Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2020-06-10	Virtual Airlines Manager 2.6.2 – ‘id’ SQL Injection	webapps	php	Mosaaed
2020-06-10	WinGate 9.4.1.5998 – Insecure Folder Permissions	local	windows	hyp3rlinx
2020-06-10	Joomla! J2 Store 3.3.11 – ‘filter_order_Dir’ Authenticated SQL Injection	webapps	php	Mehmet Kelepçe
2020-06-10	Sistem Informasi Pengumuman Kelulusan Online 1.0 – Cross-Site Request Forgery (Add Admin)	webapps	php	Extinction
2020-06-09	Bludit 3.9.12 – Directory Traversal	webapps	php	Luis Vacacas
2020-06-09	Virtual Airlines Manager 2.6.2 – ‘airport’ SQL Injection	webapps	php	Kostadin Tonev
2020-06-08	Quick Player 1.3 – ‘.m3l’ Buffer Overflow (Unicode & SEH)	local	windows	Felipe Winsnes
2020-06-08	Frigate 3.36.0.9 – ‘Command Line’ Local Buffer Overflow (SEH) (PoC)	local	windows	Paras Bhatia
2020-06-08	Virtual Airlines Manager 2.6.2 – ‘notam’ SQL Injection	webapps	php	Pankaj Kumar Thakur
2020-06-08	Kyocera Printer d-COPIA253MF – Directory Traversal (PoC)	webapps	hardware	Hakan Eren ŞAN
2020-06-05	Online-Exam-System 2015 – ‘feedback’ SQL Injection	webapps	php	Gus Ralph
2020-06-05	Online Course Registration 1.0 – Authentication Bypass	webapps	php	BKpatron
2020-06-04	Secure Computing SnapGear Management Console SG560 3.1.5 – Arbitrary File Read	webapps	hardware	LiquidWorm
2020-06-04	SnapGear Management Console SG560 3.1.5 – Cross-Site Request Forgery (Add Super User)	webapps	hardware	LiquidWorm
2020-06-04	Cayin Content Management Server 11.0 – Remote Command Injection (root)	webapps	multiple	LiquidWorm
2020-06-04	Online Marriage Registration System 1.0 – Remote Code Execution (1)	webapps	php	Enesdex
2020-06-04	D-Link DIR-615 T1 20.10 – CAPTCHA Bypass	webapps	hardware	huzaifa hussain
2020-06-04	Navigate CMS 2.8.7 – Authenticated Directory Traversal	webapps	php	Gus Ralph
2020-06-04	VMWAre vCloud Director 9.7.0.15498291 – Remote Code Execution	webapps	java	Tomas Melicher
2020-06-04	Navigate CMS 2.8.7 – Cross-Site Request Forgery (Add Admin)	webapps	php	Gus Ralph
2020-06-04	Clinic Management System 1.0 – Authenticated Arbitrary File Upload	webapps	php	BKpatron
2020-06-04	Oriol Espinal CMS 1.0 – ‘id’ SQL Injection	webapps	php	TSAR
2020-06-04	Navigate CMS 2.8.7 – ”sidx’ SQL Injection (Authenticated)	webapps	php	Gus Ralph
2020-06-04	Clinic Management System 1.0 – Unauthenticated Remote Code Execution	webapps	php	BKpatron
2020-06-04	IObit Uninstaller 9.5.0.15 – ‘IObit Uninstaller Service’ Unquoted Service Path	local	windows	Gobinathan
2020-06-04	Hostel Management System 2.0 – ‘id’ SQL Injection (Unauthenticated)	webapps	php	Enesdex
2020-06-04	Cayin Digital Signage System xPost 2.5 – Remote Command Injection	webapps	multiple	LiquidWorm
2020-06-04	AirControl 1.4.2 – PreAuth Remote Code Execution	webapps	hardware	0xd0ff9
2020-06-04	Cayin Signage Media Player 3.0 – Remote Command Injection (root)	webapps	multiple	LiquidWorm
2020-06-02	OpenCart 3.0.3.2 – Stored Cross Site Scripting (Authenticated)	webapps	php	Kailash Bohara
2020-06-02	Clinic Management System 1.0 – Authentication Bypass	webapps	php	BKpatron
2020-06-02	Microsoft Windows – ‘SMBGhost’ Remote Code Execution	remote	windows	chompie1337
2020-06-02	vCloud Director 9.7.0.15498291 – Remote Code Execution	remote	linux	aaronsvk
2020-06-01	QuickBox Pro 2.1.8 – Authenticated Remote Code Execution	webapps	php	s1gh
2020-06-01	VMware vCenter Server 6.7 – Authentication Bypass	webapps	multiple	Photubias
2020-06-01	WordPress Plugin BBPress 2.5 – Unauthenticated Privilege Escalation	webapps	php	Raphael Karger
2020-05-29	Crystal Shard http-protection 0.2.0 – IP Spoofing Bypass	webapps	multiple	Halis Duraki
2020-05-29	WordPress Plugin Multi-Scheduler 1.0.0 – Cross-Site Request Forgery (Delete User)	webapps	php	UnD3sc0n0c1d0
2020-05-28	QNAP QTS and Photo Station 6.0.3 – Remote Command Execution	webapps	php	Th3GundY
2020-05-28	EyouCMS 1.4.6 – Persistent Cross-Site Scripting	webapps	php	China Banking and Insurance Information Technology Management Co.
2020-05-28	Online-Exam-System 2015 – ‘fid’ SQL Injection	webapps	php	Berk Dusunur
2020-05-28	NOKIA VitalSuite SPM 2020 – ‘UserName’ SQL Injection	webapps	multiple	Berk Dusunur
2020-05-27	LimeSurvey 4.1.11 – ‘Permission Roles’ Persistent Cross-Site Scripting	webapps	php	Matthew Aberegg
2020-05-27	Online Marriage Registration System 1.0 – Persistent Cross-Site Scripting	webapps	php	that faceless coder
2020-05-27	OXID eShop 6.3.4 – ‘sorting’ SQL Injection	webapps	php	VulnSpy
2020-05-27	Kuicms PHP EE 2.0 – Persistent Cross-Site Scripting	webapps	php	China Banking and Insurance Information Technology Management Co.
2020-05-27	osTicket 1.14.1 – ‘Saved Search’ Persistent Cross-Site Scripting	webapps	php	Matthew Aberegg
2020-05-27	osTicket 1.14.1 – ‘Ticket Queue’ Persistent Cross-Site Scripting	webapps	php	Matthew Aberegg
2020-05-26	WordPress Plugin Drag and Drop File Upload Contact Form 1.3.3.2 – Remote Code Execution	webapps	php	Austin Martin
2020-05-26	Pi-hole 4.4.0 – Remote Code Execution (Authenticated)	webapps	linux	Photubias