Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2023-03-27

WiFi Mouse 1.8.3.2 – Remote Code Execution (RCE)
  • remote
  • windows
    		• Payal
    2023-03-27

    WebTareas 2.4 – Reflected XSS (Unauthorised)
  • webapps
  • php
    		• Hubert Wojciechowski
    2023-03-27

    Zoneminder < v1.37.24 - Log Injection & Stored XSS & CSRF Bypass
  • webapps
  • php
    		• Trenches of IT
    2023-03-27

    WebTareas 2.4 – SQL Injection (Unauthorised)
  • webapps
  • php
    		• Hubert Wojciechowski
    2023-03-27

    Clansphere CMS 2011.4 – Stored Cross-Site Scripting (XSS)
  • webapps
  • php
    		• Sinem Şahin
    2023-03-27

    Atom CMS v2.0 – SQL Injection (no auth)
  • webapps
  • php
    		• Hubert Wojciechowski
    2023-03-27

    Zentao Project Management System 17.0 – Authenticated Remote Code Execution (RCE)
  • webapps
  • php
    		• mister0xf
    2023-03-27

    Aero CMS v0.0.1 – PHP Code Injection (auth)
  • webapps
  • php
    		• Hubert Wojciechowski
    2023-03-27

    FlatCore CMS 2.1.1 – Stored Cross-Site Scripting (XSS)
  • webapps
  • php
    		• Sinem Şahin
    2023-03-27

    Aero CMS v0.0.1 – SQL Injection (no auth)
  • webapps
  • php
    		• Hubert Wojciechowski
    2023-03-27

    eXtplorer<= 2.1.14 - Authentication Bypass & Remote Code Execution (RCE)
  • webapps
  • php
    		• ErPaciocco
    2023-03-27

    Desktop Central 9.1.0 – Multiple Vulnerabilities
  • webapps
  • jsp
    		• Rafael Pedrero
    2023-03-27

    Sysax Multi Server 6.95 – ‘Password’ Denial of Service (PoC)
  • dos
  • windows
    		• Luis Martínez
    2023-03-27

    Scdbg 1.0 – Buffer overflow DoS
  • dos
  • windows
    		• Rafael Pedrero
    2023-03-27

    Gestionale Open 12.00.00 – ‘DB_GO_80’ Unquoted Service Path
  • local
  • windows
    		• Luis Martínez
    2023-03-27

    MiniDVBLinux 5.4 – Arbitrary File Read
  • remote
  • hardware
    		• LiquidWorm
    2023-03-27

    Hex Workshop v6.7 – Buffer overflow DoS
  • dos
  • windows
    		• Rafael Pedrero
    2023-03-27

    Mediconta 3.7.27 – ‘servermedicontservice’ Unquoted Service Path
  • local
  • windows
    		• Luis Martínez
    2023-03-27

    MiniDVBLinux 5.4 – Remote Root Command Injection
  • remote
  • hardware
    		• LiquidWorm
    2023-03-27

    Resource Hacker v3.6.0.92 – Buffer overflow
  • local
  • windows
    		• Rafael Pedrero
    2023-03-27

    Canteen-Management v1.0 – SQL Injection
  • webapps
  • php
    		• nu11secur1ty
    2023-03-27

    MiniDVBLinux 5.4 – Unauthenticated Stream Disclosure
  • remote
  • hardware
    		• LiquidWorm
    2023-03-27

    Frhed (Free hex editor) v1.6.0 – Buffer overflow
  • local
  • windows
    		• Rafael Pedrero
    2023-03-27

    Canteen-Management v1.0 – XSS-Reflected
  • webapps
  • php
    		• nu11secur1ty
    2023-03-27

    MiniDVBLinux 5.4 – Change Root Password
  • remote
  • hardware
    		• LiquidWorm
    2023-03-27

    Explorer32++ v1.3.5.531 – Buffer overflow
  • local
  • windows
    		• Rafael Pedrero
    2023-03-27

    MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol SVDRP – Remote Code Execution (RCE)
  • remote
  • hardware
    		• LiquidWorm
    2023-03-27

    Tftpd32_SE 4.60 – ‘Tftpd32_svc’ Unquoted Service Path
  • local
  • windows
    		• Ismael Nava
    2023-03-25

    MODX Revolution v2.8.3-pl – Authenticated Remote Code Execution
  • webapps
  • php
    		• Sarang Tumne
    2023-03-25

    Translatepress Multilinugal WordPress plugin < 2.3.3 - Authenticated SQL Injection
  • webapps
  • php
    		• Elias Hohl
    2023-03-25

    Abantecart v1.3.2 – Authenticated Remote Code Execution
  • webapps
  • php
    		• Sarang Tumne
    2023-03-25

    NEX-Forms WordPress plugin < 7.9.7 - Authenticated SQLi
  • webapps
  • php
    		• Elias Hohl
    2023-03-25

    SimpleMachinesForum v2.1.1 – Authenticated Remote Code Execution
  • webapps
  • php
    		• Sarang Tumne
    2023-03-25

    “camp” Raspberry Pi camera server 1.0 – Authentication Bypass
  • webapps
  • Python
    		• Elias Hohl
    2023-03-25

    ImpressCMS v1.4.3 – Authenticated SQL Injection
  • webapps
  • php
    		• Sarang Tumne
    2023-03-25

    Password Manager for IIS v2.0 – XSS
  • webapps
  • asp
    		• VP4TR10T
    2023-03-25

    Bus Pass Management System 1.0 – Cross-Site Scripting (XSS)
  • webapps
  • php
    		• Ali Alipour
    2023-03-25

    DLink DIR 819 A1 – Denial of Service
  • dos
  • hardware
    		• whokilleddb
    2023-03-25

    GuppY CMS v6.00.10 – Remote Code Execution
  • webapps
  • php
    		• Chokri Hammedi
    2023-03-25

    NVFLARE < 2.1.4 - Unsafe Deserialization due to Pickle
  • remote
  • Python
    		• Elias Hohl
    2023-03-25

    Lavalite v9.0.0 – XSRF-TOKEN cookie File path traversal
  • webapps
  • php
    		• nu11secur1ty
    2023-03-25

    Employee Performance Evaluation System v1.0 – File Inclusion and RCE
  • webapps
  • php
    		• nu11secur1ty
    2023-03-25

    Yoga Class Registration System v1.0 – Multiple SQLi
  • webapps
  • php
    		• Abdulhakim Öner
    2023-03-25

    Human Resources Management System v1.0 – Multiple SQLi
  • webapps
  • php
    		• Abdulhakim Öner
    2023-03-25

    D-Link DNR-322L <=2.60B15 - Authenticated Remote Code Execution
  • remote
  • hardware
    		• luka
    2023-03-25

    PHPGurukul Online Birth Certificate System V 1.2 – Blind XSS
  • webapps
  • php
    		• Prasheek Kamble
    2023-03-25

    Online Diagnostic Lab Management System v1.0 – Remote Code Execution (RCE) (Unauthenticated)
  • webapps
  • php
    		• yousef alraddadi
    2023-03-25

    Composr-CMS Version <=10.0.39 - Authenticated Remote Code Execution
  • webapps
  • php
    		• Sarang Tumne
    2023-03-25

    System Mechanic v15.5.0.61 – Arbitrary Read/Write
  • local
  • windows
    		• Brandon Marshall
    2023-03-23

    Bitbucket v7.0.0 – RCE
  • webapps
  • Python
    		• khal4n1