Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24745Exploits

日期	标题	类型	平台	作者
2014-07-14	D-Link HNAP – Request Remote Buffer Overflow (Metasploit)	remote	hardware	Metasploit
2014-07-14	D-Link Devices – ‘info.cgi’ POST Buffer Overflow (Metasploit)	remote	hardware	Metasploit
2014-07-14	Shopizer 1.1.5 – Multiple Vulnerabilities	webapps	php	SEC Consult
2014-07-14	Kolibri Web Server 2.0 – GET (SEH)	remote	windows	Revin Hadi Saputra
2014-07-13	WordPress Plugin DZS-VideoGallery – Cross-Site Scripting / Command Injection	webapps	php	MustLive
2014-07-12	Aerohive HiveOS 5.1r5 < 6.1r5 - Multiple Vulnerabilities	webapps	php	DearBytes
2014-07-12	OpenVPN Private Tunnel Core Service – Unquoted Service Path Privilege Escalation	local	windows_x86	LiquidWorm
2014-07-10	Infoblox 6.8.2.11 – OS Command Injection	webapps	linux_x86	Nate Kettlewell
2014-07-10	OpenVAS Manager 4.0 – Authentication Bypass	remote	linux	EccE
2014-07-10	C99Shell (Web Shell) – ‘c99.php’ Authentication Bypass	webapps	php	Mandat0ry
2014-07-10	WeBid – Multiple Cross-Site Scripting / LDAP Injection Vulnerabilities	webapps	php	Govind Singh
2014-07-09	WordPress Plugin BSK PDF Manager – ‘/wp-admin/admin.php’ Multiple SQL Injections	webapps	php	Claudio Viviani
2014-07-08	Microsoft Internet Explorer 9/10 – CFormElement Use-After-Free / Memory Corruption (PoC) (MS14-035)	dos	windows_x86	Drozdova Liudmila
2014-07-08	Yokogawa CS3000 – ‘BKFSim_vhfd.exe’ Remote Buffer Overflow (Metasploit)	remote	windows	Metasploit
2014-07-08	Dolibarr ERP/CRM 3.5.3 – Multiple Vulnerabilities	webapps	php	Deepak Rathore
2014-07-07	xClassified – ‘ads.php’ SQL Injection	webapps	php	Lazmania61
2014-07-07	AtomCMS – SQL Injection / Arbitrary File Upload	webapps	php	Jagriti Sahu
2014-07-07	Photo Org WonderApplications 8.3 iOS – Local File Inclusion	webapps	ios	Vulnerability-Lab
2014-07-07	WordPress Plugin MailPoet Newsletters 2.6.8 – ‘wysija-newsletters’ Arbitrary File Upload (Metasploit)	remote	php	Metasploit
2014-07-07	Gitlist – Remote Command Execution (Metasploit)	remote	multiple	Metasploit
2014-07-07	Oracle Event Processing FileUploadServlet – Arbitrary File Upload (Metasploit)	remote	windows	Metasploit
2014-07-07	Netgear WNR1000v3 – Password Recovery Credential Disclosure (Metasploit)	webapps	hardware	c1ph04
2014-07-06	Frog CMS 0.9.5 – Arbitrary File Upload	webapps	php	Javid Hussain
2014-07-03	Ubisoft Uplay 4.6 – Insecure File Permissions Privilege Escalation	local	windows	LiquidWorm
2014-07-02	Zurmo CRM – Persistent Cross-Site Scripting	webapps	php	Provensec
2014-07-02	Baidu Spark Browser 26.5.9999.3511 – Remote Stack Overflow (Denial of Service)	dos	windows	LiquidWorm
2014-07-02	Kerio Control 8.3.1 – Blind SQL Injection	webapps	php	Khashayar Fereidani
2014-07-01	Microsoft Internet Explorer 8 – Fixed Col Span ID (Full ASLR + DEP + EMET 4.1.x Bypass) (MS12-037)	remote	windows	sickness
2014-07-01	Flussonic Media Server 4.1.25 < 4.3.3 - Arbitrary File Disclosure	dos	aix	BGA Security
2014-07-01	IBM Algorithmics RICOS 4.5.0 < 4.7.0 - Multiple Vulnerabilities	webapps	jsp	SEC Consult
2014-06-30	Gitlist 0.4.0 – Remote Code Execution	remote	multiple	drone
2014-06-28	Nagios Plugins check_dhcp 2.0.2 – Arbitrary Option File Read Race Condition	local	linux	Dawid Golunski
2014-06-28	Chkrootkit 0.49 – Local Privilege Escalation	local	linux	Thomas Stangner
2014-06-27	Endeca Latitude 2.2.2 – Cross-Site Request Forgery	webapps	multiple	RedTeam Pentesting
2014-06-27	WordPress Plugin Simple Share Buttons Adder 4.4 – Multiple Vulnerabilities	webapps	php	dxw
2014-06-27	Python CGIHTTPServer – Encoded Directory Traversal	webapps	multiple	RedTeam Pentesting
2014-06-27	Microsoft Registry Symlink – IE Sandbox Escape (MS13-097) (Metasploit)	local	windows	Metasploit
2014-06-27	Microsoft .NET Deployment Service – IE Sandbox Escape (MS14-009) (Metasploit)	local	windows	Metasploit
2014-06-27	HP AutoPass License Server – Arbitrary File Upload (Metasploit)	remote	java	Metasploit
2014-06-27	Mailspect Control Panel 4.0.5 – Multiple Vulnerabilities	webapps	cgi	Onur Alanbel (BGA)
2014-06-25	Lunar CMS 3.3 – Remote Command Execution	webapps	php	LiquidWorm
2014-06-25	Thomson TWG87OUIR – POST Password Cross-Site Request Forgery	webapps	hardware	nopesled
2014-06-25	Cogent DataHub – Command Injection (Metasploit)	remote	windows	Metasploit
2014-06-24	ZeusCart – ‘prodid’ SQL Injection	webapps	php	Kenny Mathis
2014-06-24	Alienvault Open Source SIEM (OSSIM) – av-centerd Command Injection (Metasploit)	remote	linux	Metasploit
2014-06-24	D-Link Devices – ‘hedwig.cgi’ Remote Buffer Overflow in Cookie Header (Metasploit)	remote	hardware	Metasploit
2014-06-24	D-Link Devices – ‘Authentication.cgi’ Remote Buffer Overflow (Metasploit)	remote	hardware	Metasploit
2014-06-24	Microsoft Internet Explorer 8/9/10 – ‘CInput’ Use-After-Free Crash (PoC) (MS14-035)	dos	windows	Drozdova Liudmila
2014-06-24	Multiple WordPress Plugins (TimThumb 2.8.13 / WordThumb 1.07) – ‘WebShot’ Remote Code Execution	webapps	php	@u0x
2014-06-23	ZeroCMS 1.0 – ‘zero_transact_article.php’ SQL Injection	webapps	php	Filippos Mastrogiannis