Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24745Exploits

日期	标题	类型	平台	作者
2025-04-11	CMU CERT/CC VINCE 2.0.6 – Stored XSS	webapps	multiple	LiquidWorm
2025-04-11	RosarioSIS 7.6 – SQL Injection	webapps	php	CodeSecLab
2025-04-11	GetSimpleCMS 3.3.16 – Remote Code Execution (RCE)	webapps	php	CodeSecLab
2025-04-11	flatCore 1.5 – Cross Site Request Forgery (CSRF)	webapps	php	CodeSecLab
2025-04-11	WebFileSys 2.31.0 – Directory Path Traversal	webapps	multiple	Korn Chaisuwan, Charanin Thongudom, Pongtorn Angsuchotmetee
2025-04-11	ABB Cylon FLXeon 9.3.4 – WebSocket Command Spawning	hardware	multiple	LiquidWorm
2025-04-11	ABB Cylon FLXeon 9.3.4 – Cross-Site Request Forgery	hardware	multiple	LiquidWorm
2025-04-11	ABB Cylon FLXeon 9.3.4 – Default Credentials	hardware	multiple	LiquidWorm
2025-04-11	ABB Cylon FLXeon 9.3.4 – System Logs Information Disclosure	hardware	multiple	LiquidWorm
2025-04-11	Nagios Log Server 2024R1.3.1 – API Key Exposure	webapps	multiple	Seth Kraft
2025-04-11	qBittorrent 5.0.1 – MITM RCE	local	multiple	Jordan Sharp
2025-04-11	phpIPAM 1.6 – Reflected Cross Site Scripting (XSS)	webapps	php	CodeSecLab
2025-04-11	GeoVision GV-ASManager 6.1.0.0 – Broken Access Control	webapps	multiple	Giorgi Dograshvili
2025-04-11	MiniCMS 1.1 – Cross Site Scripting (XSS)	webapps	php	CodeSecLab
2025-04-11	ABB Cylon FLXeon 9.3.4 – Remote Code Execution (Authenticated)	hardware	multiple	LiquidWorm
2025-04-11	NEWS-BUZZ News Management System 1.0 – SQL Injection	webapps	php	egsec
2025-04-11	GeoVision GV-ASManager 6.1.1.0 – CSRF	webapps	multiple	Giorgi Dograshvili
2025-04-11	Roundcube Webmail 1.6.6 – Stored Cross Site Scripting (XSS)	webapps	php	AmirZargham
2025-04-11	ABB Cylon FLXeon 9.3.4 – Remote Code Execution (RCE)	hardware	multiple	LiquidWorm
2025-04-11	CyberPanel 2.3.6 – Remote Code Execution (RCE)	webapps	multiple	Luka Petrovic (refr4g)
2025-04-11	Netman 204 – Remote command without authentication	hardware	multiple	Parsa Rezaie Khiabanloo
2025-04-11	LearnPress WordPress LMS Plugin 4.2.7 – SQL Injection	webapps	php	Francisco Moraga (BTshell)
2025-04-10	flatCore 1.5.5 – Arbitrary File Upload	webapps	php	CodeSecLab
2025-04-10	AquilaCMS 1.409.20 – Remote Command Execution (RCE)	webapps	php	Eui Chul Chung
2025-04-10	Typecho 1.3.0 – Stored Cross-Site Scripting (XSS)	webapps	php	cyberaz0r
2025-04-10	Typecho 1.3.0 – Race Condition	webapps	php	cyberaz0r
2025-04-10	Cosy+ firmware 21.2s7 – Command Injection	hardware	multiple	CodeB0ss
2025-04-10	CodeAstro Online Railway Reservation System 1.0 – Cross Site Scripting (XSS)	webapps	php	Raj Nandi
2025-04-10	K7 Ultimate Security K7RKScan.sys 17.0.2019 – Denial Of Service (DoS)	remote	multiple	M. Akil Gündoğan
2025-04-10	PandoraFMS 7.0NG.772 – SQL Injection	webapps	php	Osama Yousef
2025-04-10	Centron 19.04 – Remote Code Execution (RCE)	webapps	php	Starry Sky
2025-04-10	Cisco Smart Software Manager On-Prem 8-202206 – Account Takeover	webapps	multiple	Mohammed Adel
2025-04-10	Feng Office 3.11.1.2 – SQL Injection	webapps	php	Andrey Stoykov
2025-04-09	Apache HugeGraph Server 1.2.0 – Remote Code Execution (RCE)	webapps	java	Yesith Alvarez
2025-04-09	Zohocorp ManageEngine ADManager Plus 7210 – Elevation of Privilege	webapps	multiple	Metin Yunus Kandemir
2025-04-09	Artica Proxy 4.50 – Remote Code Execution (RCE)	webapps	php	Madan
2025-04-09	DocsGPT 0.12.0 – Remote Code Execution	webapps	Python	Shreyas Malhotra
2025-04-09	Intelight X-1L Traffic controller Maxtime 1.9.6 – Remote Code Execution (RCE)	webapps	multiple	Andrew Lemon/Red Threat
2025-04-09	PZ Frontend Manager WordPress Plugin 1.0.5 – Cross Site Request Forgery (CSRF)	webapps	php	Vuln Seeker Cybersecurity Team
2025-04-09	ChurchCRM 5.9.1 – SQL Injection	webapps	php	Sanan Qasimzada
2025-04-09	ResidenceCMS 2.10.1 – Stored Cross-Site Scripting (XSS)	webapps	php	Jeremia Geraldi Sihombing
2025-04-08	GeoVision GV-ASManager 6.1.0.0 – Information Disclosure	webapps	multiple	Giorgi Dograshvili
2025-04-08	Sony XAV-AX5500 1.13 – Firmware Update Validation Remote Code Execution (RCE)	remote	multiple	lkushinada
2025-04-08	InfluxDB OSS 2.7.11 – Operator Token Privilege Escalation	remote	multiple	Andrea Pasin
2025-04-08	jQuery 3.3.1 – Prototype Pollution & XSS Exploit	webapps	multiple	xOryus
2025-04-08	Jasmin Ransomware – Arbitrary File Download (Authenticated)	webapps	multiple	bRpsd
2025-04-08	UNA CMS 14.0.0-RC – PHP Object Injection	webapps	multiple	Egidio Romano
2025-04-08	Nagios Xi 5.6.6 – Authenticated Remote Code Execution (RCE)	webapps	multiple	Calil Khalil
2025-04-08	WordPress User Registration & Membership Plugin 4.1.1 – Unauthenticated Privilege Escalation	webapps	multiple	Al Baradi Joy
2025-04-07	Apache Tomcat 11.0.3 – Remote Code Execution	webapps	multiple	Al Baradi Joy