Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2012-04-16	Bioly 1.3 – ‘/index.php’ Cross-Site Scripting / SQL Injection	webapps	php	T0xic
2012-04-16	McAfee Web Gateway 7.1.5.x – ‘Host’ HTTP Header Security Bypass	remote	multiple	Gabriel Menezes Nunes
2012-04-15	Seditio CMS 165 – ‘plug.php’ SQL Injection	webapps	php	AkaStep
2012-04-15	ManageEngine Support Center Plus 7903 – Multiple Vulnerabilities	webapps	multiple	xistence
2012-04-15	MediaXxx Adult Video / Media Script – SQL Injection	webapps	php	Daniel Godoy
2012-04-15	NetworX CMS – Cross-Site Request Forgery (Add Admin)	webapps	php	N3t.Crack3r
2012-04-15	Joomla! Component com_ponygallery – SQL Injection	webapps	php	xDarkSton3x
2012-04-14	IrfanView FlashPix PlugIn – Decompression Heap Overflow	dos	windows	Francis Provencher
2012-04-14	V-CMS – Arbitrary ‘.PHP’ File Upload / Execution (Metasploit)	remote	php	Metasploit
2012-04-13	Munin 2.0~rc4-1 – Remote Command Injection	webapps	cgi	Helmut Grohne
2012-04-13	Ushahidi 2.2 – Multiple Vulnerabilities	webapps	php	shpendk
2012-04-13	Invision Power Board 3.3.0 – Local File Inclusion	webapps	php	waraxe
2012-04-13	Quest InTrust – Annotation Objects Uninitialized Pointer (Metasploit)	remote	windows	Metasploit
2012-04-12	EMC IRM License Server 4.6.1.1995 – Denial of Service	dos	hardware	Luigi Auriemma
2012-04-12	WICD 1.7.1 – Local Privilege Escalation	local	linux	anonymous
2012-04-12	SoftwareDEP Classified Script 2.5 – SQL Injection (2)	webapps	php	hordcode security
2012-04-11	WordPress Plugin All-in-One Event Calendar 1.4 – ‘agenda-widget.php’ Multiple Cross-Site Scripting Vulnerabilities	webapps	php	High-Tech Bridge SA
2012-04-11	WordPress Plugin All-in-One Event Calendar 1.4 – ‘save_successful.php?msg’ Cross-Site Scripting	webapps	php	High-Tech Bridge SA
2012-04-11	WordPress Plugin All-in-One Event Calendar 1.4 – ‘box_publish_button.php?button_value’ Cross-Site Scripting	webapps	php	High-Tech Bridge SA
2012-04-11	WordPress Plugin All-in-One Event Calendar 1.4 – ‘agenda-widget-form.php?title’ Cross-Site Scripting	webapps	php	High-Tech Bridge SA
2012-04-11	BGS CMS 2.2.1 – Multiple Cross-Site Scripting / HTML Injection Vulnerabilities	webapps	php	LiquidWorm
2012-04-10	Joomla! Component com_bearleague – SQL Injection	webapps	php	xDarkSton3x
2012-04-10	Joomla! Component Estate Agent – SQL Injection	webapps	php	xDarkSton3x
2012-04-10	IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 – ActiveX RunAndUploadFile() Method Overflow (Metasploit)	remote	windows	Metasploit
2012-04-10	Matterdaddy Market 1.1 – ‘cat_name’ Multiple SQL Injections	webapps	php	Chokri B.A
2012-04-09	Mini-stream RM-MP3 Converter 3.1.2.2 – Local Buffer Overflow	local	windows	SkY-NeT SySteMs
2012-04-09	Dolibarr ERP/CRM < 3.2.0 / < 3.1.1 - OS Command Injection	webapps	php	Nahuel Grisolia
2012-04-09	Dolibarr ERP/CRM 3 – (Authenticated) OS Command Injection (Metasploit)	webapps	php	Metasploit
2012-04-09	Snort 2 – DCE/RPC Preprocessor Buffer Overflow (Metasploit)	remote	multiple	Metasploit
2012-04-09	CitrusDB 2.4.1 – Local File Inclusion / SQL Injection	webapps	php	wacky
2012-04-08	ZTE – Change Admin Password	webapps	cgi	Nuevo Asesino
2012-04-08	Utopia News Pro 1.4.0 – Cross-Site Request Forgery (Add Admin)	webapps	php	Dr.NaNo
2012-04-08	Play [EX] 2.1 – ‘.M3U’/’.PLS’/’.LST’ Playlist File Denial of Service	dos	windows	Death-Shadow-Dark
2012-04-08	Distinct TFTP Server 3.01 – Directory Traversal	remote	windows	modpr0be
2012-04-08	Distinct TFTP 3.10 – Writable Directory Traversal Execution (Metasploit)	webapps	windows	Metasploit
2012-04-08	AnvSoft Any Video Converter 4.3.6 – Multiple Buffer Overflows	dos	windows	Vulnerability-Lab
2012-04-08	BulletProof FTP Client 2010 – Buffer Overflow (PoC)	dos	windows	Vulnerability-Lab
2012-04-08	Liferay XSL – Command Execution (Metasploit)	webapps	multiple	Spencer McIntyre
2012-04-08	LANDesk Lenovo ThinkManagement Console – Remote Command Execution (Metasploit)	remote	windows	Metasploit
2012-04-06	WordPress Plugin Uploadify Integration 0.9.6 – Multiple Cross-Site Scripting Vulnerabilities	webapps	php	waraxe
2012-04-06	Csound – ‘.hetro’ File Handling Stack Buffer Overflow (Metasploit)	local	windows	Metasploit
2012-04-06	TRENDnet SecurView Internet Camera – UltraMJCam OpenFileDlg Buffer Overflow (Metasploit)	remote	windows	Metasploit
2012-04-06	w-CMS 2.0.1 – Multiple Vulnerabilities	webapps	php	Black-ID
2012-04-05	GENU CMS – SQL Injection	webapps	php	hordcode security
2012-04-05	Sony Bravia – Remote Denial of Service	dos	hardware	Gabriel Menezes Nunes
2012-04-05	Quest vWorkspace 7.5 Connection Broker Client – ActiveX Control ‘pnllmcli.dll 7.5.304.547’ SaveMiniLaunchFile() Method Remote File Creation / Overwrite	remote	windows	rgod
2012-04-05	Quest Toad for Oracle Explain Plan Display ActiveX Control – ‘QExplain2.dll 6.6.1.1115’ Remote File Creation / Overwrite	remote	windows	rgod
2012-04-05	WordPress Plugin TagGator – ‘tagid’ SQL Injection	webapps	php	Am!r
2012-04-05	Sony Bravia KDL-32CX525 – ‘hping’ Remote Denial of Service	dos	multiple	Gabriel Menezes Nunes
2012-04-04	osCMax 2.5 – ‘/admin/stats_monthly_sales.php?status’ SQL Injection	webapps	php	High-Tech Bridge SA