Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2024-02-02

WebCatalog 48.4 – Arbitrary Protocol Execution
  • remote
  • windows
    		• ItsSixtyN3in
    2024-02-02

    Juniper-SRX-Firewalls&EX-switches – (PreAuth-RCE) (PoC)
  • webapps
  • php
    		• whiteOwl
    2024-02-02

    Electrolink FM/DAB/TV Transmitter – Pre-Auth MPFS Image Remote Code Execution
  • webapps
  • hardware
    		• LiquidWorm
    2024-02-02

    Electrolink FM/DAB/TV Transmitter – Unauthenticated Remote DoS
  • dos
  • hardware
    		• LiquidWorm
    2024-01-31

    RoyalTSX 6.0.1 – RTSZ File Handling Heap Memory Corruption PoC
  • remote
  • macos
    		• LiquidWorm
    2024-01-31

    Proxmox VE – TOTP Brute Force
  • remote
  • linux
    		• Cory Cline, Gabe Rust
    2024-01-31

    GoAhead Web Server 2.5 – ‘goform/formTest’ Multiple HTML Injection Vulnerabilities
  • webapps
  • multiple
    		• Syed Affan Ahmed (ZEROXINN)
    2024-01-31

    Grocy <=4.0.2 - CSRF
  • webapps
  • php
    		• Chance Proctor
    2024-01-31

    101 News 1.0 – Multiple-SQLi
  • webapps
  • php
    		• nu11secur1ty
    2024-01-31

    Academy LMS 6.2 – SQL Injection
  • webapps
  • php
    		• CraCkEr
    2024-01-29

    Fundraising Script 1.0 – SQLi
  • webapps
  • php
    		• nu11secur1ty
    2024-01-29

    Typora v1.7.4 – OS Command Injection
  • local
  • windows
    		• Ahmet Ümit BAYRAM
    2024-01-29

    Bank Locker Management System – SQL Injection
  • webapps
  • php
    		• SoSPiro
    2024-01-29

    Blood Bank & Donor Management System using v2.2 – Stored XSS
  • remote
  • php
    		• SoSPiro
    2024-01-29

    Equipment Rental Script-1.0 – SQLi
  • remote
  • php
    		• nu11secur1ty
    2024-01-29

    7 Sticky Notes v1.9 – OS Command Injection
  • local
  • windows
    		• Ahmet Ümit BAYRAM
    2024-01-29

    Ricoh Printer – Directory and File Exposure
  • remote
  • hardware
    		• Thomas Heverin
    2024-01-29

    PHP Shopping Cart 4.2 – Multiple-SQLi
  • webapps
  • php
    		• nu11secur1ty
    2023-10-09

    Media Library Assistant WordPress Plugin – RCE and LFI
  • webapps
  • php
    		• Florent MONTEL
    2023-10-09

    WEBIGniter v28.7.23 File Upload – Remote Code Execution
  • webapps
  • php
    		• nu11secur1ty
    2023-10-09

    WordPress Plugin Masterstudy LMS – 3.0.17 – Unauthenticated Instructor Account Creation
  • webapps
  • php
    		• Revan Arifio
    2023-10-09

    Minio 2022-07-29T19-40-48Z – Path traversal
  • webapps
  • go
    		• Jenson Zhao
    2023-10-09

    Microsoft Windows 11 – ‘apds.dll’ DLL hijacking (Forced)
  • local
  • windows
    		• Moein Shahabi
    2023-10-09

    Tinycontrol LAN Controller v3 (LK3) 1.58a – Remote Admin Password Change
  • remote
  • hardware
    		• LiquidWorm
    2023-10-09

    Splunk 9.0.5 – admin account take over
  • webapps
  • multiple
    		• Redway Security
    2023-10-09

    Tinycontrol LAN Controller v3 (LK3) 1.58a – Remote Credentials Extraction
  • remote
  • hardware
    		• LiquidWorm
    2023-10-09

    OpenPLC WebServer 3 – Denial of Service
  • dos
  • multiple
    		• Kai Feng
    2023-10-09

    Tinycontrol LAN Controller v3 (LK3) 1.58a – Remote Denial Of Service
  • dos
  • hardware
    		• LiquidWorm
    2023-10-09

    Shuttle-Booking-Software v1.0 – Multiple-SQLi
  • webapps
  • php
    		• nu11secur1ty
    2023-10-09

    Clcknshop 1.0.0 – SQL Injection
  • webapps
  • php
    		• CraCkEr
    2023-10-09

    Limo Booking Software v1.0 – CORS
  • webapps
  • php
    		• nu11secur1ty
    2023-10-09

    Online ID Generator 1.0 – Remote Code Execution (RCE)
  • webapps
  • php
    		• nu11secur1ty
    2023-10-09

    Webedition CMS v2.9.8.8 – Blind SSRF
  • webapps
  • php
    		• Mirabbas Ağalarov
    2023-10-09

    Ruijie Reyee Mesh Router – MITM Remote Code Execution (RCE)
  • remote
  • hardware
    		• Riyan Firmansyah of Seclab
    2023-10-09

    Atcom 2.7.x.x – Authenticated Command Injection
  • remote
  • hardware
    		• Mohammed Adel
    2023-10-09

    GLPI GZIP(Py3) 9.4.5 – RCE
  • webapps
  • php
    		• Brian Peters
    2023-10-09

    BoidCMS v2.0.0 – authenticated file upload vulnerability
  • webapps
  • php
    		• 1337kid
    2023-10-09

    Cacti 1.2.24 – Authenticated command injection when using SNMP options
  • webapps
  • php
    		• Antonio Francesco Sardella
    2023-10-09

    WordPress Sonaar Music Plugin 4.7 – Stored XSS
  • webapps
  • php
    		• Furkan Karaarslan
    2023-10-09

    Coppermine Gallery 1.6.25 – RCE
  • webapps
  • php
    		• Mirabbas Ağalarov
    2023-09-08

    Techview LA-5570 Wireless Gateway Home Automation Controller – Multiple Vulnerabilities
  • remote
  • hardware
    		• The Security Team [exploitsecurity.io]
    2023-09-08

    GOM Player 2.3.90.5360 – Remote Code Execution (RCE)
  • remote
  • windows
    		• M. Akil Gündoğan
    2023-09-08

    soosyze 2.0.0 – File Upload
  • webapps
  • php
    		• nu11secur1ty
    2023-09-08

    Wp2Fac – OS Command Injection
  • webapps
  • php
    		• Ahmet Ümit BAYRAM
    2023-09-08

    WordPress Plugin Elementor 3.5.5 – Iframe Injection
  • webapps
  • php
    		• Miguel Santareno
    2023-09-08

    Jorani v1.0.3-(c)2014-2023 – XSS Reflected & Information Disclosure
  • webapps
  • php
    		• nu11secur1ty
    2023-09-08

    SPA-Cart eCommerce CMS 1.9.0.3 – SQL Injection
  • webapps
  • php
    		• CraCkEr
    2023-09-08

    SyncBreeze 15.2.24 – ‘login’ Denial of Service
  • dos
  • windows
    		• mohamed youssef
    2023-09-08

    GOM Player 2.3.90.5360 – Buffer Overflow (PoC)
  • local
  • windows
    		• Ahmet Ümit BAYRAM
    2023-09-08

    Drupal 10.1.2 – web-cache-poisoning-External-service-interaction
  • webapps
  • php
    		• nu11secur1ty