Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24745Exploits
日期 标题 类型 平台 作者
2023-03-30

CrowdStrike Falcon AGENT 6.44.15806 – Uninstall without Installation Token
  • local
  • windows
    		• Fortunato Lodari
    2023-03-30

    Device Manager Express 7.8.20002.47752 – Remote Code Execution (RCE)
  • webapps
  • php
    		• Eric Flokstra
    2023-03-30

    Concrete5 CME v9.1.3 – Xpath injection
  • webapps
  • php
    		• nu11secur1ty
    2023-03-30

    Lavasoft web companion 4.1.0.409 – ‘DCIservice’ Unquoted Service Path
  • local
  • windows
    		• P4p4 M4n3
    2023-03-30

    Virtual Reception v1.0 – Web Server Directory Traversal
  • webapps
  • multiple
    		• Spinae
    2023-03-30

    Covenant v0.5 – Remote Code Execution (RCE)
  • webapps
  • multiple
    		• xThaz
    2023-03-30

    Ecommerse v1.0 – Cross-Site Scripting (XSS)
  • webapps
  • php
    		• nu11secur1ty
    2023-03-30

    Boa Web Server v0.94.14 – Authentication Bypass
  • webapps
  • linux
    		• George Tsimpidas
    2023-03-30

    Router ZTE-H108NS – Authentication Bypass
  • remote
  • hardware
    		• George Tsimpidas
    2023-03-29

    Revenue Collection System v1.0 – Remote Code Execution (RCE)
  • webapps
  • php
    		• Joe Pollock
    2023-03-29

    Helmet Store Showroom v1.0 – SQL Injection
  • webapps
  • php
    		• Ameer Hamza
    2023-03-29

    Internet Download Manager v6.41 Build 3 – Remote Code Execution (RCE)
  • remote
  • windows
    		• M. Akil Gündoğan
    2023-03-29

    Uniview NVR301-04S2-P4 – Reflected Cross-Site Scripting (XSS)
  • webapps
  • hardware
    		• Bleron Rrustemi
    2023-03-29

    DSL-124 Wireless N300 ADSL2+ – Backup File Disclosure
  • remote
  • hardware
    		• Aryan Chehreghani
    2023-03-29

    Outline V1.6.0 – Unquoted Service Path
  • local
  • windows
    		• Milad karimi
    2023-03-29

    Inbit Messenger v4.9.0 – Unauthenticated Remote Command Execution (RCE)
  • remote
  • windows
    		• a-rey
    2023-03-29

    Inbit Messenger v4.9.0 – Unauthenticated Remote SEH Overflow
  • remote
  • windows
    		• a-rey
    2023-03-29

    Human Resource Management System 1.0 – SQL Injection (unauthenticated)
  • webapps
  • php
    		• Matthijs van der Vaart (eMVee)
    2023-03-29

    Book Store Management System 1.0.0 – Stored Cross-Site Scripting (XSS)
  • webapps
  • php
    		• Rajeshwar Singh
    2023-03-29

    WP All Import v3.6.7 – Remote Code Execution (RCE) (Authenticated)
  • webapps
  • php
    		• AkuCyberSec
    2023-03-28

    Senayan Library Management System v9.5.0 – SQL Injection
  • webapps
  • php
    		• nu11secur1ty
    2023-03-28

    Jetpack 11.4 – Cross Site Scripting (XSS)
  • webapps
  • php
    		• Behrouz Mansoori
    2023-03-28

    iBooking v1.0.8 – Arbitrary File Upload
  • webapps
  • php
    		• d1z1n370/oPty
    2023-03-28

    Online shopping system advanced 1.0 – Multiple Vulnerabilities
  • webapps
  • php
    		• Rafael Pedrero
    2023-03-28

    ReQlogic v11.3 – Reflected Cross-Site Scripting (XSS)
  • webapps
  • aspx
    		• Okan Kurtulus
    2023-03-28

