Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2020-05-26	Joomla! Plugin XCloner Backup 3.5.3 – Local File Inclusion (Authenticated)	webapps	php	Mehmet Kelepçe
2020-05-26	StreamRipper32 2.6 – Buffer Overflow (PoC)	local	windows	Andy Bowden
2020-05-26	Open-AudIT 3.3.0 – Reflective Cross-Site Scripting (Authenticated)	webapps	php	Kamaljeet Kumar
2020-05-26	OpenEMR 5.0.1 – Remote Code Execution (1)	webapps	php	Musyoka Ian
2020-05-25	Synology DiskStation Manager – smart.cgi Remote Command Execution (Metasploit)	remote	hardware	Metasploit
2020-05-25	Plesk/myLittleAdmin – ViewState .NET Deserialization (Metasploit)	remote	windows	Metasploit
2020-05-25	Online Discussion Forum Site 1.0 – Remote Code Execution	webapps	php	Enesdex
2020-05-25	Victor CMS 1.0 – ‘add_user’ Persistent Cross-Site Scripting	webapps	php	Nitya Nand
2020-05-25	GoldWave – Buffer Overflow (SEH Unicode)	local	windows	Andy Bowden
2020-05-25	WordPress Plugin Form Maker 5.4.1 – ‘s’ SQL Injection (Authenticated)	webapps	php	SunCSR
2020-05-22	VUPlayer 2.49 .m3u – Local Buffer Overflow (DEP,ASLR)	local	windows	Gobinathan
2020-05-22	Gym Management System 1.0 – Unauthenticated Remote Code Execution	webapps	php	boku
2020-05-22	Druva inSync Windows Client 6.6.3 – Local Privilege Escalation	local	windows	Matteo Malvica
2020-05-22	Dolibarr 11.0.3 – Persistent Cross-Site Scripting	webapps	php	Mehmet Kelepçe
2020-05-22	Konica Minolta FTP Utility 1.0 – ‘LIST’ Denial of Service (PoC)	dos	windows	Socket_0x03
2020-05-22	Konica Minolta FTP Utility 1.0 – ‘NLST’ Denial of Service (PoC)	dos	windows	Socket_0x03
2020-05-22	Filetto 1.0 – ‘FEAT’ Denial of Service (PoC)	dos	windows	Socket_0x03
2020-05-22	WebLogic Server – Deserialization RCE – BadAttributeValueExpException (Metasploit)	remote	multiple	Metasploit
2020-05-21	forma.lms 5.6.40 – Cross-Site Request Forgery (Change Admin Email)	webapps	php	Daniel Ortiz
2020-05-21	AbsoluteTelnet 11.21 – ‘Username’ Denial of Service (PoC)	dos	windows	Xenofon Vassilakopoulos
2020-05-21	Composr CMS 10.0.30 – Persistent Cross-Site Scripting	webapps	php	Manuel García Cárdenas
2020-05-21	PHPFusion 9.03.50 – Persistent Cross-Site Scripting	webapps	php	coiffeur
2020-05-21	CloudMe 1.11.2 – Buffer Overflow (SEH,DEP,ASLR)	local	windows	Xenofon Vassilakopoulos
2020-05-21	OpenEDX platform Ironwood 2.5 – Remote Code Execution	webapps	multiple	Daniel Monzón
2020-05-20	BIND – ‘TSIG’ Denial of Service	dos	multiple	Teppei Fukuda
2020-05-20	CraftCMS 3 vCard Plugin 1.0.0 – Remote Code Execution	webapps	php	Wade Guest
2020-05-19	php-fusion 9.03.50 – ‘ctype’ SQL Injection	webapps	php	SunCSR
2020-05-19	Submitty 20.04.01 – Persistent Cross-Site Scripting	webapps	php	humblelad
2020-05-19	NukeViet VMS 4.4.00 – Cross-Site Request Forgery (Change Admin Password)	webapps	php	JEBARAJ
2020-05-19	Pi-Hole – heisenbergCompensator Blocklist OS Command Execution (Metasploit)	remote	php	Metasploit
2020-05-19	Victor CMS 1.0 – Authenticated Arbitrary File Upload	webapps	php	Kishan Lal Choudhary
2020-05-19	qdPM 9.1 – ‘cfg[app_app_name]’ Persistent Cross-Site Scripting	webapps	php	Kishan Lal Choudhary
2020-05-19	Victor CMS 1.0 – ‘cat_id’ SQL Injection	webapps	php	Kishan Lal Choudhary
2020-05-19	Victor CMS 1.0 – ‘comment_author’ Persistent Cross-Site Scripting	webapps	php	Kishan Lal Choudhary
2020-05-18	online Chatting System 1.0 – ‘id’ SQL Injection	webapps	php	BKpatron
2020-05-18	Online Healthcare Patient Record Management System 1.0 – Authentication Bypass	webapps	php	Daniel Monzón
2020-05-18	Monstra CMS 3.0.4 – Authenticated Arbitrary File Upload	webapps	php	Kishan Lal Choudhary
2020-05-18	forma.lms The E-Learning Suite 2.3.0.2 – Persistent Cross-Site Scripting	webapps	php	Daniel Ortiz
2020-05-18	Oracle Hospitality RES 3700 5.7 – Remote Code Execution	webapps	java	Walid Faour
2020-05-18	Online Examination System 1.0 – ‘eid’ SQL Injection	webapps	php	BKpatron
2020-05-18	WordPress Plugin Ajax Load More 5.3.1 – ‘#1’ Authenticated SQL Injection	webapps	php	Nguyen Khang
2020-05-18	Mikrotik Router Monitoring System 1.2.3 – ‘community’ SQL Injection	webapps	hardware	jul10l1r4
2020-05-18	HP LinuxKI 6.01 – Remote Command Injection	remote	multiple	Cody Winkler
2020-05-18	Online Healthcare management system 1.0 – Authentication Bypass	webapps	php	BKpatron
2020-05-15	ManageEngine Service Desk 10.0 – Cross-Site Scripting	webapps	java	Felipe Molina
2020-05-15	vBulletin 5.6.1 – ‘nodeId’ SQL Injection	webapps	php	Photubias
2020-05-14	E-Commerce System 1.0 – Unauthenticated Remote Code Execution	webapps	php	SunCSR
2020-05-14	Netlink XPON 1GE WiFi V2801RGW – Remote Command Execution	webapps	hardware	Seecko Das
2020-05-14	Dameware Remote Support 12.1.1.273 – Buffer Overflow (SEH)	local	windows	gurbanli
2020-05-14	Complaint Management System 1.0 – ‘username’ SQL Injection	webapps	php	Daniel Ortiz