Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24691Exploits

日期	标题	类型	平台	作者
2013-01-08	WordPress Plugin NextGEN Gallery – ‘test-head’ Cross-Site Scripting	webapps	php	Am!r
2013-01-07	Facebook for Android – ‘LoginActivity’ Information Disclosure	remote	android	Takeshi Terada
2013-01-07	Movable Type 4.2x/4.3x – Web Upgrade Remote Code Execution (Metasploit)	remote	multiple	Metasploit
2013-01-07	Ettercap 0.7.5.1 – Stack Overflow	dos	unix	Sajjad Pourali
2013-01-07	Foxit Reader 5.4.4.1128 Firefox Plugin – ‘npFoxitReaderPlugin.dll’ Stack Buffer Overflow (PoC)	dos	windows	rgod
2013-01-06	Havalite CMS – ‘comment’ HTML Injection	webapps	php	Henri Salo
2013-01-06	Nexpose Security Console – Cross-Site Request Forgery	webapps	multiple	Robert Gilbert
2013-01-06	FoxPlayer 2.9.0 – Denial of Service	dos	windows	metacom
2013-01-05	pfSense 2.0.1 – Cross-Site Scripting / Cross-Site Request Forgery / Remote Command Execution	webapps	php	Yann CAM
2013-01-04	Simple Web Server 2.3-rc1 – Directory Traversal	webapps	windows	CwG GeNiuS
2013-01-04	TomatoCart – ‘json.php’ Security Bypass	webapps	php	Aung Khant
2013-01-04	Multiple WordPress WPScientist Themes – Arbitrary File Upload	webapps	php	JingoBD
2013-01-04	MyBB Profile Wii Friend Code – Multiple Vulnerabilities	webapps	php	Ichi
2013-01-04	Enterasys NetSight – ‘nssyslogd.exe’ Remote Buffer Overflow (Metasploit)	remote	windows	Metasploit
2013-01-03	WordPress Plugin Advanced Custom Fields – Remote File Inclusion (Metasploit)	remote	php	Metasploit
2013-01-03	Allied Telesis AT-MCF2000M 3.0.2 – Remote Command Execution	remote	hardware	dun
2013-01-03	Belkin Wireless Router – Default WPS PIN Security	remote	hardware	ZhaoChunsheng
2013-01-03	WordPress Plugin Uploader – Arbitrary File Upload	webapps	php	Sammy FORGIT
2013-01-02	WordPress Plugin Xerte Online – ‘save.php’ Arbitrary File Upload	webapps	php	Sammy FORGIT
2013-01-02	Astium VoIP PBX 2.1 build 25399 – Multiple Vulnerabilities/Remote Command Execution	webapps	php	xistence
2013-01-02	Astium VoIP PBX 2.1 build 25399 – Remote Crash (PoC)	dos	linux	xistence
2013-01-02	e107 1.0.2 – SQL Injection (via Cross-Site Request Forgery)	webapps	php	Joshua Reynolds
2013-01-02	e107 1.0.1 – Arbitrary JavaScript Execution (via Cross-Site Request Forgery)	webapps	php	Joshua Reynolds
2013-01-02	Microsoft Internet Explorer – CButton Object Use-After-Free (Metasploit)	remote	windows	Metasploit
2013-01-02	osTicket – ‘tickets.php?status’ Cross-Site Scripting	webapps	php	AkaStep
2013-01-02	osTicket – ‘l.php?url’ Arbitrary Site Redirect	webapps	php	AkaStep
2013-01-01	WordPress Plugin Shopping Cart for WordPress – ‘/wp-content/plugins/levelfourstorefront/scripts/administration/backup.php?reqID’ SQL Injection	webapps	php	Sammy FORGIT
2013-01-01	WordPress Plugin Shopping Cart for WordPress – ‘/wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php? reqID’ SQL Injection	webapps	php	Sammy FORGIT
2013-01-01	WordPress Plugin Shopping Cart for WordPress – ‘/wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php?reqID’ SQL Injection	webapps	php	Sammy FORGIT
2012-12-31	BlazeDVD 6.1 – ‘.PLF’ File (ASLR + DEP Bypass) (Metasploit)	local	windows	Craig Freyman
2012-12-31	WHMCS 5.0 – Insecure Cookie Authentication Bypass	webapps	php	Agd_Scorp
2012-12-31	Joomla! Component Spider Calendar – ‘date’ Blind SQL Injection	webapps	php	Red-D3v1L
2012-12-31	MyBB 1.6.9 – ‘editpost.php?posthash’ Blind SQL Injection	webapps	php	Joshua Rogers
2012-12-31	Aktiv Player 2.80 – Crash (PoC)	dos	windows	IndonesiaGokilTeam
2012-12-31	Grep < 2.11 - Integer Overflow Crash (PoC)	dos	linux	Joshua Rogers
2012-12-31	Microsoft Internet Explorer – CDwnBindInfo Object Use-After-Free (Metasploit)	remote	windows	Metasploit
2012-12-31	IBM Lotus iNotes dwa85W – ActiveX Buffer Overflow (Metasploit)	remote	windows	Metasploit
2012-12-31	IBM Lotus QuickR qp2 – ActiveX Buffer Overflow (Metasploit)	remote	windows	Metasploit
2012-12-30	WordPress Plugin Zingiri Forums – ‘language’ Local File Inclusion	webapps	php	Amirh03in
2012-12-30	LShell 0.9.15 – Remote Code Execution	remote	linux	drone
2012-12-29	Ubiquiti AirOS 5.5.2 – (Authenticated) Remote Command Execution	remote	hardware	xistence
2012-12-27	RealPlayer – ‘.RealMedia’ File Handling Buffer Overflow (Metasploit)	remote	windows	Metasploit
2012-12-27	WHM – ‘filtername’ Cross-Site Scripting	webapps	php	Rafay Baloch
2012-12-27	cPanel – ‘detailbw.html’ Multiple Cross-Site Scripting Vulnerabilities	webapps	php	Christy Philip Mathew
2012-12-27	cPanel WebHost Manager (WHM) – ‘/webmail/x3/mail/clientconf.html?acct’ Cross-Site Scripting	webapps	php	Christy Philip Mathew
2012-12-27	Astaro Security Gateway 8.1 – HTML Injection	remote	hardware	Vulnerability Research Laboratory
2012-12-26	Guru Auction 2.0 – Multiple SQL Injections	webapps	php	v3n0m
2012-12-26	cPanel – ‘dir’ Cross-Site Scripting	webapps	php	Rafay Baloch
2012-12-25	WordPress Plugin Asset-Manager – Arbitrary ‘.PHP’ File Upload (Metasploit)	remote	php	Metasploit
2012-12-25	WordPress Plugin WP-Property – Arbitrary ‘.PHP’ File Upload (Metasploit)	remote	php	Metasploit