Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2019-08-08	Daily Expense Manager 1.0 – Cross-Site Request Forgery (Delete Income)	webapps	php	Mr Winst0n
2019-08-08	Aptana Jaxer 1.0.3.4547 – Local File inclusion	webapps	multiple	Steph Jensen
2019-08-08	Baldr Botnet Panel – Arbitrary Code Execution (Metasploit)	remote	php	Ege Balci
2019-08-08	Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 – Arbitrary File Download	webapps	php	qw3rTyTy
2019-08-08	Adive Framework 2.0.7 – Cross-Site Request Forgery	webapps	php	Pablo Santiago
2019-08-08	Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 – SQL Injection	webapps	php	qw3rTyTy
2019-08-08	Open-School 3.0 / Community Edition 2.3 – Cross-Site Scripting	webapps	php	Greg.Priest
2019-08-07	WordPress Plugin JoomSport 3.3 – SQL Injection	webapps	php	Pablo Santiago
2019-08-07	Google Chrome 74.0.3729.0 / 76.0.3789.0 – Heap Use-After-Free in blink::PresentationAvailabilityState::UpdateAvailability	dos	multiple	Google Security Research
2019-08-05	Apache Tika 1.15 – 1.17 – Header Command Injection (Metasploit)	remote	windows	Metasploit
2019-08-05	ARMBot Botnet – Arbitrary Code Execution	remote	multiple	prsecurity
2019-08-05	macOS iMessage – Heap Overflow when Deserializing	dos	macos	Google Security Research
2019-08-02	1CRM On-Premise Software 8.5.7 – Persistent Cross-Site Scripting	webapps	php	Kusol Watchara-Apanukorn
2019-08-02	Sar2HTML 3.2.1 – Remote Command Execution	webapps	php	Cemal Cihad ÇİFTÇİ
2019-08-02	Rest – Cafe and Restaurant Website CMS – ‘slug’ SQL Injection	webapps	php	n1x_
2019-08-01	Cisco Catalyst 3850 Series Device Manager – Cross-Site Request Forgery	webapps	hardware	Alperen Soydan
2019-08-01	WebIncorp ERP – SQL injection	webapps	php	n1x_
2019-08-01	SilverSHielD 6.x – Local Privilege Escalation	local	multiple	Ian Bredemeyer
2019-08-01	Ultimate Loan Manager 2.0 – Cross-Site Scripting	webapps	multiple	Metin Yunus Kandemir
2019-07-31	Oracle Hyperion Planning 11.1.2.3 – XML External Entity	webapps	multiple	Lucas Dinucci
2019-07-30	iMessage – NSKeyedUnarchiver Deserialization Allows file Backed NSData Objects	dos	multiple	Google Security Research
2019-07-30	macOS / iOS NSKeyedUnarchiver – Use-After-Free of ObjC Objects when Unarchiving OITSUIntDictionary Instances	dos	multiple	Google Security Research
2019-07-30	iMessage – Memory Corruption when Decoding NSKnownKeysDictionary1	dos	multiple	Google Security Research
2019-07-30	iMessage – NSArray Deserialization can Invoke Subclass that does not Retain References	dos	multiple	Google Security Research
2019-07-30	macOS / iOS JavaScriptCore – JSValue Use-After-Free in ValueProfiles	dos	multiple	Google Security Research
2019-07-30	Redis 4.x / 5.x – Unauthenticated Code Execution (Metasploit)	remote	linux	Metasploit
2019-07-30	Amcrest Cameras 2.520.AC00.18.R – Unauthenticated Audio Streaming	webapps	hardware	Jacob Baines
2019-07-30	macOS / iOS JavaScriptCore – Loop-Invariant Code Motion (LICM) Leaves Object Property Access Unguarded	dos	multiple	Google Security Research
2019-07-29	WordPress Plugin Simple Membership 3.8.4 – Cross-Site Request Forgery	webapps	php	rubyman
2019-07-29	GigToDo 1.3 – Cross-Site Scripting	webapps	php	m0ze
2019-07-29	WordPress Theme Real Estate 2.8.9 – Cross-Site Scripting	webapps	php	m0ze
2019-07-29	Schneider Electric Pelco Endura NET55XX Encoder – Authentication Bypass (Metasploit)	remote	unix	Metasploit
2019-07-29	WordPress Plugin Database Backup < 5.2 - Remote Code Execution (Metasploit)	remote	php	Metasploit
2019-07-26	Ahsay Backup 7.x – 8.1.1.50 – Authenticated Arbitrary File Upload / Remote Code Execution (Metasploit)	webapps	jsp	Wietse Boonstra
2019-07-26	Moodle Filepicker 3.5.2 – Server Side Request Forgery	webapps	php	Fabian Mosch, Nick Theisinger
2019-07-26	Ahsay Backup 7.x – 8.1.1.50 – XML External Entity Injection	webapps	jsp	Wietse Boonstra
2019-07-26	Microsoft Windows 7 build 7601 (x86) – Local Privilege Escalation	local	windows_x86	ShivamTrivedi
2019-07-26	pdfresurrect 0.15 – Buffer Overflow	dos	linux	j0lama
2019-07-26	Ahsay Backup 8.1.1.50 – Insecure File Upload and Code Execution (Authenticated)	webapps	jsp	Wietse Boonstra
2019-07-25	Ovidentia 8.4.3 – SQL Injection	webapps	php	UserX
2019-07-25	MyBB < 1.8.21 - Remote Code Execution	webapps	php	Giovanni Chhatta
2019-07-25	Ovidentia 8.4.3 – Cross-Site Scripting	webapps	php	n3k00n3
2019-07-25	WebKit – Universal Cross-Site Scripting due to Synchronous Page Loads	dos	multiple	Google Security Research
2019-07-24	WordPress Plugin Hybrid Composer 1.4.6 – Improper Access Restrictions	webapps	php	yasin
2019-07-24	Linux Kernel 4.10 < 5.1.17 - 'PTRACE_TRACEME' pkexec Local Privilege Escalation	local	linux	bcoles
2019-07-24	Cisco Wireless Controller 3.6.10E – Cross-Site Request Forgery	webapps	hardware	Mehmet Onder
2019-07-24	NoviSmart CMS – SQL injection	webapps	php	n1x_
2019-07-24	Trend Micro Deep Discovery Inspector IDS – Security Bypass	remote	multiple	hyp3rlinx
2019-07-24	Apple iMessage – DigitalTouch tap Message Processing Out-of-Bounds Read	dos	watchos	Google Security Research
2019-07-24	Android 7 < 9 - Remote Code Execution	remote	android	Marcin Kozlowski