Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2021-02-01	H8 SSRMS – ‘id’ IDOR	webapps	aspx	Mohammed Farhan
2021-02-01	bloofoxCMS 0.5.2.1 – CSRF (Add user)	webapps	php	LiPeiYi
2021-02-01	MyBB Thread Redirect Plugin 0.2.1 – Cross-Site Scripting	webapps	php	0xB9
2021-02-01	MyBB Trending Widget Plugin 1.2 – Cross-Site Scripting	webapps	php	0xB9
2021-02-01	Park Ticketing Management System 1.0 – ‘viewid’ SQL Injection	webapps	php	Zeyad Azima
2021-02-01	User Management System 1.0 – ‘uid’ SQL Injection	webapps	php	Zeyad Azima
2021-02-01	Zoo Management System 1.0 – ‘anid’ SQL Injection	webapps	php	Zeyad Azima
2021-02-01	MyBB Delete Account Plugin 1.4 – Cross-Site Scripting	webapps	php	0xB9
2021-02-01	WordPress 5.0.0 – Image Remote Code Execution	webapps	php	OUSSAMA RAHALI
2021-02-01	Klog Server 2.4.1 – Command Injection (Authenticated)	webapps	php	Metin Yunus Kandemir
2021-01-29	Online Grading System 1.0 – ‘uname’ SQL Injection	webapps	php	Ruchi Tiwari
2021-01-29	BloofoxCMS 0.5.2.1 – ‘text’ Stored Cross Site Scripting	webapps	php	LiPeiYi
2021-01-29	SonicWall SSL-VPN 8.0.0.0 – ‘visualdoor’ Remote Code Execution (Unauthenticated)	webapps	hardware	Darren Martyn
2021-01-29	Simple Public Chat Room 1.0 – ‘msg’ Stored Cross-Site Scripting	webapps	php	Richard Jones
2021-01-29	Simple Public Chat Room 1.0 – Authentication Bypass SQLi	webapps	php	Richard Jones
2021-01-29	MyBB Hide Thread Content Plugin 1.0 – Information Disclosure	webapps	php	0xB9
2021-01-29	Home Assistant Community Store (HACS) 1.10.0 – Directory Traversal	webapps	Python	Lyghtnox
2021-01-29	Quick.CMS 6.7 – Remote Code Execution (Authenticated)	webapps	php	mari0x00
2021-01-28	Metasploit Framework 6.0.11 – msfvenom APK template command injection	local	multiple	Justin Steven
2021-01-28	WordPress Plugin SuperForms 4.9 – Arbitrary File Upload	webapps	php	ABDO10
2021-01-28	jQuery UI 1.12.1 – Denial of Service (DoS)	dos	multiple	Rafael Cintra Lopes
2021-01-28	Umbraco CMS 7.12.4 – Remote Code Execution (Authenticated)	webapps	aspx	Alexandre ZANNI
2021-01-28	Fuel CMS 1.4.1 – Remote Code Execution (2)	webapps	php	Alexandre ZANNI
2021-01-28	OpenEMR 5.0.1 – Remote Code Execution (Authenticated) (2)	webapps	php	Alexandre ZANNI
2021-01-28	CMSUno 1.6.2 – ‘lang’ Remote Code Execution (Authenticated)	webapps	php	Alexandre ZANNI
2021-01-28	EgavilanMedia PHPCRUD 1.0 – ‘Full Name’ Stored Cross Site Scripting	webapps	php	Mahendra Purbia
2021-01-27	Openlitespeed Web Server 1.7.8 – Command Injection (Authenticated) (1)	webapps	multiple	SunCSR
2021-01-27	STVS ProVision 5.9.10 – Cross-Site Request Forgery (Add Admin)	webapps	ruby	LiquidWorm
2021-01-27	STVS ProVision 5.9.10 – File Disclosure (Authenticated)	webapps	ruby	LiquidWorm
2021-01-26	Simple College Website 1.0 – ‘name’ Sql Injection (Authentication Bypass)	webapps	php	Marco Catalano
2021-01-26	Cemetry Mapping and Information System 1.0 – ‘user_email’ Sql Injection (Authentication Bypass)	webapps	php	Marco Catalano
2021-01-26	Oracle WebLogic Server 12.2.1.0 – RCE (Unauthenticated)	webapps	java	CHackA0101
2021-01-26	Tenda AC5 AC1200 Wireless – ‘WiFi Name & Password’ Stored Cross Site Scripting	webapps	hardware	Chiragh Arora
2021-01-26	Simple College Website 1.0 – ‘full’ Stored Cross Site Scripting	webapps	php	Marco Catalano
2021-01-25	Klog Server 2.4.1 – Unauthenticated Command Injection (Metasploit)	webapps	php	Metin Yunus Kandemir
2021-01-25	Library System 1.0 – ‘category’ SQL Injection	webapps	php	Aitor Herrero
2021-01-25	CASAP Automated Enrollment System 1.0 – ‘route’ Stored XSS	webapps	php	Richard Jones
2021-01-25	CASAP Automated Enrollment System 1.0 – ‘First Name’ Stored XSS	webapps	php	Anita Gaud
2021-01-25	Collabtive 3.1 – ‘address’ Persistent Cross-Site Scripting	webapps	php	Deha Berkin Bir
2021-01-25	MyBB Timeline Plugin 1.0 – Persistent Cross-Site Scripting	webapps	php	0xB9
2021-01-22	Selea Targa IP OCR-ANPR Camera – Multiple SSRF (Unauthenticated)	webapps	hardware	LiquidWorm
2021-01-22	Selea Targa IP OCR-ANPR Camera – Directory Traversal File Disclosure (Unauthenticated)	webapps	hardware	LiquidWorm
2021-01-22	Selea Targa IP OCR-ANPR Camera – Developer Backdoor Config Overwrite	webapps	hardware	LiquidWorm
2021-01-22	Selea Targa IP OCR-ANPR Camera – ‘files_list’ Remote Stored XSS	webapps	hardware	LiquidWorm
2021-01-22	Selea CarPlateServer (CPS) 4.0.1.6 – Local Privilege Escalation	local	windows	LiquidWorm
2021-01-22	Selea CarPlateServer (CPS) 4.0.1.6 – Remote Program Execution	webapps	multiple	LiquidWorm
2021-01-22	Atlassian Confluence Widget Connector Macro – SSTI	webapps	multiple	46o60
2021-01-22	ERPNext 12.14.0 – SQL Injection (Authenticated)	webapps	multiple	Hodorsec
2021-01-22	CASAP Automated Enrollment System 1.0 – Authentication Bypass	webapps	php	Himanshu Shukla
2021-01-22	Library System 1.0 – Authentication Bypass	webapps	php	Himanshu Shukla