Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2022-02-09	Exam Reviewer Management System 1.0 – ‘id’ SQL Injection	webapps	php	Juli Agarwal
2022-02-08	Hospital Management System 4.0 – ‘multiple’ SQL Injection	webapps	php	nu11secur1ty
2022-02-08	FileBrowser 2.17.2 – Cross Site Request Forgery (CSRF) to Remote Code Execution (RCE)	webapps	multiple	FEBIN MON SAJI
2022-02-08	Strapi CMS 3.0.0-beta.17.4 – Set Password (Unauthenticated) (Metasploit)	webapps	nodejs	WackyH4cker
2022-02-08	Hotel Reservation System 1.0 – SQLi (Unauthenticated)	webapps	php	Nefrit ID
2022-02-08	WordPress Plugin CP Blocks 1.0.14 – Stored Cross Site Scripting (XSS)	webapps	php	Shweta Mahajan
2022-02-08	WordPress Plugin Security Audit 1.0.0 – Stored Cross Site Scripting (XSS)	webapps	php	Shweta Mahajan
2022-02-08	WordPress Plugin Simple Job Board 2.9.3 – Local File Inclusion	webapps	php	Ven3xy
2022-02-08	Wing FTP Server 4.3.8 – Remote Code Execution (RCE) (Authenticated)	remote	windows	notcos
2022-02-08	WordPress Plugin International Sms For Contact Form 7 Integration V1.2 – Cross Site Scripting (XSS)	webapps	php	Milad karimi
2022-02-04	Servisnet Tessa – Add sysAdmin User (Unauthenticated) (Metasploit)	webapps	multiple	AkkuS
2022-02-04	Servisnet Tessa – MQTT Credentials Dump (Unauthenticated) (Metasploit)	webapps	multiple	AkkuS
2022-02-04	Servisnet Tessa – Privilege Escalation (Metasploit)	webapps	multiple	AkkuS
2022-02-04	WordPress Plugin IP2Location Country Blocker 2.26.7 – Stored Cross Site Scripting (XSS) (Authenticated)	webapps	php	Ahmet Serkan Ari
2022-02-04	FLAME II MODEM USB – Unquoted Service Path	local	windows	Ismael Nava
2022-02-04	WBCE CMS 1.5.2 – Remote Code Execution (RCE) (Authenticated)	webapps	php	Antonio Cuomo
2022-02-02	Moodle 3.11.4 – SQL Injection	webapps	php	lavclash75
2022-02-02	PHP Restaurants 1.0 – SQLi (Unauthenticated)	webapps	php	Nefrit ID
2022-02-02	WordPress Plugin 404 to 301 2.0.2 – SQL-Injection (Authenticated)	webapps	php	Ron Jost
2022-02-02	WordPress Plugin Domain Check 1.0.16 – Reflected Cross-Site Scripting (XSS) (Authenticated)	webapps	php	Ceylan BOZOĞULLARINDAN
2022-02-02	Fetch Softworks Fetch FTP Client 5.8 – Remote CPU Consumption (Denial of Service)	local	macos	LiquidWorm
2022-02-02	WordPress Plugin Download Monitor WordPress V 4.4.4 – SQL Injection (Authenticated)	webapps	php	Ron Jost
2022-02-02	Chamilo LMS 1.11.14 – Account Takeover	webapps	php	sirpedrotavares
2022-02-02	uBidAuction v2.0.1 – ‘Multiple’ Cross Site Scripting (XSS)	webapps	php	Vulnerability-Lab
2022-02-02	Ametys CMS v4.4.1 – Cross Site Scripting (XSS)	webapps	java	Vulnerability-Lab
2022-02-02	Mozilla Firefox 67 – Array.pop JIT Type Confusion	local	windows	Forrest Orr
2022-02-02	WordPress Plugin Learnpress 4.1.4.1 – Arbitrary Image Renaming	webapps	php	Ceylan BOZOĞULLARINDAN
2022-02-02	CONTPAQi(R) AdminPAQ 14.0.0 – Unquoted Service Path	local	windows	Angel Canseco
2022-02-02	WordPress Plugin Post Grid 2.1.1 – Cross Site Scripting (XSS)	webapps	php	0xB9
2022-02-02	WordPress Plugin Product Slider for WooCommerce 1.13.21 – Cross Site Scripting (XSS)	webapps	php	0xB9
2022-02-02	WordPress Plugin Contact Form Check Tester 1.0.2 – Broken Access Control	webapps	php	0xB9
2022-02-02	PHP Unit 4.8.28 – Remote Code Execution (RCE) (Unauthenticated)	webapps	php	souzo
2022-02-02	Huawei DG8045 Router 1.0 – Credential Disclosure	webapps	hardware	Abdalrahman Gamal
2022-01-27	PolicyKit-1 0.105-31 – Privilege Escalation	local	linux	Lance Biggerstaff
2022-01-27	Oracle WebLogic Server 14.1.1.0.0 – Local File Inclusion	remote	windows	Jonah Tan
2022-01-27	WordPress Plugin Modern Events Calendar V 6.1 – SQL Injection (Unauthenticated)	webapps	php	Ron Jost
2022-01-27	WordPress Plugin RegistrationMagic V 5.0.1.5 – SQL Injection (Authenticated)	webapps	php	Ron Jost
2022-01-27	WordPress Plugin Mortgage Calculators WP 1.52 – Stored Cross-Site Scripting (XSS) (Authenticated)	webapps	php	Ceylan BOZOĞULLARINDAN
2022-01-25	PHPIPAM 1.4.4 – SQLi (Authenticated)	webapps	php	Rodolfo Tavares
2022-01-25	Online Project Time Management System 1.0 – Multiple Stored Cross Site Scripting (XSS) (Authenticated)	webapps	php	Felipe Alcantara
2022-01-25	Online Project Time Management System 1.0 – SQLi (Authenticated)	webapps	php	Felipe Alcantara
2022-01-24	Landa Driving School Management System 2.0.1 – Arbitrary File Upload	webapps	php	Sohel Yousef
2022-01-19	Affiliate Pro 1.7 – ‘Multiple’ Cross Site Scripting (XSS)	webapps	php	Vulnerability-Lab
2022-01-19	Rocket LMS 1.1 – Persistent Cross Site Scripting (XSS)	webapps	php	Vulnerability-Lab
2022-01-19	uDoctorAppointment v2.1.1 – ‘Multiple’ Cross Site Scripting (XSS)	webapps	php	Vulnerability-Lab
2022-01-18	Online Resort Management System 1.0 – SQLi (Authenticated)	webapps	php	Gaurav Grover
2022-01-18	Archeevo 5.0 – Local File Inclusion	remote	windows	Miguel Santareno
2022-01-18	WorkTime 10.20 Build 4967 – Unquoted Service Path	local	windows	Yehia Elghaly
2022-01-18	Creston Web Interface 1.0.0.2159 – Credential Disclosure	webapps	hardware	RedTeam Pentesting GmbH
2022-01-18	Nyron 1.0 – SQLi (Unauthenticated)	webapps	aspx	Miguel Santareno