Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2020-04-10	WordPress Plugin Helpful 2.4.11 – SQL Injection	webapps	php	numan türle
2020-04-10	Windscribe 1.83 – ‘WindscribeService’ Unquoted Service Path	local	windows	MgThuraMoeMyint
2020-04-10	AbsoluteTelnet 11.12 – ‘SSH1/username’ Denial of Service (PoC)	dos	windows	chuyreds
2020-04-08	Amcrest Dahua NVR Camera IP2M-841 – Denial of Service (PoC)	dos	hardware	Jacob Baines
2020-04-08	Django 3.0 – Cross-Site Request Forgery Token Bypass	webapps	php	Spad Security Group
2020-04-07	ZOC Terminal 7.25.5 – ‘Script’ Denial of Service (PoC)	dos	windows	chuyreds
2020-04-07	dnsmasq-utils 2.79-1 – ‘dhcp_release’ Denial of Service (PoC)	dos	linux	JosueEncinar
2020-04-06	Memu Play 7.1.3 – Insecure Folder Permissions	local	windows	chuyreds
2020-04-06	Frigate 3.36 – Denial of Service (PoC)	dos	windows	inter
2020-04-06	LimeSurvey 4.1.11 – ‘Survey Groups’ Persistent Cross-Site Scripting	webapps	php	Matthew Aberegg
2020-04-06	pfSense 2.4.4-P3 – ‘User Manager’ Persistent Cross-Site Scripting	webapps	freebsd	Matthew Aberegg
2020-04-06	Product Key Explorer 4.2.2.0 – ‘Key’ Denial of Service (PoC)	dos	windows	0xMoHassan
2020-04-06	UltraVNC Viewer 1.2.4.0 – ‘VNCServer’ Denial of Service (PoC)	dos	windows	chuyreds
2020-04-06	Microsoft NET USE win10 – Insufficient Authentication Logic	local	windows	hyp3rlinx
2020-04-06	Nsauditor 3.2.0.0 – ‘Name’ Denial of Service (PoC)	dos	windows	0xMoHassan
2020-04-06	UltraVNC Launcher 1.2.4.0 – ‘Password’ Denial of Service (PoC)	dos	windows	chuyreds
2020-04-06	LimeSurvey 4.1.11 – ‘File Manager’ Path Traversal	webapps	php	Matthew Aberegg
2020-04-06	SpotAuditor 5.3.4 – ‘Name’ Denial of Service (PoC)	dos	windows	0xMoHassan
2020-04-06	ZOC Terminal v7.25.5 – ‘Private key file’ Denial of Service (PoC)	dos	windows	chuyreds
2020-04-06	Bolt CMS 3.7.0 – Authenticated Remote Code Execution	webapps	php	r3m0t3nu11
2020-04-06	UltraVNC Launcher 1.2.4.0 – ‘RepeaterHost’ Denial of Service (PoC)	dos	windows	chuyreds
2020-04-06	WhatsApp Desktop 0.3.9308 – Persistent Cross-Site Scripting	webapps	multiple	Gal Weizman
2020-04-06	Vesta Control Panel 0.9.8-26 – Authenticated Remote Code Execution (Metasploit)	webapps	multiple	Mehmet Ince
2020-04-06	Triologic Media Player 8 – ‘.m3l’ Buffer Overflow (Unicode) (SEH)	local	windows	Felipe Winsnes
2020-04-03	Pandora FMS 7.0NG – ‘net_tools.php’ Remote Code Execution	webapps	php	Basim Alabdullah
2020-04-03	AIDA64 Engineer 6.20.5300 – ‘Report File’ filename Buffer Overflow (SEH)	local	windows	Hodorsec
2020-04-02	PHP-Fusion 9.03.50 – ‘panels.php’ Remote Code Execution	webapps	php	Unkn0wn
2020-04-02	DiskBoss 7.7.14 – ‘Input Directory’ Local Buffer Overflow (PoC)	local	windows	Paras Bhatia
2020-04-01	10Strike LANState 9.32 – ‘Force Check’ Buffer Overflow (SEH)	local	windows	Hodorsec
2020-04-01	DiskBoss 7.7.14 – Denial of Service (PoC)	dos	windows	Paras Bhatia
2020-03-31	Grandstream UCM6200 Series CTI Interface – ‘user_password’ SQL Injection	webapps	hardware	Jacob Baines
2020-03-31	FlashFXP 4.2.0 Build 1730 – Denial of Service (PoC)	dos	windows	Paras Bhatia
2020-03-31	SharePoint Workflows – XOML Injection (Metasploit)	remote	windows	Metasploit
2020-03-31	DLINK DWL-2600 – Authenticated Remote Command Injection (Metasploit)	remote	hardware	Metasploit
2020-03-31	IBM TM1 / Planning Analytics – Unauthenticated Remote Code Execution (Metasploit)	remote	multiple	Metasploit
2020-03-31	Redis – Replication Code Execution (Metasploit)	remote	linux	Metasploit
2020-03-31	Grandstream UCM6200 Series WebSocket 1.0.20.20 – ‘user_password’ SQL Injection	webapps	hardware	Jacob Baines
2020-03-30	Zen Load Balancer 3.10.1 – Remote Code Execution	webapps	cgi	Cody Sixteen
2020-03-30	10-Strike Network Inventory Explorer 9.03 – ‘Read from File’ Buffer Overflow (SEH) (ROP)	local	windows	Hodorsec
2020-03-30	Joomla! com_fabrik 3.9.11 – Directory Traversal	webapps	php	qw3rTyTy
2020-03-30	Odin Secure FTP Expert 7.6.3 – ‘Site Info’ Denial of Service (PoC)	dos	windows	Ivan Marmolejo
2020-03-30	Multiple DrayTek Products – Pre-authentication Remote Root Code Execution	remote	linux	0xsha
2020-03-30	Microsoft Windows 10 (1903/1909) – ‘SMBGhost’ SMB3.1.1 ‘SMB2_COMPRESSION_CAPABILITIES’ Local Privilege Escalation	local	windows	Daniel García Gutiérrez
2020-03-27	Everest 5.50.2100 – ‘Open File’ Denial of Service (PoC)	dos	windows	Ivan Marmolejo
2020-03-27	rConfig 3.9.4 – ‘searchField’ Unauthenticated Root Remote Code Execution	webapps	php	vikingfr
2020-03-27	Jinfornet Jreport 15.6 – Unauthenticated Directory Traversal	webapps	java	hongphukt
2020-03-27	ECK Hotel 1.0 – Cross-Site Request Forgery (Add Admin)	webapps	php	Mustafa Emre Gül
2020-03-27	Easy RM to MP3 Converter 2.7.3.700 – ‘Input’ Local Buffer Overflow (SEH)	local	windows	Felipe Winsnes
2020-03-26	Centreo 19.10.8 – ‘DisplayServiceStatus’ Remote Code Execution	webapps	php	Engin Demirbilek
2020-03-26	TP-Link Archer C50 3 – Denial of Service (PoC)	dos	hardware	thewhiteh4t