Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2019-09-27

V-SOL GPON/EPON OLT Platform 2.03 – Cross-Site Request Forgery
  • webapps
  • hardware
    		• LiquidWorm
    2019-09-27

    V-SOL GPON/EPON OLT Platform 2.03 – Unauthenticated Configuration Download
  • webapps
  • hardware
    		• LiquidWorm
    2019-09-27

    thesystem App 1.0 – ‘username’ SQL Injection
  • webapps
  • php
    		• Anıl Baran Yelken
    2019-09-27

    thesystem App 1.0 – Persistent Cross-Site Scripting
  • webapps
  • php
    		• İsmail Güngör
    2019-09-27

    InoERP 0.7.2 – Persistent Cross-Site Scripting
  • webapps
  • php
    		• strider
    2019-09-27

    thesystem App 1.0 – ‘server_name’ SQL Injection
  • webapps
  • php
    		• Sadik Cetin
    2019-09-27

    Mobatek MobaXterm 12.1 – Buffer Overflow (SEH)
  • local
  • windows
    		• Xavi Beltran
    2019-09-27

    WordPress Theme Zoner Real Estate – 4.1.1 Persistent Cross-Site Scripting
  • webapps
  • php
    		• m0ze
    2019-09-26

    citecodecrashers Pic-A-Point 1.1 – ‘Consignment’ SQL Injection
  • webapps
  • php
    		• cakes
    2019-09-26

    inoERP 4.15 – ‘download’ SQL Injection
  • webapps
  • php
    		• Semen Alexandrovich Lyhin
    2019-09-26

    all-in-one-seo-pack 3.2.7 – Persistent Cross-Site Scripting
  • webapps
  • php
    		• Unk9vvN
    2019-09-26

    Duplicate-Post 3.2.3 – Persistent Cross-Site Scripting
  • webapps
  • php
    		• Unk9vvN
    2019-09-26

    Chamillo LMS 1.11.8 – Arbitrary File Upload
  • webapps
  • php
    		• Sohel Yousef
    2019-09-25

    ABRT – sosreport Privilege Escalation (Metasploit)
  • local
  • linux
    		• Metasploit
    2019-09-25

    NPMJS gitlabhook 0.0.17 – ‘repository’ Remote Command Execution
  • webapps
  • json
    		• Semen Alexandrovich Lyhin
    2019-09-25

    WP Server Log Viewer 1.0 – ‘logfile’ Persistent Cross-Site Scripting
  • webapps
  • php
    		• strider
    2019-09-25

    SpotIE Internet Explorer Password Recovery 2.9.5 – ‘Key’ Denial of Service
  • dos
  • windows
    		• Emilio Revelo
    2019-09-25

    Microsoft SharePoint 2013 SP1 – ‘DestinationFolder’ Persistant Cross-Site Scripting
  • webapps
  • aspx
    		• Davide Cioccia
    2019-09-25

    YzmCMS 5.3 – ‘Host’ Header Injection
  • webapps
  • php
    		• Debashis Pal
    2019-09-24

    Easy File Sharing Web Server 7.2 – ‘New User’ Local Overflow (SEH)
  • local
  • windows
    		• x00pwn
    2019-09-24

    Microsoft Windows – BlueKeep RDP Remote Windows Kernel Use After Free (Metasploit)
  • remote
  • windows
    		• Metasploit
    2019-09-24

    DeviceViewer 3.12.0.1 – ‘creating user’ Denial of Service
  • dos
  • windows
    		• x00pwn
    2019-09-24

    iMessage – Decoding NSSharedKeyDictionary Can Read Object Out of Bounds
  • dos
  • ios
    		• Google Security Research
    2019-09-24

    Microsoft Windows cryptoapi – SymCrypt Modular Inverse Algorithm Denial of Service
  • dos
  • windows
    		• Google Security Research
    2019-09-24

