Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2018-02-16

JBoss Remoting 6.14.18 – Denial of Service
  • dos
  • multiple
    		• Frank Spierings
    2018-02-16

    Joomla! Component Timetable Responsive Schedule For Joomla! 1.5 – ‘alias’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-02-16

    Joomla! Component InviteX 3.0.5 – ‘invite_type’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-02-16

    EPIC MyChart – X-Path Injection
  • webapps
  • asp
    		• Shayan S
    2018-02-16

    Joomla! Component Staff Master 1.0 RC 1 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-02-16

    Joomla! Component Google Map Landkarten 4.2.3 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-02-16

    ABRT – ‘raceabrt’ Privilege Escalation (Metasploit)
  • local
  • linux
    		• Metasploit
    2018-02-16

    Joomla! Component Solidres 2.5.1 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-02-16

    Joomla! Component Gallery WD 1.3.6 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-02-16

    Microsoft Edge – ‘UnmapViewOfFile’ ACG Bypass
  • dos
  • windows
    		• Google Security Research
    2018-02-16

    Joomla! Component Smart Shoutbox 3.0.0 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-02-16

    Joomla! Component Form Maker 3.6.12 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-02-15

    Pdfium – Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace
  • dos
  • multiple
    		• Google Security Research
    2018-02-15

    Pdfium – Pattern Shading Integer Overflows
  • dos
  • multiple
    		• Google Security Research
    2018-02-15

    Microsoft Edge Chakra JIT – ‘LdThis’ Type Confusion
  • dos
  • windows
    		• Google Security Research
    2018-02-15

    Microsoft Edge Chakra JIT – ‘NewScObjectNoCtor’ Array Type Confusion
  • dos
  • windows
    		• Google Security Research
    2018-02-15

    Microsoft Edge Chakra JIT – ‘Array.prototype.reverse’ Array Type Confusion
  • dos
  • windows
    		• Google Security Research
    2018-02-15

    Microsoft Edge Chakra JIT – Array Type Confusion via InitProto Instructions
  • dos
  • windows
    		• Google Security Research
    2018-02-15

    Microsoft Edge Chakra JIT – ImplicitCallFlags Checks Bypass
  • dos
  • windows
    		• Google Security Research
    2018-02-15

    Microsoft Edge Chakra JIT – Memory Corruption
  • dos
  • windows
    		• Google Security Research
    2018-02-15

    Microsoft Edge Chakra JIT – ‘GlobOpt::OptTagChecks’ Must Consider IsLoopPrePass Properly (2)
  • dos
  • windows
    		• Google Security Research
    2018-02-15

    Chrome V8 – ‘Runtime_RegExpReplace’ Integer Overflow
  • dos
  • multiple
    		• Google Security Research
    2018-02-14

    NAT32 2.2 Build 22284 – Remote Command Execution
  • webapps
  • windows
    		• hyp3rlinx
    2018-02-14

    Tenda AC15 Router – Remote Code Execution
  • remote
  • hardware
    		• Tim Carrington
    2018-02-14

    Dell EMC Isilon OneFS – Multiple Vulnerabilities
  • webapps
  • linux
    		• Core Security
    2018-02-14

    userSpice 4.3 – Cross-Site Scripting
  • webapps
  • php
    		• Dolev Farhi
    2018-02-14

    SOA School Management – ‘access_login’ SQL Injection
  • webapps
  • php
    		• L0RD
    2018-02-14

    Social Oauth Login PHP – Authentication Bypass
  • webapps
  • php
    		• L0RD
    2018-02-14

    GNU binutils 2.26.1 – Integer Overflow (PoC)
  • dos
  • windows
    		• r4xis
    2018-02-14

    NAT32 2.2 Build 22284 – Cross-Site Request Forgery
  • webapps
  • windows
    		• hyp3rlinx
    2018-02-13

    Advantech WebAccess 8.3.0 – Remote Code Execution
  • remote
  • windows
    		• Nassim Asrir
    2018-02-13

    News Website Script 2.0.4 – ‘search’ SQL Injection
  • webapps
  • php
    		• Varun Bagaria
    2018-02-13

    TypeSetter CMS 5.1 – Cross-Site Request Forgery
  • webapps
  • php
    		• Navina Asrani
    2018-02-13

    Flash ActiveX 18.0.0.194 – Code Execution
  • local
  • windows
    		• smgorelik
    2018-02-13

    TypeSetter CMS 5.1 – ‘Host’ Header Injection
  • webapps
  • php
    		• Navina Asrani
    2018-02-13

    CloudMe Sync < 1.11.0 - Buffer Overflow
  • remote
  • windows
    		• hyp3rlinx
    2018-02-12

    glibc – ‘LD_AUDIT’ Arbitrary DSO Load Privilege Escalation (Metasploit)
  • local
  • linux
    		• Metasploit
    2018-02-12

    glibc – ‘$ORIGIN’ Expansion Privilege Escalation (Metasploit)
  • local
  • linux
    		• Metasploit
    2018-02-12

    Juju-run Agent – Privilege Escalation (Metasploit)
  • local
  • linux
    		• Metasploit
    2018-02-12

    LogicalDOC Enterprise 7.7.4 – Root Remote Code Execution
  • webapps
  • java
    		• LiquidWorm
    2018-02-12

    LogicalDOC Enterprise 7.7.4 – User Enumeration
  • webapps
  • java
    		• LiquidWorm
    2018-02-12

    LogicalDOC Enterprise 7.7.4 – Directory Traversal
  • webapps
  • java
    		• LiquidWorm
    2018-02-11

    Readymade Video Sharing Script 3.2 – ‘search’ SQL Injection
  • webapps
  • php
    		• Varun Bagaria
    2018-02-11

    Paypal Clone Script 1.0.9 – ‘id’ / ‘acctype’ SQL Injection
  • webapps
  • php
    		• L0RD
    2018-02-10

    Naukri Clone Script 3.0.3 – ‘indus’ SQL Injection
  • webapps
  • php
    		• L0RD
    2018-02-10

    LibreOffice < 6.0.1 - '=WEBSERVICE' Remote Arbitrary File Disclosure
  • remote
  • linux
    		• Mikhail Klementev
    2018-02-10

    Multi Language Olx Clone Script – Cross-Site Scripting
  • webapps
  • php
    		• Varun Bagaria
    2018-02-09

    macOS Kernel – Use-After-Free Due to Lack of Locking in ‘AppleEmbeddedOSSupportHostClient::registerNotificationPort’
  • dos
  • macos
    		• Google Security Research
    2018-02-07

    MalwareFox AntiMalware 2.74.0.150 – Privilege Escalation
  • local
  • windows
    		• Souhail Hammou
    2018-02-07

    Cisco ASA – Crash (PoC)
  • dos
  • hardware
    		• Sean Dillon