Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24745Exploits

日期	标题	类型	平台	作者
2025-04-16	Teedy 1.11 – Account Takeover via Stored Cross-Site Scripting (XSS)	webapps	multiple	Ayato Shitomi @ Fore-Z co.ltd
2025-04-16	ABB Cylon Aspect 4.00.00 (factorySaved.php) – Unauthenticated XSS	hardware	php	LiquidWorm
2025-04-16	ABB Cylon Aspect 4.00.00 (factorySetSerialNum.php) – Remote Code Execution	hardware	php	LiquidWorm
2025-04-16	ABB Cylon Aspect 3.08.02 – Cross-Site Request Forgery (CSRF)	hardware	multiple	LiquidWorm
2025-04-16	Zabbix 7.0.0 – SQL Injection	webapps	php	m4nb4
2025-04-16	NagVis 1.9.33 – Arbitrary File Read	webapps	php	xerosec
2025-04-16	Smart Manager 8.27.0 – Post-Authenticated SQL Injection	webapps	php	Ivan Spiridonov
2025-04-16	Hugging Face Transformers MobileViTV2 4.41.1 – Remote Code Execution (RCE)	remote	Python	The Kernel Panic
2025-04-16	KodExplorer 4.52 – Open Redirect	webapps	php	Rahad Chowdhury
2025-04-16	phpMyFAQ 3.1.7 – Reflected Cross-Site Scripting (XSS)	webapps	php	CodeSecLab
2025-04-16	ASUS ASMB8 iKVM 1.14.51 – Remote Code Execution (RCE)	local	hardware	ub3rsick
2025-04-16	Car Rental Project 1.0 – Remote Code Execution	webapps	php	ub3rsick
2025-04-16	Ruckus IoT Controller 1.7.1.0 – Undocumented Backdoor Account	local	hardware	ub3rsick
2025-04-15	ABB Cylon Aspect 3.08.03 (MapServicesHandler) – Authenticated Reflected XSS	webapps	multiple	LiquidWorm
2025-04-15	Spring Boot common-user-management 0.1 – Remote Code Execution (RCE)	webapps	java	d3sca
2025-04-15	ABB Cylon Aspect 3.07.02 (userManagement.php) – Weak Password Policy	hardware	multiple	LiquidWorm
2025-04-15	Pymatgen 2024.1 – Remote Code Execution (RCE)	remote	Python	Mohammed Idrees Banyamer
2025-04-15	ABB Cylon Aspect 3.08.03 (CookieDB) – SQL Injection	hardware	multiple	LiquidWorm
2025-04-15	ABB Cylon Aspect 3.08.02 (webServerUpdate.php) – Input Validation Config Poisoning	hardware	php	LiquidWorm
2025-04-15	ABB Cylon Aspect 3.08.02 (escDevicesUpdate.php) – Denial of Service (DOS)	hardware	php	LiquidWorm
2025-04-15	ABB Cylon Aspect 3.08.02 (bbmdUpdate.php) – Remote Code Execution	hardware	multiple	LiquidWorm
2025-04-15	ABB Cylon Aspect 3.08.02 (uploadDb.php) – Remote Code Execution	hardware	multiple	LiquidWorm
2025-04-15	ABB Cylon Aspect 3.08.02 (licenseUpload.php) – Stored Cross-Site Scripting	hardware	multiple	LiquidWorm
2025-04-15	ABB Cylon Aspect 3.08.02 (licenseServerUpdate.php) – Stored Cross-Site Scripting	hardware	multiple	LiquidWorm
2025-04-15	Ivanti Connect Secure 22.7R2.5 – Remote Code Execution (RCE)	remote	multiple	Abdualhadi khalifa
2025-04-15	IBMi Navigator 7.5 – Server Side Request Forgery (SSRF)	webapps	multiple	hyp3rlinx
2025-04-15	Plane 0.23.1 – Server side request forgery (SSRF)	webapps	multiple	Saud Alenazi
2025-04-15	IBMi Navigator 7.5 – HTTP Security Token Bypass	webapps	multiple	hyp3rlinx
2025-04-15	Cacti 1.2.26 – Remote Code Execution (RCE) (Authenticated)	webapps	php	D3Ext
2025-04-15	OpenCMS 17.0 – Stored Cross Site Scripting (XSS)	webapps	php	Siddhartha Naik
2025-04-15	ABB Cylon Aspect 3.08.02 – Cookie User Password Disclosure	hardware	multiple	LiquidWorm
2025-04-15	Adapt Authoring Tool 0.11.3 – Remote Command Execution (RCE)	webapps	multiple	Eui Chul Chung
2025-04-15	ABB Cylon Aspect 3.08.03 – Hard-coded Secrets	webapps	multiple	LiquidWorm
2025-04-15	Really Simple Security 9.1.1.1 – Authentication Bypass	webapps	php	Antonio Francesco Sardella
2025-04-14	GestioIP 3.5.7 – Remote Command Execution (RCE)	remote	multiple	Maximiliano Belino
2025-04-14	GestioIP 3.5.7 – Cross-Site Scripting (XSS)	remote	multiple	Maximiliano Belino
2025-04-14	GestioIP 3.5.7 – Stored Cross-Site Scripting (Stored XSS)	remote	multiple	Maximiliano Belino
2025-04-14	GestioIP 3.5.7 – Cross-Site Request Forgery (CSRF)	remote	multiple	Maximiliano Belino
2025-04-14	SilverStripe 5.3.8 – Stored Cross Site Scripting (XSS) (Authenticated)	webapps	multiple	James Nicoll
2025-04-14	GestioIP 3.5.7 – Reflected Cross-Site Scripting (Reflected XSS)	remote	multiple	Maximiliano Belino
2025-04-14	OpenPanel Copy and View functions in the File Manager 0.3.4 – Directory Traversal	webapps	multiple	Korn Chaisuwan, Charanin Thongudom, Pongtorn Angsuchotmetee
2025-04-14	Pimcore 11.4.2 – Stored cross site scripting	webapps	multiple	maeitsec
2025-04-14	OpenPanel 0.3.4 – OS Command Injection	webapps	multiple	Korn Chaisuwan, Charanin Thongudom, Pongtorn Angsuchotmetee
2025-04-14	OpenPanel 0.3.4 – Incorrect Access Control	webapps	multiple	Korn Chaisuwan, Charanin Thongudom, Pongtorn Angsuchotmetee
2025-04-14	OpenPanel 0.3.4 – Directory Traversal	webapps	multiple	Korn Chaisuwan, Charanin Thongudom, Pongtorn Angsuchotmetee
2025-04-14	Pimcore customer-data-framework 4.2.0 – SQL injection	webapps	multiple	maeitsec
2025-04-14	Xinet Elegant 6 Asset Lib Web UI 6.1.655 – SQL Injection	webapps	multiple	hyp3rlinx
2025-04-14	ZTE ZXHN H168N 3.1 – Remote Code Execution (RCE) via authentication bypass	hardware	multiple	tasos meletlidis
2025-04-11	ABB Cylon FLXeon 9.3.4 – Remote Code Execution (Authenticated)	hardware	multiple	LiquidWorm
2025-04-11	NEWS-BUZZ News Management System 1.0 – SQL Injection	webapps	php	egsec