Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2021-07-13	Apache Tomcat 9.0.0.M1 – Cross-Site Scripting (XSS)	webapps	multiple	Central InfoSec
2021-07-13	Apache Tomcat 9.0.0.M1 – Open Redirect	webapps	multiple	Central InfoSec
2021-07-09	Zoo Management System 1.0 – ‘Multiple’ Persistent Cross-Site-Scripting (XSS)	webapps	php	Subhadip Nag
2021-07-09	Church Management System 1.0 – SQL Injection (Authentication Bypass) + Arbitrary File Upload + RCE	webapps	php	Eleonora Guardini
2021-07-08	WordPress Plugin SP Project & Document Manager 4.21 – Remote Code Execution (RCE) (Authenticated)	webapps	php	Ron Jost
2021-07-08	Online Covid Vaccination Scheduler System 1.0 – Arbitrary File Upload to Remote Code Execution (Unauthenticated)	webapps	php	faisalfs10x
2021-07-08	Wyomind Help Desk 1.3.6 – Remote Code Execution (RCE)	webapps	multiple	Patrik Lantz
2021-07-08	Employee Record Management System 1.2 – Stored Cross-Site Scripting (XSS)	webapps	php	Subhadip Nag
2021-07-08	Exam Hall Management System 1.0 – Unrestricted File Upload + RCE (Unauthenticated)	webapps	php	Davide \'yth1n\' Bianchin
2021-07-07	WordPress Plugin Plainview Activity Monitor 20161228 – Remote Code Execution (RCE) (Authenticated) (2)	webapps	php	Beren Kuday GÖRÜN
2021-07-07	Online Covid Vaccination Scheduler System 1.0 – ‘username’ time-based blind SQL Injection	webapps	php	faisalfs10x
2021-07-07	Rocket.Chat 3.12.1 – NoSQL Injection to RCE (Unauthenticated) (2)	webapps	linux	enox
2021-07-06	Netgear DGN2200v1 – Remote Command Execution (RCE) (Unauthenticated)	webapps	hardware	SivertPL
2021-07-06	Visual Tools DVR VX16 4.2.28.0 – OS Command Injection (Unauthenticated)	webapps	multiple	Andrea D\'Ubaldo
2021-07-06	perfexcrm 1.10 – ‘State’ Stored Cross-site scripting (XSS)	webapps	multiple	Alhasan Abbas
2021-07-06	WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 – Directory Traversal	webapps	php	TheSmuggler
2021-07-06	Phone Shop Sales Managements System 1.0 – Arbitrary File Upload	webapps	php	faisalfs10x
2021-07-06	Phone Shop Sales Managements System 1.0 – Authentication Bypass (SQLi)	webapps	php	faisalfs10x
2021-07-06	Visual Tools DVR VX16 4.2.28 – Local Privilege Escalation	webapps	hardware	Andrea D\'Ubaldo
2021-07-06	Exam Hall Management System 1.0 – Unrestricted File Upload (Unauthenticated)	webapps	php	Thamer Almohammadi
2021-07-06	Billing System Project 1.0 – Remote Code Execution (RCE) (Unauthenticated)	webapps	php	Talha DEMİRSOY
2021-07-06	Pallets Werkzeug 0.15.4 – Path Traversal	webapps	Python	faisalfs10x
2021-07-06	Black Box Kvm Extender 3.4.31307 – Local File Inclusion	webapps	hardware	Ferhat Çil
2021-07-05	Ricon Industrial Cellular Router S9922XL – Remote Command Execution (RCE)	webapps	hardware	LiquidWorm
2021-07-05	TextPattern CMS 4.9.0-dev – Remote Command Execution (RCE) (Authenticated)	webapps	php	Mevlüt Akçam
2021-07-05	Simple Client Management System 1.0 – Remote Code Execution (RCE)	webapps	php	Ishan Saha
2021-07-05	WordPress Plugin Backup Guard 1.5.8 – Remote Code Execution (Authenticated)	webapps	php	Ron Jost
2021-07-05	Church Management System 1.0 – ‘password’ SQL Injection (Authentication Bypass)	webapps	php	Murat DEMİRCİ
2021-07-05	Church Management System 1.0 – ‘Multiple’ Stored Cross-Site Scripting (XSS)	webapps	php	Murat DEMİRCİ
2021-07-05	Church Management System 1.0 – Arbitrary File Upload (Authenticated)	webapps	php	Murat DEMİRCİ
2021-07-05	Online Birth Certificate System 1.1 – ‘Multiple’ Stored Cross-Site Scripting (XSS)	webapps	php	Subhadip Nag
2021-07-05	Online Voting System 1.0 – SQLi (Authentication Bypass) + Remote Code Execution (RCE)	webapps	php	Geiseric
2021-07-05	OpenEMR 5.0.1.7 – ‘fileName’ Path Traversal (Authenticated) (2)	webapps	php	Alexandre ZANNI
2021-07-05	WordPress Plugin WP Learn Manager 1.1.2 – Stored Cross-Site Scripting (XSS)	webapps	php	Mohammed Adam
2021-07-02	WinWaste.NET 1.0.6183.16475 – Privilege Escalation due Incorrect Access Control	local	windows	Andrea Intilangelo
2021-07-02	WordPress Plugin Modern Events Calendar 5.16.2 – Remote Code Execution (Authenticated)	webapps	php	Ron Jost
2021-07-02	b2evolution 7.2.2 – ‘edit account details’ Cross-Site Request Forgery (CSRF)	webapps	php	Alperen Ergel
2021-07-02	AKCP sensorProbe SPX476 – ‘Multiple’ Cross-Site Scripting (XSS)	webapps	hardware	Tyler Butler
2021-07-02	Scratch Desktop 3.17 – Remote Code Execution	webapps	multiple	Stig Magnus Baugstø
2021-07-02	Garbage Collection Management System 1.0 – SQL Injection (Unauthenticated)	webapps	php	ircashem
2021-07-02	WordPress Plugin Modern Events Calendar 5.16.2 – Event export (Unauthenticated)	webapps	php	Ron Jost
2021-07-01	Vianeos OctoPUS 5 – ‘login_user’ SQLi	webapps	multiple	Audencia Business SCHOOL Red Team
2021-07-01	WordPress Plugin XCloner 4.2.12 – Remote Code Execution (Authenticated)	webapps	php	Ron Jost
2021-07-01	Online Voting System 1.0 – Remote Code Execution (Authenticated)	webapps	php	Salman Asad
2021-07-01	Online Voting System 1.0 – Authentication Bypass (SQLi)	webapps	php	Salman Asad
2021-06-30	Doctors Patients Management System 1.0 – SQL Injection (Authentication Bypass)	webapps	php	Murat DEMİRCİ
2021-06-30	Simple Traffic Offense System 1.0 – Stored Cross Site Scripting (XSS)	webapps	multiple	Barış Yıldızoğlu
2021-06-30	Apache Superset 1.1.0 – Time-Based Account Enumeration	webapps	multiple	Dolev Farhi
2021-06-30	phpAbook 0.9i – SQL Injection	webapps	php	Alejandro Perez
2021-06-29	ES File Explorer 4.1.9.7.4 – Arbitrary File Read	remote	android	Nehal Zaman