Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24745Exploits

日期	标题	类型	平台	作者
2022-01-05	WordPress Plugin AAWP 3.16 – ‘tab’ Reflected Cross Site Scripting (XSS) (Authenticated)	webapps	php	Andrea Bocchetti
2022-01-05	Nettmp NNT 5.1 – SQLi Authentication Bypass	webapps	php	Momen Eldawakhly
2022-01-05	Automox Agent 32 – Local Privilege Escalation	local	windows	Greg Foss
2022-01-05	SAFARI Montage 8.5 – Reflected Cross Site Scripting (XSS)	webapps	php	Momen Eldawakhly
2022-01-05	Projeqtor v9.3.1 – Stored Cross Site Scripting (XSS)	webapps	php	Oscar Gil Gutierrez
2022-01-05	Library System in PHP 1.0 – ‘publisher name’ Stored Cross-Site Scripting (XSS)	webapps	php	Akash Patil
2022-01-05	Gerapy 0.9.7 – Remote Code Execution (RCE) (Authenticated)	remote	Python	Jeremiasz Pluta
2022-01-05	WordPress Plugin The True Ranker 2.2.2 – Arbitrary File Read (Unauthenticated)	webapps	php	Liad Levy
2022-01-05	Dixell XWEB 500 – Arbitrary File Write	remote	hardware	Roberto Palamaro
2022-01-05	Online Admission System 1.0 – Remote Code Execution (RCE) (Unauthenticated)	webapps	php	Jeremiasz Pluta
2021-12-20	Exponent CMS 2.6 – Multiple Vulnerabilities	webapps	php	heinjame
2021-12-20	phpKF CMS 3.00 Beta y6 – Remote Code Execution (RCE) (Unauthenticated)	webapps	php	Halit AKAYDIN
2021-12-20	WBCE CMS 1.5.1 – Admin Password Reset	webapps	php	citril
2021-12-16	Croogo 3.0.2 – Unrestricted File Upload	webapps	php	Enes Özeser
2021-12-16	Cibele Thinfinity VirtualUI 2.5.41.0 – User Enumeration	webapps	multiple	Daniel Morales
2021-12-16	Arunna 1.0.0 – ‘Multiple’ Cross-Site Request Forgery (CSRF)	webapps	php	=(L_L)=
2021-12-16	Croogo 3.0.2 – ‘Multiple’ Stored Cross-Site Scripting (XSS)	webapps	php	Enes Özeser
2021-12-15	Oliver Library Server v5 – Arbitrary File Download	remote	windows	Mandeep Singh
2021-12-14	Microsoft Internet Explorer / ActiveX Control – Security Bypass	local	windows	hyp3rlinx
2021-12-14	Online Thesis Archiving System 1.0 – SQLi Authentication Bypass	webapps	php	Yehia Elghaly
2021-12-14	meterN v1.2.3 – Remote Code Execution (RCE) (Authenticated)	webapps	php	LiquidWorm
2021-12-14	Zucchetti Axess CLOKI Access Control 1.64 – Cross Site Request Forgery (CSRF)	webapps	hardware	LiquidWorm
2021-12-14	Booked Scheduler 2.7.5 – Remote Command Execution (RCE) (Authenticated)	webapps	php	0sunday
2021-12-14	WordPress Plugin Typebot 1.4.3 – Stored Cross Site Scripting (XSS) (Authenticated)	webapps	php	Mansi Singh
2021-12-14	Apache Log4j 2 – Remote Code Execution (RCE)	remote	java	kozmer
2021-12-14	Laravel Valet 2.0.3 – Local Privilege Escalation (macOS)	local	macos	leonjza
2021-12-14	Apache Log4j2 2.14.1 – Information Disclosure	remote	java	leonjza
2021-12-13	WebHMI 4.0 – Remote Code Execution (RCE) (Authenticated)	webapps	php	Jeremiasz Pluta
2021-12-13	HD-Network Real-time Monitoring System 2.0 – Local File Inclusion (LFI)	remote	linux	Momen Eldawakhly
2021-12-10	OpenCATS 0.9.4 – Remote Code Execution (RCE)	webapps	php	Nicholas Ferreira
2021-12-10	Free School Management Software 1.0 – Remote Code Execution (RCE)	webapps	php	fuzzyap1
2021-12-10	Free School Management Software 1.0 – ‘multiple’ Stored Cross-Site Scripting (XSS)	webapps	php	fuzzyap1
2021-12-09	Employees Daily Task Management System 1.0 – ‘multiple’ Cross Site Scripting (XSS)	webapps	php	able403
2021-12-09	Employees Daily Task Management System 1.0 – ‘username’ SQLi Authentication Bypass	webapps	php	able403
2021-12-09	Grafana 8.3.0 – Directory Traversal and Arbitrary File Read	webapps	multiple	s1gh
2021-12-09	WordPress Plugin Catch Themes Demo Import 1.6.1 – Remote Code Execution (RCE) (Authenticated)	webapps	php	Ron Jost
2021-12-09	Student Management System 1.0 – SQLi Authentication Bypass	webapps	php	Enes Özeser
2021-12-09	TestLink 1.19 – Arbitrary File Download (Unauthenticated)	webapps	php	Gonzalo Villegas
2021-12-09	Raspberry Pi 5.10 – Default Credentials	remote	linux	netspooky
2021-12-09	MTPutty 1.0.1.21 – SSH Password Disclosure	local	windows	Sedat Ozdemir
2021-12-09	LimeSurvey 5.2.4 – Remote Code Execution (RCE) (Authenticated)	webapps	php	Y1LD1R1M
2021-12-09	Chikitsa Patient Management System 2.0.2 – ‘backup’ Remote Code Execution (RCE) (Authenticated)	webapps	php	0z09e
2021-12-09	Chikitsa Patient Management System 2.0.2 – ‘plugin’ Remote Code Execution (RCE) (Authenticated)	webapps	php	0z09e
2021-12-06	HCL Lotus Notes V12 – Unquoted Service Path	local	windows	Mert Daş
2021-12-06	Auerswald COMfortel 2.8F – Authentication Bypass	remote	hardware	RedTeam Pentesting GmbH
2021-12-06	Croogo 3.0.2 – Remote Code Execution (Authenticated)	webapps	php	Deha Berkin Bir
2021-12-06	Auerswald COMpact 8.0B – Multiple Backdoors	remote	hardware	RedTeam Pentesting GmbH
2021-12-06	Auerswald COMpact 8.0B – Arbitrary File Disclosure	remote	hardware	RedTeam Pentesting GmbH
2021-12-06	Auerswald COMpact 8.0B – Privilege Escalation	remote	hardware	RedTeam Pentesting GmbH
2021-12-03	WordPress Plugin DZS Zoomsounds 6.45 – Arbitrary File Read (Unauthenticated)	webapps	php	Uriel Yochpaz