Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2024-04-08	Open Source Medicine Ordering System v1.0 – SQLi	webapps	php	Onur Karasalihoğlu
2024-04-08	Daily Expense Manager 1.0 – ‘term’ SQLi	webapps	php	Stefan Hesselman
2024-04-08	Best Student Result Management System v1.0 – Multiple SQLi	webapps	php	nu11secur1ty
2024-04-08	Human Resource Management System v1.0 – Multiple SQLi	webapps	php	nu11secur1ty
2024-04-08	Positron Broadcast Signal Processor TRA7005 v1.20 – Authentication Bypass	remote	hardware	LiquidWorm
2024-04-08	WordPress Theme Travelscape v1.0.3 – Arbitrary File Upload	webapps	php	Milad karimi
2024-04-08	AnyDesk 7.0.15 – Unquoted Service Path	local	windows	Milad karimi
2024-04-03	ESET NOD32 Antivirus 17.0.16.0 – Unquoted Service Path	local	windows	Milad karimi
2024-04-03	WordPress Plugin Alemha Watermarker 1.3.1 – Stored Cross-Site Scripting (XSS)	webapps	php	Erdemstar
2024-04-03	Computer Laboratory Management System v1.0 – Multiple-SQLi	webapps	php	nu11secur1ty
2024-04-02	FoF Pretty Mail 1.1.2 – Server Side Template Injection (SSTI)	webapps	php	Chokri Hammedi
2024-04-02	Axigen < 10.5.7 - Persistent Cross-Site Scripting	webapps	php	Vincent McRae, Mesut Cetin
2024-04-02	FoF Pretty Mail 1.1.2 – Local File Inclusion (LFI)	webapps	php	Chokri Hammedi
2024-04-02	Gibbon LMS v26.0.00 – SSTI vulnerability	webapps	php	Ali Maharramli,Fikrat Guliev,Islam Rzayev
2024-04-02	Microsoft Windows 10.0.17763.5458 – Kernel Privilege Escalation	local	windows	E1 Coders
2024-04-02	Casdoor < v1.331.0 - '/api/set-password' CSRF	webapps	go	Van Lam Nguyen
2024-04-02	Hospital Management System v1.0 – Stored Cross Site Scripting (XSS)	webapps	php	Sandeep Vishwakarma
2024-04-02	Microsoft Windows Defender – Detection Mitigation Bypass TrojanWin32Powessere.G	local	windows	hyp3rlinx
2024-04-02	E-INSUARANCE v1.0 – Stored Cross Site Scripting (XSS)	webapps	php	Sandeep Vishwakarma
2024-04-02	WordPress Plugin – Membership For WooCommerce < v2.1.7 - Arbitrary File Upload to Shell (Unauthenticated)	webapps	php	Milad karimi
2024-04-02	Petrol Pump Management Software v1.0 – Remote Code Execution (RCE)	webapps	php	Sandeep Vishwakarma
2024-04-02	Smart School 6.4.1 – SQL Injection	webapps	php	CraCkEr
2024-04-02	GL-iNet MT6000 4.5.5 – Arbitrary File Download	remote	hardware	Bandar Alharbi
2024-04-02	CE Phoenix v1.0.8.20 – Remote Code Execution	webapps	php	tmrswrr
2024-04-02	Rapid7 nexpose – ‘nexposeconsole’ Unquoted Service Path	local	windows	Saud Alenazi
2024-04-02	Elementor Website Builder < 3.12.2 - Admin+ SQLi	webapps	php	E1 Coders
2024-04-02	OpenCart Core 4.0.2.3 – ‘search’ SQLi	webapps	php	Saud Alenazi
2024-04-02	Blood Bank v1.0 – Stored Cross Site Scripting (XSS)	webapps	php	Ersin Erenler
2024-04-02	ASUS Control Center Express 01.06.15 – Unquoted Service Path	local	windows	Alaa Kachouh
2024-04-02	Daily Habit Tracker 1.0 – Broken Access Control	webapps	php	Yevhenii Butenko
2024-04-02	Online Hotel Booking In PHP 1.0 – Blind SQL Injection (Unauthenticated)	webapps	php	Gian Paris C. Agsam
2024-04-02	Daily Habit Tracker 1.0 – SQL Injection	webapps	php	Yevhenii Butenko
2024-04-02	Simple Backup Plugin Python Exploit 2.7.10 – Path Traversal	webapps	php	Ven3xy
2024-04-02	Daily Habit Tracker 1.0 – Stored Cross-Site Scripting (XSS)	webapps	php	Yevhenii Butenko
2024-04-02	Employee Management System 1.0 – `txtusername` and `txtpassword` SQL Injection (Admin Login)	webapps	php	Yevhenii Butenko
2024-04-02	Employee Management System 1.0 – `txtfullname` and `txtphone` SQL Injection	webapps	php	Yevhenii Butenko
2024-04-02	LeptonCMS 7.0.0 – Remote Code Execution (RCE) (Authenticated)	webapps	php	tmrswrr
2024-03-28	RouterOS 6.40.5 – 6.44 and 6.48.1 – 6.49.10 – Denial of Service	dos	hardware	ice-wzl
2024-03-28	Broken Access Control – on NodeBB v3.6.7	webapps	multiple	Vibhor Sharma
2024-03-28	Purei CMS 1.0 – SQL Injection	webapps	php	Number 7
2024-03-28	Workout Journal App 1.0 – Stored XSS	webapps	php	MURAT CAGRI ALIS
2024-03-28	Asterisk AMI – Partial File Content & Path Disclosure (Authenticated)	remote	multiple	Sean Pesce
2024-03-28	liveSite Version 2019.1 – Remote Code Execution	webapps	php	tmrswrr
2024-03-28	WinRAR version 6.22 – Remote Code Execution via ZIP archive	remote	windows	E1 Coders
2024-03-28	Dell Security Management Server <1.9.0 - Local Privilege Escalation	local	linux	Amirhossein Bahramizadeh
2024-03-28	Siklu MultiHaul TG series < 2.0.0 - unauthenticated credential disclosure	remote	hardware	semaja2
2024-03-25	LimeSurvey Community 5.3.32 – Stored XSS	webapps	php	Subhankar Singh
2024-03-25	Nagios XI Version 2024R1.01 – SQL Injection	webapps	multiple	Jarod Jaslow (MAWK)
2024-03-25	Wallos < 1.11.2 - File Upload RCE	webapps	php	sml
2024-03-25	Tourism Management System v2.0 – Arbitrary File Upload	webapps	php	SoSPiro