Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2021-09-28	FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 – ‘Add Admin’ Cross-Site Request Forgery (CSRF)	webapps	hardware	LiquidWorm
2021-09-28	Apache James Server 2.3.2 – Remote Command Execution (RCE) (Authenticated) (2)	remote	linux	shinris3n
2021-09-28	WordPress Plugin Popup 1.10.4 – Reflected Cross-Site Scripting (XSS)	webapps	php	0xB9
2021-09-28	WordPress Plugin Ultimate Maps 1.2.4 – Reflected Cross-Site Scripting (XSS)	webapps	php	0xB9
2021-09-27	XAMPP 7.4.3 – Local Privilege Escalation	local	windows	Salman Asad
2021-09-27	Cyberfox Web Browser 52.9.1 – Denial of Service (PoC)	local	windows	Aryan Chehreghani
2021-09-27	Cisco small business RV130W 1.0.3.44 – Inject Counterfeit Routers	remote	hardware	Michael Alamoot
2021-09-27	Library System 1.0 – ‘student_id’ SQL injection (Authenticated)	webapps	php	Vinay Bhuria
2021-09-27	WordPress Plugin Wappointment 2.2.4 – Stored Cross-Site Scripting (XSS)	webapps	php	Renos Nikolaou
2021-09-27	Ether_MP3_CD_Burner 1.3.8 – Buffer Overflow (SEH)	local	windows	stresser
2021-09-24	Microsoft Windows cmd.exe – Stack Buffer Overflow	local	windows	hyp3rlinx
2021-09-24	Pharmacy Point of Sale System 1.0 – SQLi Authentication BYpass	webapps	php	Janik Wehrli
2021-09-24	SmarterTools SmarterTrack 7922 – ‘Multiple’ Information Disclosure	webapps	aspx	Andrei Manole
2021-09-23	Police Crime Record Management Project 1.0 – Time Based SQLi	webapps	php	()t/\\/\\1
2021-09-23	Budget and Expense Tracker System 1.0 – Arbitrary File Upload	webapps	php	()t/\\/\\1
2021-09-23	WordPress Plugin Fitness Calculators 1.9.5 – Cross-Site Request Forgery (CSRF)	webapps	php	0xB9
2021-09-23	WordPress Plugin Advanced Order Export For WooCommerce 3.1.7 – Reflected Cross-Site Scripting (XSS)	webapps	php	0xB9
2021-09-23	Backdrop CMS 1.20.0 – ‘Multiple’ Cross-Site Request Forgery (CSRF)	webapps	php	V1n1v131r4
2021-09-23	Redragon Gaming Mouse – ‘REDRAGON_MOUSE.sys’ Denial of Service (PoC)	dos	windows	Quadron Research Lab
2021-09-23	WordPress Plugin 3DPrint Lite 1.9.1.4 – Arbitrary File Upload	webapps	php	spacehen
2021-09-23	Gurock Testrail 7.2.0.3014 – ‘files.md5’ Improper Access Control	webapps	multiple	Sick Codes
2021-09-22	Online Reviewer System 1.0 – Remote Code Execution (RCE) (Unauthenticated)	webapps	php	Abdullah Khawaja
2021-09-22	Sentry 8.2.0 – Remote Code Execution (RCE) (Authenticated)	webapps	Python	Mohin Paramasivam
2021-09-22	Cloudron 6.2 – ‘returnTo ‘ Cross Site Scripting (Reflected)	webapps	multiple	Akıner Kısa
2021-09-22	OpenCats 0.9.4-2 – ‘docx ‘ XML External Entity Injection (XXE)	webapps	php	Jake Ruston
2021-09-22	e107 CMS 2.3.0 – Remote Code Execution (RCE) (Authenticated)	webapps	php	Halit AKAYDIN
2021-09-22	TotalAV 5.15.69 – Unquoted Service Path	local	windows	Andrea Intilangelo
2021-09-22	Filerun 2021.03.26 – Remote Code Execution (RCE) (Authenticated)	webapps	php	syntegris information solutions GmbH
2021-09-22	Simple Attendance System 1.0 – Unauthenticated Blind SQLi	webapps	php	()t/\\/\\1
2021-09-21	Yenkee Hornet Gaming Mouse – ‘GM312Fltr.sys’ Denial of Service (PoC)	dos	windows	Quadron Research Lab
2021-09-21	WebsiteBaker 2.13.0 – Remote Code Execution (RCE) (Authenticated)	webapps	php	Halit AKAYDIN
2021-09-21	Budget and Expense Tracker System 1.0 – Remote Code Execution (RCE) (Unauthenticated)	webapps	php	Abdullah Khawaja
2021-09-20	Budget and Expense Tracker System 1.0 – Authenticated Bypass	webapps	php	Prunier Charles-Yves
2021-09-20	Church Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)	webapps	php	Abdullah Khawaja
2021-09-20	Online Food Ordering System 2.0 – Remote Code Execution (RCE) (Unauthenticated)	webapps	php	Abdullah Khawaja
2021-09-20	WordPress 5.7 – ‘Media Library’ XML External Entity Injection (XXE) (Authenticated)	webapps	php	David Utón
2021-09-20	Church Management System 1.0 – ‘search’ SQL Injection (Unauthenticated)	webapps	php	Erwin Krazek
2021-09-20	T-Soft E-Commerce 4 – change ‘admin credentials’ Cross-Site Request Forgery (CSRF)	webapps	multiple	Alperen Ergel
2021-09-17	Simple Attendance System 1.0 – Authenticated bypass	webapps	php	Abdullah Khawaja
2021-09-17	Library Management System 1.0 – Blind Time-Based SQL Injection (Unauthenticated)	webapps	php	boku
2021-09-17	WordPress Plugin WooCommerce Booster Plugin 5.4.3 – Authentication Bypass	webapps	php	0xB455
2021-09-16	ImpressCMS 1.4.2 – Remote Code Execution (RCE) (Authenticated)	webapps	php	Halit AKAYDIN
2021-09-15	Support Board 3.3.3 – ‘Multiple’ SQL Injection (Unauthenticated)	webapps	php	John Jefferson Li
2021-09-15	AlphaWeb XE – File Upload Remote Code Execution (RCE) (Authenticated)	webapps	php	Ricardo Ruiz
2021-09-15	Evolution CMS 3.1.6 – Remote Code Execution (RCE) (Authenticated)	webapps	php	Halit AKAYDIN
2021-09-15	Seowon 130-SLC router – ‘queriesCnt’ Remote Code Execution (Unauthenticated)	webapps	hardware	Aryan Chehreghani
2021-09-14	Purchase Order Management System 1.0 – Remote File Upload	webapps	php	Aryan Chehreghani
2021-09-13	ECOA Building Automation System – Weak Default Credentials	webapps	hardware	Neurogenesia
2021-09-13	Men Salon Management System 1.0 – Multiple Vulnerabilities	webapps	php	Aryan Chehreghani
2021-09-13	Active WebCam 11.5 – Unquoted Service Path	local	windows	Salman Asad