Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2021-04-21

Adtran Personal Phone Manager 10.8.1 – ’emailAddress’ Stored Cross-Site Scripting (XSS)
  • webapps
  • hardware
    		• 3ndG4me
    2021-04-21

    OpenEMR 5.0.2.1 – Remote Code Execution
  • webapps
  • php
    		• Hato0
    2021-04-21

    rconfig 3.9.6 – Arbitrary File Upload
  • webapps
  • php
    		• Vishwaraj Bhattrai
    2021-04-21

    Tenda D151 & D301 – Configuration Download (Unauthenticated)
  • remote
  • hardware
    		• BenChaliah
    2021-04-21

    RemoteClinic 2 – ‘Multiple’ Cross-Site Scripting (XSS)
  • webapps
  • php
    		• nu11secur1ty
    2021-04-21

    BlackCat CMS 1.3.6 – ‘Multiple’ Stored Cross-Site Scripting (XSS)
  • webapps
  • php
    		• Ömer Hasan Durmuş
    2021-04-16

    GetSimple CMS My SMTP Contact Plugin 1.1.1 – Cross-Site Request Forgery
  • webapps
  • php
    		• boku
    2021-04-15

    glFTPd 2.11a – Remote Denial of Service
  • dos
  • multiple
    		• xynmaps
    2021-04-15

    htmly 2.8.0 – ‘description’ Stored Cross-Site Scripting (XSS)
  • webapps
  • multiple
    		• nu11secur1ty
    2021-04-15

    Tileserver-gl 3.0.0 – ‘key’ Reflected Cross-Site Scripting (XSS)
  • webapps
  • multiple
    		• Akash Chathoth
    2021-04-15

    Horde Groupware Webmail 5.2.22 – Stored XSS
  • webapps
  • multiple
    		• nu11secur1ty
    2021-04-14

    jQuery 1.0.3 – Cross-Site Scripting (XSS)
  • webapps
  • multiple
    		• Central InfoSec
    2021-04-14

    jQuery 1.2 – Cross-Site Scripting (XSS)
  • webapps
  • multiple
    		• Central InfoSec
    2021-04-14

    MariaDB 10.2 – ‘wsrep_provider’ OS Command Execution
  • local
  • linux
    		• Central InfoSec
    2021-04-14

    Genexis PLATINUM 4410 2.1 P4410-V2-1.28 – RCE
  • webapps
  • hardware
    		• Jay Sharma
    2021-04-14

    CITSmart ITSM 9.1.2.27 – ‘query’ Time-based Blind SQL Injection (Authenticated)
  • webapps
  • java
    		• skysbsb
    2021-04-14

    CITSmart ITSM 9.1.2.22 – LDAP Injection
  • webapps
  • java
    		• skysbsb
    2021-04-14

    Digital Crime Report Management System 1.0 – SQL Injection (Authentication Bypass)
  • webapps
  • php
    		• GaluhID
    2021-04-13

    Blitar Tourism 1.0 – Authentication Bypass SQLi
  • webapps
  • multiple
    		• sigeri94
    2021-04-13

    Simple Student Information System 1.0 – SQL Injection (Authentication Bypass)
  • webapps
  • php
    		• GaluhID
    2021-04-13

    ExpressVPN VPN Router 1.0 – Router Login Panel’s Integer Overflow
  • webapps
  • multiple
    		• Jai Kumar Sharma
    2021-04-12

    vsftpd 2.3.4 – Backdoor Command Execution
  • remote
  • unix
    		• HerculesRD
    2021-04-09

    PrestaShop 1.7.6.7 – ‘location’ Blind Sql Injection
  • webapps
  • php
    		• Vanshal Gaur
    2021-04-08

    Linux Kernel 5.4 – ‘BleedingTooth’ Bluetooth Zero-Click Remote Code Execution
  • remote
  • linux
    		• Google Security Research
    2021-04-08

    Composr 10.0.36 – Remote Code Execution
  • webapps
  • php
    		• Orion Hridoy
    2021-04-08

    DMA Radius Manager 4.4.0 – Cross-Site Request Forgery (CSRF)
  • webapps
  • multiple
    		• Issac Briones
    2021-04-08

    CMSimple 5.2 – ‘External’ Stored XSS
  • webapps
  • php
    		• Quadron Research Lab
    2021-04-07

    Dell OpenManage Server Administrator 9.4.0.0 – Arbitrary File Read
  • webapps
  • windows
    		• Rhino Security Labs
    2021-04-07

    Composr CMS 10.0.36 – Cross Site Scripting
  • webapps
  • php
    		• Orion Hridoy
    2021-04-07

    Atlassian Jira Service Desk 4.9.1 – Unrestricted File Upload to XSS
  • webapps
  • multiple
    		• Captain_hook
    2021-04-06

    Mini Mouse 9.3.0 – Local File inclusion
  • webapps
  • ios
    		• gosh
    2021-04-06

    Google Chrome 81.0.4044 V8 – Remote Code Execution
  • remote
  • multiple
    		• r4j0x00
    2021-04-06

    Google Chrome 86.0.4240 V8 – Remote Code Execution
  • remote
  • multiple
    		• r4j0x00
    2021-04-05

    OpenEMR 4.1.0 – ‘u’ SQL Injection
  • webapps
  • php
    		• Michael Ikua
    2021-04-05

    Basic Shopping Cart 1.0 – Authentication Bypass
  • webapps
  • php
    		• Viren Saroha
    2021-04-05

    Simple Food Website 1.0 – Authentication Bypass
  • webapps
  • php
    		• Viren Saroha
    2021-04-05

    Rockstar Service – Insecure File Permissions
  • local
  • windows
    		• George Tsimpidas
    2021-04-05

    Mini Mouse 9.2.0 – Path Traversal
  • webapps
  • windows
    		• gosh
    2021-04-05

    Mini Mouse 9.2.0 – Remote Code Execution
  • webapps
  • windows
    		• gosh
    2021-04-02

    F5 BIG-IP 16.0.x – iControl REST Remote Code Execution (Unauthenticated)
  • webapps
  • hardware
    		• Al1ex
    2021-04-02

    ZBL EPON ONU Broadband Router 1.0 – Remote Privilege Escalation
  • webapps
  • hardware
    		• LiquidWorm
    2021-04-01

    phpPgAdmin 7.13.0 – COPY FROM PROGRAM Command Execution (Authenticated)
  • webapps
  • multiple
    		• Valerio Severini
    2021-04-01

    ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (2)
  • webapps
  • linux
    		• Fellipe Oliveira
    2021-04-01

    ScadaBR 1.0 – Arbitrary File Upload (Authenticated) (1)
  • webapps
  • windows
    		• Fellipe Oliveira
    2021-04-01

    Latrix 0.6.0 – ‘txtaccesscode’ SQL Injection
  • webapps
  • multiple
    		• cptsticky
    2021-03-31

    CourseMS 2.1 – ‘name’ Stored XSS
  • webapps
  • multiple
    		• cptsticky
    2021-03-31

    DD-WRT 45723 – UPNP Buffer Overflow (PoC)
  • dos
  • hardware
    		• Enesdex
    2021-03-31

    Zabbix 3.4.7 – Stored XSS
  • webapps
  • php
    		• Radmil Gazizov
    2021-03-30

    Openlitespeed 1.7.9 – ‘Notes’ Stored Cross-Site Scripting
  • webapps
  • multiple
    		• cmOs
    2021-03-30

    GetSimple CMS 3.3.16 – Persistent Cross-Site Scripting
  • webapps
  • php
    		• boku