Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2020-11-18	WordPress Plugin WPForms 1.6.3.1 – Persistent Cross Site Scripting (Authenticated)	webapps	php	ZwX
2020-11-17	Apache Struts 2.5.20 – Double OGNL evaluation	remote	multiple	West Shepherd
2020-11-17	Aerospike Database 5.1.0.3 – OS Command Execution	remote	multiple	Matt S
2020-11-17	LCD_Service 1.0.1.0 – ‘LCD_Service’ Unquote Service Path	local	windows	Gerardo González
2020-11-17	Joomla Plugin Simple Image Gallery Extended (SIGE) 3.5.3 – Multiple Vulnerabilities	webapps	php	Vulnerability-Lab
2020-11-17	Froxlor Froxlor Server Management Panel 0.10.16 – Persistent Cross-Site Scripting	webapps	php	Vulnerability-Lab
2020-11-17	Microsoft Internet Explorer 11 – Use-After-Free	local	windows	maxpl0it
2020-11-17	WordPress Plugin Buddypress 6.2.0 – Persistent Cross-Site Scripting	webapps	php	Vulnerability-Lab
2020-11-17	SugarCRM 6.5.18 – Persistent Cross-Site Scripting	webapps	php	Vulnerability-Lab
2020-11-17	Online Doctor Appointment Booking System PHP and Mysql 1.0 – ‘q’ SQL Injection	webapps	php	Ramil Mustafayev
2020-11-17	EgavilanMedia User Registration & Login System with Admin Panel Exploit – SQLi Auth Bypass	webapps	php	Kislay Kumar
2020-11-16	Cisco 7937G – DoS/Privilege Escalation	remote	hardware	Cody Martin
2020-11-16	Car Rental Management System 1.0 – ‘car_id’ Sql Injection	webapps	php	Mehmet Kelepçe
2020-11-16	Car Rental Management System 1.0 – Remote Code Execution (Authenticated)	webapps	php	Mehmet Kelepçe
2020-11-16	PMB 5.6 – ‘chemin’ Local File Disclosure	webapps	php	41-trk
2020-11-16	Atheros Coex Service Application 8.0.0.255 – ‘ZAtheros Bt&Wlan Coex Agent’ Unquoted Service Path	local	windows	Isabel Lopez
2020-11-16	User Registration & Login and User Management System 2.1 – Login Bypass SQL Injection	webapps	php	Mayur Parmar
2020-11-16	Logitech Solar Keyboard Service – ‘L4301_Solar’ Unquoted Service Path	local	windows	Jair Amezcua
2020-11-16	Advanced System Care Service 13 – ‘AdvancedSystemCareService13’ Unquoted Service Path	local	windows	Jair Amezcua
2020-11-16	Water Billing System 1.0 – ‘id’ SQL Injection (Authenticated)	webapps	php	Mehmet Kelepçe
2020-11-16	KiteService 1.2020.1113.1 – ‘KiteService.exe’ Unquoted Service Path	local	windows	IRVIN GIL
2020-11-16	Pandora FMS 7.0 NG 749 – ‘CG Items’ SQL Injection (Authenticated)	webapps	php	Matthew Aberegg
2020-11-13	Touchbase.io 1.10 – Stored Cross Site Scripting	webapps	multiple	Simran Sankhala
2020-11-13	Apache Tomcat – AJP ‘Ghostcat’ File Read/Inclusion (Metasploit)	webapps	multiple	SunCSR
2020-11-13	Citrix ADC NetScaler – Local File Inclusion (Metasploit)	webapps	hardware	RAMELLA Sebastien
2020-11-13	Bludit 3.9.2 – Authentication Bruteforce Bypass (Metasploit)	webapps	php	Aporlorxl23
2020-11-13	ASUS TM-AC1900 – Arbitrary Command Execution (Metasploit)	webapps	hardware	b1ack0wl
2020-11-13	October CMS Build 465 – Arbitrary File Read Exploit (Authenticated)	webapps	php	Sivanesh Ashok
2020-11-13	OpenCart Theme Journal 3.1.0 – Sensitive Data Exposure	webapps	php	Jinson Varghese Behanan
2020-11-13	IDT PC Audio 1.0.6425.0 – ‘STacSV’ Unquoted Service Path	local	windows	Isabel Lopez
2020-11-13	SAntivirus IC 10.0.21.61 – ‘SAntivirusIC’ Unquoted Service Path	local	windows	Mara Ramirez
2020-11-13	DigitalPersona 5.1.0.656 ‘DpHostW’ – Unquoted Service Path	local	windows	Teresa Q
2020-11-12	Sony Playstation 4 (PS4) < 6.72 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)	webapps	hardware	Synacktiv
2020-11-12	Nidesoft 3GP Video Converter 2.6.18 – Local Stack Buffer Overflow	local	windows	Felipe Winsnes
2020-11-12	WordPress Plugin Good LMS 2.1.4 – ‘id’ Unauthenticated SQL Injection	webapps	php	Abdulazeez Alaseeri
2020-11-12	Water Billing System 1.0 – ‘username’ and ‘password’ parameters SQL Injection	webapps	php	Sarang Tumne
2020-11-11	CMSUno 1.6.2 – ‘user’ Remote Code Execution (Authenticated)	webapps	php	Fatih Çelik
2020-11-11	Customer Support System 1.0 – ‘username’ Authentication Bypass	webapps	php	Ahmed Abbas
2020-11-11	Customer Support System 1.0 – Cross-Site Request Forgery	webapps	php	Ahmed Abbas
2020-11-11	Customer Support System 1.0 – ‘description’ Stored XSS in The Admin Panel	webapps	php	Ahmed Abbas
2020-11-10	Anuko Time Tracker 1.19.23.5325 – CSV/Formula Injection	webapps	php	Mufaddal Masalawala
2020-11-10	ShoreTel Conferencing 19.46.1802.0 – Reflected Cross-Site Scripting	webapps	php	Joe Helle
2020-11-10	Car Rental Management System 1.0 – SQL injection + Arbitrary File Upload	webapps	php	Fortunato Lodari
2020-11-09	Privacy Drive v3.17.0 – ‘pdsvc.exe’ Unquoted Service Path	local	windows	Mohammed Alshehri
2020-11-09	Genexus Protection Server 9.6.4.2 – ‘protsrvservice’ Unquoted Service Path	local	windows	SamAlucard
2020-11-09	DiskBoss v11.7.28 – Multiple Services Unquoted Service Path	local	windows	Mohammed Alshehri
2020-11-09	IPTInstaller 4.0.9 – ‘PassThru Service’ Unquoted Service Path	local	windows	SamAlucard
2020-11-09	RealTimes Desktop Service 18.1.4 – ‘rpdsvc.exe’ Unquoted Service Path	local	windows	Erick Galindo
2020-11-09	OKI sPSV Port Manager 1.0.41 – ‘sPSVOpLclSrv’ Unquoted Service Path	local	windows	Julio Aviña
2020-11-09	Deep Instinct Windows Agent 1.2.24.0 – ‘DeepNetworkService’ Unquoted Service Path	local	windows	Paulina Girón