Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24745Exploits

日期	标题	类型	平台	作者
2013-12-30	WordPress Plugin Advanced Dewplayer – ‘download-file.php’ Script Directory Traversal	webapps	php	Henri Salo
2013-12-30	CMS Afroditi – ‘id’ SQL Injection	webapps	asp	projectzero labs
2013-12-28	Ofilter Player 1.1 – ‘.wav’ Integer Division by Zero	dos	windows	Osanda Malith Jayathissa
2013-12-28	D-Link DSL-2750u ME_1.09 – Cross-Site Request Forgery	webapps	hardware	FIGHTERx war
2013-12-26	JForum ‘adminUsers’ Module – Cross-Site Request Forgery	webapps	php	arno
2013-12-25	AFCommerce – ‘controlheader.php’ Remote File Inclusion	webapps	php	NoGe
2013-12-25	AFCommerce – ‘adminpassword.php’ Remote File Inclusion	webapps	php	NoGe
2013-12-25	AFCommerce – ‘adblock.php’ Remote File Inclusion	webapps	php	NoGe
2013-12-24	RealNetworks RealPlayer 16.0.3.51/16.0.2.32 – ‘.rmp’ Version Attribute Buffer Overflow	local	windows	Gabor Seljan
2013-12-24	xBoard 5.0/5.5/6.0 – ‘view.php’ Local File Inclusion	webapps	php	TUNISIAN CYBER
2013-12-24	PHP MBB CMS 004 – Multiple Vulnerabilities	webapps	php	cr4wl3r
2013-12-24	Huawei Technologies du Mobile Broadband 16.0 – Local Privilege Escalation	local	windows	LiquidWorm
2013-12-24	Song Exporter 2.1.1 RS iOS – Local File Inclusion	webapps	ios	Vulnerability-Lab
2013-12-24	Synology DSM 4.3-3810 – Directory Traversal	webapps	cgi	Andrea Fabrizi
2013-12-24	HP SiteScope issueSiebelCmd – Remote Code Execution (Metasploit)	remote	unix	Metasploit
2013-12-24	Zimbra Collaboration Server 7.2.2/8.0.2 – Local File Inclusion (Metasploit)	webapps	linux	Metasploit
2013-12-24	Synology DiskStation Manager – SLICEUPLOAD Remote Command Execution (Metasploit)	remote	unix	Metasploit
2013-12-24	OpenSIS ‘modname’ – PHP Code Execution (Metasploit)	remote	linux	Metasploit
2013-12-24	RedHat CloudForms Management Engine 5.1 – agent/linuxpkgs Directory Traversal (Metasploit)	remote	linux	Metasploit
2013-12-23	WordPress Theme Persuasion 2.x – Arbitrary File Download / File Deletion	webapps	php	Interference Security
2013-12-22	Easy Karaokay Player 3.3.31 – ‘.wav’ Integer Division by Zero	dos	windows	Osanda Malith Jayathissa
2013-12-21	Cisco EPC3925 – Persistent Cross-Site Scripting	webapps	hardware	Jeroen - IT Nerdbox
2013-12-19	Hancom Office – ‘.hml’ File Processing Heap Buffer Overflow	remote	windows	diroverflow
2013-12-19	DenyHosts – ‘regex.py’ Remote Denial of Service	dos	linux	Helmut Grohne
2013-12-18	Jenkins 1.523 – Persistent HTML Code	webapps	php	Christian Catalano
2013-12-18	Leed – ‘id’ SQL Injection	webapps	php	Alexandre Herzog
2013-12-18	SonarQube Jenkins Plugin – Plain Text Password	webapps	php	Christian Catalano
2013-12-17	WordPress Core 2.0.11 – ‘/wp-admin/options-discussion.php’ Script Cross-Site Request Forgery	webapps	php	MustLive
2013-12-17	Piwigo – ‘admin.php’ Cross-Site Request Forgery (User Creation)	webapps	php	sajith
2013-12-17	InstantCMS 1.10.3 – Blind SQL Injection	webapps	php	High-Tech Bridge SA
2013-12-17	Microsoft Windows Kernel – ‘win32k.sys’ Integer Overflow (MS13-101)	dos	windows	Core Security
2013-12-17	Ditto Forensic FieldStation 2013Oct15a – Multiple Vulnerabilities	webapps	php	Martin Wundram
2013-12-17	PHP – ‘openssl_x509_parse()’ Memory Corruption	dos	php	Stefan Esser
2013-12-17	Adobe Reader ToolButton – Use-After-Free (Metasploit)	remote	windows	Metasploit
2013-12-17	Nvidia (nvsvc) Display Driver Service – Local Privilege Escalation (Metasploit)	local	windows_x86-64	Metasploit
2013-12-17	Microsoft Windows – ‘ndproxy.sys’ Local Privilege Escalation (Metasploit)	local	windows	Metasploit
2013-12-17	FileMaster SY-IT 3.1 iOS – Multiple Web Vulnerabilities	webapps	ios	Vulnerability-Lab
2013-12-17	QuickHeal AntiVirus 7.0.0.1 – Local Stack Overflow	local	windows	Arash Allebrahim
2013-12-17	Ability Mail Server 2013 3.1.1 – Web UI Persistent Cross-Site Scripting	remote	windows	David Um
2013-12-16	VUPlayer 2.49 – ‘.m3u’ File Universal Buffer Overflow (DEP Bypass) (2)	local	windows	Morteza Hashemi
2013-12-16	Gitlab 6.0 – Persistent Cross-Site Scripting	webapps	php	hellok
2013-12-16	Linux Kernel 2.6.10 < 2.6.31.5 - 'pipe.c' Local Privilege Escalation	local	linux	spender
2013-12-16	Icinga – cgi/config.c process_cgivars Function Off-by-One Read Remote Denial of Service	dos	cgi	DTAG Group Information Security
2013-12-16	C2C Forward Auction Creator – ‘/auction/casp/Admin.asp’ SQL Injection (Admin Authentication Bypass)	webapps	php	R3d-D3V!L
2013-12-16	C2C Forward Auction Creator 2.0 – ‘/auction/asp/list.asp?pa’ SQL Injection	webapps	php	R3d-D3V!L
2013-12-16	Penny Auction 5 – SQL Injection	webapps	php	3spi0n
2013-12-16	Lowest Unique Bid Auction – SQL Injection	webapps	php	3spi0n
2013-12-16	Cisco EPC3925 – Cross-Site Request Forgery	webapps	hardware	Jeroen - IT Nerdbox
2013-12-16	Beetel TC1-450 Airtel Wireless Router – Multiple Cross-Site Request Forgery Vulnerabilities	webapps	hardware	Samandeep Singh
2013-12-16	UPC Ireland Cisco EPC 2425 Router / Horizon Box – WPA-PSK Handshake Information	webapps	hardware	Matt O'Connor