Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24745Exploits
日期 标题 类型 平台 作者
2015-01-11

D-Link DSL-2730B Modem – ‘Lancfg2get.cgi Persistent Cross-Site Scripting
  • webapps
  • hardware
    		• XLabs Security
    2015-01-11

    D-Link DSL-2730B Modem – Cross-Site Scripting Injection Stored DnsProxy.cmd
  • webapps
  • hardware
    		• XLabs Security
    2015-01-11

    RedStar 3.0 Desktop – ‘Software Manager swmng.app’ Local Privilege Escalation
  • local
  • linux
    		• RichardG
    2015-01-11

    RedStar 2.0 Desktop – ‘World-writeable rc.sysinit’ Local Privilege Escalation
  • local
  • linux
    		• prdelka
    2015-01-11

    D-Link DSL-2730B Modem – Cross-Site Scripting Injection Stored Wlsecrefresh.wl & Wlsecurity.wl
  • webapps
  • hardware
    		• XLabs Security
    2015-01-11

    RedStar 3.0 Desktop – Enable sudo Privilege Escalation
  • local
  • linux
    		• prdelka & ‏sfan55
    2015-01-10

    Palringo 2.8.1 – Local Stack Buffer Overflow
  • local
  • windows
    		• Mr.ALmfL9
    2015-01-10

    Apple Mac OSX 10.9.x – sysmond XPC Privilege Escalation
  • local
  • osx
    		• Google Security Research
    2015-01-09

    vBulletin MicroCART 1.1.4 – Arbitrary Files Deletion / SQL Injection / Cross-Site Scripting
  • webapps
  • php
    		• Technidev
    2015-01-08

    Ntpdc 4.2.6p3 – Local Buffer Overflow
  • local
  • multiple
    		• drone
    2015-01-08

    Pandora FMS 3.1 – Authentication Bypass / Arbitrary File Upload (Metasploit)
  • remote
  • php
    		• Metasploit
    2015-01-08

    WordPress Plugin Shopping Cart 3.0.4 – Unrestricted Arbitrary File Upload
  • webapps
  • php
    		• Kacper Szurek
    2015-01-07

    Sefrengo CMS 1.6.0 – SQL Injection
  • webapps
  • php
    		• Steffen Rösemann
    2015-01-07

    Pirelli ADSL2/2+ Wireless Router P.DGA4001N – Information Disclosure
  • webapps
  • hardware
    		• Eduardo Novella
    2015-01-07

    Microweber CMS 0.95 – SQL Injection
  • webapps
  • php
    		• Pham Kien Cuong
    2015-01-06

    BulletProof FTP Client – BPS Buffer Overflow (Metasploit)
  • local
  • windows
    		• Metasploit
    2015-01-06

    Nexus 5 Android 5.0 – Local Privilege Escalation
  • local
  • android
    		• retme
    2015-01-06

    AdaptCMS 3.0.3 – Multiple Vulnerabilities
  • webapps
  • php
    		• LiquidWorm
    2015-01-05

    OP5 5.3.5/5.4.0/5.4.2/5.5.0/5.5.1 – ‘welcome’ Remote Command Execution (Metasploit)
  • webapps
  • multiple
    		• Metasploit
    2015-01-05

    SkinCrafter3 vs2005 3.8.1.0 – Multiple ActiveX Buffer Overflows
  • remote
  • windows
    		• metacom
    2015-01-04

    Crea8Social 2.0 – Cross-Site Scripting Change Interface
  • webapps
  • php
    		• Yudhistira B W
    2015-01-04

    ASUSWRT 3.0.0.4.376_1071 – LAN Backdoor Command Execution
  • remote
  • hardware
    		• Friedrich Postelstorfer
    2015-01-03

    e107 2 Bootstrap CMS – Cross-Site Scripting
  • webapps
  • php
    		• Ahmet Agar / 0x97
    2015-01-03

