Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2020-12-10

OpenCart 3.0.3.6 – Cross Site Request Forgery

  • webapps
  • php
  • Mahendra Purbia
    2020-12-10

    Barcodes generator 1.0 – ‘name’ Stored Cross Site Scripting

  • webapps
  • php
  • Nikhil Kumar
    2020-12-10

    PDF Complete 3.5.310.2002 – ‘pdfsvc.exe’ Unquoted Service Path

  • local
  • windows
  • Zaira Alquicira
    2020-12-10

    WordPress Plugin Popup Builder 3.69.6 – Multiple Stored Cross Site Scripting

  • webapps
  • php
  • Ilca Lucian Florin
    2020-12-09

    Task Management System 1.0 – ‘id’ SQL Injection

  • webapps
  • php
  • Saeed Bala Ahmed
    2020-12-09

    Task Management System 1.0 – Unrestricted File Upload to Remote Code Execution

  • webapps
  • php
  • Saeed Bala Ahmed
    2020-12-09

    Task Management System 1.0 – ‘First Name and Last Name’ Stored XSS

  • webapps
  • php
  • Saeed Bala Ahmed
    2020-12-09

    Tibco ObfuscationEngine 5.11 – Fixed Key Password Decryption

  • local
  • multiple
  • Tess Sluyter
    2020-12-09

    VestaCP 0.9.8-26 – ‘backup’ Information Disclosure

  • webapps
  • multiple
  • Vulnerability-Lab
    2020-12-09

    VestaCP 0.9.8-26 – ‘LoginAs’ Insufficient Session Validation

  • webapps
  • multiple
  • Vulnerability-Lab
    2020-12-09

    Huawei HedEx Lite 200R006C00SPC005 – Path Traversal

  • remote
  • windows
  • Vulnerability-Lab
    2020-12-09

    Dup Scout Enterprise 10.0.18 – ‘sid’ Remote Buffer Overflow (SEH)

  • remote
  • windows
  • Andrés Roldán
    2020-12-09

    SmarterMail Build 6985 – Remote Code Execution

  • remote
  • windows
  • 1F98D
    2020-12-08

    Online Bus Ticket Reservation 1.0 – SQL Injection

  • webapps
  • php
  • Sakshi Sharma
    2020-12-08

    Employee Performance Evaluation System 1.0 – ‘Task and Description’ Persistent Cross Site Scripting

  • webapps
  • php
  • Ritesh Gohil
    2020-12-08

    Microsoft GamingServices 2.47.10001.0 – ‘GamingServices’ Unquoted Service Path

  • local
  • windows
  • Ismael Nava
    2020-12-07

    Druva inSync Windows Client 6.6.3 – Local Privilege Escalation (PowerShell)

  • local
  • windows
  • 1F98D
    2020-12-07

    Dup Scout Enterprise 10.0.18 – ‘online_registration’ Remote Buffer Overflow

  • remote
  • windows
  • 0rbz_
    2020-12-07

    vBulletin 5.6.3 – ‘group’ Cross Site Scripting

  • webapps
  • php
  • Vincent666
    2020-12-07

    Savsoft Quiz 5 – ‘Skype ID’ Stored XSS

  • webapps
  • php
  • Dipak Panchal
    2020-12-07

    RarmaRadio 2.72.5 – Denial of Service (PoC)

  • dos
  • windows
  • Ismael Nava
    2020-12-07

    TapinRadio 2.13.7 – Denial of Service (PoC)

  • dos
  • windows
  • Ismael Nava
    2020-12-07

    Kite 1.2020.1119.0 – ‘KiteService’ Unquoted Service Path

  • local
  • windows
  • Ismael Nava
    2020-12-07

    Cyber Cafe Management System Project (CCMS) 1.0 – Persistent Cross-Site Scripting

