Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2017-10-12

Dreambox Plugin BouquetEditor – Cross-Site Scripting
  • webapps
  • hardware
    		• Thiago Sena
    2017-10-12

    E-Sic Software livre CMS – Cross Site Scripting
  • webapps
  • php
    		• Elber Tavares
    2017-10-12

    E-Sic Software livre CMS – ‘f’ SQL Injection
  • webapps
  • php
    		• Elber Tavares
    2017-10-12

    E-Sic Software livre CMS – ‘cpfcnpj’ SQL Injection
  • webapps
  • php
    		• Elber Tavares
    2017-10-12

    E-Sic Software livre CMS – Autentication Bypass
  • webapps
  • php
    		• Elber Tavares
    2017-10-12

    E-Sic Software livre CMS – ‘q’ SQL Injection
  • webapps
  • php
    		• Guilherme Assmann
    2017-10-12

    OctoberCMS 1.0.425 (Build 425) – Cross-Site Scripting
  • webapps
  • php
    		• Ishaq Mohammed
    2017-10-12

    TP-Link TL-MR3220 – Cross-Site Scripting
  • webapps
  • hardware
    		• Thiago Sena
    2017-10-11

    Trend Micro Data Loss Prevention Virtual Appliance 5.2 – Path Traversal
  • webapps
  • linux
    		• Leonardo Duarte
    2017-10-11

    ASX to MP3 3.1.3.7 – ‘.m3u’ Local Buffer Overflow
  • local
  • windows
    		• Parichay Rai
    2017-10-11

    Trend Micro InterScan Messaging Security (Virtual Appliance) – ‘Proxy.php’ Remote Code Execution (Metasploit)
  • webapps
  • php
    		• Mehmet Ince
    2017-10-11

    Trend Micro OfficeScan 11.0/XG (12.0) – Remote Code Execution (Metasploit)
  • webapps
  • php
    		• Mehmet Ince
    2017-10-10

    Complain Management System – Hard-Coded Credentials / Blind SQL injection
  • webapps
  • php
    		• havysec
    2017-10-10

    binutils 2.29.51.20170921 – ‘read_1_byte’ Heap Buffer Overflow
  • dos
  • linux
    		• Agostino Sarubbo
    2017-10-09

    ClipShare 7.0 – SQL Injection
  • webapps
  • php
    		• 8bitsec
    2017-10-09

    Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution (2)
  • webapps
  • jsp
    		• intx0x80
    2017-10-09

    OrientDB 2.2.2 < 2.2.22 - Remote Code Execution (Metasploit)
  • remote
  • multiple
    		• Metasploit
    2017-10-09

    QNAP HelpDesk < 1.1.12 - SQL Injection
  • webapps
  • php
    		• SecuriTeam
    2017-10-09

    Rancher Server – Docker Daemon Code Execution (Metasploit)
  • remote
  • linux_x86-64
    		• Metasploit
    2017-10-09

    PHP Melody 2.7.3 – Multiple Vulnerabilities
  • webapps
  • php
    		• SecuriTeam
    2017-10-09

    VX Search Enterprise 10.1.12 – Remote Buffer Overflow
  • remote
  • windows
    		• Revnic Vasile
    2017-10-08

    ASX to MP3 converter < 3.1.3.7 - '.asx' Local Stack Overflow (DEP Bypass)
  • local
  • windows
    		• Nitesh Shilpkar
    2017-10-07

    PyroBatchFTP 3.17 – Buffer Overflow (SEH)
  • dos
  • windows
    		• Kevin McGuigan
    2017-10-06

    Microsoft Windows 10 RS2 (x64) – ‘win32kfull!bFill’ Pool Overflow
  • local
  • windows_x86-64
    		• siberas
    2017-10-05

    Easy MPEG/AVI/DIVX/WMV/RM to DVD – ‘Enter User Name’ Local Buffer Overflow (SEH)
  • local
  • windows
    		• Venkat Rajgor
    2017-10-04

    WebKit JSC – ‘BytecodeGenerator::emitGetByVal’ Incorrect Optimization (2)
  • dos
  • multiple
    		• Google Security Research
    2017-10-04

    ClipBucket 2.8.3 – Remote Code Execution
  • webapps
  • php
    		• Meisam Monsef
    2017-10-03

    DiskBoss Enterprise 8.4.16 – Local Buffer Overflow
  • local
  • windows
    		• C4t0ps1s
    2017-10-03

    EPESI 1.8.2 rev20170830 – Cross-Site Scripting
  • webapps
  • php
    		• Zeeshan Shaikh
    2017-10-03

    Fiberhome AN5506-04-F – Command Injection
  • webapps
  • hardware
    		• Tauco
    2017-10-03

    Webkit (Safari) – Universal Cross-site Scripting
  • local
  • multiple
    		• Anton Lopanitsyn
    2017-10-03

    Webkit (Chome < 61) - 'MHTML' Universal Cross-site Scripting
  • local
  • multiple
    		• Anton Lopanitsyn
    2017-10-02

    UCOPIA Wireless Appliance < 5.1.8 - Local Privilege Escalation
  • local
  • linux
    		• Sysdream
    2017-10-02

    phpCollab 2.5.1 – SQL Injection
  • webapps
  • php
    		• Sysdream
    2017-10-02

    phpCollab 2.5.1 – Arbitrary File Upload
  • webapps
  • php
    		• Sysdream
    2017-10-02

    UCOPIA Wireless Appliance < 5.1 (Captive Portal) - Root Remote Code Execution
  • remote
  • linux
    		• agix
    2017-10-02

    NPM-V (Network Power Manager) 2.4.1 – Password Reset
  • webapps
  • hardware
    		• Saeed reza Zamanian
    2017-10-02

    Linux Kernel < 4.14.rc3 - Local Denial of Service
  • dos
  • linux
    		• Wang Chenyu
    2017-10-02

    Dnsmasq < 2.78 - Integer Underflow
  • dos
  • multiple
    		• Google Security Research
    2017-10-02

    Dnsmasq < 2.78 - Lack of free() Denial of Service
  • dos
  • multiple
    		• Google Security Research
    2017-10-02

    Dnsmasq < 2.78 - Information Leak
  • dos
  • multiple
    		• Google Security Research
    2017-10-02

    Dnsmasq < 2.78 - Stack Overflow
  • dos
  • multiple
    		• Google Security Research
    2017-10-02

    Dnsmasq < 2.78 - Heap Overflow
  • dos
  • multiple
    		• Google Security Research
    2017-10-02

    Dnsmasq < 2.78 - 2-byte Heap Overflow
  • dos
  • multiple
    		• Google Security Research
    2017-10-02

    OpenText Document Sciences xPression 4.5SP1 Patch 13 – ‘documentId’ SQL Injection
  • webapps
  • jsp
    		• Marcin Woloszyn
    2017-10-02

    OpenText Document Sciences xPression 4.5SP1 Patch 13 – ‘jobRunId’ SQL Injection
  • webapps
  • jsp
    		• Marcin Woloszyn
    2017-10-02

    Qmail SMTP – Bash Environment Variable Injection (Metasploit)
  • remote
  • linux
    		• Metasploit
    2017-10-02

    UCOPIA Wireless Appliance < 5.1.8 - Restricted Shell Escape
  • local
  • linux
    		• Sysdream
    2017-09-30

    Microsoft Word 2007 (x86) – Information Disclosure
  • local
  • windows_x86
    		• Eduardo Braun Prado
    2017-09-30

    Sync Breeze Enterprise 10.0.28 – Remote Buffer Overflow
  • remote
  • windows
    		• Owais Mehtab