Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24745Exploits
日期 标题 类型 平台 作者
2019-12-30

Domain Quester Pro 6.02 – Stack Overflow (SEH)
  • local
  • windows
    		• boku
    2019-12-30

    HomeAutomation 3.3.2 – Remote Code Execution
  • webapps
  • php
    		• LiquidWorm
    2019-12-30

    MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 – Information Disclosure
  • webapps
  • hardware
    		• LiquidWorm
    2019-12-30

    HomeAutomation 3.3.2 – Cross-Site Request Forgery (Add Admin)
  • webapps
  • php
    		• LiquidWorm
    2019-12-30

    Heatmiser Netmonitor 3.03 – Hardcoded Credentials
  • webapps
  • hardware
    		• Ismail Tasdelen
    2019-12-30

    HomeAutomation 3.3.2 – Authentication Bypass
  • webapps
  • php
    		• LiquidWorm
    2019-12-30

    AVE DOMINAplus 1.10.x – Authentication Bypass
  • webapps
  • hardware
    		• LiquidWorm
    2019-12-30

    HomeAutomation 3.3.2 – Persistent Cross-Site Scripting
  • webapps
  • hardware
    		• LiquidWorm
    2019-12-30

    AVE DOMINAplus 1.10.x – Cross-Site Request Forgery (enable/disable alarm)
  • webapps
  • hardware
    		• LiquidWorm
    2019-12-30

    Microsoft UPnP – Local Privilege Elevation (Metasploit)
  • local
  • windows
    		• Metasploit
    2019-12-30

    AVE DOMINAplus 1.10.x – Unauthenticated Remote Reboot
  • webapps
  • hardware
    		• LiquidWorm
    2019-12-30

    Reptile Rootkit – reptile_cmd Privilege Escalation (Metasploit)
  • local
  • linux
    		• Metasploit
    2019-12-30

    AVE DOMINAplus 1.10.x – Credential Disclosure
  • webapps
  • hardware
    		• LiquidWorm
    2019-12-30

    OpenBSD – Dynamic Loader chpass Privilege Escalation (Metasploit)
  • local
  • openbsd
    		• Metasploit
    2019-12-30

    Wing FTP Server 6.0.7 – Unquoted Service Path
  • local
  • windows
    		• Nawaf Alkeraithe
    2019-12-30

    WEMS BEMS 21.3.1 – Undocumented Backdoor Account
  • webapps
  • hardware
    		• LiquidWorm
    2019-12-24

    Django < 3.0 < 2.2 < 1.11 - Account Hijack
  • webapps
  • Python
    		• Ryuji Tsutsui
    2019-12-23

    XnConvert 1.82 – Denial of Service (PoC)
  • dos
  • windows
    		• Gokkulraj
    2019-12-23

    Prime95 Version 29.8 build 6 – Buffer Overflow (SEH)
  • local
  • windows
    		• stresser
    2019-12-20

    FreeSWITCH 1.10.1 – Command Execution
  • remote
  • windows
    		• 1F98D
    2019-12-20

    phpMyChat-Plus 1.98 – ‘pmc_username’ Reflected Cross-Site Scripting
  • webapps
  • php
    		• Chris Inzinga
    2019-12-20

    Microsoft Windows 10 BasicRender.sys – Denial of Service (PoC)
  • dos
  • windows
    		• vportal
    2019-12-19

    Deutsche Bahn Ticket Vending Machine Local Kiosk – Privilege Escalation
  • webapps
  • hardware
    		• Vulnerability-Lab
    2019-12-19

    SurfOffline Professional 2.2.0.103 – ‘Project Name’ Denial of Service (SEH)
  • dos
  • windows
    		• Chris Inzinga
    2019-12-19

    FTP Navigator 8.03 – ‘Custom Command’ Denial of Service (SEH)
  • dos
  • windows
    		• Chris Inzinga
    2019-12-18

