Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2020-02-26

OpenSMTPD < 6.6.3p1 - Local Privilege Escalation + Remote Code Execution
  • remote
  • openbsd
    		• Qualys Corporation
    2020-02-26

    OpenSMTPD 6.6.3 – Arbitrary File Read
  • remote
  • linux
    		• Qualys Corporation
    2020-02-26

    PhpIX 2012 Professional – ‘id’ SQL Injection
  • webapps
  • php
    		• indoushka
    2020-02-26

    Core FTP LE 2.2 – Denial of Service (PoC)
  • dos
  • windows
    		• Ismael Nava
    2020-02-25

    Odin Secure FTP Expert 7.6.3 – Denial of Service (PoC)
  • dos
  • windows
    		• berat isler
    2020-02-25

    Magento WooCommerce CardGate Payment Gateway 2.0.30 – Payment Process Bypass
  • webapps
  • php
    		• GeekHack
    2020-02-25

    WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 – Payment Process Bypass
  • webapps
  • php
    		• GeekHack
    2020-02-25

    aSc TimeTables 2020.11.4 – Denial of Service (PoC)
  • dos
  • windows
    		• Ismael Nava
    2020-02-25

    SpotFTP-FTP Password Recover 2.4.8 – Denial of Service (PoC)
  • dos
  • windows
    		• Ismael Nava
    2020-02-24

    ManageEngine EventLog Analyzer 10.0 – Information Disclosure
  • webapps
  • java
    		• Scott Goodwin
    2020-02-24

    I6032B-P POE 2.0MP Outdoor Camera – Remote Configuration Disclosure
  • webapps
  • hardware
    		• Todor Donev
    2020-02-24

    ATutor 2.2.4 – ‘id’ SQL Injection
  • webapps
  • php
    		• Andrey Stoykov
    2020-02-24

    SecuSTATION SC-831 HD Camera – Remote Configuration Disclosure
  • webapps
  • hardware
    		• Todor Donev
    2020-02-24

    AMSS++ 4.7 – Backdoor Admin Account
  • webapps
  • php
    		• indoushka
    2020-02-24

    CandidATS 2.1.0 – Cross-Site Request Forgery (Add Admin)
  • webapps
  • php
    		• J3rryBl4nks
    2020-02-24

    DotNetNuke 9.5 – Persistent Cross-Site Scripting
  • webapps
  • aspx
    		• Sajjad Pourali
    2020-02-24

    Quick N Easy Web Server 3.3.8 – Denial of Service (PoC)
  • dos
  • windows
    		• Cody Winkler
    2020-02-24

    eLection 2.0 – ‘id’ SQL Injection
  • webapps
  • php
    		• J3rryBl4nks
    2020-02-24

    SecuSTATION IPCAM-130 HD Camera – Remote Configuration Disclosure
  • webapps
  • hardware
    		• Todor Donev
    2020-02-24

    Apache James Server 2.3.2 – Insecure User Creation Arbitrary File Write (Metasploit)
  • remote
  • linux
    		• Metasploit
    2020-02-24

    AMSS++ v 4.31 – ‘id’ SQL Injection
  • webapps
  • php
    		• indoushka
    2020-02-24

    Diamorphine Rootkit – Signal Privilege Escalation (Metasploit)
  • local
  • linux
    		• Metasploit
    2020-02-24

    Real Web Pentesting Tutorial Step by Step – [Persian]
  • webapps
  • multiple
    		• Meisam Monsef
    2020-02-24

    ESCAM QD-900 WIFI HD Camera – Remote Configuration Disclosure
  • webapps
  • hardware
    		• Todor Donev
    2020-02-24

    Aptina AR0130 960P 1.3MP Camera – Remote Configuration Disclosure
  • webapps
  • hardware
    		• Todor Donev
    2020-02-24

    GUnet OpenEclass E-learning platform 1.7.3 – ‘uname’ SQL Injection
  • webapps
  • php
    		• emaragkos
    2020-02-24

    Android Binder – Use-After-Free (Metasploit)
  • local
  • android
    		• Metasploit
    2020-02-24

    Avaya IP Office Application Server 11.0.0.0 – Reflective Cross-Site Scripting
  • webapps
  • hardware
    		• Scott Goodwin
    2020-02-24

    DotNetNuke 9.5 – File Upload Restrictions Bypass
  • webapps
  • aspx
    		• Sajjad Pourali
    2020-02-24

    Cacti 1.2.8 – Remote Code Execution
  • webapps
  • php
    		• Askar
    2020-02-24

    Go SSH servers 0.0.2 – Denial of Service (PoC)
  • dos
  • linux
    		• Mark Adams
    2020-02-20

    Apache Tomcat – AJP ‘Ghostcat File Read/Inclusion
  • webapps
  • multiple
    		• YDHCUI
    2020-02-20

    Core FTP Lite 1.3 – Denial of Service (PoC)
  • dos
  • windows
    		• berat isler
    2020-02-20

    Easy2Pilot 7 – Cross-Site Request Forgery (Add User)
  • webapps
  • php
    		• indoushka
    2020-02-19

    DBPower C300 HD Camera – Remote Configuration Disclosure
  • webapps
  • hardware
    		• Todor Donev
    2020-02-19

    Virtual Freer 1.58 – Remote Command Execution
  • webapps
  • php
    		• SajjadBnd
    2020-02-19

    Nanometrics Centaur 4.3.23 – Unauthenticated Remote Memory Leak
  • webapps
  • hardware
    		• byteGoblin
    2020-02-18

    WordPress Plugin WP Sitemap Page 1.6.2 – Persistent Cross-Site Scripting
  • webapps
  • php
    		• Ultra Security Team
    2020-02-17

    WordPress Plugin Strong Testimonials 2.40.1 – Persistent Cross-Site Scripting
  • webapps
  • php
    		• Jinson Varghese Behanan
    2020-02-17

    HP System Event 1.2.9.0 – ‘HPWMISVC’ Unquoted Service Path
  • local
  • windows
    		• Roberto Piña
    2020-02-17

    SOPlanning 1.45 – ‘by’ SQL Injection
  • webapps
  • php
    		• J3rryBl4nks
    2020-02-17

    Anviz CrossChex – Buffer Overflow (Metasploit)
  • remote
  • windows
    		• Metasploit
    2020-02-17

    LabVantage 8.3 – Information Disclosure
  • webapps
  • java
    		• Joel Aviad Ossi
    2020-02-17

    SOPlanning 1.45 – ‘users’ SQL Injection
  • webapps
  • php
    		• J3rryBl4nks
    2020-02-17

    WordPress Plugin WOOF Products Filter for WooCommerce 1.2.3 – Persistent Cross-Site Scripting
  • webapps
  • php
    		• Shahab.ra.9
    2020-02-17

    Cuckoo Clock v5.0 – Buffer Overflow
  • local
  • windows
    		• boku
    2020-02-17

    SOPlanning 1.45 – Cross-Site Request Forgery (Add User)
  • webapps
  • php
    		• J3rryBl4nks
    2020-02-17

    TFTP Turbo 4.6.1273 – ‘TFTP Turbo 4’ Unquoted Service Path
  • local
  • windows
    		• boku
    2020-02-17

    WordPress Theme Fruitful 3.8 – Persistent Cross-Site Scripting
  • webapps
  • php
    		• Ultra Security Team
    2020-02-17

    Ice HRM 26.2.0 – Cross-Site Request Forgery (Add User)
  • webapps
  • php
    		• J3rryBl4nks