Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2021-08-27	COMMAX UMS Client ActiveX Control 1.7.0.2 – ‘CNC_Ctrl.dll’ Heap Buffer Overflow	webapps	hardware	LiquidWorm
2021-08-27	COMMAX WebViewer ActiveX Control 2.1.4.5 – ‘Commax_WebViewer.ocx’ Buffer Overflow	webapps	hardware	LiquidWorm
2021-08-27	CyberPanel 2.1 – Remote Code Execution (RCE) (Authenticated)	webapps	multiple	numan türle
2021-08-26	ProcessMaker 3.5.4 – Local File inclusion	webapps	multiple	Ai Ho
2021-08-25	Online Leave Management System 1.0 – Arbitrary File Upload to Shell (Unauthenticated)	webapps	php	Justin White
2021-08-25	HP OfficeJet 4630/7110 MYM1FN2025AR/2117A – Stored Cross-Site Scripting (XSS)	webapps	hardware	Tyler Butler
2021-08-25	WordPress Plugin Mail Masta 1.0 – Local File Inclusion (2)	webapps	php	Matheus Alexandre
2021-08-23	RaspAP 2.6.6 – Remote Code Execution (RCE) (Authenticated)	webapps	php	Moritz Gruber
2021-08-23	Simple Phone Book 1.0 – ‘Username’ SQL Injection (Unauthenticated)	webapps	php	Justin White
2021-08-23	Online Traffic Offense Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)	webapps	php	Halit AKAYDIN
2021-08-20	Laundry Booking Management System 1.0 – ‘Multiple’ Stored Cross-Site Scripting (XSS)	webapps	php	Azumah Foresight Xorlali
2021-08-20	Laundry Booking Management System 1.0 – ‘Multiple’ SQL Injection	webapps	php	Azumah Foresight Xorlali
2021-08-20	Online Traffic Offense Management System 1.0 – ‘id’ SQL Injection (Authenticated)	webapps	php	Justin White
2021-08-19	Charity Management System CMS 1.0 – Multiple Vulnerabilities	webapps	php	Davide Taraschi
2021-08-18	crossfire-server 1.9.0 – ‘SetUp()’ Remote Buffer Overflow	remote	linux	Khaled Salem
2021-08-18	COVID19 Testing Management System 1.0 – ‘Multiple’ SQL Injections	webapps	php	Halit AKAYDIN
2021-08-18	Simple Image Gallery 1.0 – Remote Code Execution (RCE) (Unauthenticated)	webapps	php	Tagoletta
2021-08-18	Crime records Management System 1.0 – ‘Multiple’ SQL Injection (Authenticated)	webapps	php	Davide Taraschi
2021-08-17	GeoVision Geowebserver 5.3.3 – Local FIle Inclusion	webapps	hardware	Ken Pyle
2021-08-17	SonicWall NetExtender 10.2.0.300 – Unquoted Service Path	local	windows	shinnai
2021-08-16	COMMAX CVD-Axx DVR 5.1.4 – Weak Default Credentials Stream Disclosure	webapps	hardware	LiquidWorm
2021-08-16	COMMAX Smart Home Ruvie CCTV Bridge DVR Service – Config Write / DoS (Unauthenticated)	webapps	hardware	LiquidWorm
2021-08-16	COMMAX Smart Home Ruvie CCTV Bridge DVR Service – RTSP Credentials Disclosure	webapps	hardware	LiquidWorm
2021-08-16	COMMAX Smart Home IoT Control System CDP-1020n – SQL Injection Authentication Bypass	webapps	hardware	LiquidWorm
2021-08-16	COMMAX Biometric Access Control System 1.0.0 – Authentication Bypass	webapps	hardware	LiquidWorm
2021-08-16	Simple Water Refilling Station Management System 1.0 – Remote Code Execution (RCE) through File Upload	webapps	php	Matt Sorrell
2021-08-16	Simple Water Refilling Station Management System 1.0 – Authentication Bypass	webapps	php	Matt Sorrell
2021-08-16	NetGear D1500 V1.0.0.21_1.0.1PE – ‘Wireless Repeater’ Stored Cross-Site Scripting (XSS)	webapps	hardware	Securityium
2021-08-16	CentOS Web Panel 0.9.8.1081 – Stored Cross-Site Scripting (XSS)	webapps	linux	Dinesh Mohanty
2021-08-13	4images 1.8 – ‘limitnumber’ SQL Injection (Authenticated)	webapps	php	Andrey Stoykov
2021-08-13	RATES SYSTEM 1.0 – Authentication Bypass	webapps	php	Azumah Foresight Xorlali
2021-08-13	Simple Image Gallery System 1.0 – ‘id’ SQL Injection	webapps	php	Azumah Foresight Xorlali
2021-08-13	Care2x Open Source Hospital Information Management 2.7 Alpha – ‘Multiple’ Stored XSS	webapps	php	securityforeveryone.com
2021-08-13	Police Crime Record Management System 1.0 – ‘casedetails’ SQL Injection	webapps	php	Ömer Hasan Durmuş
2021-08-13	Police Crime Record Management System 1.0 – ‘Multiple’ Stored Cross-Site Scripting (XSS)	webapps	php	Ömer Hasan Durmuş
2021-08-13	easy-mock 1.6.0 – Remote Code Execution (RCE) (Authenticated)	webapps	windows	LionTree
2021-08-12	RATES SYSTEM 1.0 – ‘Multiple’ SQL Injections	webapps	php	Halit AKAYDIN
2021-08-12	Altova MobileTogether Server 7.3 – XML External Entity Injection (XXE)	webapps	multiple	RedTeam Pentesting GmbH
2021-08-12	COVID19 Testing Management System 1.0 – ‘searchdata’ SQL Injection	webapps	php	Ashish Upsham
2021-08-10	Simple Library Management System 1.0 – ‘rollno’ SQL Injection	webapps	php	Halit AKAYDIN
2021-08-10	Xiaomi browser 10.2.4.g – Browser Search History Disclosure	local	android	Vishwaraj Bhattrai
2021-08-10	WordPress Plugin Picture Gallery 1.4.2 – ‘Edit Content URL’ Stored Cross-Site Scripting (XSS)	webapps	php	Aryan Chehreghani
2021-08-10	Cockpit CMS 0.11.1 – ‘Username Enumeration & Password Reset’ NoSQL Injection	webapps	multiple	Brian Ombongi
2021-08-10	Amica Prodigy 1.7 – Privilege Escalation	local	windows	Andrea Intilangelo
2021-08-10	IPCop 2.1.9 – Remote Code Execution (RCE) (Authenticated)	webapps	cgi	Mücahit Saratar
2021-08-05	GFI Mail Archiver 15.1 – Telerik UI Component Arbitrary File Upload (Unauthenticated)	webapps	multiple	Amin Bohio
2021-08-05	Moodle 3.9 – Remote Code Execution (RCE) (Authenticated)	webapps	php	lanz
2021-08-05	CMSuno 1.7 – ‘tgo’ Stored Cross-Site Scripting (XSS) (Authenticated)	webapps	php	splint3rsec
2021-08-04	qdPM 9.1 – Remote Code Execution (Authenticated)	webapps	php	Leon Trappett
2021-08-04	WordPress Plugin WP Customize Login 1.1 – ‘Change Logo Title’ Stored Cross-Site Scripting (XSS)	webapps	php	Aryan Chehreghani