Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24745Exploits

日期	标题	类型	平台	作者
2013-04-11	WordPress Plugin Spider Video Player – ‘theme’ SQL Injection	webapps	php	Ashiyane Digital Security Team
2013-04-10	Hero Framework – ‘/users/forgot_password?error’ Cross-Site Scripting	webapps	java	High-Tech Bridge
2013-04-10	Hero Framework – ‘/users/login?Username’ Cross-Site Scripting	webapps	java	High-Tech Bridge
2013-04-10	WordPress Plugin Spiffy XSPF Player – ‘playlist_id’ SQL Injection	webapps	php	Ashiyane Digital Security Team
2013-04-10	Adobe ColdFusion APSB13-03 – Remote Multiple Vulnerabilities (Metasploit)	remote	multiple	Metasploit
2013-04-10	Linksys WRT54GL – ‘apply.cgi’ Command Execution (Metasploit)	remote	hardware	Metasploit
2013-04-10	Freefloat FTP Server 1.0 – DEP Bypass with ROP	remote	windows	negux
2013-04-10	BigAnt Server 2.97 – DDNF ‘Username’ Remote Buffer Overflow	remote	windows	Craig Freyman
2013-04-09	phpMyAdmin – ‘tbl_gis_visualization.php’ Multiple Cross-Site Scripting Vulnerabilities	webapps	php	waraxe
2013-04-09	WordPress Plugin Traffic Analyzer – ‘aoid’ Cross-Site Scripting	webapps	php	Beni_Vanda
2013-04-09	EasyPHP – ‘/index.php’ Authentication Bypass / Remote PHP Code Injection	webapps	php	KedAns-Dz
2013-04-09	Foscam IP (Multiple Cameras) – Multiple Cross-Site Request Forgery Vulnerabilities	remote	hardware	shekyan
2013-04-09	ZAPms 1.41 – SQL Injection	webapps	php	NoGe
2013-04-09	Sysax Multi Server 6.10 – SSH Denial of Service	dos	windows	Matt Andreko
2013-04-08	Novell ZENworks Configuration Management 10 SP3/11 SP2 – Remote Execution (Metasploit)	remote	multiple	Metasploit
2013-04-08	OpenCart – Cross-Site Request Forgery (Change User Password)	webapps	php	Saadi Siddiqui
2013-04-08	HP System Management – Anonymous Access Code Execution (Metasploit)	remote	linux	Metasploit
2013-04-08	Linksys E1500/E2500 – ‘apply.cgi’ Remote Command Injection (Metasploit)	remote	hardware	Metasploit
2013-04-08	MongoDB – nativeHelper.apply Remote Code Execution (Metasploit)	remote	linux	Metasploit
2013-04-08	WHMCompleteSolution (WHMCS) Group Pay Plugin 1.5 – ‘grouppay.php?hash’ SQL Injection	webapps	php	HJauditing Employee Tim
2013-04-08	PonyOS 0.4.99-mlp – Multiple Vulnerabilities	local	linux	John Cartwright
2013-04-08	Sophos Web Protection Appliance 3.7.8.1 – Multiple Vulnerabilities	webapps	linux	SEC Consult
2013-04-08	Netgear DGN1000B – ‘setup.cgi’ Remote Command Execution (Metasploit)	remote	hardware	Metasploit
2013-04-08	Groovy Media Player 3.2.0 – ‘.mp3’ Buffer Overflow	dos	windows	Akshaysinh Vaghela
2013-04-08	MongoDB 2.2.3 – nativeHelper.apply Remote Code Execution	remote	linux	agix
2013-04-08	HP System Management Homepage – Local Privilege Escalation (Metasploit)	local	linux	Metasploit
2013-04-08	TP-Link TD-8817 6.0.1 Build 111128 Rel.26763 – Cross-Site Request Forgery	webapps	hardware	Un0wn_X
2013-04-08	Vanilla Forums 2-0-18-4 – SQL Injection	webapps	php	bl4ckw0rm
2013-04-08	D-Link – Multiple Vulnerabilities	webapps	hardware	m-1-k-3
2013-04-08	Belkin Wemo – Arbitrary Firmware Upload	webapps	hardware	Daniel Buentello
2013-04-08	Google AD Sync Tool – Exposure of Sensitive Information	local	multiple	Sense of Security
2013-04-08	OTRS 3.x – FAQ Module Persistent Cross-Site Scripting	webapps	multiple	Luigi Vezzoso
2013-04-07	HexChat 2.9.4 – Local Overflow	local	windows	Matt Andreko
2013-04-05	PHP Address Book – ‘/addressbook/register/checklogin.php?Username’ SQL Injection	webapps	php	Jurgen Voorneveld
2013-04-05	PHP Address Book – ‘/addressbook/register/user_add_save.php?email’ SQL Injection	webapps	php	Jurgen Voorneveld
2013-04-05	PHP Address Book – ‘/addressbook/register/traffic.php?var’ SQL Injection	webapps	php	Jurgen Voorneveld
2013-04-05	Personal File Share 1.0 – Denial of Service	dos	windows	npn
2013-04-05	PHP Address Book – ‘/addressbook/register/router.php?BasicLogin’ Cookie SQL Injection	webapps	php	Jurgen Voorneveld
2013-04-05	Easy DVD Player 3.5.1 – libav ‘libavcodec_plugin.dll’ Denial of Service	dos	windows	metacom
2013-04-05	PHP Address Book – ‘/addressbook/register/reset_password_save.php’ Multiple SQL Injections	webapps	php	Jurgen Voorneveld
2013-04-05	PHP Address Book – ‘/addressbook/register/reset_password.php’ Multiple SQL Injections	webapps	php	Jurgen Voorneveld
2013-04-05	PHP Address Book – ‘/addressbook/register/linktick.php?site’ SQL Injection	webapps	php	Jurgen Voorneveld
2013-04-05	PHP Address Book – ‘/addressbook/register/edit_user_save.php’ Multiple SQL Injections	webapps	php	Jurgen Voorneveld
2013-04-05	PHP Address Book – ‘/addressbook/register/edit_user.php?id’ SQL Injection	webapps	php	Jurgen Voorneveld
2013-04-05	PHP Address Book – ‘/addressbook/register/delete_user.php?id’ SQL Injection	webapps	php	Jurgen Voorneveld
2013-04-05	Apache Subversion – Remote Denial of Service	dos	linux	Greg McMullin
2013-04-05	Apache Subversion 1.6.x – ‘mod_dav_svn/lock.c’ Remote Denial of Service	dos	linux	anonymous
2013-04-05	Zimbra – ‘aspell.php’ Cross-Site Scripting	webapps	php	Michael Scherer
2013-04-05	PHP Address Book – ‘/addressbook/register/admin_index.php?q’ SQL Injection	webapps	php	Jurgen Voorneveld
2013-04-04	Mozilla Firefox – Cookie Verification Denial of Service	dos	multiple	anonymous