Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2017-10-23	FS Car Rental Script – ‘pickup_location’ SQL Injection	webapps	php	8bitsec
2017-10-23	Mikogo 5.4.1.160608 – Local Credentials Disclosure	local	windows	LiquidWorm
2017-10-23	Polycom – Command Shell Authorization Bypass (Metasploit)	remote	unix	Metasploit
2017-10-23	Unitrends UEB 9 – bpserverd Authentication Bypass Remote Command Execution (Metasploit)	remote	linux_x86	Metasploit
2017-10-23	Unitrends UEB 9 – http api/storage Remote Root (Metasploit)	remote	linux_x86	Metasploit
2017-10-22	CometChat < 6.2.0 BETA 1 - Local File Inclusion	webapps	php	Paradoxis
2017-10-22	WordPress Plugin Polls 1.2.4 – SQL Injection (PoC)	remote	php	Manish Tanwar
2017-10-22	Linux Kernel 4.14.0-rc4+ – ‘waitid()’ Local Privilege Escalation	local	linux	@XeR_0x2A & @chaign_c
2017-10-21	ArGoSoft Mini Mail Server 1.0.0.2 – Denial of Service	dos	windows	Berk Cem Göksel
2017-10-21	Ayukov NFTP FTP Client < 2.0 - Remote Buffer Overflow	remote	windows	Berk Cem Göksel
2017-10-20	Sync Breeze Enterprise 10.1.16 – ‘POST’ Remote Buffer Overflow	remote	windows	mschenk
2017-10-20	Axis SSI – Remote Command Execution / Read Files	remote	multiple	bashis
2017-10-20	Mozilla Firefox < 55 - Denial of Service	dos	multiple	Amit Sangra
2017-10-19	Microsoft Game Definition File Editor 6.3.9600 – XML External Entity Injection	local	windows	hyp3rlinx
2017-10-18	Check_MK 1.2.8p25 – Information Disclosure	webapps	Python	Julien Ahrens
2017-10-18	Afian AB FileRun 2017.03.18 – Multiple Vulnerabilities	webapps	php	SEC Consult
2017-10-18	Xen – Pagetable De-typing Unbounded Recursion	dos	linux	Google Security Research
2017-10-18	Linksys E Series – Multiple Vulnerabilities	webapps	cgi	SEC Consult
2017-10-17	Microsoft Internet Explorer 11 (Windows 7 x86) – ‘mshtml.dll’ Remote Code Execution (MS17-007)	remote	windows_x86	mschenk
2017-10-17	Career Portal 1.0 – SQL Injection	webapps	php	8bitsec
2017-10-17	Linux Kernel – ‘AF_PACKET’ Use-After-Free (1)	dos	linux	SecuriTeam
2017-10-17	Linux Kernel – ‘AF_PACKET’ Use-After-Free (2)	dos	linux	SecuriTeam
2017-10-17	Apache Solr 7.0.1 – XML External Entity Expansion / Remote Code Execution	webapps	xml	Michael Stepankin & Olga Barinova
2017-10-17	Squid Analysis Report Generator 2.3.10 – Remote Code Execution	webapps	php	Pavel Suprunyuk
2017-10-17	Tomcat – Remote Code Execution via JSP Upload Bypass (Metasploit)	remote	java	Metasploit
2017-10-17	Shadowsocks – Log File Command Execution	local	linux	X41 D-Sec GmbH
2017-10-17	shadowsocks-libev 3.1.0 – Command Execution	local	linux	X41 D-Sec GmbH
2017-10-17	TP-Link WR940N – (Authenticated) Remote Code	webapps	hardware	Fidus InfoSecurity
2017-10-17	OpenText Documentum Content Server – Arbitrary File Download	webapps	multiple	Andrey B. Panfilov
2017-10-17	OpenText Documentum Content Server – ‘dmr_content’ Privilege Escalation	webapps	multiple	Andrey B. Panfilov
2017-10-17	OpenText Documentum Content Server – Arbitrary File Download Privilege Escalation	webapps	multiple	Andrey B. Panfilov
2017-10-17	OpenText Documentum Content Server – Privilege Escalation	webapps	multiple	Andrey B. Panfilov
2017-10-17	Microsoft Windows – ‘nt!NtQueryObject (ObjectNameInformation)’ Kernel Pool Memory Disclosure	dos	windows	Google Security Research
2017-10-17	Microsoft Edge Chakra JIT – ‘RegexHelper::StringReplace’ Must Call the Callback Function with Updating ImplicitCallFlags	dos	windows	Google Security Research
2017-10-17	Microsoft Edge Chakra – ‘StackScriptFunction::BoxState::Box’ Accesses to Uninitialized Pointers (Denial of Service)	dos	windows	Google Security Research
2017-10-17	Microsoft Edge Chakra JIT – Incorrect GenerateBailOut Calling Patterns	dos	windows	Google Security Research
2017-10-17	Microsoft Windows 10 – WLDP/MSHTML CLSID UMCI Bypass	dos	windows	Google Security Research
2017-10-17	WordPress Plugin Car Park Booking – SQL Injection	webapps	php	8bitsec
2017-10-17	Apple iOS 10.2 (14C92) – Remote Code Execution	remote	ios	Google Security Research
2017-10-16	Ikraus Anti Virus 2.16.7 – Remote Code Execution	remote	windows	SecuriTeam
2017-10-16	3CX Phone System 15.5.3554.1 – Directory Traversal	webapps	linux	Jens Regel
2017-10-16	Linux Kernel < 3.16.39 (Debian 8 x64) - 'inotfiy' Local Privilege Escalation	local	linux_x86-64	Jeremy Huang
2017-10-15	Webmin 1.850 – Multiple Vulnerabilities	webapps	cgi	hyp3rlinx
2017-10-14	Logitech Media Server – Cross-Site Scripting	webapps	multiple	Thiago Sena
2017-10-14	Chrome 35.0.1916.153 – Sandbox Escape / Command Execution	local	windows	649
2017-10-13	FiberHome – Directory Traversal	webapps	linux	SecuriTeam
2017-10-13	AlienVault Unified Security Management (USM) 5.4.2 – Cross-Site Request Forgery	webapps	php	Julien Ahrens
2017-10-13	phpMyFAQ 2.9.8 – Cross-Site Scripting (2)	webapps	php	Ishaq Mohammed
2017-10-13	TYPO3 Extension Restler 1.7.0 – Local File Disclosure	webapps	php	CrashBandicot
2017-10-13	Sync Breeze Enterprise 10.1.16 – Remote Buffer Overflow (SEH) (Metasploit)	remote	windows	wetw0rk