multiple

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2020-12-02 Artworks Gallery 1.0 – Arbitrary File Upload RCE (Authenticated) via Edit Profile
  • webapps
    		•  Shahrukh Iqbal Mirza
    2020-12-02 Artworks Gallery 1.0 – Arbitrary File Upload RCE (Authenticated) via Add Artwork
  • webapps
    		•  Shahrukh Iqbal Mirza
    2020-12-01 Tendenci 12.3.1 – CSV/ Formula Injection
  • webapps
    		•  Mufaddal Masalawala
    2020-12-01 Setelsa Conacwin 3.7.1.2 – Local File Inclusion
  • webapps
    		•  Bryan Rodriguez Martin
    2020-11-27 Acronis Cyber Backup 12.5 Build 16341 – Unauthenticated SSRF
  • webapps
    		•  Julien Ahrens
    2020-11-27 SAP Lumira 1.31 – Stored Cross-Site Scripting
  • local
    		•  Ilca Lucian Florin
    2020-11-26 Pure-FTPd 1.0.48 – Remote Denial of Service
  • dos
    		•  xynmaps
    2020-11-24 Apache OpenMeetings 5.0.0 – ‘hostname’ Denial of Service
  • webapps
    		•  SunCSR
    2020-11-24 nopCommerce Store 4.30 – ‘name’ Stored Cross-Site Scripting
  • webapps
    		•  Hemant Patidar
    2020-11-23 LifeRay 7.2.1 GA2 – Stored XSS
  • webapps
    		•  3ndG4me
    2020-11-19 Nagios Log Server 2.1.7 – Persistent Cross-Site Scripting
  • webapps
    		•  Emre ÖVÜNÇ
    2020-11-19 M/Monit 3.7.4 – Password Disclosure
  • webapps
    		•  Dolev Farhi
    2020-11-19 M/Monit 3.7.4 – Privilege Escalation
  • webapps
    		•  Dolev Farhi
    2020-11-19 TestBox CFML Test Framework 4.1.0 – Directory Traversal
  • webapps
    		•  Darren King
    2020-11-19 TestBox CFML Test Framework 4.1.0 – Arbitrary File Write and Remote Code Execution
  • webapps
    		•  Darren King
    2020-11-19 xuucms 3 – ‘keywords’ SQL Injection
  • webapps
    		•  icekam
    2020-11-19 PESCMS TEAM 2.3.2 – Multiple Reflected XSS
  • webapps
    		•  icekam
    2020-11-18 BigBlueButton 2.2.25 – Arbitrary File Disclosure and Server-Side Request Forgery
  • webapps
    		•  RedTeam Pentesting GmbH
    2020-11-17 Apache Struts 2.5.20 – Double OGNL evaluation
  • remote
    		•  West Shepherd
    2020-11-17 Aerospike Database 5.1.0.3 – OS Command Execution
  • remote
    		•  Matt S
    2020-11-13 Touchbase.io 1.10 – Stored Cross Site Scripting
  • webapps
    		•  Simran Sankhala
    2020-11-13 Apache Tomcat – AJP ‘Ghostcat’ File Read/Inclusion (Metasploit)
  • webapps
    		•  SunCSR
    2020-11-09 Joplin 1.2.6 – ‘link’ Cross Site Scripting
  • webapps
    		•  Philip Holbrook
    2020-10-30 Citadel WebCit < 926 - Session Hijacking Exploit
  • webapps
    		•  Simone Quatrini