Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2020-12-02

Mitel mitel-cs018 – Call Data Information Disclosure

  • remote
  • linux
  • Andrea Intilangelo
    2020-12-02

    NewsLister – Authenticated Persistent Cross-Site Scripting

  • webapps
  • multiple
  • Emre Aslan
    2020-12-02

    Simple College Website 1.0 – ‘page’ Local File Inclusion

  • webapps
  • php
  • Mosaaed
    2020-12-02

    Online Voting System Project in PHP – ‘username’ Persistent Cross-Site Scripting

  • webapps
  • multiple
  • Sagar Banwa
    2020-12-02

    Anuko Time Tracker 1.19.23.5311 – Password Reset leading to Account Takeover

  • webapps
  • php
  • Mufaddal Masalawala
    2020-12-02

    Realtek Andrea RT Filters 1.0.64.7 – ‘AERTSr64.EXE’ Unquoted Service Path

  • local
  • windows
  • Manuel Alvarez
    2020-12-02

    Anuko Time Tracker 1.19.23.5311 – No rate Limit on Password Reset functionality

  • webapps
  • php
  • Mufaddal Masalawala
    2020-12-02

    IDT PC Audio 1.0.6433.0 – ‘STacSV’ Unquoted Service Path

  • local
  • windows
  • Manuel Alvarez
    2020-12-02

    ChurchCRM 4.2.1 – Persistent Cross Site Scripting (XSS)

  • webapps
  • multiple
  • Mufaddal Masalawala
    2020-12-02

    PRTG Network Monitor 20.4.63.1412 – ‘maps’ Stored XSS

  • webapps
  • windows
  • Amin Rawah
    2020-12-02

    ChurchCRM 4.2.0 – CSV/Formula Injection

  • webapps
  • multiple
  • Mufaddal Masalawala
    2020-12-02

    WonderCMS 3.1.3 – Authenticated Remote Code Execution

  • webapps
  • php
  • zetc0de
    2020-12-02

    WebDamn User Registration & Login System with User Panel – SQLi Auth Bypass

  • webapps
  • multiple
  • Aakash Madaan
    2020-12-02

    WonderCMS 3.1.3 – Authenticated SSRF to Remote Remote Code Execution

  • webapps
  • php
  • zetc0de
    2020-12-02

    Ksix Zigbee Devices – Playback Protection Bypass (PoC)

  • remote
  • multiple
  • Alejandro Vazquez Vazquez
    2020-12-02

    EgavilanMedia User Registration & Login System with Admin Panel 1.0 – Stored Cross Site Scripting

  • webapps
  • multiple
  • Soushikta Chowdhury
    2020-12-02

    DotCMS 20.11 – Stored Cross-Site Scripting

  • webapps
  • multiple
  • Hardik Solanki
    2020-12-02

    Student Result Management System 1.0 – Authentication Bypass SQL Injection

  • webapps
  • multiple
  • Ritesh Gohil
    2020-12-02

    Artworks Gallery 1.0 – Arbitrary File Upload RCE (Authenticated) via Edit Profile

