Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2021-05-06

WordPress Plugin WP Super Edit 2.5.4 – Remote File Upload
  • webapps
  • php
    		• h4shur
    2021-05-06

    Schlix CMS 2.2.6-6 – Remote Code Execution (Authenticated)
  • webapps
  • multiple
    		• Eren Saraç
    2021-05-06

    Schlix CMS 2.2.6-6 – ‘title’ Persistent Cross-Site Scripting (Authenticated)
  • webapps
  • multiple
    		• Emircan Baş
    2021-05-05

    Freeter 1.2.1 – Persistent Cross-Site Scripting
  • webapps
  • multiple
    		• TaurusOmar
    2021-05-05

    StudyMD 0.3.2 – Persistent Cross-Site Scripting
  • webapps
  • multiple
    		• TaurusOmar
    2021-05-05

    Marky 0.0.1 – Persistent Cross-Site Scripting
  • webapps
  • multiple
    		• TaurusOmar
    2021-05-05

    Moeditor 0.2.0 – Persistent Cross-Site Scripting
  • webapps
  • multiple
    		• TaurusOmar
    2021-05-05

    SnipCommand 0.1.0 – Persistent Cross-Site Scripting
  • webapps
  • multiple
    		• TaurusOmar
    2021-05-05

    Tagstoo 2.0.1 – Persistent Cross-Site Scripting
  • webapps
  • multiple
    		• TaurusOmar
    2021-05-05

    Xmind 2020 – Persistent Cross-Site Scripting
  • webapps
  • multiple
    		• TaurusOmar
    2021-05-05

    Markdown Explorer 0.1.1 – Persistent Cross-Site Scripting
  • webapps
  • multiple
    		• Taurus Omar
    2021-05-05

    Savsoft Quiz 5 – ‘User Account Settings’ Persistent Cross-Site Scripting
  • webapps
  • php
    		• strider
    2021-05-05

    Anote 1.0 – Persistent Cross-Site Scripting
  • webapps
  • multiple
    		• TaurusOmar
    2021-05-05

    Markdownify 1.2.0 – Persistent Cross-Site Scripting
  • webapps
  • multiple
    		• TaurusOmar
    2021-05-05

    Markright 1.0 – Persistent Cross-Site Scripting
  • webapps
  • multiple
    		• TaurusOmar
    2021-05-04

    Internship Portal Management System 1.0 – Remote Code Execution(Unauthenticated)
  • webapps
  • php
    		• argenestel
    2021-05-03

    GitLab Community Edition (CE) 13.10.3 – ‘Sign_Up’ User Enumeration
  • webapps
  • ruby
    		• 4D0niiS
    2021-05-03

    GitLab Community Edition (CE) 13.10.3 – User Enumeration
  • webapps
  • ruby
    		• 4D0niiS
    2021-05-03

    Piwigo 11.3.0 – ‘language’ SQL
  • webapps
  • php
    		• nu11secur1ty
    2021-05-03

    Voting System 1.0 – Time based SQLI (Unauthenticated SQL injection)
  • webapps
  • php
    		• Syed Sheeraz Ali
    2021-05-03

    GetSimple CMS Custom JS 0.1 – Cross-Site Request Forgery
  • webapps
  • php
    		• boku
    2021-04-30

    Moodle 3.6.1 – Persistent Cross-Site Scripting (XSS)
  • webapps
  • php
    		• Fariskhi Vidyan
    2021-04-30

    GNU Wget < 1.18 - Arbitrary File Upload (2)
  • remote
  • linux
    		• liewehacksie
    2021-04-29

    NodeBB Plugin Emoji 3.2.1 – Arbitrary File Write
  • webapps
  • multiple
    		• 1F98D
    2021-04-29

    FOGProject 1.5.9 – File Upload RCE (Authenticated)
  • webapps
  • php
    		• sml
    2021-04-29

    Cacti 1.2.12 – ‘filter’ SQL Injection
  • webapps
  • php
    		• Leonardo Paiva
    2021-04-28

