webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2019-12-30 AVE DOMINAplus 1.10.x – Unauthenticated Remote Reboot
  • webapps
    		•  LiquidWorm
    2019-12-30 AVE DOMINAplus 1.10.x – Credential Disclosure
  • webapps
    		•  LiquidWorm
    2019-12-30 WEMS BEMS 21.3.1 – Undocumented Backdoor Account
  • webapps
    		•  LiquidWorm
    2019-12-30 XEROX WorkCentre 7830 Printer – Cross-Site Request Forgery (Add Admin)
  • webapps
    		•  Ismail Tasdelen
    2019-12-30 XEROX WorkCentre 7855 Printer – Cross-Site Request Forgery (Add Admin)
  • webapps
    		•  Ismail Tasdelen
    2019-12-24 Django < 3.0 < 2.2 < 1.11 - Account Hijack
  • webapps
    		•  Ryuji Tsutsui
    2019-12-20 phpMyChat-Plus 1.98 – ‘pmc_username’ Reflected Cross-Site Scripting
  • webapps
    		•  Chris Inzinga
    2019-12-19 Deutsche Bahn Ticket Vending Machine Local Kiosk – Privilege Escalation
  • webapps
    		•  Vulnerability-Lab
    2019-12-18 Tautulli 2.1.9 – Cross-Site Request Forgery (ShutDown)
  • webapps
    		•  Ismail Tasdelen
    2019-12-18 Telerik UI – Remote Code Execution via Insecure Deserialization
  • webapps
    		•  Bishop Fox
    2019-12-18 Rumpus FTP Web File Manager 8.2.9.1 – Reflected Cross-Site Scripting
  • webapps
    		•  Harshit Shukla
    2019-12-18 Xerox AltaLink C8035 Printer – Cross-Site Request Forgery (Add Admin)
  • webapps
    		•  Ismail Tasdelen
    2019-12-17 NopCommerce 4.2.0 – Privilege Escalation
  • webapps
    		•  Alessandro Magnosi
    2019-12-17 Netgear R6400 – Remote Code Execution
  • webapps
    		•  Kevin Randall
    2019-12-17 Zendesk App SweetHawk Survey 1.6 – Persistent Cross-Site Scripting
  • webapps
    		•  MTK
    2019-12-16 D-Link DIR-615 – Privilege Escalation
  • webapps
    		•  Sanyam Chawla
    2019-12-16 Roxy Fileman 1.4.5 – Directory Traversal
  • webapps
    		•  Patrik Lantz
    2019-12-16 D-Link DIR-615 Wireless Router – Persistent Cross-Site Scripting
  • webapps
    		•  Sanyam Chawla
    2019-12-13 NVMS 1000 – Directory Traversal
  • webapps
    		•  numan türle
    2019-12-12 ManageEngine Desktop Central – ‘FileStorage getChartImage’ Deserialization / Unauthenticated Remote Code Execution
  • webapps
    		•  mr_me
    2019-12-12 Bullwark Momentum Series JAWS 1.0 – Directory Traversal
  • webapps
    		•  numan türle
    2019-12-12 OpenNetAdmin 18.1.1 – Command Injection Exploit (Metasploit)
  • webapps
    		•  Onur ER
    2019-12-11 Apache Olingo OData 4.0 – XML External Entity Injection
  • webapps
    		•  Compass Security
    2019-12-10 Inim Electronics Smartliving SmartLAN 6.x – Remote Command Execution
  • webapps
    		•  LiquidWorm