Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2018-05-08	PlaySMS 1.4 – ‘sendfromfile.php?Filename’ (Authenticated) ‘Code Execution (Metasploit)	remote	php	Metasploit
2018-05-08	PlaySMS – ‘import.php’ (Authenticated) CSV File Upload Code Execution (Metasploit)	remote	php	Metasploit
2018-05-08	2345 Security Guard 3.7 – ‘2345NetFirewall.sys’ Denial of Service	dos	windows_x86	anhkgg
2018-05-08	FTPShell Client 6.7 – Buffer Overflow	remote	windows	r4wd3r
2018-05-08	Palo Alto Networks – ‘readSessionVarsFromFile()’ Session Corruption (Metasploit)	remote	unix	Metasploit
2018-05-06	HWiNFO 5.82-3410 – Denial of Service	dos	windows	bzyo
2018-05-06	CSP MySQL User Manager 2.3.1 – Authentication Bypass	webapps	linux	Youssef Mami
2018-05-06	GNU wget – Cookie Injection	local	linux	Harry Sintonen
2018-05-06	DeviceLock Plug and Play Auditor 5.72 – Unicode Buffer Overflow (SEH)	local	windows	hyp3rlinx
2018-05-06	WordPress Plugin User Role Editor < 4.25 - Privilege Escalation	webapps	php	Tomislav Paskalev
2018-05-04	IceWarp Mail Server < 11.1.1 - Directory Traversal	webapps	php	Trustwave's SpiderLabs
2018-05-04	Microsoft Windows WMI – Recieve Notification Exploit (Metasploit)	local	windows_x86-64	Metasploit
2018-05-04	Google Chrome V8 – Object Allocation Size Integer Overflow	remote	multiple	Google Security Research
2018-05-04	WordPress Plugin WF Cookie Consent 1.1.3 – Cross-Site Scripting	webapps	php	B0UG
2018-05-03	JasperReports – (Authenticated) File Read	webapps	multiple	Hector Monsegur
2018-05-03	GPON Routers – Authentication Bypass / Command Injection	remote	hardware	vpnmentor
2018-05-02	LibreOffice/Open Office – ‘.odt’ Information Disclosure	local	windows	Richard Davy
2018-05-02	WebKit – ‘WebCore::jsElementScrollHeightGetter’ Use-After-Free	dos	multiple	Google Security Research
2018-05-02	TBK DVR4104 / DVR4216 – Credentials Leak	remote	hardware	ezelf
2018-05-02	Easy MPEG to DVD Burner 1.7.11 – Local Buffer Overflow (SEH)	local	windows	Marwan Shamel
2018-05-02	Cockpit CMS 0.4.4 < 0.5.5 - Server-Side Request Forgery	webapps	php	Qian Wu, Bo Wang, Jiawang Zhang
2018-05-02	Adobe Reader PDF – Client Side Request Injection	local	windows	Alex Inführ
2018-05-02	Metasploit Framework – ‘msfd’ Remote Code Execution (via Browser) (Metasploit)	remote	ruby	Metasploit
2018-05-02	Call of Duty Modern Warefare 2 – Buffer Overflow	remote	windows	momo5502
2018-05-02	xdebug < 2.5.5 - OS Command Execution (Metasploit)	remote	php	Metasploit
2018-05-02	Exim < 4.90.1 - 'base64d' Remote Code Execution	remote	linux	straight_blast
2018-05-02	Metasploit Framework – ‘msfd’ Remote Code Execution (Metasploit)	remote	ruby	Metasploit
2018-05-02	Schneider Electric InduSoft Web Studio and InTouch Machine Edition – Denial of Service	dos	windows	Tenable NS
2018-05-02	Norton Core Secure WiFi Router – ‘BLE’ Command Injection (PoC)	remote	hardware	embedi
2018-05-01	WordPress Plugin Responsive Cookie Consent 1.7 / 1.6 / 1.5 – (Authenticated) Persistent Cross-Site Scripting	webapps	php	B0UG
2018-04-30	Apple macOS 10.13.2 – Double mach_port_deallocate in kextd due to Failure to Comply with MIG Ownership Rules	dos	macos	Google Security Research
2018-04-30	Nagios XI 5.2.6 < 5.2.9 / 5.3 / 5.4 - Chained Remote Root	webapps	php	Jared Arave
2018-04-30	WordPress Plugin Form Maker 1.12.20 – CSV Injection	webapps	php	Sairam Jetty
2018-04-30	Navicat < 12.0.27 - Oracle Connection Overflow	dos	windows	Kevin McGuigan
2018-04-30	Linux Kernel < 4.17-rc1 - 'AF_LLC' Double Free	dos	linux	SecuriTeam
2018-04-30	Apple macOS/iOS – ReportCrash mach port Replacement due to Failure to Respect MIG Ownership Rules	dos	multiple	Google Security Research
2018-04-30	Drupal < 7.58 - 'Drupalgeddon3' (Authenticated) Remote Code (Metasploit)	webapps	php	SixP4ck3r
2018-04-26	TP-Link Technologies TL-WA850RE Wi-Fi Range Extender – Remote Reboot	webapps	hardware	Wadeek
2018-04-26	MyBB Threads to Link Plugin 1.3 – Cross-Site Scripting	webapps	php	0xB9
2018-04-26	GitList 0.6 – Remote Code Execution	webapps	php	Kacper Szurek
2018-04-26	Allok AVI to DVD SVCD VCD Converter 4.0.1217 – Buffer Overflow (SEH)	local	windows	T3jv1l
2018-04-26	October CMS User Plugin 1.4.5 – Persistent Cross-Site Scripting	webapps	php	0xB9
2018-04-26	Frog CMS 0.9.5 – Persistent Cross-Site Scripting	webapps	php	Wenming Jiang
2018-04-26	SickRage < v2018.03.09 - Clear-Text Credentials HTTP Response	webapps	linux	Sven Fassbender
2018-04-26	Jfrog Artifactory < 4.16 - Arbitrary File Upload / Remote Command Execution	webapps	linux	Alessio Sergi
2018-04-26	WordPress Plugin WP with Spritz 1.0 – Remote File Inclusion	webapps	php	Wadeek
2018-04-25	Shopy Point of Sale 1.0 – CSV Injection	webapps	php	8bitsec
2018-04-25	Chrome V8 JIT – ‘AwaitedPromise’ Update Bug	dos	multiple	Google Security Research
2018-04-25	HRSALE The Ultimate HRM 1.0.2 – Local File Inclusion	webapps	php	8bitsec
2018-04-25	HRSALE The Ultimate HRM 1.0.2 – (Authenticated) Cross-Site Scripting	webapps	php	8bitsec