multiple

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2022-02-18 Fortinet Fortimail 7.0.1 – Reflected Cross-Site Scripting (XSS)
  • webapps
    		•  Braiant Giraldo Villa
    2022-02-16 ServiceNow – Username Enumeration
  • webapps
    		•  Victor Hanna
    2022-02-08 FileBrowser 2.17.2 – Cross Site Request Forgery (CSRF) to Remote Code Execution (RCE)
  • webapps
    		•  FEBIN MON SAJI
    2022-02-04 Servisnet Tessa – Privilege Escalation (Metasploit)
  • webapps
    		•  AkkuS
    2022-02-04 Servisnet Tessa – Add sysAdmin User (Unauthenticated) (Metasploit)
  • webapps
    		•  AkkuS
    2022-02-04 Servisnet Tessa – MQTT Credentials Dump (Unauthenticated) (Metasploit)
  • webapps
    		•  AkkuS
    2022-01-05 BeyondTrust Remote Support 6.0 – Reflected Cross-Site Scripting (XSS) (Unauthenticated)
  • webapps
    		•  Malcrove
    2022-01-05 ConnectWise Control 19.2.24707 – Username Enumeration
  • remote
    		•  Luca Cuzzolin
    2021-12-16 Cibele Thinfinity VirtualUI 2.5.41.0 – User Enumeration
  • webapps
    		•  Daniel Morales
    2021-12-09 Grafana 8.3.0 – Directory Traversal and Arbitrary File Read
  • webapps
    		•  s1gh
    2021-11-29 orangescrum 1.8.0 – ‘Multiple’ Cross-Site Scripting (XSS) (Authenticated)
  • webapps
    		•  Hubert Wojciechowski
    2021-11-29 orangescrum 1.8.0 – ‘Multiple’ SQL Injection (Authenticated)
  • webapps
    		•  Hubert Wojciechowski
    2021-11-29 orangescrum 1.8.0 – Privilege escalation (Authenticated)
  • webapps
    		•  Hubert Wojciechowski
    2021-11-26 Bagisto 1.3.3 – Client-Side Template Injection
  • webapps
    		•  Mohamed Abdellatif Jaber
    2021-11-23 FLEX 1085 Web 1.6.0 – HTML Injection
  • webapps
    		•  Mr Empy
    2021-11-23 Webrun 3.6.0.42 – ‘P_0’ SQL Injection
  • webapps
    		•  Vinicius Alves
    2021-11-16 CMDBuild 3.3.2 – ‘Multiple’ Cross Site Scripting (XSS)
  • webapps
    		•  Hosein Vita
    2021-11-15 KONGA 0.14.9 – Privilege Escalation
  • webapps
    		•  Fabricio Salomao
    2021-11-12 Mumara Classic 2.93 – ‘license’ SQL Injection (Unauthenticated)
  • webapps
    		•  Shain Lakin
    2021-11-11 FormaLMS 2.4.4 – Authentication Bypass
  • webapps
    		•  Cristian \'void\' Giustini
    2021-11-11 Apache HTTP Server 2.4.50 – Remote Code Execution (RCE) (3)
  • webapps
    		•  Valentin Lobstein
    2021-11-08 zlog 1.2.15 – Buffer Overflow
  • local
    		•  LIWEI
    2021-11-05 ImportExportTools NG 10.0.4 – HTML Injection
  • webapps
    		•  Vulnerability-Lab
    2021-11-03 Isshue Shopping Cart 3.5 – ‘Title’ Cross Site Scripting (XSS)
  • webapps
    		•  Vulnerability-Lab