Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2020-10-20	WordPress Plugin Rest Google Maps < 7.11.18 - SQL Injection	webapps	php	Jonatas Fil
2020-10-20	Apache Struts 2 – DefaultActionMapper Prefixes OGNL Code Execution	webapps	java	Jonatas Fil
2020-10-20	Mobile Shop System v1.0 – SQL Injection Authentication Bypass	webapps	php	Moaaz Taha
2020-10-20	RiteCMS 2.2.1 – Remote Code Execution (Authenticated)	webapps	php	H0j3n
2020-10-20	User Registration & Login and User Management System With admin panel 2.1 – Persistent XSS	webapps	php	yusufmalikul
2020-10-20	WordPress Plugin HS Brand Logo Slider 2.1 – ‘logoupload’ File Upload	webapps	php	Net-Hunter
2020-10-20	Ultimate Project Manager CRM PRO Version 2.0.5 – SQLi (Authenticated)	webapps	php	nag0mez
2020-10-20	Visitor Management System in PHP 1.0 – SQL Injection (Authenticated)	webapps	php	Rahul Ramkumar
2020-10-20	WordPress Plugin WP Courses < 2.0.29 - Broken Access Controls leading to Courses Content Disclosure	webapps	php	redtimmysec
2020-10-20	Loan Management System 1.0 – Multiple Cross Site Scripting (Stored)	webapps	php	Akıner Kısa
2020-10-19	Tourism Management System 1.0 – Arbitrary File Upload	webapps	php	Ankita Pal
2020-10-19	Textpattern CMS 4.6.2 – Cross-site Request Forgery	webapps	php	Alperen Ergel
2020-10-19	Typesetter CMS 5.1 – Arbitrary Code Execution (Authenticated)	webapps	php	Rodolfo Tavares
2020-10-19	Hostel Management System 2.1 – Cross Site Scripting (Multiple Fields)	webapps	php	Kokn3t
2020-10-19	Jenkins 2.63 – Sandbox bypass in pipeline: Groovy plug-in	webapps	java	Daniel Morris
2020-10-19	HiSilicon Video Encoders – Unauthenticated RTSP buffer overflow (DoS)	webapps	hardware	Alexei Kojenov
2020-10-19	HiSilicon Video Encoders – Full admin access via backdoor password	webapps	hardware	Alexei Kojenov
2020-10-19	HiSilicon video encoders – RCE via unauthenticated upload of malicious firmware	webapps	hardware	Alexei Kojenov
2020-10-19	HiSilicon Video Encoders – RCE via unauthenticated command injection	webapps	hardware	Alexei Kojenov
2020-10-19	HiSilicon Video Encoders – Unauthenticated file disclosure via path traversal	webapps	hardware	Alexei Kojenov
2020-10-19	Online Job Portal 1.0 – Cross Site Scripting (Stored)	webapps	php	Akıner Kısa
2020-10-19	Online Discussion Forum Site 1.0 – XSS in Messaging System	webapps	php	j5oh
2020-10-19	Online Student’s Management System 1.0 – Remote Code Execution (Authenticated)	webapps	php	Akıner Kısa
2020-10-19	Nagios XI 5.7.3 – ‘SNMP Trap Interface’ Authenticated SQL Injection	webapps	php	Matthew Aberegg
2020-10-19	Nagios XI 5.7.3 – ‘Manage Users’ Authenticated SQL Injection	webapps	php	Matthew Aberegg
2020-10-19	Nagios XI 5.7.3 – ‘Contact Templates’ Persistent Cross-Site Scripting	webapps	php	Matthew Aberegg
2020-10-16	CS-Cart 1.3.3 – authenticated RCE	webapps	php	0xmmnbassel
2020-10-16	CS-Cart 1.3.3 – ‘classes_dir’ LFI	webapps	php	0xmmnbassel
2020-10-16	Seat Reservation System 1.0 – Unauthenticated SQL Injection	webapps	php	Rahul Ramkumar
2020-10-16	Hotel Management System 1.0 – Remote Code Execution (Authenticated)	webapps	php	Aporlorxl23
2020-10-16	Seat Reservation System 1.0 – Remote Code Execution (Unauthenticated)	webapps	php	Rahul Ramkumar
2020-10-16	aaPanel 6.6.6 – Privilege Escalation & Remote Code Execution (Authenticated)	webapps	Python	Ünsal Furkan Harani
2020-10-16	Restaurant Reservation System 1.0 – ‘date’ SQL Injection (Authenticated)	webapps	php	b1nary
2020-10-16	Company Visitor Management System (CVMS) 1.0 – Authentication Bypass	webapps	php	Oğuz Türkgenç
2020-10-16	Alumni Management System 1.0 – Authentication Bypass	webapps	php	Ankita Pal
2020-10-16	Employee Management System 1.0 – Authentication Bypass	webapps	php	Ankita Pal
2020-10-16	Employee Management System 1.0 – Cross Site Scripting (Stored)	webapps	php	Ankita Pal
2020-10-15	Zoo Management System 1.0 – Authentication Bypass	webapps	php	Jyotsna Adhana
2020-10-15	Simple Grocery Store Sales And Inventory System 1.0 – Authentication Bypass	webapps	php	Saurav Shukla
2020-10-15	rConfig 3.9.5 – Remote Code Execution (Unauthenticated)	webapps	php	Daniel Monzón
2020-10-15	Vehicle Parking Management System 1.0 – Authentication Bypass	webapps	php	BKpatron
2020-10-14	Guild Wars 2 – Insecure Folder Permissions	local	windows	George Tsimpidas
2020-10-14	NodeBB Forum 1.12.2-1.14.2 – Account Takeover	webapps	multiple	Muhammed Eren Uygun
2020-10-13	Battle.Net 1.27.1.12428 – Insecure File Permissions	local	windows	George Tsimpidas
2020-10-13	berliCRM 1.0.24 – ‘src_record’ SQL Injection	webapps	php	Ahmet Ümit BAYRAM
2020-10-12	Cisco ASA and FTD 9.6.4.42 – Path Traversal	webapps	hardware	3ndG4me
2020-10-12	Online Students Management System 1.0 – ‘username’ SQL Injections	webapps	php	George Tsimpidas
2020-10-12	Liman 0.7 – Cross-Site Request Forgery (Change Password)	webapps	multiple	George Tsimpidas
2020-10-12	MedDream PACS Server 6.8.3.751 – Remote Code Execution (Unauthenticated)	webapps	php	bzyo
2020-10-12	Small CRM 2.0 – ’email’ SQL Injection	webapps	php	Ahmet Ümit BAYRAM