multiple

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2019-11-20 FusionPBX – Operator Panel exec.php Command Execution (Metasploit)
  • remote
    		•  Metasploit
    2019-11-11 iMessage – Decoding NSSharedKeyDictionary can read ObjC Object at Attacker Controlled Address
  • dos
    		•  Google Security Research
    2019-11-05 WebKit – Universal XSS in JSObject::putInlineSlow and JSValue::putToPrimitive
  • dos
    		•  Google Security Research
    2019-11-05 JavaScriptCore – Type Confusion During Bailout when Reconstructing Arguments Objects
  • dos
    		•  Google Security Research
    2019-11-01 Nostromo – Directory Traversal Remote Command Execution (Metasploit)
  • remote
    		•  Metasploit
    2019-10-30 JavaScriptCore – GetterSetter Type Confusion During DFG Compilation
  • dos
    		•  Google Security Research
    2019-10-28 WebKit – Universal XSS in HTMLFrameElementBase::isURLAllowed
  • dos
    		•  Google Security Research
    2019-10-22 Total.js CMS 12 – Widget JavaScript Code Injection (Metasploit)
  • remote
    		•  Metasploit
    2019-10-14 WordPress Core < 5.2.3 - Viewing Unauthenticated/Password/Private Posts
  • webapps
    		•  Sebastian Neef
    2019-10-14 Apache Httpd mod_rewrite – Open Redirects
  • webapps
    		•  Sebastian Neef
    2019-10-14 Apache Httpd mod_proxy – Error Page Cross-Site Scripting
  • webapps
    		•  Sebastian Neef
    2019-10-03 AnchorCMS < 0.12.3a - Information Disclosure
  • webapps
    		•  Tijme Gommers
    2019-10-01 WebKit – User-agent Shadow root Leak in WebCore::ReplacementFragment::ReplacementFragment
  • dos
    		•  Google Security Research
    2019-10-01 WebKit – Universal XSS in WebCore::command
  • dos
    		•  Google Security Research
    2019-10-01 WebKit – UXSS Using JavaScript: URI and Synchronous Page Loads
  • dos
    		•  Google Security Research
    2019-10-01 DotNetNuke 9.3.2 – Cross-Site Scripting
  • webapps
    		•  Semen Alexandrovich Lyhin
    2019-10-01 DotNetNuke < 9.4.0 - Cross-Site Scripting
  • webapps
    		•  MaYaSeVeN
    2019-10-01 WebKit – Universal XSS Using Cached Pages
  • dos
    		•  Google Security Research
    2019-09-30 GoAhead 2.5.0 – Host Header Injection
  • remote
    		•  Ramikan
    2019-09-28 PHP 7.1 < 7.3 - 'json serializer' disable_functions Bypass
  • webapps
    		•  mm0r1
    2019-09-23 Gila CMS < 1.11.1 - Local File Inclusion
  • webapps
    		•  Sainadh Jamalpur
    2019-09-09 Enigma NMS 65.0.0 – SQL Injection
  • webapps
    		•  xerubus
    2019-09-09 Enigma NMS 65.0.0 – OS Command Injection
  • webapps
    		•  xerubus
    2019-09-09 Enigma NMS 65.0.0 – Cross-Site Request Forgery
  • webapps
    		•  xerubus