Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2023-04-01

Nexxt Router Firmware 42.103.1.5095 – Remote Code Execution (RCE) (Authenticated)

  • remote
  • hardware
  • Yerodin Richards
    2023-04-01

    Centos Web Panel 7 v0.9.8.1147 – Unauthenticated Remote Code Execution (RCE)

  • webapps
  • linux
  • numan türle
    2023-04-01

    Apache 2.4.x – Buffer Overflow

  • webapps
  • multiple
  • Sunil Iyengar
    2023-04-01

    TP-Link TL-WR902AC firmware 210730 (V3) – Remote Code Execution (RCE) (Authenticated)

  • remote
  • hardware
  • Tobias Müller
    2023-04-01

    Hughes Satellite Router HX200 v8.3.1.14 – Remote File Inclusion

  • remote
  • hardware
  • LiquidWorm
    2023-04-01

    Reprise Software RLM v14.2BL4 – Cross-Site Scripting (XSS)

  • webapps
  • windows
  • Mohammed A.Siledar
    2023-04-01

    SugarCRM 12.2.0 – Remote Code Execution (RCE)

  • webapps
  • php
  • sw33t.0day
    2023-04-01

    perfSONAR v4.4.5 – Partial Blind CSRF

  • webapps
  • multiple
  • Ryan Moore
    2023-04-01

    Prizm Content Connect v10.5.1030.8315 – XXE

  • webapps
  • php
  • xhzeem
    2023-04-01

    XCMS v1.83 – Remote Command Execution (RCE)

  • webapps
  • php
  • Onurcan
    2023-04-01

    AD Manager Plus 7122 – Remote Code Execution (RCE)

  • remote
  • java
  • Chan Nyein Wai
    2023-04-01

    ELSI Smart Floor V3.3.3 – Stored Cross-Site Scripting (XSS)

  • webapps
  • aspx
  • Rob, CTRL Group
    2023-04-01

    Splashtop 8.71.12001.0 – Unquoted Service Path

  • local
  • windows
  • A.I. hernandez
    2023-04-01

    NetIQ/Microfocus Performance Endpoint v5.1 – remote root/SYSTEM exploit

  • local
  • windows
  • Neil Kettle
    2023-04-01

    GitLab v15.3 – Remote Code Execution (RCE) (Authenticated)

  • webapps
  • ruby
  • Antonio Francesco Sardella
    2023-03-31

    Spitfire CMS 1.0.475 – PHP Object Injection

  • webapps
  • php
  • LiquidWorm
    2023-03-31

    Senayan Library Management System v9.0.0 – SQL Injection

  • webapps
  • php
  • nu11secur1ty
    2023-03-31

    Textpattern 4.8.8 – Remote Code Execution (RCE) (Authenticated)

  • webapps
  • php
  • Alperen Ergel
    2023-03-31

    Bludit 3-14-1 Plugin ‘UploadPlugin’ – Remote Code Execution (RCE) (Authenticated)

  • webapps
  • php
  • Alperen Ergel
    2023-03-31

    Bangresto 1.0 – SQL Injection

  • webapps
  • php
  • nu11secur1ty
    2023-03-31

    CoolerMaster MasterPlus 1.8.5 – ‘MPService’ Unquoted Service Path

  • local
  • windows
  • Damian Semon Jr
    2023-03-31

    SOUND4 IMPACT/FIRST/PULSE/Eco v2.x – Unauthenticated Factory Reset

  • local
  • windows
  • LiquidWorm
    2023-03-31

    ProLink PRS1841 PLDT Home fiber – Default Password

  • remote
  • hardware
  • Lawrence Amer
    2023-03-31

    SOUND4 IMPACT/FIRST/PULSE/Eco v2.x – Remote Command Execution (RCE)

  • local
  • windows
  • LiquidWorm
    2023-03-31

    qubes-mirage-firewall v0.8.3 – Denial Of Service (DoS)

