Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2018-01-23

Affiligator 2.1.0 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-01-23

    LiveCRM SaaS Cloud 1.0 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-01-23

    NEC Univerge SV9100/SV8100 WebPro 10.0 – Configuration Download
  • webapps
  • multiple
    		• LiquidWorm
    2018-01-23

    HP Connected Backup 8.6/8.8.6 – Local Privilege Escalation
  • local
  • windows
    		• Peter Lapp
    2018-01-23

    RAVPower 2.000.056 – Memory Disclosure
  • dos
  • hardware
    		• Daniele Linguaglossa
    2018-01-23

    CentOS Web Panel 0.9.8.12 – ‘row_id’ / ‘domain’ SQL Injection
  • webapps
  • php
    		• Vulnerability-Lab
    2018-01-23

    MixPad 5.00 – Buffer Overflow
  • dos
  • windows
    		• bzyo
    2018-01-23

    Flexible Poll 1.2 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-01-22

    Herospeed – ‘TelnetSwitch’ Remote Stack Overflow / Overwrite Password / Enable TelnetD
  • remote
  • hardware
    		• bashis
    2018-01-22

    AsusWRT Router < 3.0.0.4.380.7743 - LAN Remote Code Execution
  • remote
  • hardware
    		• Pedro Ribeiro
    2018-01-21

    CentOS Web Panel 0.9.8.12 – Multiple Vulnerabilities
  • webapps
  • php
    		• Vulnerability-Lab
    2018-01-21

    Shopware 5.2.5/5.3 – Cross-Site Scripting
  • webapps
  • json
    		• Vulnerability-Lab
    2018-01-21

    Oracle JDeveloper 11.1.x/12.x – Directory Traversal
  • webapps
  • java
    		• hyp3rlinx
    2018-01-21

    OTRS 5.0.x/6.0.x – Remote Command Execution (1)
  • webapps
  • perl
    		• Bæln0rn
    2018-01-21

    PHPFreeChat 1.7 – Denial of Service
  • dos
  • php
    		• A. Pakbaz
    2018-01-19

    macOS 10.13 (17A365) – Kernel Memory Disclosure due to Lack of Bounds Checking in ‘AppleIntelCapriController::getDisplayPipeCapability’
  • dos
  • macos
    		• Google Security Research
    2018-01-18

    GitStack 2.3.10 – Remote Code Execution
  • webapps
  • php
    		• Kacper Szurek
    2018-01-18

    Smiths Medical Medfusion 4000 – ‘DHCP’ Denial of Service
  • dos
  • hardware
    		• Scott Gayou
    2018-01-18

    Primefaces 5.x – Remote Code Execution (Metasploit)
  • webapps
  • java
    		• Bjoern Schuette
    2018-01-17

    Master IP CAM 01 – Multiple Vulnerabilities
  • remote
  • hardware
    		• Raffaele Sabato
    2018-01-17

    SugarCRM 3.5.1 – Cross-Site Scripting
  • webapps
  • php
    		• Guilherme Assmann
    2018-01-17

    Belkin N600DB Wireless Router – Multiple Vulnerabilities
  • webapps
  • hardware
    		• Wadeek
    2018-01-17

    D-Link DSL-2640R – DNS Change
  • webapps
  • hardware
    		• Todor Donev
    2018-01-17

    Reservo Image Hosting Script 1.5 – Cross-Site Scripting
  • webapps
  • php
    		• Dennis Veninga
    2018-01-17

    Zomato Clone Script – Arbitrary File Upload
  • webapps
  • php
    		• Tauco
    2018-01-17

    Microsoft Edge Chakra JIT – Stack-to-Heap Copy
  • dos
  • windows
    		• Google Security Research
    2018-01-17

    Microsoft Edge Chakra – ‘AsmJSByteCodeGenerator::EmitCall’ Out-of-Bounds Read
  • dos
  • windows
    		• Google Security Research
    2018-01-17

    Microsoft Edge Chakra JIT – Out-of-Bounds Write
  • dos
  • windows
    		• Google Security Research
    2018-01-17

    Microsoft Edge Chakra – Deferred Parsing Makes Wrong Scopes (2)
  • dos
  • windows
    		• Google Security Research
    2018-01-17

    Microsoft Edge Chakra – Incorrect Scope Handling
  • dos
  • windows
    		• Google Security Research
    2018-01-17

    Microsoft Edge Chakra – ‘JavascriptGeneratorFunction::GetPropertyBuiltIns’ Type Confusion
  • dos
  • windows
    		• Google Security Research
    2018-01-17

    Microsoft Edge Chakra JIT – Incorrect Bounds Calculation
  • dos
  • windows
    		• Google Security Research
    2018-01-16

    glibc < 2.26 - 'getcwd()' Local Privilege Escalation
  • local
  • linux
    		• halfdog
    2018-01-15

    PerfexCRM 1.9.7 – Arbitrary File Upload
  • webapps
  • php
    		• Ahmad Mahfouz
    2018-01-15

    Disk Pulse Enterprise 10.1.18 – Remote Buffer Overflow
  • remote
  • windows
    		• Ahmad Mahfouz
    2018-01-15

    SysGauge Server 3.6.18 – Remote Buffer Overflow
  • remote
  • windows
    		• Ahmad Mahfouz
    2018-01-15

    DarkComet (C2 Server) – File Upload
  • webapps
  • multiple
    		• Pseudo Laboratories
    2018-01-15

    Domains & Hostings Manager PRO 3.0 – Authentication Bypass
  • webapps
  • php
    		• Tauco
    2018-01-15

    D-Link DNS-325 ShareCenter < 1.05B03 - Multiple Vulnerabilities
  • webapps
  • php
    		• GulfTech Security
    2018-01-15

    ImgHosting 1.5 – Cross-Site Scripting
  • webapps
  • php
    		• Dennis Veninga
    2018-01-15

    D-Link DNS-343 ShareCenter < 1.05 - Command Injection
  • webapps
  • php
    		• GulfTech Security
    2018-01-15

    pfSense < 2.1.4 - 'status_rrd_graph_img.php' Command Injection
  • webapps
  • php
    		• absolomb
    2018-01-15

    Synology Photo Station 6.8.2-3461 – ‘SYNOPHOTO_Flickr_MultiUpload’ Race Condition File Write Remote Code Execution
  • remote
  • hardware
    		• mr_me
    2018-01-15

    Flash Operator Panel 2.31.03 – Command Execution
  • webapps
  • php
    		• Vulnerability-Lab
    2018-01-15

    OBS Studio 20.1.3 – Local Buffer Overflow
  • dos
  • windows
    		• ScrR1pTK1dd13
    2018-01-15

    ILIAS < 5.2.4 - Cross-Site Scripting
  • webapps
  • php
    		• Florian Kunushevci
    2018-01-15

    Oracle PeopleSoft 8.5x – Remote Code Execution
  • webapps
  • java
    		• Vahagn Vardanyan
    2018-01-15

    Adminer 4.3.1 – Server-Side Request Forgery
  • webapps
  • php
    		• hyp3rlinx
    2018-01-15

    Oracle E-Business Suite 12.1.3/12.2.x – Open Redirect
  • webapps
  • jsp
    		• Andrew Gill
    2018-01-15

    GitStack – Remote Code Execution
  • webapps
  • php
    		• SecuriTeam