multiple

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2024-10-01 reNgine 2.2.0 – Command Injection (Authenticated)
  • webapps
    		•  Caner Tercan
    2024-08-28 NoteMark < 0.13.0 - Stored XSS
  • webapps
    		•  Alessio Romano (sfoffo)
    2024-08-28 Gitea 1.22.0 – Stored XSS
  • webapps
    		•  Catalin Iovita, Alexandru Postolache
    2024-08-23 Calibre-web 0.6.21 – Stored XSS
  • webapps
    		•  Catalin Iovita, Alexandru Postolache
    2024-08-04 Ivanti vADC 9.9 – Authentication Bypass
  • webapps
    		•  ohnoisploited
    2024-06-26 SolarWinds Platform 2024.1 SR1 – Race Condition
  • webapps
    		•  Elhussain Fathy
    2024-06-03 Sitefinity 15.0 – Cross-Site Scripting (XSS)
  • webapps
    		•  Aldi Saputra Wahyudi
    2024-05-31 changedetection < 0.45.20 - Remote Code Execution (RCE)
  • webapps
    		•  Zach Crosman (zcrosman)
    2024-05-13 CrushFTP < 11.1.0 - Directory Traversal
  • remote
    		•  Abdualhadi khalifa
    2024-05-08 iboss Secure Web Gateway – Stored Cross-Site Scripting (XSS)
  • webapps
    		•  modrnProph3t
    2024-04-12 PrusaSlicer 2.6.1 – Arbitrary code execution
  • local
    		•  Kamil Breński
    2024-03-28 Broken Access Control – on NodeBB v3.6.7
  • webapps
    		•  Vibhor Sharma
    2024-03-28 Asterisk AMI – Partial File Content & Path Disclosure (Authenticated)
  • remote
    		•  Sean Pesce
    2024-03-25 Nagios XI Version 2024R1.01 – SQL Injection
  • webapps
    		•  Jarod Jaslow (MAWK)
    2024-03-18 Atlassian Confluence < 8.5.3 - Remote Code Execution
  • webapps
    		•  MaanVader
    2024-03-16 vm2 – sandbox escape
  • local
    		•  Calil Khalil
    2024-03-12 SnipeIT 6.2.1 – Stored Cross Site Scripting
  • webapps
    		•  Shahzaib Ali Khan
    2024-03-12 VMware Cloud Director 10.5 – Bypass identity verification
  • remote
    		•  Abdualhadi khalifa
    2024-03-12 OSGi v3.7.2 (and below) Console – RCE
  • webapps
    		•  Andrzej Olchawa, Milenko Starcik
    2024-03-12 OSGi v3.8-3.18 Console – RCE
  • webapps
    		•  Andrzej Olchawa, Milenko Starcik
    2024-03-11 Adobe ColdFusion versions 2018,15 (and earlier) and 2021,5 and earlier – Arbitrary File Read
  • webapps
    		•  Youssef Muhammad
    2024-03-03 Easywall 0.3.1 – Authenticated Remote Command Execution
  • webapps
    		•  Melvin Mejia
    2024-03-03 A-PDF All to MP3 Converter 2.0.0 – DEP Bypass via HeapCreate + HeapAlloc
  • local
    		•  George Washington
    2024-03-03 Magento ver. 2.4.6 – XSLT Server Side Injection
  • webapps
    		•  tmrswrr