  • dos
  • hardware
  • Krzysztof Burghardt
    2023-03-31

    SOUND4 IMPACT/FIRST/PULSE/Eco v2.x – Directory Traversal File Write Exploit

  • local
  • windows
  • LiquidWorm
    2023-03-31

    WooCommerce v7.1.0 – Remote Code Execution(RCE)

  • webapps
  • php
  • Milad karimi
    2023-03-31

    SOUND4 IMPACT/FIRST/PULSE/Eco v2.x – Authentication Bypass

  • local
  • windows
  • LiquidWorm
    2023-03-31

    ASKEY RTF3505VW-N1 – Privilege Escalation

  • remote
  • hardware
  • Leonardo Nicolas Servalli
    2023-03-31

    SOUND4 IMPACT/FIRST/PULSE/Eco v2.x – Denial Of Service (DoS)

  • local
  • windows
  • LiquidWorm
    2023-03-31

    EQ Enterprise management system v2.2.0 – SQL Injection

  • webapps
  • asp
  • TLF
    2023-03-31

    SOUND4 IMPACT/FIRST/PULSE/Eco v2.x – Authorization Bypass (IDOR)

  • local
  • windows
  • LiquidWorm
    2023-03-31

    SOUND4 IMPACT/FIRST/PULSE/Eco v2.x – Cross-Site Request Forgery

  • local
  • windows
  • LiquidWorm
    2023-03-31

    SOUND4 Server Service 4.1.102 – Local Privilege Escalation

  • local
  • windows
  • LiquidWorm
    2023-03-31

    Cacti v1.2.22 – Remote Command Execution (RCE)

  • webapps
  • php
  • Riadh Bouchahoua
    2023-03-31

    Judging Management System v1.0 – Authentication Bypass

  • webapps
  • php
  • Angelo Pio Amirante
    2023-03-31

    Judging Management System v1.0 – Remote Code Execution (RCE)

  • webapps
  • php
  • Angelo Pio Amirante
    2023-03-31

    rconfig 3.9.7 – Sql Injection (Authenticated)

  • webapps
  • php
  • azhen
    2023-03-30

    CrowdStrike Falcon AGENT 6.44.15806 – Uninstall without Installation Token

  • local
  • windows
  • Fortunato Lodari
    2023-03-30

    Device Manager Express 7.8.20002.47752 – Remote Code Execution (RCE)

  • webapps
  • php
  • Eric Flokstra
    2023-03-30

    Concrete5 CME v9.1.3 – Xpath injection

  • webapps
  • php
  • nu11secur1ty
    2023-03-30

    Lavasoft web companion 4.1.0.409 – ‘DCIservice’ Unquoted Service Path

  • local
  • windows
  • P4p4 M4n3
    2023-03-30

    Virtual Reception v1.0 – Web Server Directory Traversal

  • webapps
  • multiple
  • Spinae
    2023-03-30

    Covenant v0.5 – Remote Code Execution (RCE)

  • webapps
  • multiple
  • xThaz
    2023-03-30

    Ecommerse v1.0 – Cross-Site Scripting (XSS)

  • webapps
  • php
  • nu11secur1ty
    2023-03-30

    Boa Web Server v0.94.14 – Authentication Bypass

  • webapps
  • linux
  • George Tsimpidas
    2023-03-30

    Router ZTE-H108NS – Authentication Bypass

  • remote
  • hardware
  • George Tsimpidas
    2023-03-30

    Eve-ng 5.0.1-13 – Stored Cross-Site Scripting (XSS)

  • webapps
  • php
  • @casp3r0x0 hassan ali al-khafaji
    2023-03-30

    Router ZTE-H108NS – Stack Buffer Overflow (DoS)

  • dos
  • hardware
  • George Tsimpidas
    2023-03-30

    WPForms 1.7.8 – Cross-Site Scripting (XSS)

  • webapps
  • php
  • Milad karimi