Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2020-03-11	ASUS AXSP 1.02.00 – ‘asComSvc’ Unquoted Service Path	local	windows	Roberto Piña
2020-03-11	TeamCity Agent XML-RPC 10.0 – Remote Code Execution	webapps	php	1F98D
2020-03-11	Wing FTP Server – Authenticated CSRF (Delete Admin)	webapps	php	Dhiraj Mishra
2020-03-11	PlaySMS 1.4.3 – Template Injection / Remote Code Execution	webapps	php	Touhid M.Shaikh
2020-03-11	Joomla! 3.9.0 < 3.9.7 - CSV Injection	webapps	php	i4bdullah
2020-03-11	WordPress Plugin Search Meter 2.13.2 – CSV injection	webapps	php	Daniel Monzón
2020-03-11	CTROMS Terminal OS Port Portal – ‘Password Reset’ Authentication Bypass (Metasploit)	remote	linux	AkkuS
2020-03-10	PHPStudy – Backdoor Remote Code execution (Metasploit)	remote	php	Metasploit
2020-03-10	Nagios XI – Authenticated Remote Command Execution (Metasploit)	remote	linux	Metasploit
2020-03-10	Persian VIP Download Script 1.0 – ‘active’ SQL Injection	webapps	php	Amir Hossein Vafifar
2020-03-10	YzmCMS 5.5 – ‘url’ Persistent Cross-Site Scripting	webapps	php	En_dust
2020-03-10	Sysaid 20.1.11 b26 – Remote Command Execution	webapps	java	Ahmed Sherif
2020-03-10	Horde Groupware Webmail Edition 5.2.22 – Remote Code Execution	webapps	php	Andrea Cardaci
2020-03-09	Sentrifugo HRMS 3.2 – ‘id’ SQL Injection	webapps	php	minhnb
2020-03-09	60CycleCMS – ‘news.php’ SQL Injection	webapps	php	Unkn0wn
2020-03-09	Counter Strike: GO – ‘.bsp’ Memory Control (PoC)	local	multiple	0day enthusiast
2020-03-09	Google Chrome 80 – JSCreate Side-effect Type Confusion (Metasploit)	remote	multiple	Metasploit
2020-03-09	OpenSMTPD – OOB Read Local Privilege Escalation (Metasploit)	local	linux	Metasploit
2020-03-09	Google Chrome 67, 68 and 69 – Object.create Type Confusion (Metasploit)	remote	multiple	Metasploit
2020-03-09	Google Chrome 72 and 73 – Array.map Out-of-Bounds Write (Metasploit)	remote	multiple	Metasploit
2020-03-09	PHP-FPM – Underflow Remote Code Execution (Metasploit)	remote	php	Metasploit
2020-03-09	Apache ActiveMQ 5.x-5.11.1 – Directory Traversal Shell Upload (Metasploit)	remote	windows	Metasploit
2020-03-06	Deep Instinct Windows Agent 1.2.29.0 – ‘DeepMgmtService’ Unquoted Service Path	local	windows	Oscar Flores
2020-03-06	ASUS GiftBox Desktop 1.1.1.127 – ‘ASUSGiftBoxDesktop’ Unquoted Service Path	local	windows	Oscar Flores
2020-03-06	SpyHunter 4 – ‘SpyHunter 4 Service’ Unquoted Service Path	local	windows	Alejandro Reyes
2020-03-06	Iskysoft Application Framework Service 2.4.3.241 – ‘IsAppService’ Unquoted Service Path	local	windows	Alejandro Reyes
2020-03-05	EyesOfNetwork – AutoDiscovery Target Command Execution (Metasploit)	remote	multiple	Metasploit
2020-03-05	Exchange Control Panel – Viewstate Deserialization (Metasploit)	remote	windows	Metasploit
2020-03-04	UniSharp Laravel File Manager 2.0.0 – Arbitrary File Read	webapps	php	NgoAnhDuc
2020-03-03	RICOH Aficio SP 5210SF Printer – ‘entryNameIn’ HTML Injection	webapps	hardware	Olga Villagran
2020-03-03	GUnet OpenEclass 1.7.3 E-learning platform – ‘month’ SQL Injection	webapps	php	emaragkos
2020-03-03	Alfresco 5.2.4 – Persistent Cross-Site Scripting	webapps	php	Alexandre ZANNI
2020-03-03	RICOH Aficio SP 5200S Printer – ‘entryNameIn’ HTML Injection	webapps	hardware	Paulina Girón
2020-03-03	Microsoft Windows – ‘WizardOpium’ Local Privilege Escalation	local	windows	piotrflorczyk
2020-03-02	Cacti v1.2.8 – Unauthenticated Remote Code Execution (Metasploit)	webapps	php	Lucas Amorim
2020-03-02	Intelbras Wireless N 150Mbps WRN240 – Authentication Bypass (Config Upload)	webapps	hardware	Elber Tavares
2020-03-02	CA Unified Infrastructure Management Nimsoft 7.80 – Remote Buffer Overflow	remote	windows	wetw0rk
2020-03-02	TP LINK TL-WR849N – Remote Code Execution	webapps	hardware	Elber Tavares
2020-03-02	Wing FTP Server 6.2.5 – Privilege Escalation	webapps	multiple	Cary Hooper
2020-03-02	Microsoft Exchange 2019 15.2.221.12 – Authenticated Remote Code Execution	remote	windows	Photubias
2020-03-02	TL-WR849N 0.9.1 4.16 – Authentication Bypass (Upload Firmware)	webapps	hardware	Elber Tavares
2020-03-02	netkit-telnet-0.17 telnetd (Fedora 31) – ‘BraveStarr’ Remote Code Execution	remote	linux	Immunity
2020-03-02	WordPress Plugin Tutor LMS 1.5.3 – Cross-Site Request Forgery (Add User)	webapps	php	Jinson Varghese Behanan
2020-03-02	Netis WF2419 2.2.36123 – Remote Code Execution	webapps	hardware	Elias Issa
2020-03-02	Cyberoam Authentication Client 2.1.2.7 – Buffer Overflow (SEH)	local	windows	Andrey Stoykov
2020-03-02	Joplin Desktop 1.0.184 – Cross-Site Scripting	webapps	multiple	Javier Olmedo
2020-03-02	Wing FTP Server 6.2.3 – Privilege Escalation	local	windows	Cary Hooper
2020-02-28	qdPM < 9.1 - Remote Code Execution	webapps	multiple	Tobin Shields
2020-02-27	Business Live Chat Software 1.0 – Cross-Site Request Forgery (Add Admin)	webapps	php	Meisam Monsef
2020-02-27	Comtrend VR-3033 – Command Injection	webapps	hardware	Raki Ben Hamouda