Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2021-03-29	TP-Link Devices – ‘setDefaultHostname’ Stored Cross-site Scripting (Unauthenticated)	webapps	hardware	Smriti Gaba
2021-03-29	vsftpd 3.0.3 – Remote Denial of Service	remote	multiple	xynmaps
2021-03-29	WordPress Plugin WP Super Cache 1.7.1 – Remote Code Execution (Authenticated)	webapps	php	m0ze
2021-03-29	SyncBreeze 10.1.16 – XML Parsing Stack-based Buffer Overflow	webapps	windows	Filipe Oliveira
2021-03-29	Novel Boutique House-plus 3.5.1 – Arbitrary File Download	webapps	java	tuyiqiang
2021-03-29	Budget Management System 1.0 – ‘Budget title’ Stored XSS	webapps	php	Jitendra Kumar Tripathi
2021-03-29	Equipment Inventory System 1.0 – ‘multiple’ Stored XSS	webapps	php	Jitendra Kumar Tripathi
2021-03-29	Concrete5 8.5.4 – ‘name’ Stored XSS	webapps	php	Quadron Research Lab
2021-03-26	Moodle 3.10.3 – ‘label’ Persistent Cross Site Scripting	webapps	php	Vincent666
2021-03-26	Regis Inventory And Monitoring System 1.0 – ‘Item List’ Persistent Cross-Site Scripting	webapps	php	George Tsimpidas
2021-03-26	‘customhs_js_content’ – ‘customhs_js_content’ Cross-Site Request Forgery	webapps	php	Abhishek Joshi
2021-03-25	Dolibarr ERP 11.0.4 – File Upload Restrictions Bypass (Authenticated RCE)	webapps	php	Andrea Gonzalez
2021-03-25	Genexis Platinum-4410 P4410-V2-1.31A – ‘start_addr’ Persistent Cross-Site Scripting	webapps	hardware	Jithin KS
2021-03-25	Linksys EA7500 2.0.8.194281 – Cross-Site Scripting	webapps	hardware	MiningOmerta
2021-03-25	Ovidentia 6 – ‘id’ SQL injection (Authenticated)	webapps	php	Felipe Prates Donato
2021-03-24	Ext2Fsd v0.68 – ‘Ext2Srv’ Unquoted Service Path	local	windows	Mohammed Alshehri
2021-03-23	Hotel And Lodge Management System 1.0 – ‘Customer Details’ Stored XSS	webapps	php	Jitendra Kumar Tripathi
2021-03-23	MyBB 1.8.25 – Poll Vote Count SQL Injection	webapps	php	SivertPL
2021-03-23	Codiad 2.8.4 – Remote Code Execution (Authenticated)	webapps	multiple	WangYihang
2021-03-23	Elodea Event Collector 4.9.3 – ‘ElodeaEventCollectorService’ Unquoted Service Path	local	windows	Alan Mondragon
2021-03-23	ActivIdentity 8.2 – ‘ac.sharedstore’ Unquoted Service Path	local	windows	SamAlucard
2021-03-23	ELAN Touchpad 15.2.13.1_X64_WHQL – ‘ETDService’ Unquoted Service Path	local	windows	SamAlucard
2021-03-23	Hi-Rez Studios 5.1.6.3 – ‘HiPatchService’ Unquoted Service Path	local	windows	Ekrem Can Kök
2021-03-22	OSAS Traverse Extension 11 – ‘travextensionhostsvc’ Unquoted Service Path	local	windows	Johnny Tech
2021-03-22	ProFTPD 1.3.7a – Remote Denial of Service	dos	multiple	xynmaps
2021-03-22	MyBB 1.8.25 – Chained Remote Command Execution	webapps	php	SivertPL
2021-03-22	KZTech T3500V 4G LTE CPE 2.0.1 – Weak Default WiFi Password Algorithm	remote	hardware	LiquidWorm
2021-03-22	MacPaw Encrypto 1.0.1 – ‘Encrypto Service’ Unquoted Service Path	local	windows	Ismael Nava
2021-03-22	WordPress Plugin Delightful Downloads Jquery File Tree 1.6.6 – Path Traversal	webapps	php	Nicholas Ferreira
2021-03-22	Winpakpro 4.8 – ‘WPCommandFileService’ Unquoted Service Path	local	windows	Alan Mondragon
2021-03-22	Winpakpro 4.8 – ‘ScheduleService’ Unquoted Service Path	local	windows	Alan Mondragon
2021-03-22	Winpakpro 4.8 – ‘GuardTourService’ Unquoted Service Path	local	windows	Alan Mondragon
2021-03-22	SAPSetup Automatic Workstation Update Service 750 – ‘NWSAPAutoWorkstationUpdateSvc’ Unquoted Service Path	local	windows	Alan Mondragon
2021-03-19	KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Factory Reset (Unauthenticated)	webapps	hardware	LiquidWorm
2021-03-19	Plone CMS 5.2.3 – ‘Title’ Stored XSS	webapps	multiple	Piyush Patil
2021-03-19	KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Remote Code Execution	webapps	hardware	LiquidWorm
2021-03-19	KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Hard coded Credentials Shell Access	remote	hardware	LiquidWorm
2021-03-19	KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Authentication Bypass	webapps	hardware	LiquidWorm
2021-03-19	KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Command Injection (Authenticated)	webapps	hardware	LiquidWorm
2021-03-19	SOYAL 701 Client 9.0.1 – Insecure Permissions	local	windows	LiquidWorm
2021-03-19	SOYAL 701 Server 9.0.1 – Insecure Permissions	local	windows	LiquidWorm
2021-03-19	SOYAL Biometric Access Control System 5.0 – ‘Change Admin Password’ CSRF	webapps	hardware	LiquidWorm
2021-03-19	SOYAL Biometric Access Control System 5.0 – Master Code Disclosure	webapps	hardware	LiquidWorm
2021-03-19	CouchCMS 2.2.1 – Server-Side Request Forgery	webapps	php	xxcdd
2021-03-19	VestaCP 0.9.8 – ‘v_sftp_licence’ Command Injection	webapps	multiple	numan türle
2021-03-19	Eclipse Mosquitto MQTT broker 2.0.9 – ‘mosquitto’ Unquoted Service Path	local	windows	Riadh Bouchahoua
2021-03-19	Online News Portal 1.0 – ‘Multiple’ Stored Cross-Site Scripting	webapps	php	Richard Jones
2021-03-19	Profiling System for Human Resource Management 1.0 – Remote Code Execution (Unauthenticated)	webapps	php	Christian Vierschilling
2021-03-19	Online News Portal 1.0 – ‘name’ SQL Injection	webapps	php	Richard Jones
2021-03-19	BRAdmin Professional 3.75 – ‘BRA_Scheduler’ Unquoted Service Path	local	windows	Metin Yunus Kandemir