Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2019-10-11	WordPress Plugin Arforms 3.7.1 – Directory Traversal	webapps	php	Ahmad Almorabea
2019-10-11	Intelbras Router WRN150 1.0.18 – Persistent Cross-Site Scripting	webapps	hardware	Prof. Joas Antonio
2019-10-11	National Instruments Circuit Design Suite 14.0 – Local Privilege Escalation	local	windows	Ivan Marmolejo
2019-10-10	ASX to MP3 converter 3.1.3.7 – ‘.asx’ Local Stack Overflow (DEP Bypass) (Metasploit)	local	linux	max7253
2019-10-10	SMA Solar Technology AG Sunny WebBox device – 1.6 – Cross-Site Request Forgery	webapps	hardware	Borja Merino
2019-10-10	Microsoft Windows Kernel – Out-of-Bounds Read in nt!MiParseImageLoadConfig While Parsing Malformed PE File	dos	windows	Google Security Research
2019-10-10	TP-Link TL-WR1043ND 2 – Authentication Bypass	webapps	hardware	Uriel Kosayev
2019-10-10	Microsoft Windows Kernel – win32k.sys TTF Font Processing Pool Corruption in win32k!ulClearTypeFilter	dos	windows	Google Security Research
2019-10-10	Microsoft Windows Kernel – NULL Pointer Dereference in nt!MiOffsetToProtos While Parsing Malformed PE File	dos	windows	Google Security Research
2019-10-10	Microsoft Windows Kernel – Out-of-Bounds Read in nt!MiRelocateImage While Parsing Malformed PE File	dos	windows	Google Security Research
2019-10-10	Microsoft Windows Kernel – Out-of-Bounds Read in CI!CipFixImageType While Parsing Malformed PE File	dos	windows	Google Security Research
2019-10-10	Microsoft Windows Kernel – Out-of-Bounds Read in CI!HashKComputeFirstPageHash While Parsing Malformed PE File	dos	windows	Google Security Research
2019-10-09	Foscam Video Management System 1.1.6.6 – ‘UID’ Denial of Service (PoC)	dos	windows	Alessandro Magnosi
2019-10-09	DeviceViewer 3.12.0.1 – Arbitrary Password Change	local	windows	Alessandro Magnosi
2019-10-09	DeviceViewer 3.12.0.1 – ‘add user’ Local Buffer Overflow (DEP Bypass)	local	windows	Alessandro Magnosi
2019-10-09	XNU – Remote Double-Free via Data Race in IPComp Input Path	dos	macos	Google Security Research
2019-10-08	Zabbix 4.4 – Authentication Bypass	webapps	php	Todor Donev
2019-10-07	Subrion 4.2.1 – ‘Email’ Persistant Cross-Site Scripting	webapps	php	Creatigon
2019-10-07	ASX to MP3 converter 3.1.3.7 – ‘.asx’ Local Stack Overflow (DEP)	local	windows_x86-64	max7253
2019-10-07	logrotten 3.15.1 – Privilege Escalation	local	linux	Wolfgang Hotwagner
2019-10-07	Joomla! 3.4.6 – ‘configuration.php’ Remote Code Execution	webapps	php	Alessandro Groppo
2019-10-07	vBulletin 5.0 < 5.5.4 - 'updateAvatar' Authenticated Remote Code Execution	webapps	php	EgiX
2019-10-07	Zabbix 4.2 – Authentication Bypass	webapps	php	Milad Khoshdel
2019-10-07	freeFTP 1.0.8 – ‘PASS’ Remote Buffer Overflow	remote	windows	Chet Manly
2019-10-07	CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 – Privilege Escalation	local	windows	Jakub Palaczynski
2019-10-07	IBM Bigfix Platform 9.5.9.62 – Arbitrary File Upload	webapps	java	Jakub Palaczynski
2019-10-04	Android – Binder Driver Use-After-Free	local	android	Google Security Research
2019-10-04	LabCollector 5.423 – SQL Injection	webapps	php	Carlos Avila
2019-10-03	PHP 7.0 < 7.3 (Unix) - 'gc' disable_functions Bypass	webapps	php	mm0r1
2019-10-03	AnchorCMS < 0.12.3a - Information Disclosure	webapps	multiple	Tijme Gommers
2019-10-03	mintinstall 7.9.9 – Code Execution	webapps	linux	İbrahim Hakan Şeker
2019-10-02	DOUBLEPULSAR – Payload Execution and Neutralization (Metasploit)	remote	windows	Metasploit
2019-10-02	Detrix EDMS 1.2.3.1505 – SQL Injection	webapps	php	Burov Konstantin
2019-10-01	WebKit – Universal XSS in WebCore::command	dos	multiple	Google Security Research
2019-10-01	WebKit – UXSS Using JavaScript: URI and Synchronous Page Loads	dos	multiple	Google Security Research
2019-10-01	DotNetNuke 9.3.2 – Cross-Site Scripting	webapps	multiple	Semen Alexandrovich Lyhin
2019-10-01	DotNetNuke < 9.4.0 - Cross-Site Scripting	webapps	multiple	MaYaSeVeN
2019-10-01	kic 2.4a – Denial of Service	dos	linux	JosueEncinar
2019-10-01	DameWare Remote Support 12.1.0.34 – Buffer Overflow (SEH)	local	windows	Xavi Beltran
2019-10-01	WebKit – Universal XSS Using Cached Pages	dos	multiple	Google Security Research
2019-10-01	WebKit – User-agent Shadow root Leak in WebCore::ReplacementFragment::ReplacementFragment	dos	multiple	Google Security Research
2019-09-30	phpIPAM 1.4 – SQL Injection	webapps	php	Kevin Kirsche
2019-09-30	vBulletin 5.x – Remote Command Execution (Metasploit)	webapps	php	r00tpgp
2019-09-30	thesystem 1.0 – Cross-Site Scripting	webapps	Python	Anıl Baran Yelken
2019-09-30	TheSystem 1.0 – Command Injection	webapps	Python	Sadik Cetin
2019-09-30	Cisco Small Business 220 Series – Multiple Vulnerabilities	remote	hardware	bashis
2019-09-30	WordPress Plugin ARforms 3.7.1 – Arbitrary File Deletion	webapps	php	Ahmad Almorabea
2019-09-30	GoAhead 2.5.0 – Host Header Injection	remote	multiple	Ramikan
2019-09-28	PHP 7.1 < 7.3 - 'json serializer' disable_functions Bypass	webapps	multiple	mm0r1
2019-09-27	WordPress Theme Zoner Real Estate – 4.1.1 Persistent Cross-Site Scripting	webapps	php	m0ze