Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2021-05-21	DELL dbutil_2_3.sys 2.3 – Arbitrary Write to Local Privilege Escalation (LPE)	local	windows	Paolo Stagno
2021-05-21	Mozilla Firefox 88.0.1 – File Extension Execution of Arbitrary Code	local	windows	BestEffort Team
2021-05-20	Acer Updater Service 1.2.3500.0 – ‘UpdaterService.exe’ Unquoted Service Path	local	windows	Emmanuel Lujan
2021-05-20	Backup Manager Module 3.0.0.99 – ‘IScheduleSvc.exe’ Unquoted Service Path	local	windows	Emmanuel Lujan
2021-05-20	ASUS HID Access Service 1.0.94.0 – ‘AsHidSrv.exe’ Unquoted Service Path	local	windows	Alejandra Sánchez
2021-05-19	COVID19 Testing Management System 1.0 – ‘Admin name’ Cross-Site Scripting (XSS)	webapps	php	Rohit Burke
2021-05-19	COVID19 Testing Management System 1.0 – SQL Injection (Auth Bypass)	webapps	php	Rohit Burke
2021-05-19	ManageEngine ADSelfService Plus 6.1 – CSV Injection	webapps	multiple	Metin Yunus Kandemir
2021-05-19	In4Suit ERP 3.2.74.1370 – ‘txtLoginId’ SQL injection	webapps	multiple	Gulab Mondal
2021-05-19	WebSSH for iOS 14.16.10 – ‘mashREPL’ Denial of Service (PoC)	dos	ios	Luis Martínez
2021-05-19	Visual Studio Code 1.47.1 – Denial of Service (PoC)	local	windows	H.H.A.Ravindu Priyankara
2021-05-19	WordPress Plugin Stop Spammers 2021.8 – ‘log’ Reflected Cross-site Scripting (XSS)	webapps	php	Hosein Vita
2021-05-18	Microsoft Exchange 2019 – Unauthenticated Email Download	webapps	windows	Gonzalo Villegas
2021-05-18	EgavilanMedia PHPCRUD 1.0 – ‘First Name’ SQL Injection	webapps	php	Dimitrios Mitakos
2021-05-17	Billing Management System 2.0 – Union based SQL injection (Authenticated)	webapps	php	Mohammad Koochaki
2021-05-17	Simple Chatbot Application 1.0 – ‘Category’ Stored Cross site Scripting	webapps	php	Vani K G
2021-05-17	Microsoft Internet Explorer 8 – ‘SetMouseCapture ‘ Use After Free	local	windows	SlidingWindow
2021-05-17	Dental Clinic Appointment Reservation System 1.0 – Cross Site Request Forgery (Add Admin)	webapps	php	Reza Afsahi
2021-05-17	Dental Clinic Appointment Reservation System 1.0 – ‘Firstname’ Persistent Cross Site Scripting (Authenticated)	webapps	php	Reza Afsahi
2021-05-17	IPFire 2.25 – Remote Code Execution (Authenticated)	webapps	cgi	Mücahit Saratar
2021-05-17	Customer Relationship Management (CRM) System 1.0 – ‘Category’ Persistent Cross site Scripting	webapps	php	Vani K G
2021-05-17	Printable Staff ID Card Creator System 1.0 – ’email’ SQL Injection	webapps	php	bwnz
2021-05-17	Subrion CMS 4.2.1 – Arbitrary File Upload	webapps	php	Fellipe Oliveira
2021-05-17	Advanced Guestbook 2.4.4 – ‘Smilies’ Persistent Cross-Site Scripting (XSS)	webapps	php	Abdulkadir AYDOGAN
2021-05-14	Chamilo LMS 1.11.14 – Remote Code Execution (Authenticated)	webapps	php	M. Cory Billington
2021-05-14	Podcast Generator 3.1 – ‘Long Description’ Persistent Cross-Site Scripting (XSS)	webapps	php	Ayşenur KARAASLAN
2021-05-14	Student Management System 1.0 – ‘message’ Persistent Cross-Site Scripting (Authenticated)	webapps	php	mohsen khashei
2021-05-13	Firefox 72 IonMonkey – JIT Type Confusion	local	windows_x86-64	Forrest Orr
2021-05-13	Microsoft Internet Explorer 11 and WPAD service ‘Jscript.dll’ – Use-After-Free	local	windows_x86-64	Forrest Orr
2021-05-13	ZeroShell 3.9.0 – Remote Command Execution	webapps	linux	Fellipe Oliveira
2021-05-13	Dental Clinic Appointment Reservation System 1.0 – ‘date’ UNION based SQL Injection (Authenticated)	webapps	php	Mesut Cetin
2021-05-13	Dental Clinic Appointment Reservation System 1.0 – Authentication Bypass (SQLi)	webapps	php	Mesut Cetin
2021-05-12	Chevereto 3.17.1 – Cross Site Scripting (Stored)	webapps	multiple	Akıner Kısa
2021-05-11	Odoo 12.0.20190101 – ‘nssm.exe’ Unquoted Service Path	local	windows	1F98D
2021-05-10	Microweber CMS 1.1.20 – Remote Code Execution (Authenticated)	webapps	php	sl1nki
2021-05-10	Human Resource Information System 0.1 – ‘First Name’ Persistent Cross-Site Scripting (Authenticated)	webapps	php	Reza Afsahi
2021-05-10	PHP Timeclock 1.04 – ‘Multiple’ Cross Site Scripting (XSS)	webapps	php	Tyler Butler
2021-05-10	TFTP Broadband 4.3.0.1465 – ‘tftpt.exe’ Unquoted Service Path	local	windows	Erick Galindo
2021-05-10	BOOTP Turbo 2.0.0.1253 – ‘bootpt.exe’ Unquoted Service Path	local	windows	Erick Galindo
2021-05-10	DHCP Broadband 4.1.0.1503 – ‘dhcpt.exe’ Unquoted Service Path	local	windows	Erick Galindo
2021-05-07	PHP Timeclock 1.04 – Time and Boolean Based Blind SQL Injection	webapps	php	Tyler Butler
2021-05-07	Epic Games Rocket League 1.95 – Stack Buffer Overrun	local	windows	LiquidWorm
2021-05-07	Human Resource Information System 0.1 – Remote Code Execution (Unauthenticated)	webapps	php	Reza Afsahi
2021-05-07	Voting System 1.0 – Remote Code Execution (Unauthenticated)	webapps	php	secure77
2021-05-07	WifiHotSpot 1.0.0.0 – ‘WifiHotSpotService.exe’ Unquoted Service Path	local	windows	Erick Galindo
2021-05-07	Sandboxie 5.49.7 – Denial of Service (PoC)	dos	windows	Erick Galindo
2021-05-07	Voting System 1.0 – Authentication Bypass (SQLI)	webapps	php	secure77
2021-05-07	Sandboxie Plus 0.7.4 – ‘SbieSvc’ Unquoted Service Path	local	windows	Erick Galindo
2021-05-07	Epic Games Easy Anti-Cheat 4.0 – Local Privilege Escalation	local	windows	LiquidWorm
2021-05-06	b2evolution 7-2-2 – ‘cf_name’ SQL Injection	webapps	php	nu11secur1ty