Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2022-01-18	Nyron 1.0 – SQLi (Unauthenticated)	webapps	aspx	Miguel Santareno
2022-01-18	Simple Chatbot Application 1.0 – ‘message’ Blind SQLi	webapps	php	Saud Alenazi
2022-01-18	Simple Chatbot Application 1.0 – Remote Code Execution (RCE)	webapps	php	Saud Alenazi
2022-01-18	OpenBMCS 2.4 – Information Disclosure	webapps	php	LiquidWorm
2022-01-18	OpenBMCS 2.4 – Server Side Request Forgery (SSRF) (Unauthenticated)	webapps	php	LiquidWorm
2022-01-18	OpenBMCS 2.4 – Create Admin / Remote Privilege Escalation	webapps	php	LiquidWorm
2022-01-18	OpenBMCS 2.4 – SQLi (Authenticated)	webapps	php	LiquidWorm
2022-01-13	WordPress Core 5.8.2 – ‘WP_Query’ SQL Injection	webapps	php	Aryan Chehreghani
2022-01-13	Online Diagnostic Lab Management System 1.0 – SQL Injection (Unauthenticated)	webapps	php	Himash
2022-01-13	Online Diagnostic Lab Management System 1.0 – Stored Cross Site Scripting (XSS)	webapps	php	Himash
2022-01-13	Online Diagnostic Lab Management System 1.0 – Account Takeover (Unauthenticated)	webapps	php	Himash
2022-01-13	SalonERP 3.0.1 – ‘sql’ SQL Injection (Authenticated)	webapps	php	Betul Denizler
2022-01-13	Hospitals Patient Records Management System 1.0 – ‘doctors’ Stored Cross Site Scripting (XSS)	webapps	php	Sant268
2022-01-13	Hospitals Patient Records Management System 1.0 – ‘room_list’ Stored Cross Site Scripting (XSS)	webapps	php	Sant268
2022-01-13	Hospitals Patient Records Management System 1.0 – ‘room_types’ Stored Cross Site Scripting (XSS)	webapps	php	Sant268
2022-01-12	WordPress Plugin Frontend Uploader 1.3.2 – Stored Cross Site Scripting (XSS) (Unauthenticated)	webapps	php	Veshraj Ghimire
2022-01-12	Microsoft Windows Defender – Detections Bypass	local	windows	hyp3rlinx
2022-01-12	Microsoft Windows .Reg File – Dialog Spoof / Mitigation Bypass	local	windows	hyp3rlinx
2022-01-10	Open-AudIT Community 4.2.0 – Cross-Site Scripting (XSS) (Authenticated)	webapps	php	Dominic Clark
2022-01-10	VUPlayer 2.49 – ‘.wax’ Local Buffer Overflow (DEP Bypass)	local	windows	Bryan Leong
2022-01-10	Online Railway Reservation System 1.0 – ‘Multiple’ Stored Cross Site Scripting (XSS) (Unauthenticated)	webapps	php	Zachary Asher
2022-01-10	Online Railway Reservation System 1.0 – Admin Account Creation (Unauthenticated)	webapps	php	Zachary Asher
2022-01-10	Online Railway Reservation System 1.0 – Remote Code Execution (RCE) (Unauthenticated)	webapps	php	Zachary Asher
2022-01-10	Online Railway Reservation System 1.0 – ‘id’ SQL Injection (Unauthenticated)	webapps	php	twseptian
2022-01-10	HTTP Commander 3.1.9 – Stored Cross Site Scripting (XSS)	webapps	windows	Oscar Sandén
2022-01-10	CoreFTP Server build 725 – Directory Traversal (Authenticated)	remote	windows	LiamInfosec
2022-01-07	Online Veterinary Appointment System 1.0 – ‘Multiple’ SQL Injection	webapps	php	twseptian
2022-01-05	Terramaster TOS 4.2.15 – Remote Code Execution (RCE) (Unauthenticated)	webapps	php	n0tme
2022-01-05	WordPress Plugin WP Visitor Statistics 4.7 – SQL Injection	webapps	php	Ron Jost
2022-01-05	Virtual Airlines Manager 2.6.2 – ‘multiple’ SQL Injection	webapps	php	Milad karimi
2022-01-05	ConnectWise Control 19.2.24707 – Username Enumeration	remote	multiple	Luca Cuzzolin
2022-01-05	TRIGONE Remote System Monitor 3.61 – Unquoted Service Path	local	windows	Yehia Elghaly
2022-01-05	WordPress Plugin Contact Form Entries 1.1.6 – Cross Site Scripting (XSS) (Unauthenticated)	webapps	php	Gaetano Perrone
2022-01-05	BeyondTrust Remote Support 6.0 – Reflected Cross-Site Scripting (XSS) (Unauthenticated)	webapps	multiple	Malcrove
2022-01-05	RiteCMS 3.1.0 – Remote Code Execution (RCE) (Authenticated)	webapps	php	faisalfs10x
2022-01-05	Hospitals Patient Records Management System 1.0 – Account TakeOver	webapps	php	twseptian
2022-01-05	RiteCMS 3.1.0 – Arbitrary File Deletion (Authenticated)	webapps	php	faisalfs10x
2022-01-05	Hospitals Patient Records Management System 1.0 – ‘id’ SQL Injection (Authenticated)	webapps	php	twseptian
2022-01-05	RiteCMS 3.1.0 – Arbitrary File Overwrite (Authenticated)	webapps	php	faisalfs10x
2022-01-05	AWebServer GhostBuilding 18 – Denial of Service (DoS)	remote	android	Andres Ramos
2022-01-05	Siemens S7 Layer 2 – Denial of Service (DoS)	dos	hardware	RoseSecurity
2022-01-05	Hostel Management System 2.1 – Cross Site Scripting (XSS)	webapps	php	Chinmay Divekar
2022-01-05	CMSimple 5.4 – Cross Site Scripting (XSS)	webapps	php	heinjame
2022-01-05	WordPress Plugin AAWP 3.16 – ‘tab’ Reflected Cross Site Scripting (XSS) (Authenticated)	webapps	php	Andrea Bocchetti
2022-01-05	Nettmp NNT 5.1 – SQLi Authentication Bypass	webapps	php	Momen Eldawakhly
2022-01-05	Automox Agent 32 – Local Privilege Escalation	local	windows	Greg Foss
2022-01-05	SAFARI Montage 8.5 – Reflected Cross Site Scripting (XSS)	webapps	php	Momen Eldawakhly
2022-01-05	Projeqtor v9.3.1 – Stored Cross Site Scripting (XSS)	webapps	php	Oscar Gil Gutierrez
2022-01-05	Library System in PHP 1.0 – ‘publisher name’ Stored Cross-Site Scripting (XSS)	webapps	php	Akash Patil
2022-01-05	Gerapy 0.9.7 – Remote Code Execution (RCE) (Authenticated)	remote	Python	Jeremiasz Pluta