Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24745Exploits
日期 标题 类型 平台 作者
2023-03-27

Tftpd32_SE 4.60 – ‘Tftpd32_svc’ Unquoted Service Path
  • local
  • windows
    		• Ismael Nava
    2023-03-27

    FortiOS, FortiProxy, FortiSwitchManager v7.2.1 – Authentication Bypass
  • webapps
  • multiple
    		• Felipe Alcantara
    2023-03-27

    WPN-XM Serverstack for Windows 0.8.6 – Multiple Vulnerabilities
  • webapps
  • php
    		• Rafael Pedrero
    2023-03-27

    MiniDVBLinux <=5.4 - Config Download Exploit
  • remote
  • hardware
    		• LiquidWorm
    2023-03-27

    Webgrind 1.1 – Reflected Cross-Site Scripting (XSS) & Remote Command Execution (RCE)
  • webapps
  • php
    		• Rafael Pedrero
    2023-03-27

    AVS Audio Converter 10.3 – Stack Overflow (SEH)
  • local
  • windows
    		• Yehia Elghaly
    2023-03-27

    Grafana <=6.2.4 - HTML Injection
  • webapps
  • typescript
    		• SimranJeet Singh
    2023-03-27

    WebTareas 2.4 – RCE (Authorized)
  • webapps
  • php
    		• Hubert Wojciechowski
    2023-03-27

    WiFi Mouse 1.8.3.2 – Remote Code Execution (RCE)
  • remote
  • windows
    		• Payal
    2023-03-27

    WebTareas 2.4 – Reflected XSS (Unauthorised)
  • webapps
  • php
    		• Hubert Wojciechowski
    2023-03-27

    Zoneminder < v1.37.24 - Log Injection & Stored XSS & CSRF Bypass
  • webapps
  • php
    		• Trenches of IT
    2023-03-27

    WebTareas 2.4 – SQL Injection (Unauthorised)
  • webapps
  • php
    		• Hubert Wojciechowski
    2023-03-27

    Clansphere CMS 2011.4 – Stored Cross-Site Scripting (XSS)
  • webapps
  • php
    		• Sinem Şahin
    2023-03-27

    Atom CMS v2.0 – SQL Injection (no auth)
  • webapps
  • php
    		• Hubert Wojciechowski
    2023-03-27

    Zentao Project Management System 17.0 – Authenticated Remote Code Execution (RCE)
  • webapps
  • php
    		• mister0xf
    2023-03-27

    Aero CMS v0.0.1 – PHP Code Injection (auth)
  • webapps
  • php
    		• Hubert Wojciechowski
    2023-03-27

    FlatCore CMS 2.1.1 – Stored Cross-Site Scripting (XSS)
  • webapps
  • php
    		• Sinem Şahin
    2023-03-27

    Aero CMS v0.0.1 – SQL Injection (no auth)
  • webapps
  • php
    		• Hubert Wojciechowski
    2023-03-27

    eXtplorer<= 2.1.14 - Authentication Bypass & Remote Code Execution (RCE)
  • webapps
  • php
    		• ErPaciocco
    2023-03-27

    Desktop Central 9.1.0 – Multiple Vulnerabilities
  • webapps
  • jsp
    		• Rafael Pedrero
    2023-03-27

    Sysax Multi Server 6.95 – ‘Password’ Denial of Service (PoC)
  • dos
  • windows
    		• Luis Martínez
    2023-03-27

    Scdbg 1.0 – Buffer overflow DoS
  • dos
  • windows
    		• Rafael Pedrero
    2023-03-27

    Gestionale Open 12.00.00 – ‘DB_GO_80’ Unquoted Service Path
  • local
  • windows
    		• Luis Martínez
    2023-03-27

    MiniDVBLinux 5.4 – Arbitrary File Read
  • remote
  • hardware
    		• LiquidWorm
    2023-03-27

    Hex Workshop v6.7 – Buffer overflow DoS
  • dos
  • windows
    		• Rafael Pedrero
    2023-03-27

    Mediconta 3.7.27 – ‘servermedicontservice’ Unquoted Service Path
  • local
  • windows
    		• Luis Martínez
    2023-03-27

    MiniDVBLinux 5.4 – Remote Root Command Injection
  • remote
  • hardware
    		• LiquidWorm
    2023-03-27

    Resource Hacker v3.6.0.92 – Buffer overflow
  • local
  • windows
    		• Rafael Pedrero
    2023-03-27

    Canteen-Management v1.0 – SQL Injection
  • webapps
  • php
    		• nu11secur1ty
    2023-03-25

    D-Link DNR-322L <=2.60B15 - Authenticated Remote Code Execution
  • remote
  • hardware
    		• luka
    2023-03-25

    PHPGurukul Online Birth Certificate System V 1.2 – Blind XSS
  • webapps
  • php
    		• Prasheek Kamble
    2023-03-25

    Online Diagnostic Lab Management System v1.0 – Remote Code Execution (RCE) (Unauthenticated)
  • webapps
  • php
    		• yousef alraddadi
    2023-03-25

    Composr-CMS Version <=10.0.39 - Authenticated Remote Code Execution
  • webapps
  • php
    		• Sarang Tumne
    2023-03-25

    System Mechanic v15.5.0.61 – Arbitrary Read/Write
  • local
  • windows
    		• Brandon Marshall
    2023-03-25

    MODX Revolution v2.8.3-pl – Authenticated Remote Code Execution
  • webapps
  • php
    		• Sarang Tumne
    2023-03-25

    Translatepress Multilinugal WordPress plugin < 2.3.3 - Authenticated SQL Injection
  • webapps
  • php
    		• Elias Hohl
    2023-03-25

    Abantecart v1.3.2 – Authenticated Remote Code Execution
  • webapps
  • php
    		• Sarang Tumne
    2023-03-25

    NEX-Forms WordPress plugin < 7.9.7 - Authenticated SQLi
  • webapps
  • php
    		• Elias Hohl
    2023-03-25

    SimpleMachinesForum v2.1.1 – Authenticated Remote Code Execution
  • webapps
  • php
    		• Sarang Tumne
    2023-03-25

    “camp” Raspberry Pi camera server 1.0 – Authentication Bypass
  • webapps
  • Python
    		• Elias Hohl
    2023-03-25

    ImpressCMS v1.4.3 – Authenticated SQL Injection
  • webapps
  • php
    		• Sarang Tumne
    2023-03-25

    Password Manager for IIS v2.0 – XSS
  • webapps
  • asp
    		• VP4TR10T
    2023-03-25

    Bus Pass Management System 1.0 – Cross-Site Scripting (XSS)
  • webapps
  • php
    		• Ali Alipour
    2023-03-25

    DLink DIR 819 A1 – Denial of Service
  • dos
  • hardware
    		• whokilleddb
    2023-03-25

    GuppY CMS v6.00.10 – Remote Code Execution
  • webapps
  • php
    		• Chokri Hammedi
    2023-03-25

    NVFLARE < 2.1.4 - Unsafe Deserialization due to Pickle
  • remote
  • Python
    		• Elias Hohl
    2023-03-25

    Lavalite v9.0.0 – XSRF-TOKEN cookie File path traversal
  • webapps
  • php
    		• nu11secur1ty
    2023-03-25

    Employee Performance Evaluation System v1.0 – File Inclusion and RCE
  • webapps
  • php
    		• nu11secur1ty
    2023-03-25

    Yoga Class Registration System v1.0 – Multiple SQLi
  • webapps
  • php
    		• Abdulhakim Öner
    2023-03-25

    Human Resources Management System v1.0 – Multiple SQLi
  • webapps
  • php
    		• Abdulhakim Öner