    Telerik UI – Remote Code Execution via Insecure Deserialization
  • webapps
  • aspx
    		• Bishop Fox
    2019-12-18

    OpenMRS – Java Deserialization RCE (Metasploit)
  • remote
  • linux
    		• Metasploit
    2019-12-18

    macOS 10.14.6 (18G87) – Kernel Use-After-Free due to Race Condition in wait_for_namespace_event()
  • dos
  • macos
    		• Google Security Research
    2019-12-18

    Rumpus FTP Web File Manager 8.2.9.1 – Reflected Cross-Site Scripting
  • webapps
  • asp
    		• Harshit Shukla
    2019-12-18

    AVS Audio Converter 9.1 – ‘Exit folder’ Buffer Overflow
  • local
  • windows
    		• ZwX
    2019-12-18

    Xerox AltaLink C8035 Printer – Cross-Site Request Forgery (Add Admin)
  • webapps
  • hardware
    		• Ismail Tasdelen
    2019-12-18

    XnView 2.49.1 – ‘Research’ Denial of Service (PoC)
  • dos
  • windows
    		• ZwX
    2019-12-18

    Tautulli 2.1.9 – Cross-Site Request Forgery (ShutDown)
  • webapps
  • windows
    		• Ismail Tasdelen
    2019-12-17

    Zendesk App SweetHawk Survey 1.6 – Persistent Cross-Site Scripting
  • webapps
  • java
    		• MTK
    2019-12-17

    WordPress Core < 5.3.x - 'xmlrpc.php' Denial of Service
  • dos
  • php
    		• roddux
    2019-12-17

    NopCommerce 4.2.0 – Privilege Escalation
  • webapps
  • aspx
    		• Alessandro Magnosi
    2019-12-17

    Netgear R6400 – Remote Code Execution
  • webapps
  • hardware
    		• Kevin Randall
    2019-12-16

    OpenBSD 6.x – Dynamic Loader Privilege Escalation
  • local
  • openbsd
    		• Qualys Corporation
    2019-12-16

    Linux 5.3 – Privilege Escalation via io_uring Offload of sendmsg() onto Kernel Thread with Kernel Creds
  • local
  • linux
    		• Google Security Research
    2019-12-16

    D-Link DIR-615 – Privilege Escalation
  • webapps
  • hardware
    		• Sanyam Chawla
    2019-12-16

    Roxy Fileman 1.4.5 – Directory Traversal
  • webapps
  • aspx
    		• Patrik Lantz
    2019-12-16

    D-Link DIR-615 Wireless Router – Persistent Cross-Site Scripting
  • webapps
  • hardware
    		• Sanyam Chawla
    2019-12-13

    FTP Commander Pro 8.03 – Local Stack Overflow
  • local
  • windows
    		• boku
    2019-12-13

    NVMS 1000 – Directory Traversal
  • webapps
  • hardware
    		• numan türle
    2019-12-12

    ManageEngine Desktop Central – ‘FileStorage getChartImage’ Deserialization / Unauthenticated Remote Code Execution
  • webapps
  • multiple
    		• mr_me
    2019-12-12

    Bullwark Momentum Series JAWS 1.0 – Directory Traversal
  • webapps
  • php
    		• numan türle
    2019-12-12

    OpenNetAdmin 18.1.1 – Command Injection Exploit (Metasploit)
  • webapps
  • php
    		• Onur ER
    2019-12-12

    Lenovo Power Management Driver 1.67.17.48 – ‘pmdrvs.sys’ Denial of Service (PoC)
  • dos
  • windows
    		• Nassim Asrir
    2019-12-11

    Product Key Explorer 4.2.0.0 – ‘Key’ Denial of Service (PoC)
  • dos
  • windows
    		• SajjadBnd
    2019-12-11

    Product Key Explorer 4.2.0.0 – ‘Name’ Denial of Service (POC)
  • dos
  • windows
    		• SajjadBnd