Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2021-01-22

Selea Targa IP OCR-ANPR Camera – Directory Traversal File Disclosure (Unauthenticated)

  • webapps
  • hardware
  • LiquidWorm
    2021-01-22

    Selea Targa IP OCR-ANPR Camera – Developer Backdoor Config Overwrite

  • webapps
  • hardware
  • LiquidWorm
    2021-01-22

    Selea Targa IP OCR-ANPR Camera – ‘files_list’ Remote Stored XSS

  • webapps
  • hardware
  • LiquidWorm
    2021-01-22

    Selea CarPlateServer (CPS) 4.0.1.6 – Local Privilege Escalation

  • local
  • windows
  • LiquidWorm
    2021-01-21

    Anchor CMS 0.12.7 – CSRF (Delete user)

  • webapps
  • multiple
  • Ninad Mishra
    2021-01-21

    WordPress Plugin Simple Job Board 2.9.3 – Authenticated File Read (Metasploit)

  • webapps
  • php
  • SunCSR Team
    2021-01-21

    Nagios XI 5.7.5 – Multiple Persistent Cross-Site Scripting

  • webapps
  • php
  • Matthew Aberegg
    2021-01-21

    Apartment Visitors Management System 1.0 – ’email’ SQL Injection

  • webapps
  • php
  • CANKAT ÇAKMAK
    2021-01-21

    Online Documents Sharing Platform 1.0 – ‘user’ SQL Injection

  • webapps
  • php
  • CANKAT ÇAKMAK
    2021-01-20

    Voting System 1.0 – File Upload RCE (Authenticated Remote Code Execution)

  • webapps
  • php
  • Richard Jones
    2021-01-20

    Oracle Business Intelligence Enterprise Edition 11.1.1.7.140715 – Stored XSS

  • webapps
  • multiple
  • omurugur
    2021-01-20

    ChurchRota 2.6.4 – RCE (Authenticated)

  • webapps
  • multiple
  • Rob McCarthy
    2021-01-19

    osTicket 1.14.2 – SSRF

  • webapps
  • php
  • Talat Mehmood
    2021-01-18

    Life Insurance Management System 1.0 – File Upload RCE (Authenticated)

  • webapps
  • php
  • Aitor Herrero
    2021-01-18

    Life Insurance Management System 1.0 – ‘client_id’ SQL Injection

  • webapps
  • php
  • Aitor Herrero
    2021-01-18

    Xwiki CMS 12.10.2 – Cross Site Scripting (XSS)

  • webapps
  • multiple
  • Karan Keswani
    2021-01-18

    Cisco UCS Manager 2.2(1d) – Remote Command Execution

  • webapps
  • hardware
  • liquidsky
    2021-01-15

    Alumni Management System 1.0 – “Last Name field in Registration page” Stored XSS

  • webapps
  • php
  • Siva Rajendran
    2021-01-15

    EyesOfNetwork 5.3 – File Upload Remote Code Execution

  • webapps
  • multiple
  • Audencia Business SCHOOL Red Team
    2021-01-15

    Online Hotel Reservation System 1.0 – ‘person’ time-based SQL Injection

  • webapps
  • php
  • Mesut Cetin
    2021-01-15

    Online Hotel Reservation System 1.0 – Cross-site request forgery (CSRF)

  • webapps
  • php
  • Mesut Cetin
    2021-01-15

    Online Hotel Reservation System 1.0 – ‘id’ Time-based SQL Injection

  • webapps
  • php
  • Mesut Cetin
    2021-01-15

    Online Hotel Reservation System 1.0 – ‘description’ Stored Cross-site Scripting

  • webapps
  • php
  • Mesut Cetin
    2021-01-15

    WordPress Plugin Easy Contact Form 1.1.7 – ‘Name’ Stored Cross-Site Scripting (XSS)

  • webapps
  • php
  • Rahul Ramakant Singh
    2021-01-15

    PHP-Fusion CMS 9.03.90 – Cross-Site Request Forgery (Delete admin shoutbox message)

