Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2016-10-28	InfraPower PPS-02-S Q213V1 – Cross-Site Request Forgery	webapps	php	LiquidWorm
2016-10-28	InfraPower PPS-02-S Q213V1 – Authentication Bypass	webapps	php	LiquidWorm
2016-10-28	InfraPower PPS-02-S Q213V1 – Insecure Direct Object Reference	webapps	php	LiquidWorm
2016-10-28	InfraPower PPS-02-S Q213V1 – Hard-Coded Credentials	remote	hardware	LiquidWorm
2016-10-28	InfraPower PPS-02-S Q213V1 – Local File Disclosure	webapps	php	LiquidWorm
2016-10-28	InfraPower PPS-02-S Q213V1 – Multiple Cross-Site Scripting Vulnerabilities	webapps	php	LiquidWorm
2016-10-28	InfraPower PPS-02-S Q213V1 – Remote Command Execution	webapps	hardware	LiquidWorm
2016-10-27	uSQLite 1.0.0 – Denial of Service	dos	windows	Peter Baris
2016-10-27	GNU GTypist 2.9.5-2 – Local Buffer Overflow	local	linux	Juan Sacco
2016-10-27	Baby FTP server 1.24 – Denial of Service (2)	dos	windows	n30m1nd
2016-10-27	CherryTree 0.36.9 – Memory Corruption (PoC)	dos	windows	n30m1nd
2016-10-27	Joomla! 3.4.4 < 3.6.4 - Account Creation / Privilege Escalation	webapps	php	Xiphos Research Ltd
2016-10-27	HP TouchSmart Calendar 4.1.4245 – Insecure File Permissions Privilege Escalation	local	windows	hyp3rlinx
2016-10-26	Komfy Switch with Camera DKZ-201S/W – WiFi Password Disclosure	remote	hardware	Jason Doyle
2016-10-26	SmallFTPd 1.0.3 – ‘mkd’ Denial of Service	dos	windows	ScrR1pTK1dd13
2016-10-26	Boonex Dolphin 7.3.2 – Authentication Bypass	webapps	php	Saadi Siddiqui
2016-10-26	Linux Kernel 2.6.22 < 3.9 - 'Dirty COW PTRACE_POKEDATA' Race Condition (Write Access Method)	local	linux	Phil Oester
2016-10-25	Network Scanner 4.0.0 – Local Buffer Overflow (SEH)	local	windows	n30m1nd
2016-10-24	Industrial Secure Routers EDR-810 / EDR-G902 / EDR-G903 – Insecure Configuration Management	webapps	hardware	Sniper Pex
2016-10-24	EC-CUBE 2.12.6 – Server-Side Request Forgery	webapps	php	Wadeek
2016-10-24	Microsoft Windows (x86) – ‘NDISTAPI’ Local Privilege Escalation (MS11-062)	local	windows_x86	Tomislav Paskalev
2016-10-24	Orange Inventel LiveBox 5.08.3-sp – Cross-Site Request Forgery	webapps	hardware	BlackMamba
2016-10-23	Zenbership 107 – Multiple Vulnerabilities	webapps	php	Besim
2016-10-21	Just Dial Clone Script – ‘srch’ SQL Injection	webapps	php	Arbin Godar
2016-10-21	TrendMicro InterScan Web Security Virtual Appliance – ‘Shellshock’ Remote Command Injection	remote	hardware	Hacker Fantastic
2016-10-21	Oracle VM VirtualBox 4.3.28 – ‘.ovf’ Crash (PoC)	dos	windows	sultan albalawi
2016-10-21	RealPlayer 18.1.5.705 – ‘.QCP’ Crash (PoC)	dos	windows	Alwin Peppels
2016-10-21	Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW /proc/self/mem' Race Condition Privilege Escalation (SUID Method)	local	linux	Robin Verton
2016-10-21	FreePBX 13 – Remote Command Execution / Privilege Escalation	webapps	php	Christopher Davis
2016-10-20	SPIP 3.1.1/3.1.2 – File Enumeration / Path Traversal	webapps	php	Sysdream
2016-10-20	SPIP 3.1.2 Template Compiler/Composer – PHP Code Execution	webapps	php	Sysdream
2016-10-20	OpenNMS – Java Object Unserialization Remote Code Execution (Metasploit)	remote	linux	Metasploit
2016-10-20	Event Calendar PHP 1.5 – SQL Injection	webapps	php	Ehsan Hosseini
2016-10-20	Hak5 WiFi Pineapple 2.4 – Preconfiguration Command Injection (Metasploit)	remote	linux	Metasploit
2016-10-20	SAP Adaptive Server Enterprise 16 – Denial of Service	dos	windows	ERPScan
2016-10-20	Microsoft Windows – NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation (MS16-124)	local	windows	Google Security Research
2016-10-20	SAP NetWeaver KERNEL 7.0 < 7.5 - Denial of Service	dos	windows	ERPScan
2016-10-20	Microsoft Windows Edge/Internet Explorer – Isolated Private Namespace Insecure Boundary Descriptor Privilege Escalation (MS16-118)	local	windows	Google Security Research
2016-10-20	Classifieds Rental Script – SQL Injection	webapps	php	Arbin Godar
2016-10-20	Microsoft Windows Edge/Internet Explorer – Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118)	local	windows	Google Security Research
2016-10-20	Oracle BI Publisher 11.1.1.6.0/11.1.1.7.0/11.1.1.9.0/12.2.1.0.0 – XML External Entity Injection	webapps	xml	Jakub Palaczynski
2016-10-20	Microsoft Edge – Spread Operator Stack Overflow (MS16-119)	dos	windows	Google Security Research
2016-10-20	MiCasaVerde VeraLite – Remote Code Execution	remote	hardware	Jacob Baines
2016-10-20	Microsoft Edge – ‘Array.join’ Infomation Leak (MS16-119)	dos	windows	Google Security Research
2016-10-20	Oracle Netbeans IDE 8.1 – Directory Traversal	local	multiple	hyp3rlinx
2016-10-20	Microsoft Edge – ‘Function.apply’ Information Leak (MS16-119)	dos	windows	Google Security Research
2016-10-20	Microsoft Edge – ‘Array.map’ Heap Overflow (MS16-119)	dos	windows	Google Security Research
2016-10-20	Microsoft Windows Kernel – Registry Hive Loading Relative Arbitrary Read in nt!RtlValidRelativeSecurityDescriptor (MS16-123)	dos	windows	Google Security Research
2016-10-20	Microsoft Windows Kernel – Registry Hive Loading Negative RtlMoveMemory Size in nt!CmpCheckValueList (MS16-124)	dos	windows	Google Security Research
2016-10-20	Microsoft Windows – ‘win32k.sys’ TTF Processing win32k!sbit_Embolden / win32k!ttfdCloseFontContext Use-After-Free (MS16-120)	dos	windows	Google Security Research