    SuperMailer v11.20 – Buffer overflow DoS
  • dos
  • windows
    		• Rafael Pedrero
    2023-03-28

    Hashicorp Consul v1.0 – Remote Command Execution (RCE)
  • remote
  • multiple
    		• GatoGamer1155
    2023-03-28

    YouPHPTube<= 7.8 - Multiple Vulnerabilities
  • webapps
  • php
    		• Rafael Pedrero
    2023-03-28

    Social-Share-Buttons v2.2.3 – SQL Injection
  • webapps
  • php
    		• nu11secur1ty
    2023-03-28

    VMware Workstation 15 Pro – Denial of Service
  • dos
  • windows
    		• Milad karimi
    2023-03-28

    Moodle LMS 4.0 – Cross-Site Scripting (XSS)
  • webapps
  • php
    		• Saud Alenazi
    2023-03-28

    Pega Platform 8.1.0 – Remote Code Execution (RCE)
  • webapps
  • multiple
    		• Marcin Wolak
    2023-03-28

    Tunnel Interface Driver – Denial of Service
  • dos
  • windows
    		• ExAllocatePool2
    2023-03-28

    Beauty-salon v1.0 – Remote Code Execution (RCE)
  • webapps
  • php
    		• nu11secur1ty
    2023-03-28

    OPSWAT Metadefender Core – Privilege Escalation
  • webapps
  • multiple
    		• Ulascan Yildirim
    2023-03-28

    ZKTeco ZEM/ZMM 8.88 – Missing Authentication
  • webapps
  • jsp
    		• RedTeam Pentesting GmbH
    2023-03-28

    X-Skipper-Proxy v0.13.237 – Server Side Request Forgery (SSRF)
  • remote
  • multiple
    		• Hosein Vita
    2023-03-28

    Subrion CMS 4.2.1 – Stored Cross-Site Scripting (XSS)
  • webapps
  • php
    		• Sinem Şahin
    2023-03-28

    Label Studio 1.5.0 – Authenticated Server Side Request Forgery (SSRF)
  • webapps
  • Python
    		• Ryan Smith
    2023-03-28

    BoxBilling<=4.22.1.5 - Remote Code Execution (RCE)
  • webapps
  • php
    		• zetc0de
    2023-03-28

    Tapo C310 RTSP server v1.3.0 – Unauthorised Video Stream Access
  • remote
  • hardware
    		• dsclee1
    2023-03-28

    SugarSync 4.1.3 – ‘SugarSync Service’ Unquoted Service Path
  • local
  • windows
    		• Jorge Manuel Lozano Gómez
    2023-03-28

    rukovoditel 3.2.1 – Cross-Site Scripting (XSS)
  • webapps
  • php
    		• nu11secur1ty
    2023-03-28

    HDD Health 4.2.0.112 – ‘HDDHealth’ Unquoted Service Path
  • local
  • windows
    		• Jorge Manuel Lozano Gómez
    2023-03-27

    WebTareas 2.4 – Reflected XSS (Unauthorised)
  • webapps
  • php
    		• Hubert Wojciechowski
    2023-03-27

    Zoneminder < v1.37.24 - Log Injection & Stored XSS & CSRF Bypass
  • webapps
  • php
    		• Trenches of IT
    2023-03-27

    WebTareas 2.4 – SQL Injection (Unauthorised)
  • webapps
  • php
    		• Hubert Wojciechowski
    2023-03-27

    Clansphere CMS 2011.4 – Stored Cross-Site Scripting (XSS)
  • webapps
  • php
    		• Sinem Şahin
    2023-03-27

    Atom CMS v2.0 – SQL Injection (no auth)
  • webapps
  • php
    		• Hubert Wojciechowski
    2023-03-27

    Zentao Project Management System 17.0 – Authenticated Remote Code Execution (RCE)
  • webapps
  • php
    		• mister0xf