Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2017-09-25	Disk Pulse Enterprise 10.0.12 – GET Buffer Overflow (SEH)	remote	windows	sickness
2017-09-24	HBGK DVR 3.0.0 build20161206 – Authentication Bypass	webapps	hardware	RAT - ThiefKing
2017-09-23	CyberLink LabelPrint < 2.5 - Local Buffer Overflow (SEH Unicode)	local	windows	f3ci
2017-09-22	PHP Auction Ecommerce Script 1.6 – SQL Injection	webapps	php	8bitsec
2017-09-22	Secure E-commerce Script 1.02 – ‘sid’ SQL Injection	webapps	php	8bitsec
2017-09-22	Claydip Airbnb Clone 1.0 – Arbitrary File Upload	webapps	php	Ihsan Sencan
2017-09-22	Cash Back Comparison Script 1.0 – SQL Injection	webapps	php	Ihsan Sencan
2017-09-22	Multi Level Marketing – SQL Injection	webapps	php	Ihsan Sencan
2017-09-22	Lending And Borrowing – ‘pid’ SQL Injection	webapps	php	Ihsan Sencan
2017-09-22	Stock Photo Selling 1.0 – SQL Injection	webapps	php	Ihsan Sencan
2017-09-22	JitBit HelpDesk < 9.0.2 - Authentication Bypass	webapps	asp	Kc57
2017-09-21	ERS Data System 1.8.1 – Java Deserialization	remote	windows	West Shepherd
2017-09-21	Disk Pulse Enterprise 9.9.16 – GET Buffer Overflow (Metasploit)	remote	windows	Metasploit
2017-09-21	Microsoft Edge Chakra – ‘JavascriptFunction::ReparseAsmJsModule’ Incorrectly Re-parses	dos	windows	Google Security Research
2017-09-21	Microsoft Edge Chakra – ‘Parser::ParseCatch’ Does Not Handle ‘eval()’ (Denial of Service)	dos	windows	Google Security Research
2017-09-21	Microsoft Edge Chakra – Deferred Parsing Makes Wrong Scopes	dos	windows	Google Security Research
2017-09-21	Microsoft Edge – Chakra Incorrectly Parses Object Patterns	dos	windows	Google Security Research
2017-09-21	Linux Kernel < 4.13.1 - BlueTooth Buffer Overflow (PoC)	dos	linux	Marcin Kozlowski
2017-09-21	PHPMyFAQ 2.9.8 – Cross-Site Scripting (1)	webapps	php	Ishaq Mohammed
2017-09-20	Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution (1)	webapps	windows	xxlegend
2017-09-20	Android Bluetooth – ‘Blueborne’ Information Leak (2)	remote	android	Kert Ojasoo
2017-09-19	Microsoft Edge 38.14393.1066.0 – Memory Corruption with Partial Page Loading	dos	windows	Google Security Research
2017-09-19	HPE < 7.2 - Java Deserialization	remote	java	Raphael Kuhn
2017-09-19	DenyAll WAF < 6.3.0 - Remote Code Execution (Metasploit)	webapps	linux	Mehmet Ince
2017-09-19	Microsoft Edge 38.14393.1066.0 – ‘COptionsCollectionCacheItem::GetAt’ Out-of-Bounds Read	dos	windows	Google Security Research
2017-09-18	Microsoft Windows Kernel – ‘win32k!NtGdiGetGlyphOutline’ Pool Memory Disclosure	dos	windows	Google Security Research
2017-09-18	iBall ADSL2+ Home Router – Authentication Bypass	webapps	hardware	Gem George
2017-09-18	DigiAffiliate 1.4 – Cross-Site Request Forgery (Update Admin)	webapps	asp	Ihsan Sencan
2017-09-18	Digileave 1.2 – Cross-Site Request Forgery (Update Admin)	webapps	asp	Ihsan Sencan
2017-09-18	Digirez 3.4 – Cross-Site Request Forgery (Update Admin)	webapps	asp	Ihsan Sencan
2017-09-18	Microsoft Windows Kernel – ‘win32k!NtQueryCompositionSurfaceBinding’ Stack Memory Disclosure	dos	windows	Google Security Research
2017-09-18	Microsoft Windows Kernel – ‘win32k!NtGdiDoBanding’ Stack Memory Disclosure	dos	windows	Google Security Research
2017-09-18	Microsoft Windows Kernel – ‘win32k!NtGdiEngCreatePalette’ Stack Memory Disclosure	dos	windows	Google Security Research
2017-09-18	Microsoft Windows Kernel – ‘win32k!NtGdiGetFontResourceInfoInternalW’ Stack Memory Disclosure	dos	windows	Google Security Research
2017-09-18	Microsoft Windows Kernel – ‘win32k.sys’ ‘.TTF’ Font Processing Out-of-Bounds Read with Malformed ‘glyf’ Table ‘win32k!fsc_CalcGrayRow’ (Denial of Service)	dos	windows	Google Security Research
2017-09-18	Apache < 2.2.34 / < 2.4.27 - OPTIONS Memory Leak	webapps	linux	Hanno Bock
2017-09-18	Microsoft Windows Kernel – ‘win32k.sys’ ‘.TTF’ Font Processing Out-of-Bounds Reads/Writes with Malformed ‘fpgm’ table ‘win32k!bGeneratePath’ (Denial of Service)	dos	windows	Google Security Research
2017-09-18	Microsoft Windows Kernel – ‘nt!NtSetIoCompletion / nt!NtRemoveIoCompletion’ Pool Memory Disclosure	dos	windows	Google Security Research
2017-09-18	Microsoft Windows Kernel – ‘win32k!NtGdiGetPhysicalMonitorDescription’ Stack Memory Disclosure	dos	windows	Google Security Research
2017-09-16	Netdecision 5.8.2 – Local Privilege Escalation	local	windows	Peter Baris
2017-09-16	WordPress Plugin Content Timeline – SQL Injection	webapps	php	Jeroen - IT Nerdbox
2017-09-15	UTStar WA3002G4 ADSL Broadband Modem – Authentication Bypass	webapps	hardware	Gem George
2017-09-15	iTech Gigs Script 1.20 – ‘cat’ SQL Injection	webapps	php	8bitsec
2017-09-15	Contact Manager 1.0 – ‘femail’ SQL Injection	webapps	php	Ihsan Sencan
2017-09-15	PTCEvolution 5.50 – SQL Injection	webapps	php	Ihsan Sencan
2017-09-14	Cloudview NMS 2.00b – Writable Directory Traversal Execution (Metasploit)	remote	windows	James Fitts
2017-09-14	haneWIN DNS Server 1.5.3 – Remote Buffer Overflow (Metasploit)	remote	windows	James Fitts
2017-09-14	Lockstep Backup for Workgroups 4.0.3 – Remote Buffer Overflow (Metasploit)	remote	windows	James Fitts
2017-09-14	EMC AlphaStor Device Manager – Opcode 0x72 Buffer Overflow (Metasploit)	remote	windows	James Fitts
2017-09-14	EMC AlphaStor Library Manager < 4.0 build 910 - Opcode 0x4f Buffer Overflow (Metasploit)	remote	windows	James Fitts