Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2018-06-18

Microsoft COM for Windows – Privilege Escalation
  • local
  • windows
    		• Code White
    2018-06-18

    Pale Moon Browser < 27.9.3 - Use After Free (PoC)
  • local
  • windows
    		• Berk Cem Göksel
    2018-06-15

    Soroush IM Desktop App 0.15 (beta) – Authentication Bypass
  • local
  • windows
    		• VortexNeoX64
    2018-06-15

    OEcms 3.1 – Cross-Site Scripting
  • webapps
  • php
    		• Renzi
    2018-06-15

    Dimofinf CMS 3.0.0 – Cross-Site Scripting
  • webapps
  • php
    		• Renzi
    2018-06-14

    rtorrent 0.9.6 – Denial of Service
  • dos
  • linux
    		• ecx86
    2018-06-14

    Joomla! Component Ek Rishta 2.10 – SQL Injection
  • webapps
  • php
    		• Guilherme Assmann
    2018-06-13

    MACCMS 10 – Cross-Site Request Forgery (Add User)
  • webapps
  • php
    		• bay0net
    2018-06-13

    glibc – ‘realpath()’ Privilege Escalation (Metasploit)
  • local
  • linux
    		• Metasploit
    2018-06-13

    Microsoft Windows 10 – Child Process Restriction Mitigation Bypass
  • local
  • windows
    		• Google Security Research
    2018-06-13

    DHCP Client – Command Injection ‘DynoRoot’ (Metasploit)
  • remote
  • linux
    		• Metasploit
    2018-06-13

    Redaxo CMS Mediapool Addon < 5.5.1 - Arbitrary File Upload
  • webapps
  • php
    		• h0n1gsp3cht
    2018-06-13

    RSLinx Classic and FactoryTalk Linx Gateway – Privilege Escalation
  • local
  • windows
    		• LiquidWorm
    2018-06-12

    WordPress Plugin Google Map < 4.0.4 - SQL Injection
  • webapps
  • php
    		• defensecode
    2018-06-12

    WordPress Plugin Ultimate Form Builder Lite < 1.3.7 - SQL Injection
  • webapps
  • php
    		• defensecode
    2018-06-12

    Joomla! Component EkRishta 2.10 – ‘username’ SQL Injection
  • webapps
  • php
    		• L0RD
    2018-06-12

    OX App Suite 7.8.4 – Multiple Vulnerabilities
  • webapps
  • xml
    		• Open-Xchange
    2018-06-12

    Canon PrintMe EFI – Cross-Site Scripting
  • webapps
  • php
    		• Huy Kha
    2018-06-11

    Event Manager Admin panel – ‘events_new.php’ SQL injection
  • webapps
  • php
    		• telahdihapus
    2018-06-11

    Siaberry 1.2.2 – Command Injection
  • webapps
  • hardware
    		• Space Duck
    2018-06-11

    WebKitGTK+ < 2.21.3 - 'WebKitFaviconDatabase' Denial of Service (Metasploit)
  • dos
  • linux
    		• Dhiraj Mishra
    2018-06-11

    Schools Alert Management Script – Arbitrary File Read
  • webapps
  • php
    		• M3@Pandas
    2018-06-11

    Schools Alert Management Script – ‘get_sec.php’ SQL Injection
  • webapps
  • php
    		• M3@Pandas
    2018-06-11

    userSpice 4.3.24 – Username Enumeration
  • webapps
  • php
    		• Dolev Farhi
    2018-06-11

    userSpice 4.3.24 – ‘X-Forwarded-For’ Cross-Site Scripting
  • webapps
  • php
    		• Dolev Farhi
    2018-06-11

    Schools Alert Management Script – Arbitrary File Deletion
  • webapps
  • php
    		• M3@Pandas
    2018-06-11

    Joomla! Component EkRishta 2.10 – ‘cid’ SQL Injection
  • webapps
  • php
    		• 41!kh4224rDz
    2018-06-11

    Schools Alert Management Script – SQL Injection
  • webapps
  • php
    		• M3@Pandas
    2018-06-11

    WordPress Plugin Pie Register < 3.0.9 - Blind SQL Injection
  • webapps
  • php
    		• Manuel García Cárdenas
    2018-06-08

    WebKit – WebAssembly Compilation Info Leak
  • dos
  • multiple
    		• Google Security Research
    2018-06-08

    Google Chrome – Integer Overflow when Processing WebAssembly Locals
  • dos
  • multiple
    		• Google Security Research
    2018-06-08

    WebRTC – VP9 Missing Frame Processing Out-of-Bounds Memory Access
  • dos
  • multiple
    		• Google Security Research
    2018-06-08

    TrendMicro OfficeScan XG 11.0 – Change Prevention Bypass
  • local
  • windows
    		• hyp3rlinx
    2018-06-08

    Gnome Web (Epiphany) < 3.28.2.1 - Denial of Service
  • dos
  • linux
    		• rop
    2018-06-08

    Splunk < 7.0.1 - Information Disclosure
  • webapps
  • linux
    		• KoF2002
    2018-06-08

    WebKit – Use-After-Free when Resuming Generator
  • dos
  • multiple
    		• Google Security Research
    2018-06-08

    XiongMai uc-httpd 1.0.0 – Buffer Overflow
  • webapps
  • hardware
    		• Andrew Watson
    2018-06-08

    WebRTC – VP9 Frame Processing Out-of-Bounds Memory Access
  • dos
  • multiple
    		• Google Security Research
    2018-06-07

    WampServer 3.0.6 – Cross-Site Request Forgery
  • webapps
  • php
    		• L0RD
    2018-06-07

    WordPress Plugin Form Maker 1.12.24 – SQL Injection
  • webapps
  • php
    		• defensecode
    2018-06-07

    Ftp Server 1.32 – Credential Disclosure
  • local
  • android
    		• ManhNho
    2018-06-07

    WordPress Plugin Contact Form Maker 1.12.20 – SQL Injection
  • webapps
  • php
    		• defensecode
    2018-06-07

    Monstra CMS < 3.0.4 - Cross-Site Scripting (1)
  • webapps
  • php
    		• DEEPIN2
    2018-06-06

    PHP 7.2.2 – ‘php_stream_url_wrap_http_ex’ Buffer Overflow
  • dos
  • php
    		• Wei Lei and Liu Yang
    2018-06-06

    Apple macOS/iOS Kernel – Heap Overflow Due to Lack of Lower Size Check in getvolattrlist
  • dos
  • multiple
    		• Google Security Research
    2018-06-06

    Apple macOS Kernel – Use-After-Free Due to Lack of Locking in nvidia GeForce Driver
  • dos
  • macos
    		• Google Security Research
    2018-06-06

    XNU Kernel – Heap Overflow Due to Bad Bounds Checking in MPTCP
  • dos
  • multiple
    		• Google Security Research
    2018-06-05

    10-Strike Network Scanner 3.0 – Local Buffer Overflow (SEH)
  • local
  • windows_x86
    		• Hashim Jawad
    2018-06-05

    WebKitGTK+ < 2.21.3 - Crash (PoC)
  • local
  • linux
    		• Dhiraj Mishra
    2018-06-05

    Jenkins Mailer Plugin < 1.20 - Cross-Site Request Forgery (Send Email)
  • webapps
  • linux
    		• Kl3_GMjq6