java

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2021-11-03 Eclipse Jetty 11.0.5 – Sensitive File Disclosure
  • webapps
    		•  Mayank Deshmukh
    2021-10-22 Jetty 9.4.37.v20210219 – Information Disclosure
  • webapps
    		•  Mayank Deshmukh
    2021-10-13 Keycloak 12.0.1 – ‘request_uri ‘ Blind Server-Side Request Forgery (SSRF) (Unauthenticated)
  • webapps
    		•  Mayank Deshmukh
    2021-10-05 Atlassian Confluence 7.12.2 – Pre-Authorization Arbitrary File Read
  • webapps
    		•  Mayank Deshmukh
    2021-09-01 Confluence Server 7.12.4 – ‘OGNL injection’ Remote Code Execution (RCE) (Unauthenticated)
  • webapps
    		•  Fellipe Oliveira
    2021-08-04 ApacheOfBiz 17.12.01 – Remote Command Execution (RCE)
  • webapps
    		•  Adrián Díaz
    2021-08-02 Neo4j 3.4.18 – RMI based Remote Code Execution (RCE)
  • remote
    		•  Christopher Ellis
    2021-07-29 CloverDX 5.9.0 – Cross-Site Request Forgery (CSRF)
  • webapps
    		•  niebardzo
    2021-07-16 ForgeRock Access Manager 14.6.3 – Remote Code Execution (RCE) (Unauthenticated)
  • webapps
    		•  Photubias
    2021-06-17 Zoho ManageEngine ServiceDesk Plus MSP 9.4 – User Enumeration
  • webapps
    		•  Ricardo Ruiz
    2021-05-24 Shopizer 2.16.0 – ‘Multiple’ Cross-Site Scripting (XSS)
  • webapps
    		•  Marek Toth
    2021-04-14 CITSmart ITSM 9.1.2.27 – ‘query’ Time-based Blind SQL Injection (Authenticated)
  • webapps
    		•  skysbsb
    2021-04-14 CITSmart ITSM 9.1.2.22 – LDAP Injection
  • webapps
    		•  skysbsb
    2021-03-29 Novel Boutique House-plus 3.5.1 – Arbitrary File Download
  • webapps
    		•  tuyiqiang
    2021-03-05 CatDV 9.2 – RMI Authentication Bypass
  • remote
    		•  Christopher Ellis
    2021-01-26 Oracle WebLogic Server 12.2.1.0 – RCE (Unauthenticated)
  • webapps
    		•  CHackA0101
    2021-01-22 Oracle WebLogic Server 14.1.1.0 – RCE (Authenticated)
  • webapps
    		•  Photubias
    2021-01-08 Apache Flink 1.11.0 – Unauthenticated Arbitrary File Read (Metasploit)
  • webapps
    		•  SunCSR Team
    2021-01-06 Sonatype Nexus 3.21.1 – Remote Code Execution (Authenticated)
  • webapps
    		•  1F98D
    2021-01-06 H2 Database 1.4.199 – JNI Code Execution
  • local
    		•  1F98D
    2020-12-14 Jenkins 2.235.3 – ‘X-Forwarded-For’ Stored XSS
  • webapps
    		•  gx1
    2020-12-11 Jenkins 2.235.3 – ‘Description’ Stored XSS
  • webapps
    		•  gx1
    2020-12-11 Jenkins 2.235.3 – ‘tooltip’ Stored Cross-Site Scripting
  • webapps
    		•  gx1
    2020-11-02 Apache Flink 1.9.x – File Upload RCE (Unauthenticated)
  • webapps
    		•  bigger.wing