Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2022-02-23	Adobe ColdFusion 11 – LDAP Java Object Deserialization Remode Code Execution (RCE)	remote	windows	Amel BOUZIANE-LEBLOND
2022-02-23	aaPanel 6.8.21 – Directory Traversal (Authenticated)	webapps	linux	Ghuliev
2022-02-23	Air Cargo Management System v1.0 – SQLi	webapps	php	nu11secur1ty
2022-02-23	Simple Real Estate Portal System 1.0 – ‘id’ SQLi	webapps	php	Mosaaed
2022-02-21	Thinfinity VirtualUI 2.5.26.2 – Information Disclosure	webapps	multiple	Daniel Morales
2022-02-21	Thinfinity VirtualUI 2.5.41.0 – IFRAME Injection	webapps	multiple	Daniel Morales
2022-02-21	Cab Management System 1.0 – Remote Code Execution (RCE) (Authenticated)	webapps	php	Alperen Ergel
2022-02-21	Microweber 1.2.11 – Remote Code Execution (RCE) (Authenticated)	webapps	php	Chetanya Sharma
2022-02-21	Cab Management System 1.0 – ‘id’ SQLi (Authenticated)	webapps	php	Alperen Ergel
2022-02-21	WordPress Plugin Perfect Survey – 1.5.1 – SQLi (Unauthenticated)	webapps	php	Ron Jost
2022-02-21	HMA VPN 5.3 – Unquoted Service Path	local	windows	Saud Alenazi
2022-02-21	Microsoft Gaming Services 2.52.13001.0 – Unquoted Service Path	local	windows	Johto Robbie
2022-02-21	Dbltek GoIP – Local File Inclusion	webapps	hardware	Valtteri Lehtinen
2022-02-21	FileCloud 21.2 – Cross-Site Request Forgery (CSRF)	webapps	php	Masashi Fujiwara
2022-02-21	Cyclades Serial Console Server 3.3.0 – Local Privilege Escalation	local	hardware	ibby
2022-02-21	WordPress Plugin WP User Frontend 3.5.25 – SQLi (Authenticated)	webapps	php	Ron Jost
2022-02-18	Wondershare Dr.Fone 11.4.9 – ‘DFWSIDService’ Unquoted Service Path	local	windows	Luis Martínez
2022-02-18	Hotel Druid 3.0.3 – Remote Code Execution (RCE)	webapps	php	0z09e
2022-02-18	WordPress Plugin dzs-zoomsounds 6.60 – Remote Code Execution (RCE) (Unauthenticated)	webapps	php	Overthinker1877
2022-02-18	WordPress Plugin MasterStudy LMS 2.7.5 – Unauthenticated Admin Account Creation	webapps	php	numan türle
2022-02-18	Connectify Hotspot 2018 ‘ConnectifyService’ – Unquoted Service Path	local	windows	SamAlucard
2022-02-18	File Sanitizer for HP ProtectTools 5.0.1.3 – ‘HPFSService’ Unquoted Service Path	local	windows	SamAlucard
2022-02-18	Intel(R) Management Engine Components 6.0.0.1189 – ‘LMS’ Unquoted Service Path	local	windows	SamAlucard
2022-02-18	Bluetooth Application 5.4.277 – ‘BlueSoleilCS’ Unquoted Service Path	local	windows	SamAlucard
2022-02-18	TOSHIBA DVD PLAYER Navi Support Service – ‘TNaviSrv’ Unquoted Service Path	local	windows	SamAlucard
2022-02-18	Fortinet Fortimail 7.0.1 – Reflected Cross-Site Scripting (XSS)	webapps	multiple	Braiant Giraldo Villa
2022-02-18	Wondershare UBackit 2.0.5 – ‘wsbackup’ Unquoted Service Path	local	windows	Luis Martínez
2022-02-18	Wondershare FamiSafe 1.0 – ‘FSService’ Unquoted Service Path	local	windows	Luis Martínez
2022-02-18	Wondershare MobileTrans 3.5.9 – ‘ElevationService’ Unquoted Service Path	local	windows	Luis Martínez
2022-02-16	WordPress Plugin Error Log Viewer 1.1.1 – Arbitrary File Clearing (Authenticated)	webapps	php	Ceylan BOZOĞULLARINDAN
2022-02-16	Emerson PAC Machine Edition 9.80 Build 8695 – ‘TrapiServer’ Unquoted Service Path	local	windows	Luis Martínez
2022-02-16	Network Video Recorder NVR304-16EP – Reflected Cross-Site Scripting (XSS) (Unauthenticated)	webapps	hardware	Luis Martínez
2022-02-16	TeamSpeak 3.5.6 – Insecure File Permissions	local	windows	Aryan Chehreghani
2022-02-16	H3C SSL VPN – Username Enumeration	remote	hardware	LiquidWorm
2022-02-16	ServiceNow – Username Enumeration	webapps	multiple	Victor Hanna
2022-02-16	Simple Student Quarterly Result/Grade System 1.0 – SQLi Authentication Bypass	webapps	php	Saud Alenazi
2022-02-16	Multi-Vendor Online Groceries Management System 1.0 – ‘id’ Blind SQL Injection	webapps	php	Saud Alenazi
2022-02-11	Kyocera Command Center RX ECOSYS M2035dn – Directory Traversal File Disclosure (Unauthenticated)	webapps	hardware	Luis Martínez
2022-02-11	Subrion CMS 4.2.1 – Cross Site Request Forgery (CSRF) (Add Amin)	webapps	php	Aryan Chehreghani
2022-02-11	Accounting Journal Management System 1.0 – ‘id’ SQLi (Authenticated)	webapps	php	Alperen Ergel
2022-02-10	WordPress Plugin Contact Form Builder 1.6.1 – Cross-Site Scripting (XSS)	webapps	php	Milad karimi
2022-02-10	WordPress Plugin Secure Copy Content Protection and Content Locking 2.8.1 – SQL-Injection (Unauthenticated)	webapps	php	Ron Jost
2022-02-10	Home Owners Collection Management System 1.0 – ‘id’ Blind SQL Injection	webapps	php	Saud Alenazi
2022-02-10	Home Owners Collection Management System 1.0 – Remote Code Execution (RCE) (Authenticated)	webapps	php	Saud Alenazi
2022-02-10	Home Owners Collection Management System 1.0 – Account Takeover (Unauthenticated)	webapps	php	Saud Alenazi
2022-02-10	Hospital Management Startup 1.0 – ‘Multiple’ SQLi	webapps	php	nu11secur1ty
2022-02-10	Cain & Abel 4.9.56 – Unquoted Service Path	local	windows	Aryan Chehreghani
2022-02-10	WordPress Plugin Jetpack 9.1 – Cross Site Scripting (XSS)	webapps	php	Milad karimi
2022-02-09	AtomCMS v2.0 – SQLi	webapps	php	Luca Cuzzolin
2022-02-09	Exam Reviewer Management System 1.0 – Remote Code Execution (RCE) (Authenticated)	webapps	php	Juli Agarwal