multiple

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2020-06-04 Cayin Signage Media Player 3.0 – Remote Command Injection (root)
  • webapps
    		•  LiquidWorm
    2020-06-04 Cayin Content Management Server 11.0 – Remote Command Injection (root)
  • webapps
    		•  LiquidWorm
    2020-06-01 VMware vCenter Server 6.7 – Authentication Bypass
  • webapps
    		•  Photubias
    2020-05-29 Crystal Shard http-protection 0.2.0 – IP Spoofing Bypass
  • webapps
    		•  Halis Duraki
    2020-05-28 NOKIA VitalSuite SPM 2020 – ‘UserName’ SQL Injection
  • webapps
    		•  Berk Dusunur
    2020-05-22 WebLogic Server – Deserialization RCE – BadAttributeValueExpException (Metasploit)
  • remote
    		•  Metasploit
    2020-05-21 OpenEDX platform Ironwood 2.5 – Remote Code Execution
  • webapps
    		•  Daniel Monzón
    2020-05-20 BIND – ‘TSIG’ Denial of Service
  • dos
    		•  Teppei Fukuda
    2020-05-18 HP LinuxKI 6.01 – Remote Command Injection
  • remote
    		•  Cody Winkler
    2020-05-11 LibreNMS 1.46 – ‘search’ SQL Injection
  • webapps
    		•  Punt
    2020-05-05 Saltstack 3000.1 – Remote Code Execution
  • remote
    		•  Jasper Lievisse Adriaanse
    2020-05-01 Apache Shiro 1.2.4 – Cookie RememberME Deserial RCE (Metasploit)
  • remote
    		•  Metasploit
    2020-04-24 EspoCRM 5.8.5 – Privilege Escalation
  • webapps
    		•  Besim
    2020-04-16 Apache Solr – Remote Code Execution via Velocity Template (Metasploit)
  • remote
    		•  Metasploit
    2020-04-06 Vesta Control Panel 0.9.8-26 – Authenticated Remote Code Execution (Metasploit)
  • webapps
    		•  Mehmet Ince
    2020-04-06 WhatsApp Desktop 0.3.9308 – Persistent Cross-Site Scripting
  • webapps
    		•  Gal Weizman
    2020-03-31 IBM TM1 / Planning Analytics – Unauthenticated Remote Code Execution (Metasploit)
  • remote
    		•  Metasploit
    2020-03-23 FIBARO System Home Center 5.021 – Remote File Include
  • webapps
    		•  LiquidWorm
    2020-03-23 CyberArk PSMP 10.9.1 – Policy Restriction Bypass
  • remote
    		•  LAHBAL Said
    2020-03-18 Broadcom Wi-Fi Devices – ‘KR00K Information Disclosure
  • remote
    		•  Maurizio S
    2020-03-17 Microsoft VSCode Python Extension – Code Execution
  • local
    		•  Doyensec
    2020-03-17 ManageEngine Desktop Central – Java Deserialization (Metasploit)
  • remote
    		•  Metasploit
    2020-03-09 Counter Strike: GO – ‘.bsp’ Memory Control (PoC)
  • local
    		•  0day enthusiast
    2020-03-09 Google Chrome 80 – JSCreate Side-effect Type Confusion (Metasploit)
  • remote
    		•  Metasploit