Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2021-09-13	ECOA Building Automation System – Arbitrary File Deletion	webapps	hardware	Neurogenesia
2021-09-13	ECOA Building Automation System – Local File Disclosure	webapps	hardware	Neurogenesia
2021-09-13	ECOA Building Automation System – Remote Privilege Escalation	webapps	hardware	Neurogenesia
2021-09-13	ECOA Building Automation System – Missing Encryption Of Sensitive Information	local	hardware	Neurogenesia
2021-09-13	ECOA Building Automation System – Hard-coded Credentials SSH Access	remote	hardware	Neurogenesia
2021-09-13	ECOA Building Automation System – Configuration Download Information Disclosure	webapps	hardware	Neurogenesia
2021-09-13	ECOA Building Automation System – Cookie Poisoning Authentication Bypass	webapps	hardware	Neurogenesia
2021-09-13	ECOA Building Automation System – ‘multiple’ Cross-Site Request Forgery (CSRF)	webapps	hardware	Neurogenesia
2021-09-13	ECOA Building Automation System – Directory Traversal Content Disclosure	webapps	hardware	Neurogenesia
2021-09-13	ECOA Building Automation System – Path Traversal Arbitrary File Upload	webapps	hardware	Neurogenesia
2021-09-13	ECOA Building Automation System – Weak Default Credentials	webapps	hardware	Neurogenesia
2021-09-13	Men Salon Management System 1.0 – Multiple Vulnerabilities	webapps	php	Aryan Chehreghani
2021-09-13	Active WebCam 11.5 – Unquoted Service Path	local	windows	Salman Asad
2021-09-09	Bus Pass Management System 1.0 – ‘adminname’ Stored Cross-Site Scripting (XSS)	webapps	php	Emre Aslan
2021-09-08	WordPress Plugin TablePress 1.14 – CSV Injection	webapps	php	Nikhil Kapoor
2021-09-07	WordPress Plugin Survey & Poll 1.5.7.3 – ‘sss_params’ SQL Injection (2)	webapps	php	Mohin Paramasivam
2021-09-07	WordPress Plugin WP Sitemap Page 1.6.4 – Stored Cross-Site Scripting (XSS)	webapps	php	Nikhil Kapoor
2021-09-06	Antminer Monitor 0.5.0 – Authentication Bypass	webapps	multiple	Vulnz
2021-09-06	SmartFTP Client 10.0.2909.0 – ‘Multiple’ Denial of Service (PoC)	dos	windows	Eric Salario
2021-09-06	Patient Appointment Scheduler System 1.0 – Persistent Cross-Site Scripting	webapps	php	a-rey
2021-09-06	Patient Appointment Scheduler System 1.0 – Unauthenticated File Upload	webapps	php	a-rey
2021-09-06	Bus Pass Management System 1.0 – ‘viewid’ Insecure direct object references (IDOR)	webapps	php	sudoninja
2021-09-06	FlatCore CMS 2.0.7 – Remote Code Execution (RCE) (Authenticated)	webapps	php	Mason Soroka-Gill
2021-09-06	Argus Surveillance DVR 4.0 – Unquoted Service Path	local	windows	Salman Asad
2021-09-06	OpenEMR 6.0.0 – ‘noteid’ Insecure Direct Object Reference (IDOR)	webapps	php	Allen Enosh Upputori
2021-09-03	OpenSIS 8.0 ‘modname’ – Directory Traversal	webapps	php	Eric Salario
2021-09-03	Remote Mouse 4.002 – Unquoted Service Path	local	windows	Salman Asad
2021-09-02	Compro Technology IP Camera – ‘ mjpegStreamer.cgi’ Screenshot Disclosure	webapps	hardware	icekam
2021-09-02	Compro Technology IP Camera – ‘ index_MJpeg.cgi’ Stream Disclosure	webapps	hardware	icekam
2021-09-02	Compro Technology IP Camera – ‘Multiple’ Credential Disclosure	webapps	hardware	icekam
2021-09-02	Compro Technology IP Camera – RTSP stream disclosure (Unauthenticated)	webapps	hardware	icekam
2021-09-02	Compro Technology IP Camera – ‘killps.cgi’ Denial of Service (DoS)	webapps	hardware	icekam
2021-09-02	OpenSIS Community 8.0 – ‘cp_id_miss_attn’ SQL Injection	webapps	php	Eric Salario
2021-09-02	Dolibarr ERP 14.0.1 – Privilege Escalation	webapps	php	Vishwaraj Bhattrai
2021-09-02	WordPress Plugin Duplicate Page 4.4.1 – Stored Cross-Site Scripting (XSS)	webapps	php	Nikhil Kapoor
2021-09-02	WPanel 4.3.1 – Remote Code Execution (RCE) (Authenticated)	webapps	multiple	Sentinal920
2021-09-01	Telegram Desktop 2.9.2 – Denial of Service (PoC)	dos	windows	Aryan Chehreghani
2021-09-01	WordPress Plugin Payments Plugin \| GetPaid 2.4.6 – HTML Injection	webapps	php	Niraj Mahajan
2021-09-01	Traffic Offense Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)	webapps	php	Tagoletta
2021-09-01	Confluence Server 7.12.4 – ‘OGNL injection’ Remote Code Execution (RCE) (Unauthenticated)	webapps	java	Fellipe Oliveira
2021-08-31	WordPress Plugin ProfilePress 3.1.3 – Privilege Escalation (Unauthenticated)	webapps	php	Numan Rajkotiya
2021-08-31	Umbraco CMS 8.9.1 – Directory Traversal	webapps	aspx	BitTheByte
2021-08-30	Strapi 3.0.0-beta – Set Password (Unauthenticated)	webapps	multiple	David Anglada
2021-08-30	MySQL User-Defined (Linux) x32 / x86_64 – ‘sys_exec’ Local Privilege Escalation (2)	local	linux	ninpwn
2021-08-30	Bus Pass Management System 1.0 – ‘viewid’ SQL Injection	webapps	php	Aryan Chehreghani
2021-08-30	Usermin 1.820 – Remote Code Execution (RCE) (Authenticated)	webapps	linux	numan türle
2021-08-30	ZesleCP 3.1.9 – Remote Code Execution (RCE) (Authenticated)	webapps	multiple	numan türle
2021-08-30	Projectsend r1295 – ‘name’ Stored XSS	webapps	php	Abdullah Kala
2021-08-30	Strapi CMS 3.0.0-beta.17.4 – Remote Code Execution (RCE) (Unauthenticated)	webapps	multiple	Musyoka Ian
2021-08-30	Strapi 3.0.0-beta.17.7 – Remote Code Execution (RCE) (Authenticated)	webapps	multiple	David Utón