Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24745Exploits

日期	标题	类型	平台	作者
2014-08-20	BlazeDVD Pro Player 7.0 – ‘.plf’ Local Buffer Overflow (SEH)	local	windows	metacom
2014-08-19	WordPress Plugin WP Content Source Control – ‘download.php’ Directory Traversal	webapps	php	Henri Salo
2014-08-19	Gitlab-shell – Code Execution (Metasploit)	remote	linux	Metasploit
2014-08-19	Mozilla Firefox – toString console.time Privileged JavaScript Injection (Metasploit)	remote	multiple	Metasploit
2014-08-18	Tenda A5s Router 3.02.05_CN – Authentication Bypass	webapps	hardware	zixian
2014-08-14	Alienvault Open Source SIEM (OSSIM) < 4.7.0 - 'get_license' Remote Command Execution (Metasploit)	remote	linux	James Fitts
2014-08-14	WordPress Plugin Disqus 2.7.5 – Cross-Site Request Forgery (Admin Persistent) / Cross-Site Scripting	webapps	php	Nik Cubrilovic
2014-08-14	VMTurbo Operations Manager 4.6 – ‘vmtadmin.cgi’ Remote Command Execution (Metasploit)	remote	linux	Metasploit
2014-08-14	Oracle VM VirtualBox 4.3.6 – 3D Acceleration Virtual Machine Escape (Metasploit)	remote	windows_x86-64	Metasploit
2014-08-13	Oracle VM VirtualBox Guest Additions 4.3.10r93012 – ‘VBoxGuest.sys’ Local Privilege Escalation (Metasploit)	local	windows	Metasploit
2014-08-12	BlazeDVD Pro Player 7.0 – ‘.plf’ Direct RET Local Stack Buffer Overflow	local	windows	Giovanni Bartolomucci
2014-08-11	WordPress Plugin GB Gallery Slideshow – ‘/wp-admin/admin-ajax.php’ SQL Injection	webapps	php	Claudio Viviani
2014-08-09	PhotoSync Wifi & Bluetooth 1.0 – Local File Inclusion	webapps	ios	Vulnerability-Lab
2014-08-09	TomatoCart 1.x – SQL Injection	webapps	php	Breaking.Technology
2014-08-09	Sky Broadband Router SR101 – Weak WPA-PSK Generation Algorithm	dos	hardware	Matt O'Connor
2014-08-09	SHARP MX Series – Denial of Service	dos	hardware	pws
2014-08-09	Easy FTP Pro 4.2 iOS – Command Injection	webapps	ios	Vulnerability-Lab
2014-08-08	VoipSwitch – ‘user.php’ Local File Inclusion	webapps	php	0x4148
2014-08-06	WordPress Plugin wpSS – ‘ss_handler.php’ SQL Injection	webapps	php	Ashiyane Digital Security Team
2014-08-06	Feng Office – Persistent Cross-Site Scripting	webapps	php	Juan Sacco
2014-08-06	Pro Chat Rooms 8.2.0 – Multiple Vulnerabilities	webapps	php	Mike Manzotti
2014-08-06	HybridAuth 2.2.2 – Remote Code Execution	webapps	php	@u0x
2014-08-05	Symantec Endpoint Protection 11.x/12.x – Kernel Pool Overflow / Local Privilege Escalation	local	windows	ryujin & sickness
2014-08-04	Barracuda Web Application Firewall – Authentication Bypass	remote	hardware	Nick Hayes
2014-08-04	FreeDisk 1.01 iOS – Multiple Vulnerabilities	webapps	ios	Vulnerability-Lab
2014-08-04	Video WiFi Transfer 1.01 – Directory Traversal	webapps	ios	Vulnerability-Lab
2014-08-03	RaidenTunes – ‘music_out.php’ Cross-Site Scripting	webapps	php	LiquidWorm
2014-08-03	TP-Link TL-WR740N v4 Router (FW-Ver. 3.16.6 Build 130529 Rel.47286n) – Command Execution	webapps	hardware	Christoph Kuhl
2014-08-02	Sphider Search Engine – Multiple Vulnerabilities	webapps	php	Shayan S
2014-08-02	ArticleFR 11.06.2014 – ‘data.php’ Privilege Escalation	webapps	php	High-Tech Bridge SA
2014-08-02	Photo WiFi Transfer 1.01 – Directory Traversal	webapps	ios	Vulnerability-Lab
2014-08-02	ISPConfig 3.0.54p1 – (Authenticated) Admin Privilege Escalation	webapps	linux	mra
2014-08-02	TigerCom iFolder+ 1.2 iOS – Multiple Vulnerabilities	webapps	ios	Vulnerability-Lab
2014-08-02	Status2k Server Monitoring Software – Multiple Vulnerabilities	webapps	php	Shayan S
2014-07-30	D-Link AP 3200 – Multiple Vulnerabilities	webapps	hardware	pws
2014-07-30	SkaDate Lite 2.0 – Remote Code Execution	webapps	php	LiquidWorm
2014-07-30	SkaDate Lite 2.0 – Multiple Cross-Site Request Forgery / Persistent Cross-Site Scripting Vulnerabilities	webapps	php	LiquidWorm
2014-07-30	D-Link DWR-113 Rev. Ax – Cross-Site Request Forgery / Denial of Service	dos	hardware	Blessen Thomas
2014-07-29	WiFi HD 7.3.0 iOS – Multiple Vulnerabilities	webapps	ios	Vulnerability-Lab
2014-07-28	WordPress Plugin WhyDoWork AdSense – ‘options-general.php’ Cross-Site Request Forgery (Option Manipulation)	webapps	php	Dylan Irzi
2014-07-28	WordPress Plugin Lead Octopus Power – ‘id’ SQL Injection	webapps	php	Amirh03in
2014-07-28	Oxwall 1.7.0 – Remote Code Execution	remote	php	LiquidWorm
2014-07-28	Oxwall 1.7.0 – Multiple Cross-Site Request Forgery / HTML Injection Vulnerabilities	webapps	php	LiquidWorm
2014-07-28	Sphider Search Engine 1.3.6 – Multiple Vulnerabilities	webapps	php	Mike Manzotti
2014-07-28	Ubiquiti UbiFi / mFi / AirVision – Cross-Site Request Forgery	webapps	hardware	Seth Art
2014-07-28	WordPress Plugin FB Gorilla – ‘game_play.php’ SQL Injection	webapps	php	Amirh03in
2014-07-28	CMSimple 4.4.4 – ‘color’ Remote Code Execution	webapps	php	Govind Singh
2014-07-28	CMSimple 4.4.4 – Remote File Inclusion	webapps	php	Govind Singh
2014-07-28	CMSimple – Default Administrator Credentials	webapps	php	Govind Singh
2014-07-27	DirPHP 1.0 – Local File Inclusion	webapps	php	black hat