Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24745Exploits

日期	标题	类型	平台	作者
2014-11-22	Netgear WNR500 Wireless Router – ‘webproc?getpage’ Traversal Arbitrary File Access	webapps	hardware	LiquidWorm
2014-11-21	FluxBB < 1.5.6 - SQL Injection	webapps	multiple	secthrowaway
2014-11-21	WordPress Plugin SP Client Document Manager 2.4.1 – SQL Injection	webapps	php	ITAS Team
2014-11-20	Microsoft Internet Explorer OLE Pre-IE11 – Automation Array Remote Code Execution / PowerShell VirtualAlloc (MS14-064)	remote	windows	GradiusX & b33f
2014-11-19	WordPress Plugin Paid Memberships Pro 1.7.14.2 – Directory Traversal	webapps	php	Kacper Szurek
2014-11-19	Minix 3.3.0 – Remote TCP/IP Stack Denial of Service	dos	linux	nitr0us
2014-11-19	Snowfox CMS 1.0 – Cross-Site Request Forgery (Add Admin)	webapps	php	LiquidWorm
2014-11-18	Mantis Bug Tracker 1.2.0a3 < 1.2.17 XmlImportExport Plugin - PHP Code Injection (Metasploit) (1)	webapps	multiple	Metasploit
2014-11-18	Mantis Bug Tracker 1.2.0a3 < 1.2.17 XmlImportExport Plugin - PHP Code Injection (Metasploit) (2)	remote	php	Metasploit
2014-11-18	Samsung Galaxy KNOX Android Browser – Remote Code Execution (Metasploit)	remote	android	Metasploit
2014-11-17	PHPFox – Persistent Cross-Site Scripting	webapps	php	spyk2r
2014-11-17	Microsoft Internet Explorer 8 – Fixed Col Span ID (Full ASLR + DEP + EMET 5.1 Bypass) (MS12-037)	remote	windows	ryujin & sickness
2014-11-17	ZTE ZXHN H108L – Authentication Bypass (1)	webapps	hardware	Project Zero Labs
2014-11-17	Maarch LetterBox 2.8 – (Authentication Bypass) Insecure Cookies	webapps	php	ZoRLu Bugrahan
2014-11-17	MyBB Forums 1.8.2 – Persistent Cross-Site Scripting	webapps	php	Avinash Thapa
2014-11-17	.NET Remoting Services – Remote Command Execution	remote	windows	James Forshaw
2014-11-17	Apple Mac OSX Safari 8.0 – Crash (PoC)	dos	osx	w3bd3vil
2014-11-17	Zoph 0.9.1 – Multiple Vulnerabilities	webapps	php	Manuel García Cárdenas
2014-11-17	WebsiteBaker 2.8.3 – Multiple Vulnerabilities	webapps	php	Manuel García Cárdenas
2014-11-17	ZTE ZXHN H108L – Authentication Bypass (2)	webapps	hardware	Project Zero Labs
2014-11-17	Proticaret E-Commerce Script 3.0 – SQL Injection (2)	webapps	xml	BGA Security
2014-11-15	clientResponse Client Management 4.1 – Cross-Site Scripting	webapps	multiple	Halil Dalabasmaz
2014-11-15	Joomla! Component com_hdflvplayer < 2.1.0.1 - Arbitrary File Download	webapps	php	Claudio Viviani
2014-11-14	Gogs – ‘users’/’repos’ ‘?q’ SQL Injection	webapps	multiple	Timo Schmid
2014-11-14	Gogs – ‘label’ SQL Injection	webapps	multiple	Timo Schmid
2014-11-14	Microsoft Windows – OLE Package Manager Code Execution (MS14-064) (Metasploit)	local	windows	Metasploit
2014-11-14	Microsoft Windows – OLE Package Manager Code Execution (via Python) (MS14-064) (Metasploit)	local	windows	Metasploit
2014-11-14	OSSEC 2.8 – ‘hosts.deny’ Local Privilege Escalation	local	linux	skynet-13
2014-11-13	Piwigo 2.6.0 – ‘picture.php?rate’ SQL Injection	webapps	php	Manuel García Cárdenas
2014-11-13	Joomla! Component com_hdflvplayer < 2.1.0.1 - SQL Injection	webapps	multiple	Claudio Viviani
2014-11-13	Proticaret E-Commerce Script 3.0 – SQL Injection (1)	webapps	multiple	Onur Alanbel (BGA)
2014-11-13	Microsoft Internet Explorer < 11 - OLE Automation Array Remote Code Execution (Metasploit)	remote	windows	Wesley Neelen & Rik van Duijn
2014-11-13	Microsoft Internet Explorer 11 – OLE Automation Array Remote Code Execution (1)	remote	windows	yuange
2014-11-13	MyBB 1.8.x – Multiple Vulnerabilities	webapps	php	smash
2014-11-13	Digi Online Examination System 2.0 – Unrestricted Arbitrary File Upload	webapps	php	Halil Dalabasmaz
2014-11-13	F5 BIG-IP 10.1.0 – Directory Traversal	webapps	jsp	Anastasios Monachos
2014-11-12	WordPress Plugin SupportEzzy Ticket System 1.2.5 – Persistent Cross-Site Scripting	webapps	php	Halil Dalabasmaz
2014-11-12	CorelDRAW X7 CDR File – ‘CdrTxt.dll’ Off-by-One Stack Corruption	dos	windows	LiquidWorm
2014-11-12	Microsoft Office 2007/2010 – OLE Arbitrary Command Execution	local	windows	Abhishek Lyall
2014-11-11	WordPress Plugin Photo Gallery 1.2.5 – Unrestricted Arbitrary File Upload	webapps	php	Kacper Szurek
2014-11-11	Subex Fms 7.4 – SQL Injection	webapps	multiple	Anastasios Monachos
2014-11-10	WordPress Plugin Another WordPress Classifieds Plugin – SQL Injection	webapps	php	dill
2014-11-10	ZTE ZXDSL 831CII – Insecure Direct Object Reference	webapps	hardware	Paulos Yibelo
2014-11-10	Microsoft Internet Explorer 11 – Denial of Service	dos	windows	Behrooz Abbassi
2014-11-10	phpSound Music Sharing Platform 1.0.5 – Multiple Cross-Site Scripting Vulnerabilities	webapps	php	Halil Dalabasmaz
2014-11-10	Serenity Client Management Portal 1.0.1 – Multiple Vulnerabilities	webapps	php	Halil Dalabasmaz
2014-11-10	vldPersonals 2.7 – Multiple Vulnerabilities	webapps	php	Mr T
2014-11-10	WordPress Plugin / Joomla! Component XCloner – Multiple Vulnerabilities	webapps	php	Larry W. Cashdollar
2014-11-10	Visual Mining NetCharts Server – Remote Code Execution (Metasploit)	remote	java	Metasploit
2014-11-10	Password Manager Pro / Pro MSP – Blind SQL Injection	webapps	multiple	Pedro Ribeiro