    PhotoPost < 4.85 - Multiple Vulnerabilities
  • webapps
  • php
    		• GulfTech Security
    2015-01-02

    ReviewPost < 2.84 - Multiple Vulnerabilities
  • webapps
  • php
    		• GulfTech Security
    2015-01-01

    PhotoPost Classifieds < 2.01 - Multiple Vulnerabilities
  • webapps
  • php
    		• GulfTech Security
    2015-01-01

    i-FTP Schedule – Local Buffer Overflow (Metasploit)
  • local
  • windows
    		• Metasploit
    2015-01-01

    Absolut Engine 1.73 – Multiple Vulnerabilities
  • webapps
  • php
    		• Steffen Rösemann
    2015-01-01

    Microsoft Windows 8.1 (x86/x64) – ‘ahcache.sys’ NtApphelpCacheControl Privilege Escalation
  • local
  • windows
    		• Google Security Research
    2014-12-31

    ProjectSend – Arbitrary File Upload (Metasploit)
  • remote
  • php
    		• Metasploit
    2014-12-31

    Social Microblogging PRO 1.5 – Persistent Cross-Site Scripting
  • webapps
  • php
    		• Halil Dalabasmaz
    2014-12-30

    Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 – Remote Code Execution
  • remote
  • windows
    		• drone
    2014-12-29

    PHP-Calendar < 0.10.1 - Arbitrary File Inclusion
  • webapps
  • php
    		• GulfTech Security
    2014-12-28

    WhatsApp 2.11.476 (Android) – Remote Reboot/Crash App (Denial of Service)
  • dos
  • android
    		• Daniel Godoy
    2014-12-27

    Easy File Sharing Web Server 6.8 – Persistent Cross-Site Scripting
  • webapps
  • php
    		• Sick Psycko
    2014-12-27

    PMB 4.1.3 – (Authenticated) SQL Injection
  • webapps
  • php
    		• xd4rker dark
    2014-12-27

    phpList 3.0.6/3.0.10 – SQL Injection
  • webapps
  • php
    		• Vulnerability-Lab
    2014-12-27

    Pimcore CMS 2.3.0/3.0 – SQL Injection
  • webapps
  • multiple
    		• Vulnerability-Lab
    2014-12-27

    Wickr Desktop 2.2.1 Windows – Denial of Service
  • dos
  • windows
    		• Vulnerability-Lab
    2014-12-27

    WHM.AutoPilot < 2.4.6.5 - Multiple Vulnerabilities
  • webapps
  • php
    		• GulfTech Security
    2014-12-24

    Lazarus Guestbook 1.22 – Multiple Vulnerabilities
  • webapps
  • php
    		• TaurusOmar
    2014-12-23

    Phase Botnet – Blind SQL Injection
  • webapps
  • linux
    		• MalwareTech
    2014-12-23

    GParted 0.14.1 – OS Command Execution
  • local
  • linux
    		• SEC Consult
    2014-12-23

    NetIQ Access Manager 4.0 SP1 – Multiple Vulnerabilities
  • webapps
  • jsp
    		• SEC Consult
    2014-12-23

    SysAid Server – Arbitrary File Disclosure
  • webapps
  • windows
    		• Bernhard Mueller
    2014-12-23

    jetAudio 8.1.3 Basic (mp3) – Crash (PoC)
  • dos
  • windows
    		• Drozdova Liudmila
    2014-12-23

    PHPMyRecipes 1.2.2 – ‘browse.php?category’ SQL Injection
  • webapps
  • php
    		• Manish Tanwar
    2014-12-23

    BitRaider Streaming Client 1.3.3.4098 – Local Privilege Escalation
  • local
  • windows
    		• LiquidWorm
    2014-12-22

    PsychoStats < 2.2.4 Beta - Cross Site Scripting
  • local
  • windows
    		• GulfTech Security
    2014-12-22

    Notepad++ 6.6.9 – Buffer Overflow
  • dos
  • windows
    		• TaurusOmar