    Kirby CMS 3.5.3.1 – ‘file’ Cross-Site Scripting (XSS)
  • webapps
  • php
    		• Sreenath Raghunathan
    2021-04-27

    WordPress Plugin WPGraphQL 1.3.5 – Denial of Service
  • dos
  • php
    		• Dolev Farhi
    2021-04-27

    Montiorr 1.7.6m – Persistent Cross-Site Scripting
  • webapps
  • php
    		• Ahmad Shakla
    2021-04-27

    Kimai 1.14 – CSV Injection
  • webapps
  • php
    		• Mohammed Aloraimi
    2021-04-26

    SEO Panel 4.8.0 – ‘order_col’ Blind SQL Injection (2)
  • webapps
  • php
    		• nu11secur1ty
    2021-04-26

    OpenPLC 3 – Remote Code Execution (Authenticated)
  • webapps
  • Python
    		• Fellipe Oliveira
    2021-04-26

    Hasura GraphQL 1.3.3 – Remote Code Execution
  • webapps
  • multiple
    		• Dolev Farhi
    2021-04-23

    Sipwise C5 NGCP CSC – Click2Dial Cross-Site Request Forgery (CSRF)
  • webapps
  • hardware
    		• LiquidWorm
    2021-04-23

    Sipwise C5 NGCP CSC – ‘Multiple’ Persistent Cross-Site Scripting (XSS)
  • webapps
  • hardware
    		• LiquidWorm
    2021-04-23

    DzzOffice 2.02.1 – ‘Multiple’ Cross-Site Scripting (XSS)
  • webapps
  • multiple
    		• nu11secur1ty
    2021-04-23

    GetSimple CMS My SMTP Contact Plugin 1.1.2 – Persistent Cross-Site Scripting
  • webapps
  • php
    		• boku
    2021-04-23

    Moodle 3.10.3 – ‘url’ Persistent Cross Site Scripting
  • webapps
  • php
    		• UVision
    2021-04-22

    RemoteClinic 2.0 – ‘Multiple’ Stored Cross-Site Scripting (XSS)
  • webapps
  • php
    		• Saud Ahmad
    2021-04-22

    OTRS 6.0.1 – Remote Command Execution (2)
  • webapps
  • perl
    		• Hex_26
    2021-04-22

    CMS Made Simple 2.2.15 – ‘title’ Cross-Site Scripting (XSS)
  • webapps
  • php
    		• bt0
    2021-04-21

    Fast PHP Chat 1.3 – ‘my_item_search’ SQL Injection
  • webapps
  • php
    		• Fatih Coskun
    2021-04-21

    Multilaser Router RE018 AC1200 – Cross-Site Request Forgery (Enable Remote Access)
  • webapps
  • hardware
    		• Rodolfo Mariano
    2021-04-21

    Hasura GraphQL 1.3.3 – Service Side Request Forgery (SSRF)
  • webapps
  • multiple
    		• Dolev Farhi
    2021-04-21

    Hasura GraphQL 1.3.3 – Local File Read
  • webapps
  • multiple
    		• Dolev Farhi
    2021-04-21

    Hasura GraphQL 1.3.3 – Denial of Service
  • dos
  • multiple
    		• Dolev Farhi
    2021-04-21

    GravCMS 1.10.7 – Unauthenticated Arbitrary File Write (Metasploit)
  • webapps
  • php
    		• Mehmet Ince
    2021-04-21

    Adtran Personal Phone Manager 10.8.1 – DNS Exfiltration
  • webapps
  • hardware
    		• 3ndG4me
    2021-04-21

    Adtran Personal Phone Manager 10.8.1 – ‘Multiple’ Reflected Cross-Site Scripting (XSS)
  • webapps
  • hardware
    		• 3ndG4me
    2021-04-21

    Adtran Personal Phone Manager 10.8.1 – ’emailAddress’ Stored Cross-Site Scripting (XSS)
  • webapps
  • hardware
    		• 3ndG4me