multiple

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2021-08-30 ZesleCP 3.1.9 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  numan türle
    2021-08-27 CyberPanel 2.1 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  numan türle
    2021-08-26 ProcessMaker 3.5.4 – Local File inclusion
  • webapps
    		•  Ai Ho
    2021-08-12 Altova MobileTogether Server 7.3 – XML External Entity Injection (XXE)
  • webapps
    		•  RedTeam Pentesting GmbH
    2021-08-10 Cockpit CMS 0.11.1 – ‘Username Enumeration & Password Reset’ NoSQL Injection
  • webapps
    		•  Brian Ombongi
    2021-08-05 GFI Mail Archiver 15.1 – Telerik UI Component Arbitrary File Upload (Unauthenticated)
  • webapps
    		•  Amin Bohio
    2021-07-29 Oracle Fatwire 6.3 – Multiple Vulnerabilities
  • webapps
    		•  J. Francisco Bolivar
    2021-07-26 Elasticsearch ECE 7.13.3 – Anonymous Database Dump
  • webapps
    		•  Joan Martinez
    2021-07-23 ElasticSearch 7.13.3 – Memory disclosure
  • webapps
    		•  r0ny
    2021-07-13 Apache Tomcat 9.0.0.M1 – Cross-Site Scripting (XSS)
  • webapps
    		•  Central InfoSec
    2021-07-13 Apache Tomcat 9.0.0.M1 – Open Redirect
  • webapps
    		•  Central InfoSec
    2021-07-08 Wyomind Help Desk 1.3.6 – Remote Code Execution (RCE)
  • webapps
    		•  Patrik Lantz
    2021-07-06 Visual Tools DVR VX16 4.2.28.0 – OS Command Injection (Unauthenticated)
  • webapps
    		•  Andrea D\'Ubaldo
    2021-07-06 perfexcrm 1.10 – ‘State’ Stored Cross-site scripting (XSS)
  • webapps
    		•  Alhasan Abbas
    2021-07-02 Scratch Desktop 3.17 – Remote Code Execution
  • webapps
    		•  Stig Magnus Baugstø
    2021-07-01 Vianeos OctoPUS 5 – ‘login_user’ SQLi
  • webapps
    		•  Audencia Business SCHOOL Red Team
    2021-06-30 Simple Traffic Offense System 1.0 – Stored Cross Site Scripting (XSS)
  • webapps
    		•  Barış Yıldızoğlu
    2021-06-30 Apache Superset 1.1.0 – Time-Based Account Enumeration
  • webapps
    		•  Dolev Farhi
    2021-06-24 VMware vCenter Server 7.0 – Remote Code Execution (RCE) (Unauthenticated)
  • webapps
    		•  CHackA0101
    2021-06-14 Accela Civic Platform 21.1 – ‘contactSeqNumber’ Insecure Direct Object References (IDOR)
  • webapps
    		•  Abdulazeez Alaseeri
    2021-06-14 Accela Civic Platform 21.1 – ‘successURL’ Cross-Site-Scripting (XSS)
  • webapps
    		•  Abdulazeez Alaseeri
    2021-06-11 Accela Civic Platform 21.1 – ‘servProvCode’ Cross-Site-Scripting (XSS)
  • webapps
    		•  Abdulazeez Alaseeri
    2021-06-11 Solar-Log 500 2.8.2 – Unprotected Storage of Credentials
  • webapps
    		•  Luca.Chiou
    2021-06-11 Solar-Log 500 2.8.2 – Incorrect Access Control
  • webapps
    		•  Luca.Chiou