Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2020-12-17

Content Management System 1.0 – ‘id’ SQL Injection
  • webapps
  • php
    		• Zhaiyi
    2020-12-17

    Content Management System 1.0 – ’email’ SQL Injection
  • webapps
  • php
    		• Zhaiyi
    2020-12-17

    Content Management System 1.0 – ‘First Name’ Stored XSS
  • webapps
  • php
    		• Zhaiyi
    2020-12-17

    Linksys RE6500 1.0.11.001 – Unauthenticated RCE
  • webapps
  • hardware
    		• RE-Solver
    2020-12-17

    Dolibarr ERP-CRM 12.0.3 – Remote Code Execution (Authenticated)
  • webapps
  • php
    		• Yilmaz Degirmenci
    2020-12-17

    Nxlog Community Edition 2.10.2150 – DoS (Poc)
  • dos
  • multiple
    		• Guillaume PETIT
    2020-12-17

    Victor CMS 1.0 – Multiple SQL Injection (Authenticated)
  • webapps
  • php
    		• Furkan Göksel
    2020-12-17

    PHPJabbers Appointment Scheduler 2.3 – Reflected XSS (Cross-Site Scripting)
  • webapps
  • php
    		• Andrea Intilangelo
    2020-12-17

    Employee Record System 1.0 – Multiple Stored XSS
  • webapps
  • php
    		• Saeed Bala Ahmed
    2020-12-17

    Interview Management System 1.0 – ‘id’ SQL Injection
  • webapps
  • php
    		• Saeed Bala Ahmed
    2020-12-17

    Interview Management System 1.0 – Stored XSS in Add New Question
  • webapps
  • php
    		• Saeed Bala Ahmed
    2020-12-16

    Sony Playstation 4 (PS4) < 7.02 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)
  • webapps
  • hardware
    		• ChendoChap
    2020-12-16

    Seotoaster 3.2.0 – Stored XSS on Edit page properties
  • webapps
  • php
    		• Hardik Solanki
    2020-12-16

    PrestaShop ProductComments 4.2.0 – ‘id_products’ Time Based Blind SQL Injection
  • webapps
  • php
    		• Frederic ADAM
    2020-12-16

    Magic Home Pro 1.5.1 – Authentication Bypass
  • webapps
  • android
    		• Victor Hanna
    2020-12-16

    Raysync 3.3.3.8 – RCE
  • webapps
  • linux
    		• james
    2020-12-16

    Grav CMS 1.6.30 Admin Plugin 1.9.18 – ‘Page Title’ Persistent Cross-Site Scripting
  • webapps
  • php
    		• Sagar Banwa
    2020-12-15

    Online Marriage Registration System (OMRS) 1.0 – Remote Code Execution (2)
  • webapps
  • php
    		• Andrea Bruschi
    2020-12-15

    libbabl 0.1.62 – Broken Double Free Detection (PoC)
  • local
  • linux
    		• Carter Yagemann
    2020-12-15

    Task Management System 1.0 – ‘page’ Local File Inclusion
  • webapps
  • php
    		• İsmail BOZKURT
    2020-12-15

    Cisco ASA 9.14.1.10 and FTD 6.6.0.1 – Path Traversal (2)
  • webapps
  • hardware
    		• Freakyclown
    2020-12-15

    Solaris SunSSH 11.0 x86 – libpam Remote Root
  • remote
  • solaris
    		• Hacker Fantastic
    2020-12-14

    Jenkins 2.235.3 – ‘X-Forwarded-For’ Stored XSS
  • webapps
  • java
    		• gx1
    2020-12-14

    GitLab 11.4.7 – Remote Code Execution (Authenticated) (1)
  • webapps
  • ruby
    		• Fortunato Lodari
    2020-12-14

    Macally WIFISD2-2A82 2.000.010 – Guest to Root Privilege Escalation
  • webapps
  • hardware
    		• Maximilian Barz
    2020-12-14

    Rumble Mail Server 0.51.3135 – ‘username’ Stored XSS
  • webapps
  • multiple
    		• Mohammed Alshehri
    2020-12-14

    Rumble Mail Server 0.51.3135 – ‘domain and path’ Stored XSS
  • webapps
  • multiple
    		• Mohammed Alshehri
    2020-12-14

    Rumble Mail Server 0.51.3135 – ‘servername’ Stored XSS
  • webapps
  • multiple
    		• Mohammed Alshehri
    2020-12-14

    WordPress Plugin Total Upkeep 1.14.9 – Database and Files Backup Download
  • webapps
  • multiple
    		• Wadeek
    2020-12-14

    Seacms 11.1 – ‘checkuser’ Stored XSS
  • webapps
  • multiple
    		• j5s
    2020-12-14

    Seacms 11.1 – ‘file’ Local File Inclusion
  • webapps
  • multiple
    		• j5s
    2020-12-14

    Seacms 11.1 – ‘ip and weburl’ Remote Command Execution
  • webapps
  • multiple
    		• j5s
    2020-12-14

    System Explorer 7.0.0 – ‘SystemExplorerHelpService’ Unquoted Service Path
  • local
  • windows
    		• Mohammed Alshehri
    2020-12-14

    MiniWeb HTTP Server 0.8.19 – Buffer Overflow (PoC)
  • webapps
  • multiple
    		• securityforeveryone.com
    2020-12-14

    LibreNMS 1.46 – MAC Accounting Graph Authenticated SQL Injection
  • webapps
  • multiple
    		• Hodorsec
    2020-12-14

    Rukovoditel 2.6.1 – Cross-Site Request Forgery (Change password)
  • webapps
  • php
    		• KeopssGroup0day,Inc
    2020-12-11

    Courier Management System 1.0 – ‘ref_no’ SQL Injection
  • webapps
  • php
    		• Zhaiyi
    2020-12-11

    Courier Management System 1.0 – ‘MULTIPART street ((custom) ‘ SQL Injection
  • webapps
  • php
    		• Zhaiyi
    2020-12-11

    Courier Management System 1.0 – ‘First Name’ Stored XSS
  • webapps
  • php
    		• Zhaiyi
    2020-12-11

    Dolibarr 12.0.3 – SQLi to RCE
  • webapps
  • php
    		• coiffeur
    2020-12-11

    Supply Chain Management System – Auth Bypass SQL Injection
  • webapps
  • php
    		• Piyush Malviya
    2020-12-11

    Rukovoditel 2.6.1 – RCE (1)
  • webapps
  • php
    		• coiffeur
    2020-12-11

    Jenkins 2.235.3 – ‘Description’ Stored XSS
  • webapps
  • java
    		• gx1
    2020-12-11

    Medical Center Portal Management System 1.0 – Multiple Stored XSS
  • webapps
  • php
    		• Saeed Bala Ahmed
    2020-12-11

    Openfire 4.6.0 – ‘sql’ Stored XSS
  • webapps
  • jsp
    		• j5s
    2020-12-11

    Openfire 4.6.0 – ‘users’ Stored XSS
  • webapps
  • jsp
    		• j5s
    2020-12-11

    Openfire 4.6.0 – ‘groupchatJID’ Stored XSS
  • webapps
  • jsp
    		• j5s
    2020-12-11

    Jenkins 2.235.3 – ‘tooltip’ Stored Cross-Site Scripting
  • webapps
  • java
    		• gx1
    2020-12-10

    OpenCart 3.0.3.6 – Cross Site Request Forgery
  • webapps
  • php
    		• Mahendra Purbia
    2020-12-10

    Barcodes generator 1.0 – ‘name’ Stored Cross Site Scripting
  • webapps
  • php
    		• Nikhil Kumar