Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2020-11-30

ATX MiniCMTS200a Broadband Gateway 2.0 – Credential Disclosure

  • webapps
  • hardware
  • Zagros Bingol
    2020-11-27

    WordPress Theme Accesspress Social Icons 1.7.9 – SQL injection (Authenticated)

  • webapps
  • php
  • SunCSR
    2020-11-27

    Moodle 3.8 – Unrestricted File Upload

  • webapps
  • php
  • Sirwan Veisi
    2020-11-27

    Acronis Cyber Backup 12.5 Build 16341 – Unauthenticated SSRF

  • webapps
  • multiple
  • Julien Ahrens
    2020-11-27

    Laravel Administrator 4 – Unrestricted File Upload (Authenticated)

  • webapps
  • php
  • Xavi Beltran
    2020-11-27

    Ruckus IoT Controller (Ruckus vRIoT) 1.5.1.0.21 – Remote Code Execution

  • webapps
  • hardware
  • Emre SUREN
    2020-11-27

    WonderCMS 3.1.3 – ‘uploadFile’ Stored Cross-Site Scripting

  • webapps
  • php
  • Sun* Cyber Security Research Team
    2020-11-27

    SAP Lumira 1.31 – Stored Cross-Site Scripting

  • local
  • multiple
  • Ilca Lucian Florin
    2020-11-27

    WordPress Theme Wibar 1.1.8 – ‘Brand Component’ Stored Cross Site Scripting

  • webapps
  • php
  • Ilca Lucian Florin
    2020-11-27

    Best Support System 3.0.4 – ‘ticket_body’ Persistent XSS (Authenticated)

  • webapps
  • php
  • Ex.Mi
    2020-11-27

    ElkarBackup 1.3.3 – ‘Policy[name]’ and ‘Policy[Description]’ Stored Cross-site Scripting

  • webapps
  • php
  • Vyshnav nk
    2020-11-27

    libupnp 1.6.18 – Stack-based buffer overflow (DoS)

  • dos
  • linux
  • Patrik Lantz
    2020-11-27

    House Rental 1.0 – ‘keywords’ SQL Injection

  • webapps
  • php
  • boku
    2020-11-27

    Foxit Reader 9.0.1.1049 – Arbitrary Code Execution

  • local
  • windows
  • CrossWire
    2020-11-26

    Razer Chroma SDK Server 3.16.02 – Race Condition Remote File Execution

  • remote
  • windows
  • Loke Hui Yi
    2020-11-26

    Pure-FTPd 1.0.48 – Remote Denial of Service

  • dos
  • multiple
  • xynmaps
    2020-11-25

    SyncBreeze 10.0.28 – ‘password’ Remote Buffer Overflow

  • webapps
  • windows
  • Abdessalam king
    2020-11-25

    osCommerce 2.3.4.1 – ‘title’ Persistent Cross-Site Scripting

  • webapps
  • php
  • Emre Aslan
    2020-11-25

    WonderCMS 3.1.3 – ‘page’ Persistent Cross-Site Scripting

  • webapps
  • php
  • Mayur Parmar
    2020-11-25

    Wondershare Driver Install Service help 10.7.1.321 – ‘ElevationService’ Unquote Service Path

  • local
  • windows
  • Luis Sandoval
    2020-11-24

    OpenCart 3.0.3.6 – ‘Profile Image’ Stored Cross-Site Scripting (Authenticated)

  • webapps
  • php
  • Hemant Patidar
    2020-11-24

    Seowon 130-SLC router 1.0.11 – ‘ipAddr’ RCE (Authenticated)

  • webapps
  • hardware
  • maj0rmil4d
    2020-11-24

    ZeroShell 3.9.0 – ‘cgi-bin/kerbynet’ Remote Root Command Injection (Metasploit)

  • webapps
  • linux
  • Giuseppe Fuggiano
    2020-11-24

    Apache OpenMeetings 5.0.0 – ‘hostname’ Denial of Service

  • webapps
  • multiple
  • SunCSR
    2020-11-24

    nopCommerce Store 4.30 – ‘name’ Stored Cross-Site Scripting

  • webapps
  • multiple
  • Hemant Patidar
    2020-11-24

    docPrint Pro 8.0 – ‘Add URL’ Buffer Overflow (SEH Egghunter)