  • webapps
  • php
  • Mohamed Oosman
    2021-01-15

    Netsia SEBA+ 0.16.1 – Add Root User (Metasploit)

  • webapps
  • multiple
  • AkkuS
    2021-01-15

    E-Learning System 1.0 – Authentication Bypass

  • webapps
  • php
  • Himanshu Shukla
    2021-01-14

    Laravel 8.4.2 debug mode – Remote code execution

  • webapps
  • php
  • SunCSR Team
    2021-01-14

    Online Shopping Cart System 1.0 – ‘id’ SQL Injection

  • webapps
  • php
  • Aydın Baran Ertemir
    2021-01-14

    Nagios XI 5.7.X – Remote Code Execution RCE (Authenticated)

  • webapps
  • php
  • Haboob Team
    2021-01-14

    Online Movie Streaming 1.0 – Admin Authentication Bypass

  • webapps
  • php
  • Richard Jones
    2021-01-13

    Online Hotel Reservation System 1.0 – Admin Authentication Bypass

  • webapps
  • php
  • Richard Jones
    2021-01-13

    Erlang Cookie – Remote Code Execution

  • remote
  • multiple
  • 1F98D
    2021-01-12

    Gila CMS 2.0.0 – Remote Code Execution (Unauthenticated)

  • webapps
  • php
  • Enesdex
    2021-01-12

    SmartAgent 3.1.0 – Privilege Escalation

  • webapps
  • multiple
  • Orion Hridoy
    2021-01-12

    Cemetry Mapping and Information System 1.0 – Multiple SQL Injections

  • webapps
  • php
  • Mesut Cetin
    2021-01-11

    Prestashop 1.7.7.0 – ‘id_product’ Time Based Blind SQL Injection

  • webapps
  • php
  • Jaimin Gondaliya
    2021-01-11

    PortableKanban 4.3.6578.38136 – Encrypted Password Retrieval

  • local
  • windows
  • rootabeta
    2021-01-11

    OpenCart 3.0.36 – ATO via Cross Site Request Forgery

  • webapps
  • php
  • Mahendra Purbia
    2021-01-11

    WordPress Plugin Custom Global Variables 1.0.5 – ‘name’ Stored Cross-Site Scripting (XSS)

  • webapps
  • php
  • Swapnil Subhash Bodekar
    2021-01-11

    Cemetry Mapping and Information System 1.0 – Multiple Stored Cross-Site Scripting

  • webapps
  • php
  • Mesut Cetin
    2021-01-11

    EyesOfNetwork 5.3 – LFI

  • webapps
  • multiple
  • Audencia Business SCHOOL Red Team
    2021-01-11

    Anchor CMS 0.12.7 – ‘markdown’ Stored Cross-Site Scripting

  • webapps
  • multiple
  • Ramazan Mert GÖKTEN
    2021-01-11

    EyesOfNetwork 5.3 – RCE & PrivEsc

  • webapps
  • multiple
  • Audencia Business SCHOOL Red Team
    2021-01-08

    WordPress Plugin wpDiscuz 7.0.4 – Unauthenticated Arbitrary File Upload (Metasploit)

  • webapps
  • php
  • SunCSR Team
    2021-01-08

    WordPress Plugin Autoptimize 2.7.6 – Authenticated Arbitrary File Upload (Metasploit)

  • webapps
  • php
  • SunCSR Team
    2021-01-08

    Apache Flink 1.11.0 – Unauthenticated Arbitrary File Read (Metasploit)

  • webapps
  • java
  • SunCSR Team
    2021-01-08

    Cockpit Version 234 – Server-Side Request Forgery (Unauthenticated)

  • webapps
  • multiple
  • Metin Yunus Kandemir
    2021-01-08

    Online Doctor Appointment System 1.0 – ‘Multiple’ Stored XSS

  • webapps
  • php
  • Mohamed habib Smidi
    2021-01-08

    Life Insurance Management System 1.0 – Multiple Stored XSS

  • webapps
  • php
  • Arnav Tripathy