  • webapps
  • php
  • Pruthvi Nekkanti
    2020-12-07

    Rumble Mail Server 0.51.3135 – ‘rumble_win32.exe’ Unquoted Service Path

  • local
  • windows
  • Mohammed Alshehri
    2020-12-04

    Testa Online Test Management System 3.4.7 – ‘q’ SQL Injection

  • webapps
  • multiple
  • Ultra Security Team
    2020-12-04

    MiniCMS 1.10 – ‘content box’ Stored XSS

  • webapps
  • php
  • yudp
    2020-12-04

    Phpscript-sgh 0.1.0 – Time Based Blind SQL Injection

  • webapps
  • multiple
  • KeopssGroup0day,Inc
    2020-12-04

    IDT PC Audio 1.0.6499.0 – ‘STacSV’ Unquoted Service Path

  • local
  • windows
  • Diego Cañada
    2020-12-04

    Composr CMS 10.0.34 – ‘banners’ Persistent Cross Site Scripting

  • webapps
  • php
  • Parshwa Bhavsar
    2020-12-04

    WordPress Plugin Canto 1.3.0 – Blind SSRF (Unauthenticated)

  • webapps
  • multiple
  • Pankaj Verma
    2020-12-04

    Zabbix 5.0.0 – Stored XSS via URL Widget Iframe

  • webapps
  • php
  • Shwetabh Vishnoi
    2020-12-04

    CMS Made Simple 2.2.15 – Stored Cross-Site Scripting via SVG File Upload (Authenticated)

  • webapps
  • php
  • Eshan Singh
    2020-12-04

    Laravel Nova 3.7.0 – ‘range’ DoS

  • webapps
  • php
  • iqzer0
    2020-12-04

    Forma LMS 2.3 – ‘First & Last Name’ Stored Cross-Site Scripting

  • webapps
  • php
  • Hemant Patidar
    2020-12-04

    Savsoft Quiz 5 – ‘field_title’ Stored Cross-Site Scripting

  • webapps
  • php
  • Dhruv Patel
    2020-12-04

    Chromium 83 – Full CSP Bypass

  • local
  • multiple
  • Gal Weizman
    2020-12-03

    Invision Community 4.5.4 – ‘Field Name’ Stored Cross-Site Scripting

  • webapps
  • multiple
  • Hemant Patidar
    2020-12-03

    Sony BRAVIA Digital Signage 1.7.8 – System API Information Disclosure

  • webapps
  • hardware
  • LiquidWorm
    2020-12-03

    Sony BRAVIA Digital Signage 1.7.8 – Unauthenticated Remote File Inclusion

  • webapps
  • hardware
  • LiquidWorm
    2020-12-03

    mojoPortal forums 2.7.0.0 – ‘Title’ Persistent Cross-Site Scripting

  • webapps
  • multiple
  • Sagar Banwa
    2020-12-03

    Online Matrimonial Project 1.0 – Authenticated Remote Code Execution

  • webapps
  • php
  • Valerio Alessandroni
    2020-12-03

    EgavilanMedia Address Book 1.0 Exploit – SQLi Auth Bypass

  • webapps
  • multiple
  • Mayur Parmar
    2020-12-03

    Coastercms 5.8.18 – Stored XSS

  • webapps
  • php
  • Hardik Solanki
    2020-12-03

    User Registration & Login and User Management System 2.1 – Cross Site Request Forgery

  • webapps
  • php
  • Dipak Panchal
    2020-12-02

    Car Rental Management System 1.0 – SQL Injection / Local File include

  • webapps
  • php
  • Mosaaed
    2020-12-02

    Bakeshop Online Ordering System 1.0 – ‘Owner’ Persistent Cross-site scripting

  • webapps
  • multiple
  • Parshwa Bhavsar
    2020-12-02

    Mitel mitel-cs018 – Call Data Information Disclosure

  • remote
  • linux
  • Andrea Intilangelo
    2020-12-02

    NewsLister – Authenticated Persistent Cross-Site Scripting

  • webapps
  • multiple
  • Emre Aslan
    2020-12-02

    Simple College Website 1.0 – ‘page’ Local File Inclusion

  • webapps
  • php
  • Mosaaed