Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24745Exploits

日期	标题	类型	平台	作者
2022-01-18	Nyron 1.0 – SQLi (Unauthenticated)	webapps	aspx	Miguel Santareno
2022-01-18	Simple Chatbot Application 1.0 – ‘message’ Blind SQLi	webapps	php	Saud Alenazi
2022-01-18	Simple Chatbot Application 1.0 – Remote Code Execution (RCE)	webapps	php	Saud Alenazi
2022-01-18	OpenBMCS 2.4 – Information Disclosure	webapps	php	LiquidWorm
2022-01-18	OpenBMCS 2.4 – Server Side Request Forgery (SSRF) (Unauthenticated)	webapps	php	LiquidWorm
2022-01-18	OpenBMCS 2.4 – Create Admin / Remote Privilege Escalation	webapps	php	LiquidWorm
2022-01-18	OpenBMCS 2.4 – SQLi (Authenticated)	webapps	php	LiquidWorm
2022-01-18	OpenBMCS 2.4 – Cross Site Request Forgery (CSRF)	webapps	php	LiquidWorm
2022-01-13	Online Diagnostic Lab Management System 1.0 – SQL Injection (Unauthenticated)	webapps	php	Himash
2022-01-13	Online Diagnostic Lab Management System 1.0 – Stored Cross Site Scripting (XSS)	webapps	php	Himash
2022-01-13	Online Diagnostic Lab Management System 1.0 – Account Takeover (Unauthenticated)	webapps	php	Himash
2022-01-13	SalonERP 3.0.1 – ‘sql’ SQL Injection (Authenticated)	webapps	php	Betul Denizler
2022-01-13	Hospitals Patient Records Management System 1.0 – ‘doctors’ Stored Cross Site Scripting (XSS)	webapps	php	Sant268
2022-01-13	Hospitals Patient Records Management System 1.0 – ‘room_list’ Stored Cross Site Scripting (XSS)	webapps	php	Sant268
2022-01-13	Hospitals Patient Records Management System 1.0 – ‘room_types’ Stored Cross Site Scripting (XSS)	webapps	php	Sant268
2022-01-13	WordPress Core 5.8.2 – ‘WP_Query’ SQL Injection	webapps	php	Aryan Chehreghani
2022-01-12	WordPress Plugin Frontend Uploader 1.3.2 – Stored Cross Site Scripting (XSS) (Unauthenticated)	webapps	php	Veshraj Ghimire
2022-01-12	Microsoft Windows Defender – Detections Bypass	local	windows	hyp3rlinx
2022-01-12	Microsoft Windows .Reg File – Dialog Spoof / Mitigation Bypass	local	windows	hyp3rlinx
2022-01-10	CoreFTP Server build 725 – Directory Traversal (Authenticated)	remote	windows	LiamInfosec
2022-01-10	Open-AudIT Community 4.2.0 – Cross-Site Scripting (XSS) (Authenticated)	webapps	php	Dominic Clark
2022-01-10	VUPlayer 2.49 – ‘.wax’ Local Buffer Overflow (DEP Bypass)	local	windows	Bryan Leong
2022-01-10	Online Railway Reservation System 1.0 – ‘Multiple’ Stored Cross Site Scripting (XSS) (Unauthenticated)	webapps	php	Zachary Asher
2022-01-10	Online Railway Reservation System 1.0 – Admin Account Creation (Unauthenticated)	webapps	php	Zachary Asher
2022-01-10	Online Railway Reservation System 1.0 – Remote Code Execution (RCE) (Unauthenticated)	webapps	php	Zachary Asher
2022-01-10	Online Railway Reservation System 1.0 – ‘id’ SQL Injection (Unauthenticated)	webapps	php	twseptian
2022-01-10	HTTP Commander 3.1.9 – Stored Cross Site Scripting (XSS)	webapps	windows	Oscar Sandén
2022-01-07	Online Veterinary Appointment System 1.0 – ‘Multiple’ SQL Injection	webapps	php	twseptian
2022-01-05	Hospitals Patient Records Management System 1.0 – ‘id’ SQL Injection (Authenticated)	webapps	php	twseptian
2022-01-05	RiteCMS 3.1.0 – Arbitrary File Overwrite (Authenticated)	webapps	php	faisalfs10x
2022-01-05	AWebServer GhostBuilding 18 – Denial of Service (DoS)	remote	android	Andres Ramos
2022-01-05	Siemens S7 Layer 2 – Denial of Service (DoS)	dos	hardware	RoseSecurity
2022-01-05	Hostel Management System 2.1 – Cross Site Scripting (XSS)	webapps	php	Chinmay Divekar
2022-01-05	CMSimple 5.4 – Cross Site Scripting (XSS)	webapps	php	heinjame
2022-01-05	WordPress Plugin AAWP 3.16 – ‘tab’ Reflected Cross Site Scripting (XSS) (Authenticated)	webapps	php	Andrea Bocchetti
2022-01-05	Nettmp NNT 5.1 – SQLi Authentication Bypass	webapps	php	Momen Eldawakhly
2022-01-05	Automox Agent 32 – Local Privilege Escalation	local	windows	Greg Foss
2022-01-05	SAFARI Montage 8.5 – Reflected Cross Site Scripting (XSS)	webapps	php	Momen Eldawakhly
2022-01-05	Projeqtor v9.3.1 – Stored Cross Site Scripting (XSS)	webapps	php	Oscar Gil Gutierrez
2022-01-05	Library System in PHP 1.0 – ‘publisher name’ Stored Cross-Site Scripting (XSS)	webapps	php	Akash Patil
2022-01-05	Gerapy 0.9.7 – Remote Code Execution (RCE) (Authenticated)	remote	Python	Jeremiasz Pluta
2022-01-05	WordPress Plugin The True Ranker 2.2.2 – Arbitrary File Read (Unauthenticated)	webapps	php	Liad Levy
2022-01-05	Dixell XWEB 500 – Arbitrary File Write	remote	hardware	Roberto Palamaro
2022-01-05	Online Admission System 1.0 – Remote Code Execution (RCE) (Unauthenticated)	webapps	php	Jeremiasz Pluta
2022-01-05	TermTalk Server 3.24.0.2 – Arbitrary File Read (Unauthenticated)	remote	windows	Fabiano Golluscio
2022-01-05	Movie Rating System 1.0 – SQLi to RCE (Unauthenticated)	webapps	php	Tagoletta
2022-01-05	openSIS Student Information System 8.0 – ‘multiple’ SQL Injection	webapps	php	securityforeveryone.com
2022-01-05	Movie Rating System 1.0 – Broken Access Control (Admin Account Creation) (Unauthenticated)	webapps	php	Tagoletta
2022-01-05	Vodafone H-500-s 3.5.10 – WiFi Password Disclosure	webapps	hardware	Daniel Monzón
2022-01-05	Accu-Time Systems MAXIMUS 1.0 – Telnet Remote Buffer Overflow (DoS)	remote	hardware	Yehia Elghaly