Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24745Exploits
日期 标题 类型 平台 作者
2013-03-10

SWFupload – Multiple Content Spoofing / Cross-Site Scripting Vulnerabilities
  • webapps
  • php
    		• MustLive
    2013-03-08

    McAfee Vulnerability Manager – ‘cert_cn’ Cross-Site Scripting
  • remote
  • multiple
    		• Asheesh Anaconda
    2013-03-08

    Your Own Classifieds – Cross-Site Scripting
  • webapps
  • php
    		• Rafay Baloch
    2013-03-08

    WordPress Plugin Terillion Reviews – Profile Id HTML Injection
  • webapps
  • php
    		• Aditya Balapure
    2013-03-07

    Qool CMS 2.0 RC2 – Multiple Vulnerabilities
  • webapps
  • php
    		• LiquidWorm
    2013-03-07

    MySQL / MariaDB – Geometry Query Denial of Service
  • dos
  • linux
    		• Alyssa Milburn
    2013-03-07

    CosCMS 1.721 – OS Command Injection
  • webapps
  • php
    		• High-Tech Bridge SA
    2013-03-07

    mnoGoSearch 3.3.12 (search.cgi) – Arbitrary File Read
  • webapps
  • cgi
    		• Sergey Bobrov
    2013-03-06

    Remote File Manager 1.2 iOS – Multiple Vulnerabilities
  • webapps
  • ios
    		• Vulnerability-Lab
    2013-03-06

    VMware Virtual Machine Communication Interface (VMCI) – ‘vmci.sys’
  • local
  • multiple
    		• Artem Shishkin
    2013-03-06

    Matrix42 Service Store – ‘default.aspx’ Cross-Site Scripting
  • webapps
  • asp
    		• 43zsec
    2013-03-05

    Kaspersky Internet Security 2013 – Denial of Service
  • dos
  • windows
    		• Marc Heuse
    2013-03-05

    Viscosity – setuid-set ViscosityHelper Privilege Escalation (Metasploit)
  • local
  • osx
    		• Metasploit
    2013-03-05

    Tunnelblick – Setuid Privilege Escalation (Metasploit)
  • local
  • osx
    		• Metasploit
    2013-03-05

    Squid – ‘httpMakeVaryMark()’ Remote Denial of Service
  • dos
  • linux
    		• tytusromekiatomek
    2013-03-05

    Varnish Cache – Multiple Denial of Service Vulnerabilities
  • dos
  • multiple
    		• tytusromekiatomek
    2013-03-05

    WordPress Plugin Count Per Day – ‘daytoshow’ Cross-Site Scripting
  • webapps
  • php
    		• alejandr0.m0f0
    2013-03-04

    Nconf 1.3 – Multiple SQL Injections
  • webapps
  • php
    		• Saadi Siddiqui
    2013-03-04

    D-Link DSL-2740B ADSL Router – Authentication Bypass
  • webapps
  • hardware
    		• Ivano Binetti
    2013-03-04

    HP Intelligent Management Center – ‘topoContent.jsf’ Cross-Site Scripting
  • webapps
  • java
    		• Julien Ahrens
    2013-03-02

    Plogger – Multiple Input Validation Vulnerabilities
  • webapps
  • php
    		• Saadat Ullah
    2013-03-01

    Batavi – ‘index.php’ Cross-Site Scripting
  • webapps
  • php
    		• Dognaedis
    2013-03-01

    PHP-Fusion 7.02.05 – Multiple Vulnerabilities
  • webapps
  • php
    		• waraxe
    2013-03-01

    Piwigo 2.4.6 – Multiple Vulnerabilities
  • webapps
  • php
    		• High-Tech Bridge SA
    2013-03-01

    doorGets CMS – Cross-Site Request Forgery
  • webapps
  • php
    		• n0pe
    2013-03-01

    Sami FTP Server 2.0.1 – ‘LIST’ Buffer Overflow
  • remote
  • windows
    		• superkojiman
    2013-03-01

    Hanso Player 2.1.0 – ‘.m3u’ Buffer Overflow
  • dos
  • windows
    		• metacom
    2013-03-01

    Foscam < 11.37.2.49 - Directory Traversal
  • remote
  • hardware
    		• Frederic Basse
    2013-03-01

    Question2Answer – Cross-Site Request Forgery
  • webapps
  • php
    		• MustLive
    2013-03-01

    WordPress Plugin Uploader – ‘blog’ Cross-Site Scripting
  • webapps
  • php
    		• CodeV
    2013-02-28

    rpi-update – Insecure Temporary File Handling / Security Bypass
  • local
  • linux
    		• Technion
    2013-02-27

    Geeklog – Cross-Site Scripting
  • webapps
  • php
    		• High-Tech Bridge
    2013-02-27

    Linux Kernel 3.3.x < 3.7.x (Arch Linux x86-64) - 'sock_diag_handlers[]' Local Privilege Escalation (1)
  • local
  • linux_x86-64
    		• sd
    2013-02-27

    WordPress Plugin Comment Rating 2.9.32 – Multiple Vulnerabilities
  • webapps
  • php
    		• ebanyu
    2013-02-27

    Joomla! 3.0.2 – ‘highlight.php’ PHP Object Injection
  • webapps
  • php
    		• EgiX
    2013-02-26

    PolarPearCMS – Arbitrary ‘.PHP’ File Upload (Metasploit)
  • remote
  • php
    		• Metasploit
    2013-02-26

    Glossword 1.8.8 < 1.8.12 - Arbitrary File Upload (Metasploit)
  • remote
  • php
    		• Metasploit
    2013-02-26

    Kordil EDms 2.2.60rc3 – Arbitrary File Upload (Metasploit)
  • remote
  • php
    		• Metasploit
    2013-02-26

    JForum – ‘jforum.page’ Multiple Cross-Site Scripting Vulnerabilities
  • webapps
  • jsp
    		• ZeroDayLab
    2013-02-26

    MTP Poll 1.0 – Multiple Cross-Site Scripting Vulnerabilities
  • webapps
  • php
    		• LiquidWorm
    2013-02-26

    MTP Guestbook 1.0 – Multiple Cross-Site Scripting Vulnerabilities
  • webapps
  • php
    		• LiquidWorm
    2013-02-26

    MTP Image Gallery 1.0 – ‘edit_photos.php?title’ Cross-Site Scripting
  • webapps
  • php
    		• LiquidWorm
    2013-02-26

    iOS IPMap 2.5 – Arbitrary File Upload
  • webapps
  • ios
    		• Vulnerability-Lab
    2013-02-26

    Rix4Web Portal – Blind SQL Injection
  • webapps
  • php
    		• L0n3ly-H34rT
    2013-02-26

    Brewthology 0.1 – SQL Injection
  • webapps
  • php
    		• cr4wl3r
    2013-02-26

    WiFilet 1.2 iPad iPhone – Multiple Vulnerabilities
  • webapps
  • hardware
    		• Vulnerability-Lab
    2013-02-25

    phpMyRecipes – Multiple HTML Injection Vulnerabilities
  • webapps
  • php
    		• PDS
    2013-02-25

    WordPress Plugin Smart Flv – ‘jwplayer.swf’ Multiple Cross-Site Scripting Vulnerabilities
  • webapps
  • php
    		• Henri Salo
    2013-02-25

    Java Applet JMX – Remote Code Execution (Metasploit) (2)
  • remote
  • multiple
    		• Metasploit
    2013-02-24

    Linux Kernel 3.3 < 3.8 (Ubuntu / Fedora 18) - 'sock_diag_handlers()' Local Privilege Escalation (3)
  • local
  • linux
    		• SynQ