Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2018-06-28

Cisco Adaptive Security Appliance – Path Traversal
  • webapps
  • hardware
    		• Yassine Aboukir
    2018-06-28

    DIGISOL DG-HR3400 Wireless Router – Cross-Site Scripting
  • webapps
  • hardware
    		• Adipta Basu
    2018-06-28

    hycus CMS 1.0.4 – Authentication Bypass
  • webapps
  • php
    		• Berk Dusunur
    2018-06-28

    HongCMS 3.0.0 – (Authenticated) SQL Injection
  • webapps
  • php
    		• Hzllaga
    2018-06-28

    BEESCMS 4.0 – Cross-Site Request Forgery (Add Admin)
  • webapps
  • php
    		• bay0net
    2018-06-27

    HPE VAN SDN 2.7.18.0503 – Remote Root
  • webapps
  • linux
    		• KoreLogic
    2018-06-27

    Quest KACE Systems Management – Command Injection (Metasploit)
  • remote
  • unix
    		• Metasploit
    2018-06-27

    WordPress Core < 4.9.6 - (Authenticated) Arbitrary File Deletion
  • webapps
  • php
    		• VulnSpy
    2018-06-26

    PoDoFo 0.9.5 – Buffer Overflow (PoC)
  • dos
  • linux
    		• r4xis
    2018-06-26

    Liferay Portal < 7.0.4 - Server-Side Request Forgery
  • webapps
  • java
    		• Mehmet Ince
    2018-06-25

    DIGISOL DG-BR4000NG – Cross-Site Scripting
  • webapps
  • hardware
    		• Adipta Basu
    2018-06-25

    DIGISOL DG-BR4000NG – Buffer Overflow (PoC)
  • dos
  • hardware
    		• Adipta Basu
    2018-06-25

    AsusWRT RT-AC750GF – Cross-Site Request Forgery (Change Admin Password)
  • webapps
  • hardware
    		• Wadeek
    2018-06-25

    Intex Router N-150 – Cross-Site Request Forgery (Add Admin)
  • webapps
  • hardware
    		• Samrat Das
    2018-06-25

    KVM (Nested Virtualization) – L1 Guest Privilege Escalation
  • dos
  • linux
    		• Google Security Research
    2018-06-25

    Ecessa ShieldLink SL175EHQ < 10.7.4 - Cross-Site Request Forgery (Add Superuser)
  • webapps
  • hardware
    		• LiquidWorm
    2018-06-25

    Intex Router N-150 – Arbitrary File Upload
  • webapps
  • hardware
    		• Samrat Das
    2018-06-25

    WordPress Plugin Comments Import & Export < 2.0.4 - CSV Injection
  • webapps
  • php
    		• Bhushan B. Patil
    2018-06-25

    Foxit Reader 9.0.1.1049 – Remote Code Execution
  • remote
  • windows
    		• mr_me
    2018-06-25

    WordPress Plugin iThemes Security < 7.0.3 - SQL Injection
  • webapps
  • php
    		• Çlirim Emini
    2018-06-25

    WordPress Plugin Advanced Order Export For WooCommerce < 1.5.4 - CSV Injection
  • webapps
  • php
    		• Bhushan B. Patil
    2018-06-25

    Ecessa Edge EV150 10.7.4 – Cross-Site Request Forgery (Add Superuser)
  • webapps
  • linux
    		• LiquidWorm
    2018-06-25

    Ecessa WANWorx WVR-30 < 10.7.4 - Cross-Site Request Forgery (Add Superuser)
  • webapps
  • hardware
    		• LiquidWorm
    2018-06-22

    phpLDAPadmin 1.2.2 – ‘server_id’ LDAP Injection (Username)
  • webapps
  • php
    		• Berk Dusunur
    2018-06-22

    QEMU Guest Agent 2.12.50 – Denial of Service
  • dos
  • linux
    		• Fakhri Zulkifli
    2018-06-22

    GreenCMS 2.3.0603 – Information Disclosure
  • webapps
  • php
    		• vr_system
    2018-06-22

    Opencart < 3.0.2.0 - Denial of Service
  • dos
  • php
    		• Todor Donev
    2018-06-22

    phpMyAdmin 4.8.1 – (Authenticated) Local File Inclusion (2)
  • webapps
  • php
    		• VulnSpy
    2018-06-21

    LFCMS 3.7.0 – Cross-Site Request Forgery (Add User)
  • webapps
  • php
    		• bay0net
    2018-06-21

    LFCMS 3.7.0 – Cross-Site Request Forgery (Add Admin)
  • webapps
  • php
    		• bay0net
    2018-06-21

    Dell EMC RecoverPoint < 5.1.2 - Remote Root Command Execution
  • remote
  • linux
    		• Paul Taylor
    2018-06-21

    Dell EMC RecoverPoint < 5.1.2 - Local Root Command Execution
  • local
  • linux
    		• Paul Taylor
    2018-06-21

    phpMyAdmin 4.8.1 – (Authenticated) Local File Inclusion (1)
  • webapps
  • php
    		• ChaMd5
    2018-06-20

    Apache CouchDB < 2.1.0 - Remote Code Execution
  • webapps
  • linux
    		• Cody Zacharias
    2018-06-20

    Microsoft Windows 10 – Desktop Bridge Virtual Registry CVE-2018-0880 Incomplete Fix Privilege Escalation
  • dos
  • windows
    		• Google Security Research
    2018-06-20

    VideoInsight WebClient 5 – SQL Injection
  • webapps
  • windows
    		• vosec
    2018-06-20

    Mirasys DVMS Workstation 5.12.6 – Path Traversal
  • webapps
  • windows
    		• Onvio
    2018-06-20

    ntp 4.2.8p11 – Local Buffer Overflow (PoC)
  • dos
  • linux
    		• Fakhri Zulkifli
    2018-06-20

    Redis 5.0 – Denial of Service
  • dos
  • linux
    		• Fakhri Zulkifli
    2018-06-20

    IPConfigure Orchid VMS 2.0.5 – Directory Traversal / Information Disclosure (Metasploit)
  • webapps
  • multiple
    		• Nettitude
    2018-06-20

    NewMark CMS 2.1 – ‘sec_id’ SQL Injection
  • webapps
  • linux
    		• Berk Dusunur
    2018-06-20

    MaDDash 2.0.2 – Directory Listing
  • webapps
  • java
    		• ManhNho
    2018-06-20

    TP-Link TL-WA850RE – Remote Command Execution
  • webapps
  • hardware
    		• yoresongo
    2018-06-20

    Microsoft Windows 10 – Desktop Bridge Activation Arbitrary Directory Creation Privilege Escalation
  • dos
  • windows
    		• Google Security Research
    2018-06-18

    Nikto 2.1.6 – CSV Injection
  • local
  • linux
    		• Adam Greenhill
    2018-06-18

    Microsoft COM for Windows – Privilege Escalation
  • local
  • windows
    		• Code White
    2018-06-18

    Pale Moon Browser < 27.9.3 - Use After Free (PoC)
  • local
  • windows
    		• Berk Cem Göksel
    2018-06-18

    Redatam Web Server < 7 - Directory Traversal
  • webapps
  • windows
    		• Berk Dusunur
    2018-06-18

    Redis-cli < 5.0 - Buffer Overflow (PoC)
  • local
  • linux
    		• Fakhri Zulkifli
    2018-06-18

    Audiograbber 1.83 – Local Buffer Overflow (SEH)
  • local
  • windows
    		• Dennis 'dhn' Herrmann