Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24745Exploits

日期	标题	类型	平台	作者
2012-12-26	cPanel – ‘dir’ Cross-Site Scripting	webapps	php	Rafay Baloch
2012-12-26	Guru Auction 2.0 – Multiple SQL Injections	webapps	php	v3n0m
2012-12-25	WordPress Plugin Asset-Manager – Arbitrary ‘.PHP’ File Upload (Metasploit)	remote	php	Metasploit
2012-12-25	WordPress Plugin WP-Property – Arbitrary ‘.PHP’ File Upload (Metasploit)	remote	php	Metasploit
2012-12-25	IBM Lotus Notes Client URL Handler – Command Injection (Metasploit)	remote	windows	Metasploit
2012-12-25	Microsoft SQL Server – Database Link Crawling Command Execution (Metasploit)	remote	windows	Metasploit
2012-12-24	cPanel – ‘account’ Cross-Site Scripting	webapps	php	Rafay Baloch
2012-12-24	Hero Framework – users/login ‘Username’ Cross-Site Scripting	webapps	php	Stefan Schurtz
2012-12-24	Hero Framework – ‘search?q’ Cross-Site Scripting	webapps	php	Stefan Schurtz
2012-12-24	MyBB AwayList Plugin – ‘index.php?id’ SQL Injection	webapps	php	Red_Hat
2012-12-24	MyBB HM My Country Flags – SQL Injection	webapps	php	JoinSe7en
2012-12-24	City Directory Review and Rating Script – ‘search.php’ SQL Injection	webapps	php	3spi0n
2012-12-23	Netwin SurgeFTP – Remote Command Execution (Metasploit)	remote	multiple	Metasploit
2012-12-23	Foswiki MAKETEXT – Remote Command Execution (Metasploit)	remote	unix	Metasploit
2012-12-23	TWiki MAKETEXT – Remote Command Execution (Metasploit)	remote	unix	Metasploit
2012-12-22	City Reviewer – ‘search.php’ Script SQL Injection	webapps	php	3spi0n
2012-12-21	Sony PC Companion 2.1 – ‘Load()’ Unicode Stack Buffer Overflow	dos	windows	LiquidWorm
2012-12-21	Sony PC Companion 2.1 – ‘DownloadURLToFile()’ Unicode Stack Buffer Overflow	dos	windows	LiquidWorm
2012-12-21	Google Android 4.2 Browser and WebView – ‘addJavascriptInterface’ Code Execution (Metasploit)	local	android	Metasploit
2012-12-21	VoipNow Service Provider Edition – Arbitrary Command Execution	webapps	php	i-Hmx
2012-12-21	Elite Bulletin Board 2.1.21 – Multiple SQL Injections	webapps	php	High-Tech Bridge SA
2012-12-21	FireFly Mediaserver 1.0.0.1359 – Null Pointer Dereference	dos	windows	High-Tech Bridge SA
2012-12-21	banana dance b.2.6 – Multiple Vulnerabilities	webapps	php	High-Tech Bridge SA
2012-12-21	SelectSurvey CMS – ‘ASP.NET’ Arbitrary File Upload	webapps	asp	040
2012-12-21	YeaLink IP Phone SIP-TxxP Firmware 9.70.0.100 – Multiple Vulnerabilities	webapps	hardware	xistence
2012-12-21	Sony PC Companion 2.1 – ‘Admin_RemoveDirectory()’ Unicode Stack Buffer Overflow	dos	windows	LiquidWorm
2012-12-21	Sony PC Companion 2.1 – ‘CheckCompatibility()’ Unicode Stack Buffer Overflow	dos	windows	LiquidWorm
2012-12-20	IDA Pro 6.3 – Crash (PoC)	dos	multiple	nitr0us
2012-12-20	gdb (GNU debugger) 7.5.1 – Null Pointer Dereference	dos	linux	nitr0us
2012-12-20	NetWin SurgeFTP – (Authenticated) Admin Command Injection (Metasploit)	remote	multiple	Spencer McIntyre
2012-12-20	InduSoft Web Studio – ‘ISSymbol.ocx InternationalSeparator()’ Heap Overflow (Metasploit)	remote	windows	Metasploit
2012-12-19	SonicWALL SonicOS 5.8.1.8 WAF – Cross-Site Scripting	webapps	hardware	Vulnerability-Lab
2012-12-19	DIMIN Viewer 5.4.0 – GIF Decode Crash (PoC)	dos	windows	Lizhi Wang
2012-12-19	WordPress Theme Clockstone (and other CMSMasters Themes) – Arbitrary File Upload	webapps	php	DigiP
2012-12-19	Joomla! Component com_bit – ‘Controller’ Local File Inclusion	webapps	php	Xr0b0t
2012-12-19	Joomla! Component com_ztautolink – ‘Controller’ Local File Inclusion	webapps	php	Xr0b0t
2012-12-19	Enterpriser16 Load Balancer 7.1 – Multiple Cross-Site Scripting Vulnerabilities	webapps	hardware	Vulnerability-Lab
2012-12-18	MyBB Transactions Plugin – ‘transaction’ SQL Injection	webapps	php	limb0
2012-12-18	Crystal Reports CrystalPrintControl – ActiveX ServerResourceVersion Property Overflow (Metasploit)	remote	windows	Metasploit
2012-12-18	Adobe Flash Player 11.5.502.135 – Crash (PoC)	dos	windows	coolkaveh
2012-12-17	WordPress Plugin RokBox Plugin – ‘/wp-content/plugins/wp_rokbox/jwplayer/jwplayer.swf?abouttext’ Cross-Site Scripting	webapps	php	MustLive
2012-12-17	PHPWCMS 1.5.4.6 – ‘preg_replace’ Multiple Vulnerabilities	webapps	php	aeon
2012-12-16	Totem Movie Player 3.4.3 (Ubuntu) – Stack Corruption	dos	linux	coolkaveh
2012-12-16	MyBB User Profile Skype ID Plugin 1.0 – Persistent Cross-Site Scripting	webapps	php	limb0
2012-12-14	Social Sites MyBB Plugin 0.2.2 – Cross-Site Scripting	webapps	php	s3m00t
2012-12-13	MyBB DyMy User Agent Plugin – ‘newreply.php’ SQL Injection	webapps	php	JoinSe7en
2012-12-13	WordPress Plugin Portable phpMyAdmin – Authentication Bypass	webapps	php	Mark Stanislav
2012-12-13	Facebook Profile MyBB Plugin 2.4 – Persistent Cross-Site Scripting	webapps	php	limb0
2012-12-13	MyBB AJAX Chat – Persistent Cross-Site Scripting	webapps	php	Mr. P-teo
2012-12-13	MyYoutube MyBB Plugin 1.0 – SQL Injection	webapps	php	Zixem