Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2020-12-10	Openfire 4.6.0 – ‘path’ Stored XSS	webapps	jsp	j5s
2020-12-10	OpenCart 3.0.3.6 – Cross Site Request Forgery	webapps	php	Mahendra Purbia
2020-12-10	Barcodes generator 1.0 – ‘name’ Stored Cross Site Scripting	webapps	php	Nikhil Kumar
2020-12-10	PDF Complete 3.5.310.2002 – ‘pdfsvc.exe’ Unquoted Service Path	local	windows	Zaira Alquicira
2020-12-09	Task Management System 1.0 – ‘id’ SQL Injection	webapps	php	Saeed Bala Ahmed
2020-12-09	Task Management System 1.0 – Unrestricted File Upload to Remote Code Execution	webapps	php	Saeed Bala Ahmed
2020-12-09	Task Management System 1.0 – ‘First Name and Last Name’ Stored XSS	webapps	php	Saeed Bala Ahmed
2020-12-09	Tibco ObfuscationEngine 5.11 – Fixed Key Password Decryption	local	multiple	Tess Sluyter
2020-12-09	VestaCP 0.9.8-26 – ‘backup’ Information Disclosure	webapps	multiple	Vulnerability-Lab
2020-12-09	VestaCP 0.9.8-26 – ‘LoginAs’ Insufficient Session Validation	webapps	multiple	Vulnerability-Lab
2020-12-09	Huawei HedEx Lite 200R006C00SPC005 – Path Traversal	remote	windows	Vulnerability-Lab
2020-12-09	Dup Scout Enterprise 10.0.18 – ‘sid’ Remote Buffer Overflow (SEH)	remote	windows	Andrés Roldán
2020-12-09	SmarterMail Build 6985 – Remote Code Execution	remote	windows	1F98D
2020-12-08	Microsoft GamingServices 2.47.10001.0 – ‘GamingServices’ Unquoted Service Path	local	windows	Ismael Nava
2020-12-08	Online Bus Ticket Reservation 1.0 – SQL Injection	webapps	php	Sakshi Sharma
2020-12-08	Employee Performance Evaluation System 1.0 – ‘Task and Description’ Persistent Cross Site Scripting	webapps	php	Ritesh Gohil
2020-12-07	Druva inSync Windows Client 6.6.3 – Local Privilege Escalation (PowerShell)	local	windows	1F98D
2020-12-07	Dup Scout Enterprise 10.0.18 – ‘online_registration’ Remote Buffer Overflow	remote	windows	0rbz_
2020-12-07	vBulletin 5.6.3 – ‘group’ Cross Site Scripting	webapps	php	Vincent666
2020-12-07	Savsoft Quiz 5 – ‘Skype ID’ Stored XSS	webapps	php	Dipak Panchal
2020-12-07	RarmaRadio 2.72.5 – Denial of Service (PoC)	dos	windows	Ismael Nava
2020-12-07	TapinRadio 2.13.7 – Denial of Service (PoC)	dos	windows	Ismael Nava
2020-12-07	Kite 1.2020.1119.0 – ‘KiteService’ Unquoted Service Path	local	windows	Ismael Nava
2020-12-07	Cyber Cafe Management System Project (CCMS) 1.0 – Persistent Cross-Site Scripting	webapps	php	Pruthvi Nekkanti
2020-12-07	Rumble Mail Server 0.51.3135 – ‘rumble_win32.exe’ Unquoted Service Path	local	windows	Mohammed Alshehri
2020-12-04	Chromium 83 – Full CSP Bypass	local	multiple	Gal Weizman
2020-12-04	Testa Online Test Management System 3.4.7 – ‘q’ SQL Injection	webapps	multiple	Ultra Security Team
2020-12-04	MiniCMS 1.10 – ‘content box’ Stored XSS	webapps	php	yudp
2020-12-04	Phpscript-sgh 0.1.0 – Time Based Blind SQL Injection	webapps	multiple	KeopssGroup0day,Inc
2020-12-04	IDT PC Audio 1.0.6499.0 – ‘STacSV’ Unquoted Service Path	local	windows	Diego Cañada
2020-12-04	Composr CMS 10.0.34 – ‘banners’ Persistent Cross Site Scripting	webapps	php	Parshwa Bhavsar
2020-12-04	WordPress Plugin Canto 1.3.0 – Blind SSRF (Unauthenticated)	webapps	multiple	Pankaj Verma
2020-12-04	Zabbix 5.0.0 – Stored XSS via URL Widget Iframe	webapps	php	Shwetabh Vishnoi
2020-12-04	CMS Made Simple 2.2.15 – Stored Cross-Site Scripting via SVG File Upload (Authenticated)	webapps	php	Eshan Singh
2020-12-04	Laravel Nova 3.7.0 – ‘range’ DoS	webapps	php	iqzer0
2020-12-04	Forma LMS 2.3 – ‘First & Last Name’ Stored Cross-Site Scripting	webapps	php	Hemant Patidar
2020-12-04	Savsoft Quiz 5 – ‘field_title’ Stored Cross-Site Scripting	webapps	php	Dhruv Patel
2020-12-03	Invision Community 4.5.4 – ‘Field Name’ Stored Cross-Site Scripting	webapps	multiple	Hemant Patidar
2020-12-03	Sony BRAVIA Digital Signage 1.7.8 – System API Information Disclosure	webapps	hardware	LiquidWorm
2020-12-03	Sony BRAVIA Digital Signage 1.7.8 – Unauthenticated Remote File Inclusion	webapps	hardware	LiquidWorm
2020-12-03	mojoPortal forums 2.7.0.0 – ‘Title’ Persistent Cross-Site Scripting	webapps	multiple	Sagar Banwa
2020-12-03	Online Matrimonial Project 1.0 – Authenticated Remote Code Execution	webapps	php	Valerio Alessandroni
2020-12-03	EgavilanMedia Address Book 1.0 Exploit – SQLi Auth Bypass	webapps	multiple	Mayur Parmar
2020-12-03	Coastercms 5.8.18 – Stored XSS	webapps	php	Hardik Solanki
2020-12-03	User Registration & Login and User Management System 2.1 – Cross Site Request Forgery	webapps	php	Dipak Panchal
2020-12-02	WordPress Plugin Wp-FileManager 6.8 – RCE	webapps	php	Mansoor R
2020-12-02	Online News Portal System 1.0 – ‘Title’ Stored Cross Site Scripting	webapps	multiple	Parshwa Bhavsar
2020-12-02	Expense Management System – ‘description’ Stored Cross Site Scripting	webapps	multiple	Nikhil Kumar
2020-12-02	Car Rental Management System 1.0 – SQL Injection / Local File include	webapps	php	Mosaaed
2020-12-02	Bakeshop Online Ordering System 1.0 – ‘Owner’ Persistent Cross-site scripting	webapps	multiple	Parshwa Bhavsar