Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2017-11-09

PHP 7.1.8 – Heap Buffer Overflow
  • dos
  • multiple
    		• Wei Lei and Liu Yang
    2017-11-09

    Mako Server 2.5 – OS Command Injection Remote Command Execution (Metasploit)
  • remote
  • windows
    		• Metasploit
    2017-11-09

    Microsoft Internet Explorer 11 – ‘jscript!JsErrorToString’ Use-After-Free
  • dos
  • windows
    		• Google Security Research
    2017-11-07

    Xlight FTP Server 3.8.8.5 – Buffer Overflow (PoC)
  • dos
  • windows
    		• bzyo
    2017-11-07

    ManageEngine Applications Manager 13 – SQL Injection
  • webapps
  • windows
    		• Cody Sixteen
    2017-11-07

    pfSense 2.3.1_1 – Command Execution
  • webapps
  • php
    		• s4squatch
    2017-11-07

    Ametys CMS 4.0.2 – Password Reset
  • webapps
  • php
    		• SecuriTeam
    2017-11-06

    Linux Kernel 4.13 (Ubuntu 17.10) – ‘waitid()’ SMEP/SMAP/Chrome Sandbox Privilege Escalation
  • local
  • linux
    		• Chris Salls
    2017-11-05

    SMPlayer 17.11.0 – ‘.m3u’ Buffer Overflow (PoC)
  • dos
  • windows
    		• bzyo
    2017-11-05

    Avaya IP Office (IPO) < 10.1 - 'SoftConsole' Remote Buffer Overflow (SEH)
  • remote
  • windows
    		• hyp3rlinx
    2017-11-05

    Avaya IP Office (IPO) < 10.1 - ActiveX Buffer Overflow
  • dos
  • windows
    		• hyp3rlinx
    2017-11-04

    Actiontec C1000A Modem – Backdoor Account
  • remote
  • hardware
    		• Joseph McDonagh
    2017-11-04

    WordPress Plugin Userpro < 4.9.17.1 - Authentication Bypass
  • webapps
  • php
    		• Colette Chamberland
    2017-11-03

    Jnes 1.0.2 – Stack Buffer Overflow
  • dos
  • windows
    		• crash_manucoot
    2017-11-03

    Ipswitch WS_FTP Professional < 12.6.0.3 - Local Buffer Overflow (SEH)
  • dos
  • windows
    		• Kevin McGuigan
    2017-11-03

    Ladon Framework for Python 0.9.40 – XML External Entity Expansion
  • webapps
  • xml
    		• RedTeam Pentesting
    2017-11-03

    tnftp – ‘savefile’ Arbitrary Command Execution (Metasploit)
  • remote
  • unix
    		• Metasploit
    2017-11-03

    GraphicsMagick – Memory Disclosure / Heap Overflow
  • dos
  • multiple
    		• SecuriTeam
    2017-11-03

    WordPress Plugin JTRT Responsive Tables 4.1 – SQL Injection
  • webapps
  • php
    		• Lenon Leite
    2017-11-03

    Logitech Media Server 7.9.0 – ‘Radio URL’ Cross-Site Scripting
  • webapps
  • multiple
    		• Dewank Pant
    2017-11-03

    Logitech Media Server 7.9.0 – ‘favorites’ Cross-Site Scripting
  • webapps
  • multiple
    		• Dewank Pant
    2017-11-02

    Debut Embedded HTTPd 1.20 – Denial of Service
  • dos
  • hardware
    		• z00n
    2017-11-01

    Vir.IT eXplorer Anti-Virus 8.5.39 – ‘VIAGLT64.SYS’ Local Privilege Escalation
  • local
  • windows
    		• Parvez Anwar
    2017-11-01

    Ingenious School Management System 2.3.0 – ‘friend_index’ SQL injection
  • webapps
  • php
    		• Giulio Comi
    2017-11-01

    WhatsApp 2.17.52 – Memory Corruption
  • dos
  • ios
    		• Juan Sacco
    2017-11-01

    Cisco UCS Platform Emulator 3.1(2ePE1) – Remote Code Execution
  • remote
  • linux
    		• SecuriTeam
    2017-11-01

    OctoberCMS 1.0.426 (Build 426) – Cross-Site Request Forgery
  • webapps
  • php
    		• Zain Sabahat
    2017-10-31

    ZyXEL PK5001Z Modem – Backdoor Account
  • remote
  • hardware
    		• Matthew Sheimo
    2017-10-30

    Oracle Java SE – Web Start jnlp XML External Entity Processing Information Disclosure
  • webapps
  • xml
    		• mr_me
    2017-10-30

    SoftDatepro Dating Social Network 1.3 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    Online Exam Test Application – ‘sort’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    Ingenious 2.3.0 – Arbitrary File Upload
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    Sokial Social Network Script 1.0 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    Php Inventory – Arbitrary File Upload
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    D-Park Pro 1.0 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    tPanel 2009 – Authentication Bypass
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    Vastal I-Tech Agent Zone – ‘searchCommercial.php’ / ‘searchResidential.php’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    Adult Script Pro 2.2.4 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    Vastal I-Tech Dating Zone 0.9.9 – ‘product_id’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    Website Broker Script – ‘status_id’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    Article Directory Script 3.0 – ‘id’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    ZeeBuddy 2x – ‘groupid’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    Zomato Clone Script – ‘resid’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    News 1.0 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    iProject Management System 1.0 – ‘ID’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    Protected Links – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    WordPress Plugin Ultimate Product Catalog 4.2.24 – PHP Object Injection
  • webapps
  • php
    		• tomplixsee
    2017-10-30

    iStock Management System 1.0 – Arbitrary File Upload
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    AROX School ERP PHP Script – ‘id’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-10-30

    iTech Gigs Script 1.21 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan