Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2021-01-04	Easy CD & DVD Cover Creator 4.13 – Denial of Service (PoC)	dos	windows	stresser
2021-01-04	MiniTool ShadowMaker 3.2 – ‘MTAgentService’ Unquoted Service Path	local	windows	Thalia Nieto
2020-12-24	GitLab 11.4.7 – RCE (Authenticated) (2)	webapps	ruby	Norbert Hofmann
2020-12-24	WordPress Plugin Adning Advertising 1.5.5 – Arbitrary File Upload	webapps	php	spacehen
2020-12-24	WordPress Plugin WP-PostRatings 1.86 – ‘postratings_image’ Cross-Site Scripting	webapps	php	Park Won Seok
2020-12-24	Apartment Visitors Management System 1.0 – Authentication Bypass	webapps	php	Kshitiz Raj
2020-12-23	Baby Care System 1.0 – ‘roleid’ SQL Injection	webapps	php	Vijay Sachdeva
2020-12-23	TerraMaster TOS 4.2.06 – Unauthenticated Remote Code Execution (Metasploit)	webapps	linux	AkkuS
2020-12-23	Sales and Inventory System for Grocery Store 1.0 – Multiple Stored XSS	webapps	php	Vijay Sachdeva
2020-12-23	WordPress Epsilon Framework Multiple Themes – Unauthenticated Function Injection	webapps	php	gx1
2020-12-23	Online Learning Management System 1.0 – ‘id’ SQL Injection	webapps	php	Aakash Madaan
2020-12-23	Online Learning Management System 1.0 – Multiple Stored XSS	webapps	php	Aakash Madaan
2020-12-23	Online Learning Management System 1.0 – Authentication Bypass	webapps	php	Aakash Madaan
2020-12-23	Class Scheduling System 1.0 – Multiple Stored XSS	webapps	php	Aakash Madaan
2020-12-22	Multi Branch School Management System 3.5 – “Create Branch” Stored XSS	webapps	php	Kislay Kumar
2020-12-22	Library Management System 3.0 – “Add Category” Stored XSS	webapps	php	Kislay Kumar
2020-12-22	CSE Bookstore 1.0 – Multiple SQL Injection	webapps	php	Musyoka Ian
2020-12-22	Pandora FMS 7.0 NG 750 – ‘Network Scan’ SQL Injection (Authenticated)	webapps	php	Matthew Aberegg
2020-12-22	Victor CMS 1.0 – File Upload To RCE	webapps	php	Mosaaed
2020-12-22	10-Strike Network Inventory Explorer Pro 9.05 – Buffer Overflow (SEH)	local	windows	Florian Gassner
2020-12-22	TerraMaster TOS 4.2.06 – RCE (Unauthenticated)	webapps	linux	IHTeam
2020-12-22	Faculty Evaluation System 1.0 – Stored XSS	webapps	php	Vijay Sachdeva
2020-12-22	Artworks Gallery Management System 1.0 – ‘id’ SQL Injection	webapps	php	Vijay Sachdeva
2020-12-22	Webmin 1.962 – ‘Package Updates’ Escape Bypass RCE (Metasploit)	webapps	linux	AkkuS
2020-12-22	WordPress Plugin W3 Total Cache – Unauthenticated Arbitrary File Read (Metasploit)	webapps	php	SunCSR Team
2020-12-21	Academy-LMS 4.3 – Stored XSS	webapps	multiple	Vinicius Alves
2020-12-21	Spotweb 1.4.9 – ‘search’ SQL Injection	webapps	multiple	BouSalman
2020-12-21	Queue Management System 4.0.0 – “Add User” Stored XSS	webapps	php	Kislay Kumar
2020-12-21	Online Marriage Registration System 1.0 – ‘searchdata’ SQL Injection	webapps	php	Raffaele Sabato
2020-12-21	Point of Sale System 1.0 – Multiple Stored XSS	webapps	php	Saeed Bala Ahmed
2020-12-21	Flexmonster Pivot Table & Charts 2.7.17 – ‘Remote JSON’ Reflected XSS	webapps	multiple	Marco Nappi
2020-12-21	Flexmonster Pivot Table & Charts 2.7.17 – ‘To remote CSV’ Reflected XSS	webapps	multiple	Marco Nappi
2020-12-21	Flexmonster Pivot Table & Charts 2.7.17 – ‘To OLAP’ Reflected XSS	webapps	multiple	Marco Nappi
2020-12-21	Flexmonster Pivot Table & Charts 2.7.17 – ‘Remote Report’ Reflected XSS	webapps	multiple	Marco Nappi
2020-12-21	SCO Openserver 5.0.7 – ‘outputform’ Command Injection	webapps	sco	Ramikan
2020-12-21	SCO Openserver 5.0.7 – ‘section’ Reflected XSS	webapps	sco	Ramikan
2020-12-21	Spiceworks 7.5 – HTTP Header Injection	webapps	windows	Ramikan
2020-12-18	FRITZ!Box 7.20 – DNS Rebinding Protection Bypass	remote	hardware	RedTeam Pentesting GmbH
2020-12-18	Xeroneit Library Management System 3.1 – “Add Book Category ” Stored XSS	webapps	php	Kislay Kumar
2020-12-18	SyncBreeze 10.0.28 – ‘login’ Denial of Service (Poc)	webapps	windows	Ahmed Elkhressy
2020-12-18	Smart Hospital 3.1 – “Add Patient” Stored XSS	webapps	php	Kislay Kumar
2020-12-18	WordPress Plugin Duplicator 1.3.26 – Unauthenticated Arbitrary File Read (Metasploit)	webapps	php	SunCSR Team
2020-12-18	Alumni Management System 1.0 – ‘id’ SQL Injection	webapps	php	Aakash Madaan
2020-12-18	Alumni Management System 1.0 – “Course Form” Stored XSS	webapps	php	Aakash Madaan
2020-12-18	Alumni Management System 1.0 – Unrestricted File Upload To RCE	webapps	php	Aakash Madaan
2020-12-18	Point of Sale System 1.0 – Authentication Bypass	webapps	php	Saeed Bala Ahmed
2020-12-17	Interview Management System 1.0 – ‘id’ SQL Injection	webapps	php	Saeed Bala Ahmed
2020-12-17	Interview Management System 1.0 – Stored XSS in Add New Question	webapps	php	Saeed Bala Ahmed
2020-12-17	Online Tours & Travels Management System 1.0 – “id” SQL Injection	webapps	php	Saeed Bala Ahmed
2020-12-17	Customer Support System 1.0 – ‘id’ SQL Injection	webapps	php	Saeed Bala Ahmed