  • webapps
  • multiple
  • Shahrukh Iqbal Mirza
    2020-12-02

    EgavilanMedia User Registration & Login System with Admin Panel 1.0 – CSRF

  • webapps
  • multiple
  • Hardik Solanki
    2020-12-02

    Artworks Gallery 1.0 – Arbitrary File Upload RCE (Authenticated) via Add Artwork

  • webapps
  • multiple
  • Shahrukh Iqbal Mirza
    2020-12-02

    Under Construction Page with CPanel 1.0 – SQL injection

  • webapps
  • multiple
  • Mayur Parmar
    2020-12-02

    Employee Record Management System 1.1 – Login Bypass SQL Injection

  • webapps
  • multiple
  • Anurag Kumar
    2020-12-02

    Pharmacy Store Management System 1.0 – ‘id’ SQL Injection

  • webapps
  • php
  • Aydın Baran Ertemir
    2020-12-02

    WonderCMS 3.1.3 – ‘Menu’ Persistent Cross-Site Scripting

  • webapps
  • php
  • Hemant Patidar
    2020-12-02

    ILIAS Learning Management System 4.3 – SSRF

  • webapps
  • multiple
  • Dot
    2020-12-02

    Microsoft Windows – Win32k Elevation of Privilege

  • local
  • windows
  • nu11secur1ty
    2020-12-02

    Local Service Search Engine Management System 1.0 – SQLi Authentication Bypass

  • webapps
  • multiple
  • Aditya Wakhlu
    2020-12-02

    aSc TimeTables 2021.6.2 – Denial of Service (PoC)

  • local
  • windows
  • Ismael Nava
    2020-12-01

    WordPress Plugin EventON Calendar 3.0.5 – Reflected Cross-Site Scripting

  • webapps
  • php
  • B3KC4T
    2020-12-01

    Tendenci 12.3.1 – CSV/ Formula Injection

  • webapps
  • multiple
  • Mufaddal Masalawala
    2020-12-01

    Joomla! Component GMapFP 3.5 – Unauthenticated Arbitrary File Upload

  • webapps
  • php
  • ThelastVvV
    2020-12-01

    Intel(r) Management and Security Application 5.2 – User Notification Service Unquoted Service Path

  • local
  • windows
  • Metin Yunus Kandemir
    2020-12-01

    TypeSetter 5.1 – CSRF (Change admin e-mail)

  • webapps
  • php
  • Alperen Ergel
    2020-12-01

    Pearson Vue VTS 2.3.1911 Installer – VUEApplicationWrapper Unquoted Service Path

  • local
  • windows
  • Jok3r
    2020-12-01

    Global Registration Service 1.0.0.3 – ‘GREGsvc.exe’ Unquoted Service Path

  • local
  • windows
  • Emmanuel Lujan
    2020-12-01

    EPSON Status Monitor 3 ‘EPSON_PM_RPCV4_06’ – Unquoted Service Path

  • local
  • windows
  • SamAlucard
    2020-12-01

    Social Networking Site – Authentication Bypass (SQli)

  • webapps
  • php
  • gh1mau
    2020-12-01

    Pandora FMS 7.0 NG 749 – Multiple Persistent Cross-Site Scripting Vulnerabilities

  • webapps
  • php
  • Matthew Aberegg
    2020-12-01

    Medical Center Portal Management System 1.0 – ‘login’ SQL Injection

  • webapps
  • php
  • Aydın Baran Ertemir
    2020-12-01

    LEPTON CMS 4.7.0 – ‘URL’ Persistent Cross-Site Scripting

  • webapps
  • php
  • Sagar Banwa
    2020-12-01

    Tailor Management System 1.0 – Unrestricted File Upload to Remote Code Execution

  • webapps
  • php
  • Saeed Bala Ahmed
    2020-12-01

    Multi Restaurant Table Reservation System 1.0 – Multiple Persistent XSS

  • webapps
  • php
  • yunaranyancat
    2020-12-01

    10-Strike Network Inventory Explorer 8.65 – Buffer Overflow (SEH)

  • local
  • windows
  • Sectechs
    2020-12-01

    Setelsa Conacwin 3.7.1.2 – Local File Inclusion

  • webapps
  • multiple
  • Bryan Rodriguez Martin
    2020-12-01

    Pharmacy/Medical Store & Sale Point 1.0 – ’email’ SQL Injection

  • webapps
  • php
  • naivenom
    2020-12-01

    Online Shopping Alphaware 1.0 – Error Based SQL injection

  • webapps
  • php
  • Moaaz Taha
    2020-11-30

    YATinyWinFTP – Denial of Service (PoC)

  • remote
  • windows
  • strider
    2020-11-30

    Intelbras Router RF 301K 1.1.2 – Authentication Bypass

  • webapps
  • hardware
  • Kaio Amaral
    2020-11-30

    Rejetto HttpFileServer 2.3.x – Remote Command Execution (3)

  • webapps
  • windows
  • Óscar Andreu