Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2021-08-04	qdPM 9.2 – Password Exposure (Unauthenticated)	webapps	php	Leon Trappett
2021-08-04	qdPM 9.1 – Remote Code Execution (Authenticated)	webapps	php	Leon Trappett
2021-08-04	WordPress Plugin WP Customize Login 1.1 – ‘Change Logo Title’ Stored Cross-Site Scripting (XSS)	webapps	php	Aryan Chehreghani
2021-08-03	Hotel Management System 1.0 – Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)	webapps	php	Merbin Russel
2021-08-02	Panasonic Sanyo CCTV Network Camera 2.03-0x – Cross-Site Request Forgery (Change Password)	webapps	hardware	LiquidWorm
2021-08-02	Online Hotel Reservation System 1.0 – ‘Multiple’ Cross-site scripting (XSS)	webapps	php	Mohammad Koochaki
2021-08-02	Neo4j 3.4.18 – RMI based Remote Code Execution (RCE)	remote	java	Christopher Ellis
2021-08-02	Men Salon Management System 1.0 – SQL Injection Authentication Bypass	webapps	php	Akshay Khanna
2021-07-29	CloverDX 5.9.0 – Cross-Site Request Forgery (CSRF)	webapps	java	niebardzo
2021-07-29	Care2x Integrated Hospital Info System 2.7 – ‘Multiple’ SQL Injection	webapps	php	securityforeveryone.com
2021-07-29	IntelliChoice eFORCE Software Suite 2.5.9 – Username Enumeration	webapps	aspx	LiquidWorm
2021-07-29	Longjing Technology BEMS API 1.21 – Remote Arbitrary File Download	webapps	hardware	LiquidWorm
2021-07-29	Denver IP Camera SHO-110 – Unauthenticated Snapshot	webapps	hardware	Ivan Nikolsky
2021-07-29	Oracle Fatwire 6.3 – Multiple Vulnerabilities	webapps	multiple	J. Francisco Bolivar
2021-07-28	TripSpark VEO Transportation – Blind SQL Injection	webapps	windows	Sedric Louissaint
2021-07-28	Denver Smart Wifi Camera SHC-150 – ‘Telnet’ Remote Code Execution (RCE)	remote	hardware	Ivan Nikolsky
2021-07-28	Event Registration System with QR Code 1.0 – Authentication Bypass	webapps	php	Javier Olmedo
2021-07-27	Customer Relationship Management System (CRM) 1.0 – Sql Injection Authentication Bypass	webapps	php	Shafique_Wasta
2021-07-27	PHP 7.3.15-3 – ‘PHP_SESSION_UPLOAD_PROGRESS’ Session Data Injection	webapps	php	S1lv3r
2021-07-26	XOS Shop 1.0.9 – ‘Multiple’ Arbitrary File Deletion (Authenticated)	webapps	php	faisalfs10x
2021-07-26	NoteBurner 2.35 – Denial Of Service (DoS) (PoC)	webapps	windows	stresser
2021-07-26	Leawo Prof. Media 11.0.0.1 – Denial of Service (DoS) (PoC)	dos	windows	stresser
2021-07-26	Elasticsearch ECE 7.13.3 – Anonymous Database Dump	webapps	multiple	Joan Martinez
2021-07-23	ElasticSearch 7.13.3 – Memory disclosure	webapps	multiple	r0ny
2021-07-23	Microsoft SharePoint Server 2019 – Remote Code Execution (2)	webapps	aspx	Podalirius
2021-07-23	WordPress Plugin Simple Post 1.1 – ‘Text field’ Stored Cross-Site Scripting (XSS)	webapps	php	Vikas Srivastava
2021-07-21	CSZ CMS 1.2.9 – ‘Multiple’ Arbitrary File Deletion	webapps	php	faisalfs10x
2021-07-21	KevinLAB BEMS 1.0 – File Path Traversal Information Disclosure (Authenticated)	webapps	hardware	LiquidWorm
2021-07-21	KevinLAB BEMS 1.0 – Authentication Bypass	webapps	hardware	LiquidWorm
2021-07-21	KevinLAB BEMS 1.0 – Undocumented Backdoor Account	remote	hardware	LiquidWorm
2021-07-20	Webmin 1.973 – ‘run.cgi’ Cross-Site Request Forgery (CSRF)	webapps	linux	Mesh3l_911
2021-07-20	WordPress Plugin KN Fix Your Title 1.0.1 – ‘Separator’ Stored Cross-Site Scripting (XSS)	webapps	php	Aakash Choudhary
2021-07-19	PEEL Shopping 9.3.0 – ‘id’ Time-based SQL Injection	webapps	php	faisalfs10x
2021-07-19	WordPress Plugin Mimetic Books 0.2.13 – ‘Default Publisher ID field’ Stored Cross-Site Scripting (XSS)	webapps	php	Vikas Srivastava
2021-07-19	WordPress Plugin LearnPress 3.2.6.8 – Privilege Escalation	webapps	php	nhattruong
2021-07-19	WordPress Plugin LearnPress 3.2.6.7 – ‘current_items’ SQL Injection (Authenticated)	webapps	php	nhattruong
2021-07-16	Argus Surveillance DVR 4.0 – Weak Password Encryption	local	windows	Salman Asad
2021-07-16	Aruba Instant 8.7.1.0 – Arbitrary File Modification	remote	hardware	Gr33nh4t
2021-07-16	Seagate BlackArmor NAS sg2000-2000.1331 – Command Injection	webapps	hardware	Metin Yunus Kandemir
2021-07-16	ForgeRock Access Manager 14.6.3 – Remote Code Execution (RCE) (Unauthenticated)	webapps	java	Photubias
2021-07-15	WordPress Plugin Popular Posts 5.3.2 – Remote Code Execution (RCE) (Authenticated)	webapps	php	Simone Cristofaro
2021-07-15	osCommerce 2.3.4.1 – Remote Code Execution (2)	webapps	php	Bryan Leong
2021-07-15	Aruba Instant (IAP) – Remote Code Execution	remote	cgi	Aleph Security
2021-07-15	Linux Kernel 2.6.19 < 5.9 - 'Netfilter Local Privilege Escalation	local	linux	TheFloW
2021-07-14	WordPress Plugin Current Book 1.0.1 – ‘Book Title’ Persistent Cross-Site Scripting	webapps	php	Vikas Srivastava
2021-07-14	Webmin 1.973 – ‘save_user.cgi’ Cross-Site Request Forgery (CSRF)	webapps	linux	Mesh3l_911
2021-07-13	Garbage Collection Management System 1.0 – SQL Injection + Arbitrary File Upload	webapps	php	Luca Bernardi
2021-07-13	OpenEMR 5.0.1.3 – ‘manage_site_files’ Remote Code Execution (Authenticated) (2)	webapps	php	Alexandre ZANNI
2021-07-13	Invoice System 1.0 – ‘Multiple’ Stored Cross-Site Scripting (XSS)	webapps	php	Subhadip Nag
2021-07-13	WordPress Plugin WPFront Notification Bar 1.9.1.04012 – Stored Cross-Site Scripting (XSS)	webapps	php	Swapnil Subhash Bodekar