Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2023-06-06	Tree Page View Plugin 1.6.7 – Cross Site Scripting (XSS)	webapps	php	LEE SE HYOUNG
2023-06-06	Macro Expert 4.9 – Unquoted Service Path	local	windows	Murat DEMİRCİ
2023-06-04	File Manager Advanced Shortcode 2.3.2 – Unauthenticated Remote Code Execution (RCE)	webapps	php	Mateus Machado Tesser
2023-06-04	MotoCMS Version 3.4.3 – SQL Injection	webapps	php	tmrswrr
2023-06-04	STARFACE 7.3.0.10 – Authentication with Password Hash Possible	webapps	jsp	RedTeam Pentesting GmbH
2023-06-04	Barebones CMS v2.0.2 – Stored Cross-Site Scripting (XSS) (Authenticated)	webapps	php	tmrswrr
2023-06-04	Enrollment System Project v1.0 – SQL Injection Authentication Bypass (SQLI)	webapps	php	VIVEK CHOUDHARY
2023-06-04	Total CMS 1.7.4 – Remote Code Execution (RCE)	webapps	php	tmrswrr
2023-05-31	Faculty Evaluation System 1.0 – Unauthenticated File Upload	webapps	php	URGAN
2023-05-31	Online Security Guards Hiring System 1.0 – Reflected XSS	webapps	php	AFFAN AHMED
2023-05-31	Flexense HTTP Server 10.6.24 – Buffer Overflow (DoS) (Metasploit)	remote	multiple	Ege Balci
2023-05-31	unilogies/bumsys v1.0.3 beta – Unrestricted File Upload	webapps	php	AFFAN AHMED
2023-05-31	SCRMS 2023-05-27 1.0 – Multiple SQL Injection	webapps	php	nu11secur1ty
2023-05-31	Rukovoditel 3.3.1 – CSV injection	webapps	php	Mirabbas Ağalarov
2023-05-31	MotoCMS Version 3.4.3 – Server-Side Template Injection (SSTI)	webapps	multiple	tmrswrr
2023-05-31	Pydio Cells 4.1.2 – Server-Side Request Forgery	webapps	go	RedTeam Pentesting GmbH
2023-05-31	Pydio Cells 4.1.2 – Cross-Site Scripting (XSS) via File Download	webapps	go	RedTeam Pentesting GmbH
2023-05-31	Pydio Cells 4.1.2 – Unauthorised Role Assignments	webapps	go	RedTeam Pentesting GmbH
2023-05-26	Camaleon CMS v2.7.0 – Server-Side Template Injection (SSTI)	webapps	ruby	PARAG BAGUL
2023-05-25	SCM Manager 1.60 – Cross-Site Scripting Stored (Authenticated)	webapps	multiple	neg0x
2023-05-25	Seagate Central Storage 2015.0916 – Unauthenticated Remote Command Execution (Metasploit)	remote	hardware	Ege Balci
2023-05-25	Ulicms 2023.1 – create admin user via mass assignment	webapps	php	Mirabbas Ağalarov
2023-05-25	Zenphoto 1.6 – Multiple stored XSS	webapps	php	Mirabbas Ağalarov
2023-05-25	WBCE CMS 1.6.1 – Multiple Stored Cross-Site Scripting (XSS)	webapps	php	Mirabbas Ağalarov
2023-05-25	Filmora 12 version ( Build 1.0.0.7) – Unquoted Service Paths Privilege Escalation	local	windows	Thurein Soe
2023-05-24	Service Provider Management System v1.0 – SQL Injection	webapps	php	ASHIK KUNJUMON
2023-05-23	CiviCRM 5.59.alpha1 – Stored XSS (Cross-Site Scripting)	webapps	php	Andrea Intilangelo
2023-05-23	Best POS Management System v1.0 – Unauthenticated Remote Code Execution	webapps	php	Mesut Cetin
2023-05-23	Cameleon CMS 2.7.4 – Persistent Stored XSS in Post Title	webapps	ruby	Yasin Gergin
2023-05-23	ChurchCRM v4.5.4 – Reflected XSS via Image (Authenticated)	webapps	php	Rahad Chowdhury
2023-05-23	Hubstaff 1.6.14-61e5e22e – ‘wow64log’ DLL Search Order Hijacking	local	windows	Ahsan Azad
2023-05-23	WordPress Plugin Backup Migration 1.2.8 – Unauthenticated Database Backup	webapps	php	Wadeek
2023-05-23	Bludit CMS v3.14.1 – Stored Cross-Site Scripting (XSS) (Authenticated)	webapps	php	Rahad Chowdhury
2023-05-23	Screen SFT DAB 600/C – Unauthenticated Information Disclosure (userManager.cgx)	remote	hardware	LiquidWorm
2023-05-23	Optoma 1080PSTX Firmware C02 – Authentication Bypass	remote	hardware	Anthony Cole
2023-05-23	GetSimple CMS v3.3.16 – Remote Code Execution (RCE)	webapps	php	Youssef Muhammad
2023-05-23	Screen SFT DAB 600/C – Authentication Bypass Reset Board Config	remote	hardware	LiquidWorm
2023-05-23	TinyWebGallery v2.5 – Remote Code Execution (RCE)	webapps	php	Mirabbas Ağalarov
2023-05-23	Quicklancer v1.0 – SQL Injection	webapps	php	Ahmet Ümit BAYRAM
2023-05-23	Screen SFT DAB 600/C – Authentication Bypass Admin Password Change	remote	hardware	LiquidWorm
2023-05-23	Stackposts Social Marketing Tool v1.0 – SQL Injection	webapps	php	Ahmet Ümit BAYRAM
2023-05-23	Screen SFT DAB 600/C – Authentication Bypass Erase Account	remote	hardware	LiquidWorm
2023-05-23	Smart School v1.0 – SQL Injection	webapps	php	Ahmet Ümit BAYRAM
2023-05-23	Screen SFT DAB 600/C – Authentication Bypass Password Change	remote	hardware	LiquidWorm
2023-05-23	LeadPro CRM v1.0 – SQL Injection	webapps	php	Ahmet Ümit BAYRAM
2023-05-23	Screen SFT DAB 600/C – Authentication Bypass Account Creation	remote	hardware	LiquidWorm
2023-05-23	Yank Note v3.52.1 (Electron) – Arbitrary Code Execution	local	multiple	8bitsec
2023-05-23	PodcastGenerator 3.2.9 – Multiple Stored Cross-Site Scripting (XSS)	webapps	php	Mirabbas Ağalarov
2023-05-23	Gin Markdown Editor v0.7.4 (Electron) – Arbitrary Code Execution	local	multiple	8bitsec
2023-05-23	Trend Micro OfficeScan Client 10.0 – ACL Service LPE	local	windows	msd0pe