Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2017-01-30

Itech Real Estate Script 3.12 – SQL Injection
  • webapps
  • php
    		• Kaan KAMIS
    2017-01-30

    Itech News Portal Script 6.28 – ‘inf’ SQL Injection
  • webapps
  • php
    		• Kaan KAMIS
    2017-01-30

    Itech Multi Vendor Script 6.49 – ‘pl’ SQL Injection
  • webapps
  • php
    		• Kaan KAMIS
    2017-01-30

    Itech Freelancer Script 5.13 – SQL Injection
  • webapps
  • php
    		• Kaan KAMIS
    2017-01-30

    Itech Dating Script 3.26 – SQL Injection
  • webapps
  • php
    		• Kaan KAMIS
    2017-01-30

    Netgear Routers – Password Disclosure
  • webapps
  • hardware
    		• Trustwave's SpiderLabs
    2017-01-30

    Itech Classifieds Script 7.27 – ‘scat’ SQL Injection
  • webapps
  • php
    		• Kaan KAMIS
    2017-01-29

    TrueConf Server 4.3.7 – Multiple Vulnerabilities
  • webapps
  • php
    		• LiquidWorm
    2017-01-28

    Joomla! Component JTAG Calendar 6.2.4 – ‘search’ SQL Injection
  • webapps
  • php
    		• Persian Hack Team
    2017-01-27

    WordPress Plugin Online Hotel Booking System Pro 1.0 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-01-27

    Online Hotel Booking System Pro 1.2 – SQL Injection
  • webapps
  • php
    		• Ihsan Sencan
    2017-01-27

    WordPress Plugin WP Private Messages 1.0.1 – SQL Injection (2)
  • webapps
  • php
    		• Lenon Leite
    2017-01-27

    Oracle VM VirtualBox < 5.0.32 / < 5.1.14 - Local Privilege Escalation
  • local
  • linux
    		• Wolfgang Hotwagner
    2017-01-27

    Radisys MRF – Command Injection
  • webapps
  • cgi
    		• Filippos Mastrogiannis
    2017-01-27

    Maian Weblog 4.0 – SQL Injection
  • webapps
  • php
    		• Kaan KAMIS
    2017-01-27

    My Photo Gallery 1.0 – SQL Injection
  • webapps
  • php
    		• Kaan KAMIS
    2017-01-26

    TM RG4332 Wireless Router – Arbitrary File Disclosure
  • webapps
  • hardware
    		• Saeid Atabaki
    2017-01-26

    Google Android – ‘pm_qos’ KASLR Bypass
  • dos
  • android
    		• Google Security Research
    2017-01-26

    Web Based TimeSheet Script – Authentication Bypass
  • webapps
  • php
    		• Ihsan Sencan
    2017-01-26

    KB Messages PHP Script 1.0 – Authentication Bypass
  • webapps
  • php
    		• Ihsan Sencan
    2017-01-26

    KB Login Authentication Script 1.1 – Authentication Bypass
  • webapps
  • php
    		• Ihsan Sencan
    2017-01-26

    KB Affiliate Referral Script 1.0 – Authentication Bypass
  • webapps
  • php
    		• Ihsan Sencan
    2017-01-26

    Apple macOS 10.12.1 / iOS Kernel – ‘host_self_trap’ Use-After-Free
  • dos
  • multiple
    		• Google Security Research
    2017-01-26

    Apple macOS 10.12.1 / iOS Kernel – ‘IOService::matchPassive’ Use-After-Free
  • dos
  • multiple
    		• Google Security Research
    2017-01-26

    Apple macOS 10.12.1 / iOS 10.2 – Kernel Userspace Pointer Memory Corruption
  • dos
  • multiple
    		• Google Security Research
    2017-01-26

    Haraka < 2.8.9 - Remote Command Execution
  • remote
  • linux
    		• Xychix
    2017-01-26

    Autodesk Backburner Manager 3 < 2016.0.0.2150 - Null Dereference Denial of Service
  • dos
  • windows
    		• b0nd
    2017-01-26

    PHP PEAR HTTP_Upload 1.0.0b3 – Arbitrary File Upload
  • webapps
  • php
    		• hyp3rlinx
    2017-01-26

    Palo Alto Networks Terminal Services Agent 7.0.3-13 – Integer Overflow
  • local
  • windows
    		• Parvez Anwar
    2017-01-26

    OpenSSL 1.1.0 – Remote Client Denial of Service
  • dos
  • multiple
    		• Guido Vranken
    2017-01-26

    Polycom VVX Web Interface – Change Admin Password
  • webapps
  • hardware
    		• Mike Brown
    2017-01-26

    OpenSSH 6.8 < 6.9 - 'PTY' Local Privilege Escalation
  • local
  • linux
    		• Federico Bento
    2017-01-26

    PHPBack < 1.3.1 - SQL Injection / Cross-Site Scripting
  • webapps
  • php
    		• Manish Tanwar
    2017-01-25

    Movie Portal Script 7.36 – Multiple Vulnerabilities
  • webapps
  • php
    		• Marc Castejon
    2017-01-25

    GNU Screen 4.5.0 – Local Privilege Escalation
  • local
  • linux
    		• Xiphos Research Ltd
    2017-01-24

    Geutebrueck GCore 1.3.8.42/1.4.2.37 – Remote Code Execution (Metasploit)
  • remote
  • windows
    		• Maurice Popp
    2017-01-24

    GNU Screen 4.5.0 – Local Privilege Escalation (PoC)
  • local
  • linux
    		• Donald Buczek
    2017-01-24

    Mozilla Firefox < 50.0.2 - 'nsSMILTimeContainer::NotifyTimeChange()' Remote Code Execution (Metasploit)
  • remote
  • windows
    		• Metasploit
    2017-01-24

    Cisco WebEx – ‘nativeMessaging’ Remote Command Execution
  • remote
  • windows
    		• Google Security Research
    2017-01-24

    WD My Cloud Mirror 2.11.153 – Authentication Bypass / Remote Code Execution
  • webapps
  • hardware
    		• Kacper Szurek
    2017-01-24

    Systemd 228 (SUSE 12 SP2 / Ubuntu Touch 15.04) – Local Privilege Escalation
  • local
  • linux
    		• Sebastian Krahmer
    2017-01-23

    Microsoft Remote Desktop Client for Mac 8.0.36 – Code Execution
  • local
  • osx
    		• Filippo Cavallarin
    2017-01-23

    Disk Savvy Enterprise – GET Buffer Overflow (Metasploit)
  • remote
  • windows
    		• Metasploit
    2017-01-23

    Oracle OpenJDK Runtime Environment 1.8.0_112-b15 – Java Serialization Denial Of Service
  • dos
  • multiple
    		• ERPScan
    2017-01-22

    SunOS 5.11 ICMP – Denial of Service
  • dos
  • unix
    		• Todor Donev
    2017-01-22

    NTOPNG 2.4 Web Interface – Cross-Site Request Forgery
  • webapps
  • linux
    		• hyp3rlinx
    2017-01-21

    Microsoft Power Point 2016 – Java Code Execution
  • local
  • windows
    		• Fady Mohammed Osman
    2017-01-21

    PageKit 1.0.10 – Password Reset
  • webapps
  • php
    		• Saurabh Banawar
    2017-01-20

    Music Site Script 1.2 – Authentication Bypass
  • webapps
  • php
    		• Ihsan Sencan
    2017-01-20

    Job Site PHP Script 1.1 – Authentication Bypass
  • webapps
  • php
    		• Ihsan Sencan