  • local
  • windows
  • MasterVlad
    2020-11-24

    OpenCart 3.0.3.6 – ‘subject’ Stored Cross-Site Scripting

  • webapps
  • php
  • Hemant Patidar
    2020-11-23

    TP-Link TL-WA855RE V5_200415 – Device Reset Auth Bypass

  • webapps
  • hardware
  • malwrforensics
    2020-11-23

    LifeRay 7.2.1 GA2 – Stored XSS

  • webapps
  • multiple
  • 3ndG4me
    2020-11-23

    VTiger v7.0 CRM – ‘To’ Persistent XSS

  • webapps
  • php
  • Vulnerability-Lab
    2020-11-23

    Boxoft Audio Converter 2.3.0 – ‘.wav’ Buffer Overflow (SEH)

  • local
  • windows
  • Luis Martínez
    2020-11-20

    Boxoft Convert Master 1.3.0 – ‘wav’ SEH Local Exploit

  • local
  • windows
  • stresser
    2020-11-20

    Free MP3 CD Ripper 2.8 – Multiple File Buffer Overflow (Metasploit)

  • local
  • windows
  • ZwX
    2020-11-20

    IBM Tivoli Storage Manager Command Line Administrative Interface 5.2.0.1 – id’ Field Stack Based Buffer Overflow

  • local
  • windows
  • Paolo Stagno
    2020-11-20

    WonderCMS 3.1.3 – ‘content’ Persistent Cross-Site Scripting

  • webapps
  • php
  • Hemant Patidar
    2020-11-20

    Zortam Mp3 Media Studio 27.60 – Remote Code Execution (SEH)

  • local
  • windows
  • Vincent Wolterman
    2020-11-19

    M/Monit 3.7.4 – Password Disclosure

  • webapps
  • multiple
  • Dolev Farhi
    2020-11-19

    M/Monit 3.7.4 – Privilege Escalation

  • webapps
  • multiple
  • Dolev Farhi
    2020-11-19

    Gemtek WVRTM-127ACN 01.01.02.141 – Authenticated Arbitrary Command Injection

  • webapps
  • cgi
  • Gabriele Zuddas
    2020-11-19

    TestBox CFML Test Framework 4.1.0 – Directory Traversal

  • webapps
  • multiple
  • Darren King
    2020-11-19

    TestBox CFML Test Framework 4.1.0 – Arbitrary File Write and Remote Code Execution

  • webapps
  • multiple
  • Darren King
    2020-11-19

    Gitlab 12.9.0 – Arbitrary File Read (Authenticated)

  • webapps
  • ruby
  • Jasper Rasenberg
    2020-11-19

    Genexis Platinum 4410 Router 2.1 – UPnP Credential Exposure

  • remote
  • hardware
  • Nitesh Surana
    2020-11-19

    Fortinet FortiOS 6.0.4 – Unauthenticated SSL VPN User Password Modification

  • webapps
  • hardware
  • Ricardo Longatto
    2020-11-19

    xuucms 3 – ‘keywords’ SQL Injection

  • webapps
  • multiple
  • icekam
    2020-11-19

    PESCMS TEAM 2.3.2 – Multiple Reflected XSS

  • webapps
  • multiple
  • icekam
    2020-11-19

    Internet Download Manager 6.38.12 – Scheduler Downloads Scheduler Buffer Overflow (PoC)

  • dos
  • windows
  • Vincent Wolterman
    2020-11-19

    Nagios Log Server 2.1.7 – Persistent Cross-Site Scripting

  • webapps
  • multiple
  • Emre ÖVÜNÇ
    2020-11-18

    ZeroLogon – Netlogon Elevation of Privilege

  • remote
  • windows
  • West Shepherd
    2020-11-18

    BigBlueButton 2.2.25 – Arbitrary File Disclosure and Server-Side Request Forgery

  • webapps
  • multiple
  • RedTeam Pentesting GmbH