Exploits

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers

共24443Exploits
日期 标题 类型 平台 作者
2023-09-08

GOM Player 2.3.90.5360 – Remote Code Execution (RCE)
  • remote
  • windows
    		• M. Akil Gündoğan
    2023-09-04

    Academy LMS 6.1 – Arbitrary File Upload
  • webapps
  • php
    		• CraCkEr
    2023-09-04

    Credit Lite 1.5.4 – SQL Injection
  • webapps
  • php
    		• CraCkEr
    2023-09-04

    NVClient v5.0 – Stack Buffer Overflow (DoS)
  • local
  • windows
    		• Ahmet Ümit BAYRAM
    2023-09-04

    Ivanti Avalanche

  • remote
  • windows
    		• Robel Campbell
    2023-09-04

    Hyip Rio 2.1 – Arbitrary File Upload
  • webapps
  • php
    		• CraCkEr
    2023-09-04

    SPA-Cart eCommerce CMS 1.9.0.3 – Reflected XSS
  • webapps
  • php
    		• CraCkEr
    2023-09-04

    Blood Donor Management System v1.0 – Stored XSS
  • webapps
  • php
    		• Ehlullah Albayrak
    2023-09-04

    Bus Reservation System 1.1 – Multiple-SQLi
  • webapps
  • php
    		• nu11secur1ty
    2023-09-04

    WP Statistics Plugin 13.1.5 current_page_id – Time based SQL injection (Unauthenticated)
  • webapps
  • php
    		• psychoSherlock
    2023-09-04

    Member Login Script 3.3 – Client-side desync
  • webapps
  • php
    		• nu11secur1ty
    2023-09-04

    DLINK DPH-400SE – Exposure of Sensitive Information
  • webapps
  • hardware
    		• tahaafarooq
    2023-09-04

    FileMage Gateway 1.10.9 – Local File Inclusion
  • webapps
  • multiple
    		• Bryce Raindayzz Harty
    2023-09-04

    Kingo ROOT 1.5.8 – Unquoted Service Path
  • local
  • windows
    		• Anish Feroz
    2023-09-04

    Freefloat FTP Server 1.0 – ‘PWD’ Remote Buffer Overflow
  • local
  • windows
    		• Waqas Ahmed Faroouqi
    2023-09-04

    AdminLTE PiHole 5.18 – Broken Access Control
  • webapps
  • php
    		• kv1to
    2023-09-04

    CSZ CMS 1.3.0 – Stored Cross-Site Scripting (Plugin ‘Gallery’)
  • webapps
  • php
    		• Daniel González
    2023-09-04

    CSZ CMS 1.3.0 – Stored Cross-Site Scripting (‘Photo URL’ and ‘YouTube URL’ )
  • webapps
  • php
    		• Daniel González
    2023-08-24

    Uvdesk 1.1.4 – Stored XSS (Authenticated)
  • webapps
  • php
    		• Hubert Wojciechowski
    2023-08-24

    User Registration & Login and User Management System v3.0 – SQL Injection (Unauthenticated)
  • webapps
  • php
    		• Ashutosh Singh Umath
    2023-08-24

    User Registration & Login and User Management System v3.0 – Stored Cross-Site Scripting (XSS)
  • webapps
  • php
    		• Ashutosh Singh Umath
    2023-08-21

    EuroTel ETL3100 – Transmitter Authorization Bypass (IDOR)
  • remote
  • hardware
    		• LiquidWorm
    2023-08-21

    EuroTel ETL3100 – Transmitter Default Credentials
  • remote
  • hardware
    		• LiquidWorm
    2023-08-21

    Dolibarr Version 17.0.1 – Stored XSS
  • webapps
  • php
    		• Furkan Karaarslan
    2023-08-21

    Inosoft VisiWin 7 2022-2.1 – Insecure Folders Permissions
  • local
  • windows
    		• shinnai
    2023-08-21

    TSPlus 16.0.0.0 – Remote Work Insecure Credential storage
  • remote
  • windows
    		• shinnai
    2023-08-21

    TSplus 16.0.0.0 – Remote Work Insecure Files and Folders
  • remote
  • windows
    		• shinnai
    2023-08-21

    TSplus 16.0.2.14 – Remote Access Insecure Files and Folders Permissions
  • remote
  • windows
    		• shinnai
    2023-08-21

    Taskhub CRM Tool 2.8.6 – SQL Injection
  • webapps
  • php
    		• Ahmet Ümit BAYRAM
    2023-08-21

    OVOO Movie Portal CMS v3.3.3 – SQL Injection
  • webapps
  • php
    		• Ahmet Ümit BAYRAM
    2023-08-21

    Global – Multi School Management System Express v1.0- SQL Injection
  • webapps
  • php
    		• Ahmet Ümit BAYRAM
    2023-08-21

    Color Prediction Game v1.0 – SQL Injection
  • webapps
  • php
    		• Ahmet Ümit BAYRAM
    2023-08-21

    Crypto Currency Tracker (CCT) 9.5 – Admin Account Creation (Unauthenticated)
  • webapps
  • php
    		• 0xBr
    2023-08-21

    PHPJabbers Business Directory Script v3.2 – Multiple Vulnerabilities
  • webapps
  • php
    		• Kerimcan Ozturk
    2023-08-21

    EuroTel ETL3100 – Transmitter Unauthenticated Config/Log Download
  • remote
  • hardware
    		• LiquidWorm
    2023-08-10

    OutSystems Service Studio 11.53.30 – DLL Hijacking
  • local
  • windows
    		• shinnai
    2023-08-10

    TP-Link Archer AX21 – Unauthenticated Command Injection
  • remote
  • hardware
    		• Voyag3r
    2023-08-08

    Emagic Data Center Management Suite v6.0 – OS Command Injection
  • webapps
  • php
    		• thewhiteh4t
    2023-08-08

    PHPJabbers Vacation Rental Script 4.0 – CSRF
  • webapps
  • php
    		• Hasan Ali YILDIR
    2023-08-08

    Social-Commerce 3.1.6 – Reflected XSS
  • webapps
  • php
    		• CraCkEr
    2023-08-08

    mooSocial 3.1.8 – Reflected XSS
  • webapps
  • php
    		• CraCkEr
    2023-08-08

    Pyro CMS 3.9 – Server-Side Template Injection (SSTI) (Authenticated)
  • webapps
  • Python
    		• Daniel Barros
    2023-08-08

    Lucee 5.4.2.17 – Authenticated Reflected XSS
  • webapps
  • multiple
    		• Yehia Elghaly
    2023-08-08

    Adlisting Classified Ads 2.14.0 – WebPage Content Information Disclosure
  • webapps
  • php
    		• CraCkEr
    2023-08-04

    Xlight FTP Server 3.9.3.6 – ‘Stack Buffer Overflow’ (DOS)
  • dos
  • windows
    		• Yehia Elghaly
    2023-08-04

    PHPJabbers Service Booking Script 1.0 – Reflected XSS
  • webapps
  • php
    		• CraCkEr
    2023-08-04

    WordPress Plugin Forminator 1.24.6 – Unauthenticated Remote Command Execution
  • webapps
  • php
    		• Mehmet Kelepçe
    2023-08-04

    PHPJabbers Shuttle Booking Software 1.0 – Reflected XSS
  • webapps
  • php
    		• CraCkEr
    2023-08-04

    WordPress adivaha Travel Plugin 2.3 – Reflected XSS
  • webapps
  • php
    		• CraCkEr
    2023-08-04

    JLex GuestBook 1.6.4 – Reflected XSS
  • webapps
  • php
    		• CraCkEr