Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24745Exploits

日期	标题	类型	平台	作者
2025-04-07	YesWiki 4.5.1 – Unauthenticated Path Traversal	webapps	multiple	Al Baradi Joy
2025-04-07	Apache Tomcat 11.0.3 – Remote Code Execution	webapps	multiple	Al Baradi Joy
2025-04-06	Backup and Staging by WP Time Capsule 1.22.21 – Unauthenticated Arbitrary File Upload	webapps	php	Al Baradi Joy
2025-04-06	Watcharr 1.43.0 – Remote Code Execution (RCE)	webapps	multiple	Suphawith Phusanbai
2025-04-06	Palo Alto Networks Expedition 1.2.90.1 – Admin Account Takeover	webapps	multiple	ByteHunter
2025-04-06	DataEase 2.4.0 – Database Configuration Information Exposure	webapps	java	ByteHunter
2025-04-06	WBCE CMS 1.6.3 – Authenticated Remote Code Execution (RCE)	webapps	multiple	Swammers8
2025-04-05	Royal Elementor Addons and Templates 1.3.78 – Unauthenticated Arbitrary File Upload	webapps	multiple	4m3rr0r
2025-04-05	Exclusive Addons for Elementor 2.6.9 – Stored Cross-Site Scripting (XSS)	webapps	multiple	Al Baradi Joy
2025-04-05	Kubio AI Page Builder 2.5.1 – Local File Inclusion (LFI)	webapps	multiple	4m3rr0r
2025-04-05	Next.js Middleware 15.2.2 – Authorization Bypass	webapps	multiple	kOaDT
2025-04-05	IBM Security Verify Access 10.0.0 – Open Redirect during OAuth Flow	webapps	multiple	Giulio Garzia
2025-04-05	Microchip TimeProvider 4100 Grandmaster (Data plot modules) 2.4.6 – SQL Injection	remote	hardware	Armando Huesca Prida
2025-04-04	Angular-Base64-Upload Library 0.1.20 – Remote Code Execution (RCE)	remote	multiple	Ravindu Wickramasinghe
2025-04-04	Microchip TimeProvider 4100 Grandmaster (Banner Config Modules) 2.4.6 – Stored Cross-Site Scripting (XSS)	remote	hardware	Armando Huesca Prida
2025-04-04	Microchip TimeProvider 4100 (Configuration modules) 2.4.6 – OS Command Injection	remote	hardware	Armando Huesca Prida
2025-04-03	AppSmith 1.47 – Remote Code Execution (RCE)	webapps	java	Nishanth Gaddam
2025-04-03	Nagios Log Server 2024R1.3.1 – Stored XSS	webapps	multiple	Seth Kraft
2025-04-03	ollama 0.6.4 – Server Side Request Forgery (SSRF)	local	multiple	sud0
2025-04-03	Webmin Usermin 2.100 – Username Enumeration	webapps	perl	Kjesper
2025-04-03	Microsoft Office 2019 MSO Build 1808 – NTLMv2 Hash Disclosure	remote	windows	Metin Yunus Kandemir
2025-04-03	ABB Cylon Aspect 3.07.01 – Hard-coded Default Credentials	webapps	php	LiquidWorm
2025-04-03	Vite 6.2.2 – Arbitrary File Read	remote	multiple	4m3rr0r
2025-04-03	ABB Cylon Aspect 3.07.02 – File Disclosure	webapps	multiple	LiquidWorm
2025-04-02	ABB Cylon Aspect 3.08.01 – Remote Code Execution (RCE)	webapps	multiple	LiquidWorm
2025-04-02	Elaine’s Realtime CRM Automation 6.18.17 – Reflected XSS	webapps	php	arfaoui haythem
2025-04-02	SAP NetWeaver – 7.53 – HTTP Request Smuggling	remote	multiple	C41Tx90
2025-04-02	ABB Cylon Aspect 3.08.01 – Arbitrary File Delete	webapps	php	LiquidWorm
2025-03-29	XWiki Standard 14.10 – Remote Code Execution (RCE)	webapps	php	Mehran Seifalinia
2025-03-29	Solstice Pod 6.2 – API Session Key Extraction via API Endpoint	local	windows	Thomas Heverin
2025-03-28	Progress Telerik Report Server 2024 Q1 (10.0.24.305) – Authentication Bypass	webapps	multiple	VeryLazyTech
2025-03-28	Rejetto HTTP File Server 2.3m – Remote Code Execution (RCE)	webapps	typescript	VeryLazyTech
2025-03-28	Sonatype Nexus Repository 3.53.0-01 – Path Traversal	webapps	multiple	VeryLazyTech
2025-03-28	CodeCanyon RISE CRM 3.7.0 – SQL Injection	webapps	php	Jobyer From Bytium
2025-03-28	Litespeed Cache 6.5.0.1 – Authentication Bypass	webapps	php	Caner Tercan
2025-03-27	X2CRM 8.5 – Stored Cross-Site Scripting (XSS)	webapps	php	Okan Kurtulus
2025-03-27	KubeSphere 3.4.0 – Insecure Direct Object Reference (IDOR)	webapps	multiple	Okan Kurtulus
2025-03-27	MoziloCMS 3.0 – Remote Code Execution (RCE)	webapps	php	Olakojo Olaoluwa Joshua
2025-03-26	NVIDIA Container Toolkit 1.16.1 – Time-of-check Time-of-Use (TOCTOU)	local	linux	r0binak
2025-03-22	TeamPass 3.0.0.21 – SQL Injection	webapps	php	Max Meyer - Rivendell
2025-03-22	Aztech DSL5005EN Router – ‘sysAccess.asp’ Admin Password Change (Unauthenticated)	remote	hardware	Amir Hossein Jamshidi
2025-03-22	Microsoft Windows – NTLM Hash Leak Malicious Windows Theme	remote	windows	Abinesh kamal K U
2025-03-21	Jasmin Ransomware – SQL Injection Login Bypass	webapps	php	Buğra Enis Dönmez
2025-03-20	FluxBB 1.5.11 – Stored Cross-Site Scripting (XSS)	webapps	php	Chokri Hammedi
2025-03-20	JUX Real Estate 3.4.0 – SQL Injection	webapps	php	CraCkEr
2025-03-19	VeeVPN 1.6.1 – Unquoted Service Path	local	windows	Doğukan Orhan
2025-03-19	Gitea 1.24.0 – HTML Injection	webapps	multiple	Mikail KOCADAĞ
2025-03-19	TranzAxis 3.2.41.10.26 – Stored Cross-Site Scripting (XSS) (Authenticated)	webapps	php	ABABANK REDTEAM
2025-03-19	Extensive VC Addons for WPBakery page builder 1.9.0 – Remote Code Execution (RCE)	webapps	php	Ravina
2025-03-19	Loaded Commerce 6.6 – Client-Side Template Injection(CSTI)	webapps	php	tmrswrr