Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24745Exploits

日期	标题	类型	平台	作者
2023-04-05	Calendar Event Multi View 1.4.07 – Unauthenticated Arbitrary Event Creation to Cross-Site Scripting (XSS)	webapps	php	Mostafa Farzaneh
2023-04-05	ImageMagick 7.1.0-49 – DoS	dos	php	nu11secur1ty
2023-04-05	zstore 6.6.0 – Cross-Site Scripting (XSS)	webapps	php	nu11secur1ty
2023-04-05	ERPNext 12.29 – Cross-Site Scripting (XSS)	webapps	java	Patrick Dean Ramos / Nathu Nandwani / Junnair Manla
2023-04-05	Kardex Mlog MCC 5.7.12 – RCE (Remote Code Execution)	remote	windows	Patrick Hener
2023-04-05	BTCPay Server v1.7.4 – HTML Injection	webapps	multiple	Manojkumar J
2023-04-05	projectSend r1605 – Remote Code Exectution RCE	webapps	php	Mirabbas Ağalarov
2023-04-05	itech TrainSmart r1044 – SQL injection	webapps	php	Adrian Bondocea
2023-04-05	Secure Web Gateway 10.2.11 – Cross-Site Scripting (XSS)	webapps	multiple	RedTeam Pentesting GmbH
2023-04-05	GNU screen v4.9.0 – Privilege Escalation	local	linux	Manuel Andreas
2023-04-05	PhotoShow 3.0 – Remote Code Execution	webapps	php	LSCP Responsible Disclosure Lab
2023-04-05	Responsive FileManager 9.9.5 – Remote Code Execution (RCE)	webapps	php	Galoget Latorre
2023-04-05	Control Web Panel 7 (CWP7) v0.9.8.1147 – Remote Code Execution (RCE)	webapps	php	Mayank Deshmukh
2023-04-03	GLPI v10.0.2 – SQL Injection (Authentication Depends on Configuration)	webapps	php	Nuri Çilengir
2023-04-03	Art Gallery Management System Project v1.0 – SQL Injection (editid) authenticated	webapps	php	Rahul Patwari
2023-04-03	GLPI Activity v3.1.0 – Authenticated Local File Inclusion on Activity plugin	webapps	php	Nuri Çilengir
2023-04-03	Art Gallery Management System Project v1.0 – SQL Injection (cid) Unauthenticated	webapps	php	Rahul Patwari
2023-04-03	GLPI Glpiinventory v1.0.1 – Unauthenticated Local File Inclusion	webapps	php	Nuri Çilengir
2023-04-03	Art Gallery Management System Project v1.0 – Reflected Cross-Site Scripting (XSS)	webapps	php	Rahul Patwari
2023-04-03	GLPI 4.0.2 – Unauthenticated Local File Inclusion on Manageentities plugin	webapps	php	Nuri Çilengir
2023-04-03	MyBB 1.8.32 – Remote Code Execution (RCE) (Authenticated)	webapps	php	lUc1f3r11
2023-04-03	Roxy WI v6.1.1.0 – Unauthenticated Remote Code Execution (RCE) via ssl_cert Upload	webapps	Python	Nuri Çilengir
2023-04-03	Microsoft Exchange Active Directory Topology 15.02.1118.007 – ‘Service MSExchangeADTopology’ Unquoted Service Path	local	windows	Milad karimi
2023-04-03	Roxy WI v6.1.0.0 – Unauthenticated Remote Code Execution (RCE)	webapps	Python	Nuri Çilengir
2023-04-03	SLIMSV 9.5.2 – Cross-Site Scripting (XSS)	webapps	php	nu11secur1ty
2023-04-03	Roxy WI v6.1.0.0 – Improper Authentication Control	webapps	Python	Nuri Çilengir
2023-04-03	Chromacam 4.0.3.0 – PsyFrameGrabberService Unquoted Service Path	local	windows	Laguin Benjamin
2023-04-03	sleuthkit 4.11.1 – Command Injection	local	multiple	Dino Barlattani
2023-04-03	Solaris 10 libXm – Buffer overflow Local privilege escalation	local	solaris	Marco Ivaldi
2023-04-03	WP-file-manager v6.9 – Unauthenticated Arbitrary File Upload leading to RCE	webapps	php	BLY
2023-04-03	Zstore 6.5.4 – Reflected Cross-Site Scripting (XSS)	webapps	php	nu11secur1ty
2023-04-03	Grand Theft Auto III/Vice City Skin File v1.1 – Buffer Overflow	local	windows	Knursoft
2023-04-03	HotKey Clipboard 2.1.0.6 – Privilege Escalation Unquoted Service Path	local	windows	Wim Jaap van Vliet
2023-04-03	ManageEngin AMP 4.3.0 – File-path-traversal	webapps	multiple	nu11secur1ty
2023-04-03	Nacos 2.0.3 – Access Control vulnerability	webapps	java	Jenson Zhao
2023-04-03	Active eCommerce CMS 6.5.0 – Stored Cross-Site Scripting (XSS)	webapps	multiple	Sajibe Kanti
2023-04-03	Metform Elementor Contact Form Builder v3.1.2 – Unauthenticated Stored Cross-Site Scripting (XSS)	webapps	php	Mohammed Chemouri
2023-04-03	ERPGo SaaS 3.9 – CSV Injection	webapps	php	Sajibe Kanti
2023-04-03	Windows 11 10.0.22000 – Backup service Privilege Escalation	local	windows	nu11secur1ty
2023-04-03	AmazCart CMS 3.4 – Cross-Site-Scripting (XSS)	webapps	php	Sajibe Kanti
2023-04-03	ChiKoi v1.0 – SQL Injection	webapps	php	nu11secur1ty
2023-04-03	Paid Memberships Pro v2.9.8 (WordPress Plugin) – Unauthenticated SQL Injection	webapps	php	r3nt0n
2023-04-03	SQL Monitor 12.1.31.893 – Cross-Site Scripting (XSS)	webapps	multiple	geeklinuxman
2023-04-03	pimCore v5.4.18-skeleton – Sensitive Cookie with Improper SameSite Attribute	webapps	php	nu11secur1ty
2023-04-03	GLPI Cartography Plugin v6.0.0 – Unauthenticated Remote Code Execution (RCE)	webapps	php	Nuri Çilengir
2023-04-03	sudo 1.8.0 to 1.9.12p1 – Privilege Escalation	local	linux	n3m1.sys
2023-04-01	NetIQ/Microfocus Performance Endpoint v5.1 – remote root/SYSTEM exploit	local	windows	Neil Kettle
2023-04-01	GitLab v15.3 – Remote Code Execution (RCE) (Authenticated)	webapps	ruby	Antonio Francesco Sardella
2023-04-01	Yahoo User Interface library (YUI2) TreeView v2.8.2 – Multiple Reflected Cross Site Scripting (XSS)	webapps	php	SITE Team
2023-04-01	Enlightenment v0.25.3 – Privilege escalation	local	linux	nu11secur1ty