Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24745Exploits
日期 标题 类型 平台 作者
2018-02-16

Joomla! Component Advertisement Board 3.1.0 – ‘catname’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-02-16

    Joomla! Component Saxum Picker 3.2.10 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-02-16

    Joomla! Component JS Jobs 1.1.9 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-02-16

    Joomla! Component Kubik-Rubik Simple Image Gallery Extended (SIGE) 3.2.3 – Cross-Site Scripting
  • webapps
  • php
    		• Alwin Peppels
    2018-02-16

    Joomla! Component SquadManagement 1.0.3 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-02-16

    Joomla! Component JS Autoz 1.0.9 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-02-16

    Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module < 4.25 - Denial of Service
  • dos
  • hardware
    		• M. Can Kurnaz
    2018-02-16

    Joomla! Component Saxum Numerology 3.0.4 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-02-16

    Joomla! Component JquickContact 1.3.2.2.1 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-02-16

    Twig < 2.4.4 - Server Side Template Injection
  • webapps
  • php
    		• JameelNabbo
    2018-02-16

    Joomla! Component Saxum Astro 4.0.14 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-02-16

    Joomla! Component JomEstate PRO 3.7 – ‘id’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2018-02-16

    UserSpice 4.3 – Blind SQL Injection
  • webapps
  • php
    		• Dolev Farhi
    2018-02-15

    Pdfium – Pattern Shading Integer Overflows
  • dos
  • multiple
    		• Google Security Research
    2018-02-15

    Microsoft Edge Chakra JIT – ‘LdThis’ Type Confusion
  • dos
  • windows
    		• Google Security Research
    2018-02-15

    Microsoft Edge Chakra JIT – ‘NewScObjectNoCtor’ Array Type Confusion
  • dos
  • windows
    		• Google Security Research
    2018-02-15

    Microsoft Edge Chakra JIT – ‘Array.prototype.reverse’ Array Type Confusion
  • dos
  • windows
    		• Google Security Research
    2018-02-15

    Microsoft Edge Chakra JIT – Array Type Confusion via InitProto Instructions
  • dos
  • windows
    		• Google Security Research
    2018-02-15

    Microsoft Edge Chakra JIT – ImplicitCallFlags Checks Bypass
  • dos
  • windows
    		• Google Security Research
    2018-02-15

    Microsoft Edge Chakra JIT – Memory Corruption
  • dos
  • windows
    		• Google Security Research
    2018-02-15

    Microsoft Edge Chakra JIT – ‘GlobOpt::OptTagChecks’ Must Consider IsLoopPrePass Properly (2)
  • dos
  • windows
    		• Google Security Research
    2018-02-15

    Chrome V8 – ‘Runtime_RegExpReplace’ Integer Overflow
  • dos
  • multiple
    		• Google Security Research
    2018-02-15

    Pdfium – Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace
  • dos
  • multiple
    		• Google Security Research
    2018-02-14

    Tenda AC15 Router – Remote Code Execution
  • remote
  • hardware
    		• Tim Carrington
    2018-02-14

    Dell EMC Isilon OneFS – Multiple Vulnerabilities
  • webapps
  • linux
    		• Core Security
    2018-02-14

    userSpice 4.3 – Cross-Site Scripting
  • webapps
  • php
    		• Dolev Farhi
    2018-02-14

    SOA School Management – ‘access_login’ SQL Injection
  • webapps
  • php
    		• L0RD
    2018-02-14

    Social Oauth Login PHP – Authentication Bypass
  • webapps
  • php
    		• L0RD
    2018-02-14

    GNU binutils 2.26.1 – Integer Overflow (PoC)
  • dos
  • windows
    		• r4xis
    2018-02-14

    NAT32 2.2 Build 22284 – Cross-Site Request Forgery
  • webapps
  • windows
    		• hyp3rlinx
    2018-02-14

    NAT32 2.2 Build 22284 – Remote Command Execution
  • webapps
  • windows
    		• hyp3rlinx
    2018-02-13

    Flash ActiveX 18.0.0.194 – Code Execution
  • local
  • windows
    		• smgorelik
    2018-02-13

    Advantech WebAccess 8.3.0 – Remote Code Execution
  • remote
  • windows
    		• Nassim Asrir
    2018-02-13

    News Website Script 2.0.4 – ‘search’ SQL Injection
  • webapps
  • php
    		• Varun Bagaria
    2018-02-13

    TypeSetter CMS 5.1 – Cross-Site Request Forgery
  • webapps
  • php
    		• Navina Asrani
    2018-02-13

    TypeSetter CMS 5.1 – ‘Host’ Header Injection
  • webapps
  • php
    		• Navina Asrani
    2018-02-13

    CloudMe Sync < 1.11.0 - Buffer Overflow
  • remote
  • windows
    		• hyp3rlinx
    2018-02-12

    glibc – ‘LD_AUDIT’ Arbitrary DSO Load Privilege Escalation (Metasploit)
  • local
  • linux
    		• Metasploit
    2018-02-12

    glibc – ‘$ORIGIN’ Expansion Privilege Escalation (Metasploit)
  • local
  • linux
    		• Metasploit
    2018-02-12

    Juju-run Agent – Privilege Escalation (Metasploit)
  • local
  • linux
    		• Metasploit
    2018-02-12

    LogicalDOC Enterprise 7.7.4 – Root Remote Code Execution
  • webapps
  • java
    		• LiquidWorm
    2018-02-12

    LogicalDOC Enterprise 7.7.4 – User Enumeration
  • webapps
  • java
    		• LiquidWorm
    2018-02-12

    LogicalDOC Enterprise 7.7.4 – Directory Traversal
  • webapps
  • java
    		• LiquidWorm
    2018-02-11

    Readymade Video Sharing Script 3.2 – ‘search’ SQL Injection
  • webapps
  • php
    		• Varun Bagaria
    2018-02-11

    Paypal Clone Script 1.0.9 – ‘id’ / ‘acctype’ SQL Injection
  • webapps
  • php
    		• L0RD
    2018-02-10

    LibreOffice < 6.0.1 - '=WEBSERVICE' Remote Arbitrary File Disclosure
  • remote
  • linux
    		• Mikhail Klementev
    2018-02-10

    Multi Language Olx Clone Script – Cross-Site Scripting
  • webapps
  • php
    		• Varun Bagaria
    2018-02-10

    Naukri Clone Script 3.0.3 – ‘indus’ SQL Injection
  • webapps
  • php
    		• L0RD
    2018-02-09

    macOS Kernel – Use-After-Free Due to Lack of Locking in ‘AppleEmbeddedOSSupportHostClient::registerNotificationPort’
  • dos
  • macos
    		• Google Security Research
    2018-02-07

    Adobe Coldfusion 11.0.03.292866 – BlazeDS Java Object Deserialization Remote Code Execution
  • remote
  • windows
    		• Faisal Tameesh