java

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2015-10-28 JIRA and HipChat for JIRA Plugin – Velocity Template Injection
  • webapps
    		•  Chris Wood
    2015-09-17 ManageEngine OpManager – Remote Code Execution (Metasploit)
  • remote
    		•  Metasploit
    2015-08-28 Jenkins 1.626 – Cross-Site Request Forgery / Code Execution
  • webapps
    		•  smash
    2015-07-21 SysAid Help Desk ‘rdslogs’ – Arbitrary File Upload (Metasploit)
  • remote
    		•  Metasploit
    2015-05-26 Apache JackRabbit – WebDAV XML External Entity
  • webapps
    		•  Mikhail Egorov
    2015-05-08 Novell ZENworks Configuration Management – Arbitrary File Upload (Metasploit)
  • remote
    		•  Metasploit
    2015-03-30 JBoss JMXInvokerServlet JMXInvoker 0.3 – Remote Command Execution
  • webapps
    		•  ikki
    2015-03-19 EMC M&R (Watch4net) – Directory Traversal
  • webapps
    		•  Han Sahin
    2015-03-19 EMC M&R (Watch4net) – Credential Disclosure
  • webapps
    		•  Han Sahin
    2015-03-18 Websense Appliance Manager – Command Injection
  • webapps
    		•  Han Sahin
    2015-03-16 ElasticSearch – Search Groovy Sandbox Bypass (Metasploit)
  • remote
    		•  Metasploit
    2015-02-17 Java JMX – Server Insecure Configuration Java Code Execution (Metasploit)
  • remote
    		•  Metasploit
    2015-01-20 ManageEngine (Multiple Products) – (Authenticated) Arbitrary File Upload (Metasploit)
  • remote
    		•  Metasploit
    2015-01-13 Lexmark MarkVision Enterprise – Arbitrary File Upload (Metasploit)
  • remote
    		•  Metasploit
    2014-11-10 Visual Mining NetCharts Server – Remote Code Execution (Metasploit)
  • remote
    		•  Metasploit
    2014-10-02 ManageEngine OpManager / Social IT – Arbitrary File Upload (Metasploit)
  • remote
    		•  Pedro Ribeiro
    2014-09-15 SolarWinds Storage Manager – Authentication Bypass (Metasploit)
  • remote
    		•  Metasploit
    2014-06-27 HP AutoPass License Server – Arbitrary File Upload (Metasploit)
  • remote
    		•  Metasploit
    2014-06-12 Yealink VoIP Phones – ‘/servlet’ HTTP Response Splitting
  • webapps
    		•  Jesus Oquendo
    2014-05-30 ElasticSearch Dynamic Script – Arbitrary Java Execution (Metasploit)
  • remote
    		•  Metasploit
    2014-02-05 Apache Struts – Developer Mode OGNL Execution (Metasploit)
  • remote
    		•  Metasploit
    2013-12-03 Cisco Prime Data Center Network Manager – Arbitrary File Upload (Metasploit)
  • remote
    		•  Metasploit
    2013-11-30 Ametys CMS 3.5.2 – ‘lang’ XPath Injection
  • webapps
    		•  LiquidWorm
    2013-11-27 Apache Roller – OGNL Injection (Metasploit)
  • remote
    		•  Metasploit