Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2017-04-07	D-Link DWR-116 / DWR-116A1 – Arbitrary File Download	webapps	hardware	Patryk Bogdan
2017-04-07	Ladder System 6.0 – ‘faqid’ SQL Injection	webapps	php	Ihsan Sencan
2017-04-07	My Gaming Ladder Combo System 7.5 – SQL Injection	webapps	php	Ihsan Sencan
2017-04-07	Survey Template 1.1 – ‘masterkey1’ SQL Injection	webapps	php	Ihsan Sencan
2017-04-07	Adobe (Multiple Products) – XML Injection File Content Disclosure	webapps	xml	Tess Sluyter
2017-04-07	Quiz Template 1.0 – ‘testid’ SQL Injection	webapps	php	Ihsan Sencan
2017-04-07	Forum Template 1.0 – SQL Injection	webapps	php	Ihsan Sencan
2017-04-06	Moodle 2.x/3.x – SQL Injection	webapps	php	Marko Belzetski
2017-04-06	Cesanta Mongoose OS – Use-After-Free	dos	hardware	Compass Security
2017-04-05	Airbnb Crashpadder Clone Script – SQL Injection	webapps	php	Ihsan Sencan
2017-04-05	ImagePro Lazygirls Clone Script – SQL Injection	webapps	php	Ihsan Sencan
2017-04-05	Faveo Helpdesk Community 1.9.3 – Cross-Site Request Forgery	webapps	php	rungga_reksya
2017-04-05	SpiceWorks 7.5 TFTP – Remote File Overwrite / Upload	remote	windows	hyp3rlinx
2017-04-05	HelpDEZK 1.1.1 – Cross-Site Request Forgery / Code Execution	webapps	php	rungga_reksya
2017-04-05	D-Link DIR-615 – Cross-Site Request Forgery	webapps	hardware	Pratik S. Shah
2017-04-05	Appointment Script – SQL Injection	webapps	php	Ihsan Sencan
2017-04-05	Sweepstakes Pro Software – SQL Injection	webapps	php	Ihsan Sencan
2017-04-05	Premium Penny Auction Script – SQL Injection	webapps	php	Ihsan Sencan
2017-04-04	Apple Webkit – ‘JSCallbackData’ Universal Cross-Site Scripting	webapps	multiple	Google Security Research
2017-04-04	Apple WebKit 10.0.2(12602.3.12.0.1) – ‘Frame::setDocument (1)’ Universal Cross-Site Scripting	webapps	multiple	Google Security Research
2017-04-04	Apache Tomcat 6/7/8/9 – Information Disclosure	remote	multiple	justpentest
2017-04-04	Apple WebKit – ‘WebCore::toJS’ Use-After-Free	dos	multiple	Google Security Research
2017-04-04	Apple macOS Kernel 10.12.2 (16C67) – Memory Disclosure Due to Lack of Bounds Checking in AppleIntelCapriController::getDisplayPipeCapability	dos	macos	Google Security Research
2017-04-04	Apple WebKit – ‘table’ Use-After-Free	dos	multiple	Google Security Research
2017-04-04	Apple macOS Kernel 10.12.3 (16D32) – ‘audit_pipe_open’ Off-by-One Memory Corruption	dos	macos	Google Security Research
2017-04-04	Apple WebKit – ‘ComposedTreeIterator::traverseNextInShadowTree’ Use-After-Free	dos	multiple	Google Security Research
2017-04-04	Apple macOS/iOS Kernel 10.12.3 (16D32) – ‘bpf’ Heap Overflow	dos	multiple	Google Security Research
2017-04-04	Apple WebKit – ‘FormSubmission::create’ Use-After-Free	dos	multiple	Google Security Research
2017-04-04	Apple WebKit – Negative-Size memmove in HTMLFormElement	dos	multiple	Google Security Research
2017-04-04	Apple macOS/iOS Kernel 10.12.3 (16D32) – Bad Locking in necp_open Use-After-Free	dos	multiple	Google Security Research
2017-04-04	Apple WebKit – ‘RenderLayer’ Use-After-Free	dos	multiple	Google Security Research
2017-04-04	Apple macOS/iOS Kernel 10.12.3 (16D32) – SIOCGIFORDER Socket ioctl Off-by-One Memory Corruption	dos	multiple	Google Security Research
2017-04-04	Broadcom Wi-Fi SoC – ‘dhd_handle_swc_evt’ Heap Overflow	remote	hardware	Google Security Research
2017-04-04	Apple macOS/iOS Kernel 10.12.3 (16D32) – SIOCSIFORDER Socket ioctl Memory Corruption Due to Bad Bounds Checking	dos	multiple	Google Security Research
2017-04-04	Apple WebKit 10.0.2 – HTMLInputElement Use-After-Free	dos	multiple	Google Security Research
2017-04-04	Apple macOS Kernel 10.12.3 (16D32) – Use-After-Free Due to Double-Release in posix_spawn	dos	macos	Google Security Research
2017-04-04	Broadcom Wi-Fi SoC – Heap Overflow ‘wlc_tdls_cal_mic_chk’ Due to Large RSN IE in TDLS Setup Confirm Frame	dos	hardware	Google Security Research
2017-04-04	Apple macOS Kernel 10.12.2 (16C67) – ‘AppleIntelCapriController::GetLinkConfig’ Code Execution Due to Lack of Bounds Checking	dos	macos	Google Security Research
2017-04-04	Broadcom Wi-Fi SoC – TDLS Teardown Request Remote Heap Overflow	remote	hardware	Google Security Research
2017-04-04	Maian Greetings 2.1 – ‘cat’ SQL Injection	webapps	php	Ihsan Sencan
2017-04-04	Apple macOS/iOS Kernel 10.12.3 (16D32) – Double-Free Due to Bad Locking in fsevents Device	local	multiple	Google Security Research
2017-04-04	Maian Survey 1.1 – ‘survey’ SQL Injection	webapps	php	Ihsan Sencan
2017-04-04	Apple WebKit 10.0.2 (12602.3.12.0.1, r210800) – ‘constructJSReadableStreamDefaultReader’ Type Confusion	webapps	multiple	Google Security Research
2017-04-04	Maian Uploader 4.0 – ‘user’ SQL Injection	webapps	php	Ihsan Sencan
2017-04-04	Apple WebKit 10.0.2 (12602.3.12.0.1) – ‘disconnectSubframes’ Universal Cross-Site Scripting	webapps	multiple	Google Security Research
2017-04-04	Apple Webkit – Universal Cross-Site Scripting by Accessing a Named Property from an Unloaded Window	webapps	multiple	Google Security Research
2017-04-03	GeoMoose < 2.9.2 - Directory Traversal	webapps	php	Sander Ferdinand
2017-04-03	Moxa AWK-3131A 1.4 < 1.7 - 'Username' OS Command Injection	remote	hardware	Talos
2017-04-03	Bluecoat ASG 6.6/CAS 1.3 – Local Privilege Escalation (Metasploit)	local	linux	Chris Hebert
2017-04-03	Bluecoat ASG 6.6/CAS 1.3 – OS Command Injection (Metasploit)	remote	linux	Chris Hebert