Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24745Exploits
日期 标题 类型 平台 作者
2013-01-18

Jenkins CI Script Console – Command Execution (Metasploit)
  • remote
  • multiple
    		• Spencer McIntyre
    2013-01-18

    Nvidia Display Driver Service (Nsvr) – Local Buffer Overflow
  • local
  • windows
    		• Jon Bailey
    2013-01-18

    SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x – Remote Command Execution
  • webapps
  • multiple
    		• Nikolas Sotiriu
    2013-01-18

    Novell NCP – Remote Command Execution
  • remote
  • linux
    		• Gary Nilson
    2013-01-18

    Linksys WRT54GL Firmware 4.30.15 build 2 – Multiple Vulnerabilities
  • webapps
  • hardware
    		• m-1-k-3
    2013-01-18

    SonicWALL GMS/Viewpoint/Analyzer – Authentication Bypass
  • webapps
  • multiple
    		• Nikolas Sotiriu
    2013-01-18

    PHP-Charts – Arbitrary PHP Code Execution
  • webapps
  • php
    		• AkaStep
    2013-01-17

    IP.Gallery – ‘img’ SQL Injection
  • webapps
  • php
    		• Ashiyane Digital Security Team
    2013-01-17

    Invision Gallery 2.0.5 – SQL Injection
  • webapps
  • php
    		• Ashiyane Digital Security Team
    2013-01-16

    Nagios3 – ‘history.cgi’ Host Command Execution (Metasploit)
  • remote
  • linux
    		• Metasploit
    2013-01-16

    Cydia Repo Manager – Cross-Site Request Forgery
  • webapps
  • php
    		• Ramdan Yantu
    2013-01-16

    Oracle Application Framework – Diagnostic Mode Bypass
  • webapps
  • jsp
    		• Trustwave's SpiderLabs
    2013-01-15

    freeSSHd 1.2.6 – Authentication Bypass (Metasploit)
  • remote
  • windows
    		• Metasploit
    2013-01-15

    phpLiteAdmin – ‘table’ SQL Injection
  • webapps
  • php
    		• KedAns-Dz
    2013-01-15

    CMS snews – SQL Injection
  • webapps
  • php
    		• By onestree
    2013-01-14

    Serva 2.0.0 – HTTP Server GET Remote Denial of Service
  • dos
  • windows
    		• Julien Ahrens
    2013-01-14

    Serva 2.0.0 – DNS Server QueryName Remote Denial of Service
  • dos
  • windows
    		• Julien Ahrens
    2013-01-14

    phpShop 2.0 – SQL Injection
  • webapps
  • php
    		• By onestree
    2013-01-13

    phlyLabs phlyMail Lite 4.03.04 – Full Path Disclosure / Persistent Cross-Site Scripting
  • webapps
  • php
    		• LiquidWorm
    2013-01-13

    phlyLabs phlyMail Lite 4.03.04 – ‘go’ Open Redirect
  • webapps
  • php
    		• LiquidWorm
    2013-01-13

    Nagios3 – ‘history.cgi’ Remote Command Execution
  • remote
  • multiple
    		• blasty
    2013-01-11

    Microsoft Lync 2010 4.0.7577.0 – User-Agent Header Handling Arbitrary Command Execution
  • remote
  • windows
    		• Christopher Emerson
    2013-01-11

    Java Applet JMX – Remote Code Execution (Metasploit) (1)
  • remote
  • java
    		• Metasploit
    2013-01-11

    PHPLiteAdmin 1.9.3 – Remote PHP Code Injection
  • webapps
  • php
    		• L@usch
    2013-01-10

    Honeywell Tema Remote Installer – ActiveX Remote Code Execution (Metasploit)
  • remote
  • windows
    		• Metasploit
    2013-01-10

    Microsoft Internet Explorer – Option Element Use-After-Free (MS11-081) (Metasploit)
  • remote
  • windows
    		• Metasploit
    2013-01-10

    Ruby on Rails – XML Processor YAML Deserialization Code Execution (Metasploit)
  • remote
  • multiple
    		• Metasploit
    2013-01-10

    eXtplorer 2.1 – Arbitrary File Upload (Metasploit)
  • remote
  • php
    		• Metasploit
    2013-01-10

    Microsoft Internet Explorer 8 – Fixed Col Span ID (Full ASLR + DEP Bypass) (MS12-037)
  • remote
  • windows
    		• sickness
    2013-01-10

    WordPress Plugin Gallery – ‘filename_1’ Arbitrary File Access
  • webapps
  • php
    		• Beni_Vanda
    2013-01-10

    Colloquy 1.3.5/1.3.6 – Denial of Service
  • dos
  • hardware
    		• UberLame
    2013-01-10

    Nero MediaHome 4.5.8.0 – Denial of Service
  • dos
  • windows
    		• High-Tech Bridge SA
    2013-01-09

    Quick.CMS / Quick.Cart – Cross-Site Scripting
  • webapps
  • php
    		• High-Tech Bridge
    2013-01-09

    Samsung Kies – Remote Buffer Overflow
  • remote
  • windows
    		• High-Tech Bridge
    2013-01-09

    Prizm Content Connect – Arbitrary File Upload
  • webapps
  • php
    		• Include Security Research
    2013-01-09

    Schmid Watson Management Console – Directory Traversal
  • remote
  • linux
    		• Dhruv Shah
    2013-01-09

    TinyBrowser – ‘edit.php’ Directory Listing
  • webapps
  • php
    		• MustLive
    2013-01-09

    TinyBrowser – ‘tinybrowser.php’ Directory Listing
  • webapps
  • php
    		• MustLive
    2013-01-09

    tinybrowser – ‘type’ Cross-Site Scripting
  • webapps
  • php
    		• MustLive
    2013-01-09

    Dell OpenManage Server Administrator – Cross-Site Scripting
  • remote
  • multiple
    		• Tenable NS
    2013-01-09

    WeBid 1.0.6 – SQL Injection
  • webapps
  • php
    		• Life Wasted
    2013-01-09

    Inmatrix Ltd. Zoom Player 8.5 – ‘.jpeg’File Memory Corruption / Arbitrary Code Execution
  • local
  • windows
    		• Debasish Mandal
    2013-01-09

    Watson Management Console 4.11.2.G – Directory Traversal
  • webapps
  • hardware
    		• Dhruv Shah
    2013-01-09

    Free Blog 1.0 – Multiple Vulnerabilities
  • webapps
  • php
    		• cr4wl3r
    2013-01-09

    WebsiteBaker Addon Concert Calendar 2.1.4 – Multiple Vulnerabilities
  • webapps
  • php
    		• Stefan Schurtz
    2013-01-09

    Colloquy – Remote Denial of Service
  • dos
  • multiple
    		• Aph3x
    2013-01-08

    Mozilla Firefox < 17.0.1 - Flash Privileged Code Injection (Metasploit)
  • local
  • multiple
    		• Metasploit
    2013-01-08

    BT Home Hub – ‘uuid’ Buffer Overflow
  • dos
  • multiple
    		• Zachary Cutlip
    2013-01-08

    WordPress Plugin NextGEN Gallery – ‘test-head’ Cross-Site Scripting
  • webapps
  • php
    		• Am!r
    2013-01-08

    Joomla! Component com_incapsula – Multiple Cross-Site Scripting Vulnerabilities
  • webapps
  • php
    		• Gjoko Krstic