Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2020-08-20	ElkarBackup 1.3.3 – Persistent Cross-Site Scripting	webapps	php	Enes Özeser
2020-08-19	Ruijie Networks Switch eWeb S29_RGOS 11.4 – Directory Traversal	webapps	hardware	Tuygun
2020-08-18	Savsoft Quiz 5 – Stored Cross-Site Scripting	webapps	php	Mayur Parmar
2020-08-18	Pharmacy Medical Store and Sale Point 1.0 – ‘catid’ SQL Injection	webapps	php	Moaaz Taha
2020-08-17	QiHang Media Web Digital Signage 3.0.9 – Remote Code Execution (Unauthenticated)	webapps	hardware	LiquidWorm
2020-08-17	QiHang Media Web Digital Signage 3.0.9 – Unauthenticated Arbitrary File Disclosure	webapps	hardware	LiquidWorm
2020-08-17	QiHang Media Web Digital Signage 3.0.9 – Unauthenticated Arbitrary File Deletion	webapps	hardware	LiquidWorm
2020-08-17	QiHang Media Web Digital Signage 3.0.9 – Cleartext Credential Disclosure	webapps	hardware	LiquidWorm
2020-08-17	Microsoft SharePoint Server 2019 – Remote Code Execution	webapps	aspx	West Shepherd
2020-08-17	Bludit 3.9.2 – Authentication Bruteforce Mitigation Bypass	webapps	php	Alexandre ZANNI
2020-08-13	GetSimple CMS Plugin Multi User 1.8.2 – Cross-Site Request Forgery (Add Admin)	webapps	php	boku
2020-08-13	Artica Proxy 4.3.0 – Authentication Bypass	webapps	hardware	Dan Duffy
2020-08-12	vBulletin 5.6.2 – ‘widget_tabbedContainer_tab_panel’ Remote Code Execution	webapps	php	zenofex
2020-08-12	CMS Made Simple 2.2.14 – Authenticated Arbitrary File Upload	webapps	php	Roel van Beurden
2020-08-11	Fuel CMS 1.4.7 – ‘col’ SQL Injection (Authenticated)	webapps	php	Roel van Beurden
2020-08-10	BarcodeOCR 19.3.6 – ‘BarcodeOCR’ Unquoted Service Path	local	windows	Daniel Bertoni
2020-08-10	ManageEngine ADSelfService Build prior to 6003 – Remote Code Execution (Unauthenticated)	webapps	java	Bhadresh Patel
2020-08-10	Warehouse Inventory System 1.0 – Cross-Site Request Forgery (Change Admin Password)	webapps	php	boku
2020-08-07	Daily Expenses Management System 1.0 – ‘item’ SQL Injection	webapps	php	screetsec
2020-08-07	All-Dynamics Digital Signage System 2.0.2 – Cross-Site Request Forgery (Add Admin)	webapps	hardware	LiquidWorm
2020-08-06	CodeMeter 6.60 – ‘CodeMeter.exe’ Unquoted Service Path	local	windows	Luis Martínez
2020-08-06	Victor CMS 1.0 – ‘Search’ SQL Injection	webapps	php	screetsec
2020-08-05	Stock Management System 1.0 – Authentication Bypass	webapps	php	Adeeb Shah
2020-08-05	QlikView 12.50.20000.0 – ‘FTP Server Address’ Denial of Service (PoC)	dos	windows	Luis Martínez
2020-08-05	ACTi NVR3 Standard or Professional Server 3.0.12.42 – Denial of Service (PoC)	dos	windows	MegaMagnus
2020-08-04	Daily Expenses Management System 1.0 – ‘username’ SQL Injection	webapps	php	Daniel Ortiz
2020-08-04	RTSP for iOS 1.0 – ‘IP Address’ Denial of Service (PoC)	dos	windows	Luis Martínez
2020-08-04	Mocha Telnet Lite for iOS 4.2 – ‘User’ Denial of Service (PoC)	dos	windows	Luis Martínez
2020-08-04	Pi-hole 4.3.2 – Remote Code Execution (Authenticated)	webapps	Python	Luis Vacacas
2020-08-03	BacklinkSpeed 2.4 – Buffer Overflow PoC (SEH)	local	windows	Saeed reza Zamanian
2020-07-30	Online Shopping Alphaware 1.0 – Authentication Bypass	webapps	php	Ahmed Abbas
2020-07-29	WordPress Plugin Maintenance Mode by SeedProd 5.1.1 – Persistent Cross-Site Scripting	webapps	php	Jinson Varghese Behanan
2020-07-29	Cisco Adaptive Security Appliance Software 9.7 – Unauthenticated Arbitrary File Deletion	webapps	hardware	0xmmnbassel
2020-07-28	Cisco Adaptive Security Appliance Software 9.11 – Local File Inclusion	webapps	hardware	0xmmnbassel
2020-07-27	eGroupWare 1.14 – ‘spellchecker.php’ Remote Command Execution	webapps	php	Berk KIRAS
2020-07-26	LibreHealth 2.0.0 – Authenticated Remote Code Execution	webapps	php	boku
2020-07-26	Bludit 3.9.2 – Directory Traversal	webapps	multiple	James Green
2020-07-26	PandoraFMS NG747 7.0 – ‘filename’ Persistent Cross-Site Scripting	webapps	php	Emre ÖVÜNÇ
2020-07-26	WordPress Plugin Email Subscribers & Newsletters 4.2.2 – ‘hash’ SQL Injection (Unauthenticated)	webapps	php	KBA@SOGETI_ESEC
2020-07-26	Rails 5.0.1 – Remote Code Execution	webapps	ruby	Lucas Amorim
2020-07-26	WordPress Plugin Email Subscribers & Newsletters 4.2.2 – Unauthenticated File Download	webapps	php	KBA@SOGETI_ESEC
2020-07-26	Virtual Airlines Manager 2.6.2 – Persistent Cross-Site Scripting	webapps	php	Peter Blue
2020-07-26	Calavera UpLoader 3.5 – ‘FTP Logi’ Denial of Service (PoC + SEH Overwrite)	dos	windows	Felipe Winsnes
2020-07-26	pfSense 2.4.4-p3 – Cross-Site Request Forgery	webapps	php	ghost_fh
2020-07-26	Free MP3 CD Ripper 2.8 – Stack Buffer Overflow (SEH + Egghunter)	local	windows	Eduard Palisek
2020-07-26	Socket.io-file 2.0.31 – Arbitrary File Upload	webapps	multiple	Cr0wTom
2020-07-26	Port Forwarding Wizard 4.8.0 – Buffer Overflow (SEH)	local	windows	Sarang Tumne
2020-07-26	Sickbeard 0.1 – Cross-Site Request Forgery (Disable Authentication)	webapps	multiple	bdrake
2020-07-26	UBICOD Medivision Digital Signage 1.5.1 – Cross-Site Request Forgery (Add Admin)	webapps	hardware	LiquidWorm
2020-07-26	F5 Big-IP 13.1.3 Build 0.0.6 – Local File Inclusion	webapps	hardware	Carlos E. Vieira