    Pfsense 2.3.4 / 2.4.4-p3 – Remote Code Injection
  • webapps
  • php
    		• Nassim Asrir
    2019-09-24

    File Sharing Wizard 1.5.0 – POST SEH Overflow
  • remote
  • windows
    		• x00pwn
    2019-09-23

    Hisilicon HiIpcam V100R003 Remote ADSL – Credentials Disclosure
  • remote
  • hardware
    		• Todor Donev
    2019-09-23

    iOS < 12.4.1 - 'Jailbreak' Local Privilege Escalation
  • local
  • ios
    		• Umang Raghuvanshi
    2019-09-23

    InputMapper 1.6.10 – Denial of Service
  • dos
  • watchos
    		• elkoyote07
    2019-09-23

    Gila CMS < 1.11.1 - Local File Inclusion
  • webapps
  • multiple
    		• Sainadh Jamalpur
    2019-09-23

    vBulletin 5.0 < 5.5.4 - 'widget_php ' Unauthenticated Remote Code Execution
  • webapps
  • php
    		• anonymous
    2019-09-23

    HPE Intelligent Management Center < 7.3 E0506P09 - Information Disclosure
  • remote
  • watchos
    		• Lazy Hacker
    2019-09-20

    SpotIE Internet Explorer Password Recovery 2.9.5 – ‘Key’ Denial of Service
  • dos
  • watchos
    		• Emilio Revelo
    2019-09-20

    Microsoft Windows 10 – ‘WSReset’ UAC Protection Bypass (propsys.dll)
  • local
  • windows
    		• valen
    2019-09-20

    LayerBB < 1.1.4 - Cross-Site Request Forgery
  • webapps
  • php
    		• 0xB9
    2019-09-19

    GOautodial 4.0 – ‘CreateEvent’ Persistent Cross-Site Scripting
  • webapps
  • php
    		• cakes
    2019-09-19

    Western Digital My Book World II NAS 1.02.12 – Authentication Bypass / Command Execution
  • webapps
  • hardware
    		• Noman Riffat
    2019-09-19

    DIGIT CENTRIS 4 ERP – ‘datum1’ SQL Injection
  • webapps
  • php
    		• n1x_
    2019-09-19

    macOS 18.7.0 Kernel – Local Privilege Escalation
  • local
  • macos
    		• A2nkF
    2019-09-18

    Hospital-Management 1.26 – ‘fname’ SQL Injection
  • webapps
  • php
    		• cakes
    2019-09-18

    Counter-Strike Global Offensive 1.37.1.1 – ‘vphysics.dll’ Denial of Service (PoC)
  • dos
  • windows
    		• bi7s
    2019-09-16

    CollegeManagementSystem-CMS 1.3 – ‘batch’ SQL Injection
  • webapps
  • php
    		• cakes
    2019-09-16

    docPrint Pro 8.0 – SEH Buffer Overflow
  • local
  • windows
    		• Connor McGarr
    2019-09-16

    Notepad++ < 7.7 (x64) - Denial of Service
  • dos
  • windows_x86-64
    		• Bogdan Kurinnoy
    2019-09-16

    Symantec Advanced Secure Gateway (ASG) / ProxySG – Unrestricted File Upload
  • webapps
  • cfm
    		• Pankaj Kumar Thakur
    2019-09-16

    NetGain EM Plus 10.1.68 – Remote Command Execution
  • webapps
  • jsp
    		• azams
    2019-09-16

    Inteno IOPSYS Gateway – Improper Access Restrictions
  • remote
  • hardware
    		• Gerard Fuguet
    2019-09-16

    AppXSvc – Privilege Escalation
  • local
  • windows
    		• Gabor Seljan
    2019-09-14

    College-Management-System 1.2 – Authentication Bypass
  • webapps
  • php
    		• cakes
    2019-09-14

    Ticket-Booking 1.4 – Authentication Bypass
  • webapps
  • php
    		• cakes