Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2023-03-30

Shoplazza 1.1 – Stored Cross-Site Scripting (XSS)
  • webapps
  • multiple
    		• Andrey Stoykov
    2023-03-30

    Dreamer CMS v4.0.0 – SQL Injection
  • webapps
  • multiple
    		• lvren
    2023-03-30

    LISTSERV 17 – Insecure Direct Object Reference (IDOR)
  • webapps
  • cgi
    		• Shaunt Der-Grigorian
    2023-03-30

    LISTSERV 17 – Reflected Cross Site Scripting (XSS)
  • webapps
  • cgi
    		• Shaunt Der-Grigorian
    2023-03-30

    4images 1.9 – Remote Command Execution (RCE)
  • webapps
  • php
    		• Andrey Stoykov
    2023-03-30

    CrowdStrike Falcon AGENT 6.44.15806 – Uninstall without Installation Token
  • local
  • windows
    		• Fortunato Lodari
    2023-03-30

    Device Manager Express 7.8.20002.47752 – Remote Code Execution (RCE)
  • webapps
  • php
    		• Eric Flokstra
    2023-03-30

    Concrete5 CME v9.1.3 – Xpath injection
  • webapps
  • php
    		• nu11secur1ty
    2023-03-29

    Inbit Messenger v4.9.0 – Unauthenticated Remote Command Execution (RCE)
  • remote
  • windows
    		• a-rey
    2023-03-29

    Inbit Messenger v4.9.0 – Unauthenticated Remote SEH Overflow
  • remote
  • windows
    		• a-rey
    2023-03-29

    Human Resource Management System 1.0 – SQL Injection (unauthenticated)
  • webapps
  • php
    		• Matthijs van der Vaart (eMVee)
    2023-03-29

    Book Store Management System 1.0.0 – Stored Cross-Site Scripting (XSS)
  • webapps
  • php
    		• Rajeshwar Singh
    2023-03-29

    WP All Import v3.6.7 – Remote Code Execution (RCE) (Authenticated)
  • webapps
  • php
    		• AkuCyberSec
    2023-03-29

    Revenue Collection System v1.0 – Remote Code Execution (RCE)
  • webapps
  • php
    		• Joe Pollock
    2023-03-29

    Helmet Store Showroom v1.0 – SQL Injection
  • webapps
  • php
    		• Ameer Hamza
    2023-03-29

    Internet Download Manager v6.41 Build 3 – Remote Code Execution (RCE)
  • remote
  • windows
    		• M. Akil Gündoğan
    2023-03-29

    Uniview NVR301-04S2-P4 – Reflected Cross-Site Scripting (XSS)
  • webapps
  • hardware
    		• Bleron Rrustemi
    2023-03-29

    DSL-124 Wireless N300 ADSL2+ – Backup File Disclosure
  • remote
  • hardware
    		• Aryan Chehreghani
    2023-03-29

    Outline V1.6.0 – Unquoted Service Path
  • local
  • windows
    		• Milad karimi
    2023-03-28

    Subrion CMS 4.2.1 – Stored Cross-Site Scripting (XSS)
  • webapps
  • php
    		• Sinem Şahin
    2023-03-28

    Label Studio 1.5.0 – Authenticated Server Side Request Forgery (SSRF)
  • webapps
  • Python
    		• Ryan Smith
    2023-03-28

    BoxBilling<=4.22.1.5 - Remote Code Execution (RCE)
  • webapps
  • php
    		• zetc0de
    2023-03-28

    Tapo C310 RTSP server v1.3.0 – Unauthorised Video Stream Access
  • remote
  • hardware
    		• dsclee1
    2023-03-28

    SugarSync 4.1.3 – ‘SugarSync Service’ Unquoted Service Path
  • local
  • windows
    		• Jorge Manuel Lozano Gómez
    2023-03-28

    rukovoditel 3.2.1 – Cross-Site Scripting (XSS)
  • webapps
  • php
    		• nu11secur1ty
    2023-03-28

    HDD Health 4.2.0.112 – ‘HDDHealth’ Unquoted Service Path
  • local
  • windows
    		• Jorge Manuel Lozano Gómez
    2023-03-28

    Senayan Library Management System v9.5.0 – SQL Injection
  • webapps
  • php
    		• nu11secur1ty
    2023-03-28

    Jetpack 11.4 – Cross Site Scripting (XSS)
  • webapps
  • php
    		• Behrouz Mansoori
    2023-03-28

    iBooking v1.0.8 – Arbitrary File Upload
  • webapps
  • php
    		• d1z1n370/oPty
    2023-03-28

    Online shopping system advanced 1.0 – Multiple Vulnerabilities
  • webapps
  • php
    		• Rafael Pedrero
    2023-03-28

    ReQlogic v11.3 – Reflected Cross-Site Scripting (XSS)
  • webapps
  • aspx
    		• Okan Kurtulus
    2023-03-28

    SuperMailer v11.20 – Buffer overflow DoS
  • dos
  • windows
    		• Rafael Pedrero
    2023-03-28

    Hashicorp Consul v1.0 – Remote Command Execution (RCE)
  • remote
  • multiple
    		• GatoGamer1155
    2023-03-28

    YouPHPTube<= 7.8 - Multiple Vulnerabilities
  • webapps
  • php
    		• Rafael Pedrero
    2023-03-28

    Social-Share-Buttons v2.2.3 – SQL Injection
  • webapps
  • php
    		• nu11secur1ty
    2023-03-28

    VMware Workstation 15 Pro – Denial of Service
  • dos
  • windows
    		• Milad karimi
    2023-03-28

    Moodle LMS 4.0 – Cross-Site Scripting (XSS)
  • webapps
  • php
    		• Saud Alenazi
    2023-03-28

    Pega Platform 8.1.0 – Remote Code Execution (RCE)
  • webapps
  • multiple
    		• Marcin Wolak
    2023-03-28

    Tunnel Interface Driver – Denial of Service
  • dos
  • windows
    		• ExAllocatePool2
    2023-03-28

    Beauty-salon v1.0 – Remote Code Execution (RCE)
  • webapps
  • php
    		• nu11secur1ty
    2023-03-28

    OPSWAT Metadefender Core – Privilege Escalation
  • webapps
  • multiple
    		• Ulascan Yildirim
    2023-03-28

    ZKTeco ZEM/ZMM 8.88 – Missing Authentication
  • webapps
  • jsp
    		• RedTeam Pentesting GmbH
    2023-03-28

    X-Skipper-Proxy v0.13.237 – Server Side Request Forgery (SSRF)
  • remote
  • multiple
    		• Hosein Vita
    2023-03-27

    MiniDVBLinux 5.4 – Change Root Password
  • remote
  • hardware
    		• LiquidWorm
    2023-03-27

    Explorer32++ v1.3.5.531 – Buffer overflow
  • local
  • windows
    		• Rafael Pedrero
    2023-03-27

    MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol SVDRP – Remote Code Execution (RCE)
  • remote
  • hardware
    		• LiquidWorm
    2023-03-27

    Tftpd32_SE 4.60 – ‘Tftpd32_svc’ Unquoted Service Path
  • local
  • windows
    		• Ismael Nava
    2023-03-27

    FortiOS, FortiProxy, FortiSwitchManager v7.2.1 – Authentication Bypass
  • webapps
  • multiple
    		• Felipe Alcantara
    2023-03-27

    WPN-XM Serverstack for Windows 0.8.6 – Multiple Vulnerabilities
  • webapps
  • php
    		• Rafael Pedrero
    2023-03-27

    MiniDVBLinux <=5.4 - Config Download Exploit
  • remote
  • hardware
    		• LiquidWorm