Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2018-10-16

MV Video Sharing Software 1.2 – ‘searchname’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-10-16

    Solaris – RSH Stack Clash Privilege Escalation (Metasploit)
  • local
  • solaris
    		• Metasploit
    2018-10-16

    Microsoft Windows – ‘FSCTL_FIND_FILES_BY_SID’ Information Disclosure
  • dos
  • windows
    		• Google Security Research
    2018-10-16

    Git Submodule – Arbitrary Code Execution
  • local
  • linux
    		• joernchen
    2018-10-15

    KORA 2.7.0 – ‘cid’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-10-15

    Centos Web Panel 0.9.8.480 – Multiple Vulnerabilities
  • webapps
  • php
    		• seccops
    2018-10-15

    Advanced HRM 1.6 – Remote Code Execution
  • webapps
  • php
    		• Renos Nikolaou
    2018-10-15

    Snes9K 0.0.9z – Buffer Overflow (SEH)
  • local
  • windows_x86
    		• Abdullah Alıç
    2018-10-15

    NoMachine < 5.3.27 - Remote Code Execution
  • remote
  • windows
    		• hyp3rlinx
    2018-10-15

    FLIR AX8 Thermal Camera 1.32.16 – Remote Code Execution
  • webapps
  • hardware
    		• LiquidWorm
    2018-10-15

    FLIR AX8 Thermal Camera 1.32.16 – Arbitrary File Disclosure
  • webapps
  • hardware
    		• LiquidWorm
    2018-10-15

    Academic Timetable Final Build 7.0a-7.0b – ‘id’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-10-15

    AlchemyCMS 4.1 – Cross-Site Scripting
  • webapps
  • ruby
    		• Ismail Tasdelen
    2018-10-15

    Academic Timetable Final Build 7.0 – Information Disclosure
  • webapps
  • php
    		• Ihsan Sencan
    2018-10-15

    MaxOn ERP Software 8.x-9.x – ‘nomor’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-10-15

    FLIR Brickstream 3D+ 2.1.742.1842 – Config File Disclosure
  • webapps
  • hardware
    		• LiquidWorm
    2018-10-15

    FLIR AX8 Thermal Camera 1.32.16 – RTSP Stream Disclosure
  • webapps
  • hardware
    		• LiquidWorm
    2018-10-15

    Academic Timetable Final Build 7.0b – Cross-Site Request Forgery (Add Admin)
  • webapps
  • php
    		• Ihsan Sencan
    2018-10-15

    FLIR Brickstream 3D+ – RTSP Stream Disclosure
  • webapps
  • hardware
    		• LiquidWorm
    2018-10-15

    College Notes Management System 1.0 – ‘user’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-10-12

    HaPe PKH 1.1 – Arbitrary File Upload
  • webapps
  • php
    		• Ihsan Sencan
    2018-10-12

    D-Link Routers – Directory Traversal
  • webapps
  • hardware
    		• Blazej Adamczyk
    2018-10-12

    CAMALEON CMS 2.4 – Cross-Site Scripting
  • webapps
  • ruby
    		• Ismail Tasdelen
    2018-10-12

    LUYA CMS 1.0.12 – Cross-Site Scripting
  • webapps
  • php
    		• Ismail Tasdelen
    2018-10-12

    HaPe PKH 1.1 – Cross-Site Request Forgery (Update Admin)
  • webapps
  • php
    		• Ihsan Sencan
    2018-10-12

    HaPe PKH 1.1 – ‘id’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-10-12

    Phoenix Contact WebVisit 2985725 – Authentication Bypass
  • webapps
  • windows
    		• Photubias
    2018-10-12

    D-Link Routers – Command Injection
  • webapps
  • hardware
    		• Blazej Adamczyk
    2018-10-12

    SugarCRM 6.5.26 – Cross-Site Scripting
  • webapps
  • php
    		• Purplemet Security
    2018-10-12

    D-Link Routers – Plaintext Password
  • webapps
  • hardware
    		• Blazej Adamczyk
    2018-10-11

    WAGO 750-881 01.09.18 – Cross-Site Scripting
  • webapps
  • hardware
    		• SecuNinja
    2018-10-11

    Microsoft SQL Server Management Studio 17.9 – ‘.xel’ XML External Entity Injection
  • local
  • windows
    		• hyp3rlinx
    2018-10-11

    Phoenix Contact WebVisit 6.40.00 – Password Disclosure
  • webapps
  • hardware
    		• Photubias
    2018-10-11

    E-Registrasi Pencak Silat 18.10 – ‘id_partai’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-10-11

    jQuery-File-Upload 9.22.0 – Arbitrary File Upload
  • webapps
  • php
    		• Larry W. Cashdollar
    2018-10-11

    Microsoft SQL Server Management Studio 17.9 – XML External Entity Injection
  • local
  • windows
    		• hyp3rlinx
    2018-10-11

    Wikidforum 2.20 – Cross-Site Scripting
  • webapps
  • php
    		• Amir Hossein Mahboubi
    2018-10-11

    Microsoft SQL Server Management Studio 17.9 – ‘.xmla’ XML External Entity Injection
  • local
  • windows
    		• hyp3rlinx
    2018-10-10

    MicroTik RouterOS < 6.43rc3 - Remote Root
  • remote
  • hardware
    		• Jacob Baines
    2018-10-10

    FileZilla 3.33 – Buffer Overflow (PoC)
  • dos
  • linux
    		• Kağan Çapar
    2018-10-10

    Ektron CMS 9.20 SP2 – Improper Access Restrictions
  • webapps
  • aspx
    		• alt3kx
    2018-10-10

    WhatsApp – RTP Processing Heap Corruption
  • dos
  • android
    		• Google Security Research
    2018-10-09

    Microsoft Edge Chakra JIT – Type Confusion
  • dos
  • windows
    		• Google Security Research
    2018-10-09

    Free MP3 CD Ripper 2.8 – ‘.wma’ Buffer Overflow (SEH) (DEP Bypass)
  • local
  • windows_x86-64
    		• Matteo Malvica
    2018-10-09

    Wikidforum 2.20 – ‘select_sort’ SQL Injection
  • webapps
  • php
    		• seccops
    2018-10-09

    ifwatchd – Privilege Escalation (Metasploit)
  • local
  • linux
    		• Metasploit
    2018-10-09

    Microsoft Edge Chakra JIT – ‘BailOutOnInvalidatedArrayHeadSegment’ Check Bypass
  • dos
  • windows
    		• Google Security Research
    2018-10-09

    Delta Electronics Delta Industrial Automation COMMGR 1.08 – Stack Buffer Overflow (Metasploit)
  • remote
  • windows
    		• Metasploit
    2018-10-09

    Wikidforum 2.20 – ‘message_id’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-10-09

    ghostscript – executeonly Bypass with errorhandler Setup
  • local
  • linux
    		• Google Security Research