Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2021-03-19	LiveZilla Server 8.0.1.0 – ‘Accept-Language’ Reflected XSS	webapps	php	Clément Cruchet
2021-03-19	KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Device Reboot (Unauthenticated)	dos	hardware	LiquidWorm
2021-03-19	Plone CMS 5.2.3 – ‘Title’ Stored XSS	webapps	multiple	Piyush Patil
2021-03-19	KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Factory Reset (Unauthenticated)	webapps	hardware	LiquidWorm
2021-03-18	Hestia Control Panel 1.3.2 – Arbitrary File Write	webapps	php	numan türle
2021-03-18	SEO Panel 4.8.0 – ‘order_col’ Blind SQL Injection (1)	webapps	php	Piyush Patil
2021-03-18	rConfig 3.9.6 – Arbitrary File Upload to Remote Code Execution (Authenticated) (1)	webapps	php	Murat ŞEKER
2021-03-18	VestaCP 0.9.8 – ‘v_interface’ Add IP Stored XSS	webapps	multiple	numan türle
2021-03-18	VFS for Git 1.0.21014.1 – ‘GVFS.Service’ Unquoted Service Path	local	windows	Mohammed Alshehri
2021-03-17	FastStone Image Viewer 7.5 – .cur BITMAPINFOHEADER ‘BitCount’ Stack Based Buffer Overflow (ASLR & DEP Bypass)	local	windows	Paolo Stagno
2021-03-17	VestaCP 0.9.8 – File Upload CSRF	webapps	multiple	Fady Mohammed Osman
2021-03-17	WoWonder Social Network Platform 3.1 – ‘event_id’ SQL Injection	webapps	php	securityforeveryone.com
2021-03-16	GeoGebra CAS Calculato‪r‬ 6.0.631.0 – Denial of Service (PoC)	local	windows	Brian Rodriguez
2021-03-16	GeoGebra Classic 5.0.631.0-d – Denial of Service (PoC)	local	windows	Brian Rodriguez
2021-03-16	GeoGebra Graphing Calculato‪r‬ 6.0.631.0 – Denial Of Service (PoC)	local	windows	Brian Rodriguez
2021-03-16	Alphaware E-Commerce System 1.0 – Unauthenicated Remote Code Execution (File Upload + SQL injection)	webapps	php	Christian Vierschilling
2021-03-15	Interactive Suite 3.6 – ‘eBeam Stylus Driver’ Unquoted Service Path	local	windows	Luis Martínez
2021-03-15	eBeam education suite 2.5.0.9 – ‘eBeam Device Service’ Unquoted Service Path	local	windows	Luis Martínez
2021-03-15	Realtek Wireless LAN Utility 700.1631 – ‘Realtek11nSU’ Unquoted Service Path	local	windows	Luis Martínez
2021-03-15	QNAP QVR Client 5.0.0.13230 – ‘QVRService’ Unquoted Service Path	local	windows	Luis Martínez
2021-03-15	rConfig 3.9.6 – ‘path’ Local File Inclusion (Authenticated)	webapps	php	Murat ŞEKER
2021-03-15	MagpieRSS 0.72 – ‘url’ Command Injection	webapps	php	bl4ckh4ck5
2021-03-15	Zenario CMS 8.8.53370 – ‘id’ Blind SQL Injection	webapps	php	Balaji Ayyasamy
2021-03-15	SonLogger 4.2.3.3 – Unauthenticated Arbitrary File Upload (Metasploit)	webapps	multiple	Berkan Er
2021-03-15	Sonlogger 4.2.3.3 – SuperAdmin Account Creation / Information Disclosure	webapps	multiple	Berkan Er
2021-03-15	openMAINT openMAINT 2.1-3.3-b – ‘Multiple’ Persistent Cross-Site Scripting	webapps	multiple	Hosein Vita
2021-03-14	Microsoft Exchange 2019 – Server-Side Request Forgery	remote	windows	F5
2021-03-12	Vembu BDR 4.2.0.1 U1 – Multiple Unquoted Service Paths	local	windows	Mohammed Alshehri
2021-03-12	Monitoring System (Dashboard) 1.0 – File Upload RCE (Authenticated)	webapps	php	Richard Jones
2021-03-12	Monitoring System (Dashboard) 1.0 – ‘uname’ SQL Injection	webapps	php	Richard Jones
2021-03-11	Nsasoft Hardware Software Inventory 1.6.4.0 – ‘multiple’ Denial of Service (PoC)	dos	windows	Enes Özeser
2021-03-11	Microsoft Exchange 2019 – Server-Side Request Forgery (Proxylogon) (PoC)	webapps	windows	testanull
2021-03-11	CouchCMS 2.2.1 – Persistent Cross-Site Scripting	webapps	php	xxcdd
2021-03-11	MyBB OUGC Feedback Plugin 1.8.22 – Cross-Site Scripting	webapps	php	0xB9
2021-03-11	NuCom 11N Wireless Router 5.07.90 – Remote Privilege Escalation	webapps	hardware	LiquidWorm
2021-03-10	Atlassian JIRA 8.11.1 – User Enumeration	webapps	multiple	Dolev Farhi
2021-03-09	bVPN 2.5.1 – ‘waselvpnserv’ Unquoted Service Path	local	windows	Mohammed Alshehri
2021-03-09	Sandboxie Plus v0.7.2 – ‘SbieSvc’ Unquoted Service Path	local	windows	Mohammed Alshehri
2021-03-09	FreeLAN 2.2 – ‘FreeLAN Service’ Unquoted Service Path	local	windows	Mohammed Alshehri
2021-03-09	Golden FTP Server 4.70 – ‘PASS’ Buffer Overflow (2)	remote	windows	1F98D
2021-03-08	GLPI 9.5.3 – ‘fromtype’ Unsafe Reflection	webapps	php	Vadym Soroka
2021-03-08	Joomla JCK Editor 6.4.4 – ‘parent’ SQL Injection (2)	webapps	php	Nicholas Ferreira
2021-03-08	Pingzapper 2.3.1 – ‘PingzapperSvc’ Unquoted Service Path	local	windows	Brian Rodriguez
2021-03-08	Hotel and Lodge Management System 1.0 – Remote Code Execution (Unauthenticated)	webapps	php	Christian Vierschilling
2021-03-08	Configuration Tool 1.6.53 – ‘OpLclSrv’ Unquoted Service Path	local	windows	Brian Rodriguez
2021-03-08	Print Job Accounting 4.4.10 – ‘OkiJaSvc’ Unquoted Service Path	local	windows	Brian Rodriguez
2021-03-05	Fluig 1.7.0 – Path Traversal	webapps	multiple	Lucas Souza
2021-03-05	CatDV 9.2 – RMI Authentication Bypass	remote	java	Christopher Ellis
2021-03-04	e107 CMS 2.3.0 – CSRF	webapps	php	Tadjmen
2021-03-04	Textpattern 4.8.3 – Remote code execution (Authenticated) (2)	webapps	php	Ricardo Ruiz