Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2017-03-16

Cerberus FTP Server 8.0.10.3 – ‘MLST’ Buffer Overflow (PoC)
  • dos
  • windows
    		• Nassim Asrir
    2017-03-16

    Microsoft Windows DVD Maker 6.1.7 – XML External Entity Injection
  • local
  • windows
    		• hyp3rlinx
    2017-03-16

    Cobbler 2.8.0 – (Authenticated) Remote Code Execution
  • webapps
  • linux
    		• Dolev Farhi
    2017-03-15

    Adobe Flash – MovieClip Attach init Object Use-After-Free
  • dos
  • multiple
    		• Google Security Research
    2017-03-15

    GitHub Enterprise < 2.8.7 - Remote Code Execution
  • webapps
  • multiple
    		• orange
    2017-03-15

    Adobe Flash – Metadata Parsing Out-of-Bounds Read
  • dos
  • multiple
    		• Google Security Research
    2017-03-15

    Microsoft Windows – COM Session Moniker Privilege Escalation (MS17-012)
  • local
  • windows
    		• Google Security Research
    2017-03-15

    PCAUSA Rawether (ASUS PCE-AC56 WLAN Card Utilities Windows 10 x64) – Local Privilege Escalation
  • local
  • windows_x86-64
    		• ReWolf
    2017-03-15

    Joomla! Component Vik Rent Car 1.11 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-03-15

    Joomla! Component Vik Rent Items 1.3 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-03-15

    Sitecore CMS 8.1 Update-3 – Cross-Site Scripting
  • webapps
  • aspx
    		• Pralhad Chaskar
    2017-03-15

    GitHub Enterprise 2.8.0 < 2.8.6 - Remote Code Execution
  • webapps
  • ruby
    		• iblue
    2017-03-15

    Microsoft Windows – ‘LoadUvsTable()’ Heap Buffer Overflow
  • dos
  • windows
    		• Hossein Lotfi
    2017-03-15

    Apache Struts 2.3.5 < 2.3.31 / 2.5 < 2.5.10 - 'Jakarta' Multipart Parser OGNL Injection (Metasploit)
  • remote
  • multiple
    		• Metasploit
    2017-03-15

    IBM WebSphere – RCE Java Deserialization (Metasploit)
  • remote
  • windows
    		• Metasploit
    2017-03-15

    Adobe Flash – AVC Header Slicing Heap Overflow
  • dos
  • multiple
    		• Google Security Research
    2017-03-15

    Joomla! Component Vik Appointments 1.5 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-03-15

    Adobe Flash – ATF Planar Decompression Heap Overflow
  • dos
  • multiple
    		• Google Security Research
    2017-03-15

    Adobe Flash – ATF Thumbnailing Heap Overflow
  • dos
  • multiple
    		• Google Security Research
    2017-03-14

    Joomla! Component Advertisement Board 3.0.4 – ‘id’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-03-14

    Joomla! Component Simple Membership 3.3.3 – ‘userId’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-03-14

    APNGDis 2.8 – ‘filename’ Stack Buffer Overflow (PoC)
  • dos
  • multiple
    		• Alwin Peppels
    2017-03-14

    APNGDis 2.8 – ‘image width / height chunk’ Heap Buffer Overflow
  • dos
  • multiple
    		• Alwin Peppels
    2017-03-14

    APNGDis 2.8 – ‘chunk size descriptor’ Heap Buffer Overflow
  • dos
  • multiple
    		• Alwin Peppels
    2017-03-13

    Steam Profile Integration 2.0.11 – SQL injection
  • webapps
  • php
    		• DrWhat
    2017-03-13

    Netgear R7000 / R6400 – ‘cgi-bin’ Command Injection (Metasploit)
  • remote
  • cgi
    		• Metasploit
    2017-03-13

    Oracle VM VirtualBox – Cooperating VMs can Escape from Shared Folder
  • local
  • linux
    		• Google Security Research
    2017-03-13

    Cerberus FTP Server 8.0.10.1 – Denial of Service
  • dos
  • windows
    		• Peter Baris
    2017-03-13

    Car Workshop System – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-03-12

    Easy MOV Converter 1.4.24 – Local Buffer Overflow (SEH)
  • dos
  • windows
    		• Muhann4d
    2017-03-12

    Nintendo Switch – WebKit Code Execution (PoC)
  • dos
  • hardware
    		• qwertyoruiop
    2017-03-11

    Fortinet FortiClient 5.2.3 (Windows 10 x86) – Local Privilege Escalation
  • local
  • windows_x86
    		• sickness
    2017-03-11

    PHP Forum Script 3.0 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-03-11

    Yellow Pages Script 3.2 – ‘category_id’ SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-03-11

    Yacht Listing Script 2.0 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-03-11

    Travel Tours Script 2.0 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-03-11

    Property Listing Script 3.1 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-03-11

    Pet Listing Script 3.0 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-03-11

    Vanelo – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-03-11

    Global In – Arbitrary File Upload
  • webapps
  • php
    		• Ihsan Sencan
    2017-03-11

    Global In – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-03-11

    Domain Marketplace Script – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-03-11

    Fiyo CMS 2.0.6.1 – Privilege Escalation
  • webapps
  • php
    		• rungga_reksya
    2017-03-11

    Mirage – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-03-11

    MobaXterm Personal Edition 9.4 – Directory Traversal
  • remote
  • windows
    		• hyp3rlinx
    2017-03-10

    WatchGuard XTMv 11.12 Build 516911 – User Management Cross-Site Request Forgery
  • webapps
  • xml
    		• KoreLogic
    2017-03-10

    dnaLIMS DNA Sequencing – Directory Traversal / Session Hijacking / Cross-Site Scripting
  • webapps
  • cgi
    		• Shorebreak Security
    2017-03-10

    Kinsey Infor/Lawson / ESBUS – SQL Injection
  • webapps
  • jsp
    		• Michael Benich
    2017-03-10

    FTP Voyager Scheduler 16.2.0 – Cross-Site Request Forgery
  • webapps
  • xml
    		• hyp3rlinx
    2017-03-09

    Country on Sale Script – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan