < 1.9.4 - 'telnet.c' Multiple Overflows (PoC)
  • dos
  • linux
    		• Hacker Fantastic
    2018-12-11

    McAfee True Key – McAfee.TrueKey.Service Privilege Escalation
  • local
  • windows
    		• Google Security Research
    2018-12-11

    Adobe ColdFusion 2018 – Arbitrary File Upload
  • webapps
  • multiple
    		• Vahagn Vardanyan
    2018-12-11

    XNU – POSIX Shared Memory Mappings have Incorrect Maximum Protection
  • local
  • multiple
    		• Google Security Research
    2018-12-11

    ThinkPHP 5.0.23/5.1.31 – Remote Code Execution
  • webapps
  • php
    		• VulnSpy
    2018-12-11

    WordPress Plugin AutoSuggest 0.24 – ‘wpas_keys’ SQL Injection
  • webapps
  • php
    		• Kaimi
    2018-12-11

    HotelDruid 2.3.0 – ‘id_utente_mod’ SQL Injection
  • webapps
  • php
    		• Sainadh Jamalpur
    2018-12-11

    Apache OFBiz 16.11.05 – Cross-Site Scripting
  • webapps
  • multiple
    		• DKM
    2018-12-11

    ZTE ZXHN H168N – Improper Access Restrictions
  • webapps
  • hardware
    		• Usman Saeed
    2018-12-11

    Huawei B315s-22 – Information Leak
  • webapps
  • hardware
    		• Usman Saeed
    2018-12-11

    TP-Link wireless router Archer C1200 – Cross-Site Scripting
  • webapps
  • hardware
    		• Usman Saeed
    2018-12-11

    PrinterOn Enterprise 4.1.4 – Arbitrary File Deletion
  • webapps
  • multiple
    		• bzyo
    2018-12-11

    LanSpy 2.0.1.159 – Local Buffer Overflow (PoC)
  • dos
  • windows
    		• Gionathan Reale
    2018-12-10

    Kubernetes – (Authenticated) Arbitrary Requests
  • remote
  • multiple
    		• evict
    2018-12-10

    Kubernetes – (Unauthenticated) Arbitrary Requests
  • remote
  • multiple
    		• evict
    2018-12-09

    Adiscon LogAnalyzer < 4.1.7 - Cross-Site Scripting
  • webapps
  • php
    		• Gustavo Sorondo
    2018-12-09

    i-doit CMDB 1.11.2 – Remote Code Execution
  • webapps
  • php
    		• AkkuS
    2018-12-09

    Textpad 8.1.2 – Denial Of Service (PoC)
  • dos
  • windows_x86
    		• Gionathan Reale
    2018-12-09

    DomainMOD 4.11.01 – ‘DisplayName’ Cross-Site Scripting
  • webapps
  • php
    		• Mohammed Abdul Raheem
    2018-12-05

    HasanMWB 1.0 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-12-04

    Wireshark – ‘find_signature’ Heap Out-of-Bounds Read
  • dos
  • multiple
    		• Google Security Research
    2018-12-04

    Wireshark – ‘cdma2k_message_ACTIVE_SET_RECORD_FIELDS’ Stack Corruption
  • dos
  • multiple
    		• Google Security Research
    2018-12-04

    DomainMOD 4.11.01 – Registrar Cross-Site Scripting
  • webapps
  • php
    		• Mohammed Abdul Raheem
    2018-12-04

    NUUO NVRMini2 3.9.1 – (Authenticated) Command Injection
  • webapps
  • php
    		• Artem Metla
    2018-12-04

    DomainMOD 4.11.01 – Custom SSL Fields Cross-Site Scripting
  • webapps
  • php
    		• Mohammed Abdul Raheem
    2018-12-04

    DomainMOD 4.11.01 – Custom Domain Fields Cross-Site Scripting
  • webapps
  • php
    		• Mohammed Abdul Raheem
    2018-12-04

    Dolibarr ERP/CRM 8.0.3 – Cross-Site Scripting
  • webapps
  • php
    		• AkkuS
    2018-12-04

    KeyBase Botnet 1.5 – SQL Injection
  • webapps
  • php
    		• n4pst3r
    2018-12-04

    NEC Univerge Sv9100 WebPro – 6.00 – Predictable Session ID / Clear Text Password Storage
  • webapps
  • hardware
    		• hyp3rlinx
    2018-12-04

    DomainMOD 4.11.01 – Owner name Field Cross-Site Scripting
  • webapps
  • php
    		• Mohammed Abdul Raheem
    2018-12-04

    OpenSSH < 7.7 - User Enumeration (2)
  • remote
  • linux
    		• Leap Security
    2018-12-04

    Xorg X11 Server (AIX) – Local Privilege Escalation
  • local
  • aix
    		• 0xdono
    2018-12-04

    Rockwell Automation Allen-Bradley PowerMonitor 1000 – Incorrect Access Control Authentication Bypass
  • webapps
  • hardware
    		• Luca.Chiou
    2018-12-04

    FreshRSS 1.11.1 – Cross-Site Scripting
  • webapps
  • php
    		• Netsparker
    2018-12-04

    Microsoft Lync for Mac 2011 – Injection Forced Browsing/Download
  • dos
  • windows
    		• nyxgeek
    2018-12-04

    Emacs – movemail Privilege Escalation (Metasploit)
  • local
  • unix
    		• Metasploit
    2018-12-04

    HP Intelligent Management – Java Deserialization Remote Code Execution (Metasploit)
  • remote
  • windows
    		• Metasploit
    2018-12-03

    WordPress Plugin Advanced-Custom-Fields 5.7.7 – Cross-Site Scripting
  • webapps
  • php
    		• Loading Kura Kura
    2018-12-03

    Budabot 4.0 – Denial of Service (PoC)
  • dos
  • linux
    		• Ryan Delaney
    2018-12-03

    Apache Superset < 0.23 - Remote Code Execution
  • webapps
  • linux
    		• David May