multiple

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2024-05-13 CrushFTP < 11.1.0 - Directory Traversal
  • remote
    		•  Abdualhadi khalifa
    2024-05-08 iboss Secure Web Gateway – Stored Cross-Site Scripting (XSS)
  • webapps
    		•  modrnProph3t
    2024-04-12 PrusaSlicer 2.6.1 – Arbitrary code execution
  • local
    		•  Kamil Breński
    2024-03-28 Broken Access Control – on NodeBB v3.6.7
  • webapps
    		•  Vibhor Sharma
    2024-03-28 Asterisk AMI – Partial File Content & Path Disclosure (Authenticated)
  • remote
    		•  Sean Pesce
    2024-03-25 Nagios XI Version 2024R1.01 – SQL Injection
  • webapps
    		•  Jarod Jaslow (MAWK)
    2024-03-18 Atlassian Confluence < 8.5.3 - Remote Code Execution
  • webapps
    		•  MaanVader
    2024-03-16 vm2 – sandbox escape
  • local
    		•  Calil Khalil
    2024-03-12 SnipeIT 6.2.1 – Stored Cross Site Scripting
  • webapps
    		•  Shahzaib Ali Khan
    2024-03-12 VMware Cloud Director 10.5 – Bypass identity verification
  • remote
    		•  Abdualhadi khalifa
    2024-03-12 OSGi v3.7.2 (and below) Console – RCE
  • webapps
    		•  Andrzej Olchawa, Milenko Starcik
    2024-03-12 OSGi v3.8-3.18 Console – RCE
  • webapps
    		•  Andrzej Olchawa, Milenko Starcik
    2024-03-11 Adobe ColdFusion versions 2018,15 (and earlier) and 2021,5 and earlier – Arbitrary File Read
  • webapps
    		•  Youssef Muhammad
    2024-03-03 Easywall 0.3.1 – Authenticated Remote Command Execution
  • webapps
    		•  Melvin Mejia
    2024-03-03 A-PDF All to MP3 Converter 2.0.0 – DEP Bypass via HeapCreate + HeapAlloc
  • local
    		•  George Washington
    2024-03-03 Magento ver. 2.4.6 – XSLT Server Side Injection
  • webapps
    		•  tmrswrr
    2024-02-27 Atlassian Confluence Data Center and Server – Authentication Bypass (Metasploit)
  • webapps
    		•  Emir Polat
    2024-02-27 Executables Created with perl2exe < V30.10C - Arbitrary Code Execution
  • remote
    		•  decrazyo
    2024-02-26 Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'DoS'
  • dos
    		•  hyp3rlinx
    2024-02-26 Wyrestorm Apollo VX20 < 1.3.58 - Account Enumeration
  • remote
    		•  hyp3rlinx
    2024-02-26 Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'Credentials Disclosure'
  • remote
    		•  hyp3rlinx
    2024-02-19 Wondercms 4.3.2 – XSS to RCE
  • webapps
    		•  Anas Zakir
    2024-02-19 SureMDM On-premise < 6.31 - CAPTCHA Bypass User Enumeration
  • webapps
    		•  Jonas Benjamin Friedli
    2024-02-15 SISQUALWFM 7.1.319.103 – Host Header Injection
  • webapps
    		•  Omer Shaik