multiple

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2022-03-16 Apache APISIX 2.12.1 – Remote Code Execution (RCE)
  • remote
    		•  Ven3xy
    2022-03-14 Baixar GLPI Project 9.4.6 – SQLi
  • webapps
    		•  Prof. Joas Antonio
    2022-03-11 Tdarr 2.00.15 – Command Injection
  • remote
    		•  Sam Smith
    2022-03-07 Hasura GraphQL 2.2.0 – Information Disclosure
  • webapps
    		•  Dolev Farhi
    2022-03-02 Zyxel ZyWALL 2 Plus Internet Security Appliance – Cross-Site Scripting (XSS)
  • webapps
    		•  Momen Eldawakhly
    2022-02-28 Casdoor 1.13.0 – SQL Injection (Unauthenticated)
  • webapps
    		•  Mayank Deshmukh
    2022-02-21 Thinfinity VirtualUI 2.5.26.2 – Information Disclosure
  • webapps
    		•  Daniel Morales
    2022-02-21 Thinfinity VirtualUI 2.5.41.0 – IFRAME Injection
  • webapps
    		•  Daniel Morales
    2022-02-18 Fortinet Fortimail 7.0.1 – Reflected Cross-Site Scripting (XSS)
  • webapps
    		•  Braiant Giraldo Villa
    2022-02-16 ServiceNow – Username Enumeration
  • webapps
    		•  Victor Hanna
    2022-02-08 FileBrowser 2.17.2 – Cross Site Request Forgery (CSRF) to Remote Code Execution (RCE)
  • webapps
    		•  FEBIN MON SAJI
    2022-02-04 Servisnet Tessa – Add sysAdmin User (Unauthenticated) (Metasploit)
  • webapps
    		•  AkkuS
    2022-02-04 Servisnet Tessa – MQTT Credentials Dump (Unauthenticated) (Metasploit)
  • webapps
    		•  AkkuS
    2022-02-04 Servisnet Tessa – Privilege Escalation (Metasploit)
  • webapps
    		•  AkkuS
    2022-01-05 BeyondTrust Remote Support 6.0 – Reflected Cross-Site Scripting (XSS) (Unauthenticated)
  • webapps
    		•  Malcrove
    2022-01-05 ConnectWise Control 19.2.24707 – Username Enumeration
  • remote
    		•  Luca Cuzzolin
    2021-12-16 Cibele Thinfinity VirtualUI 2.5.41.0 – User Enumeration
  • webapps
    		•  Daniel Morales
    2021-12-09 Grafana 8.3.0 – Directory Traversal and Arbitrary File Read
  • webapps
    		•  s1gh
    2021-11-29 orangescrum 1.8.0 – ‘Multiple’ Cross-Site Scripting (XSS) (Authenticated)
  • webapps
    		•  Hubert Wojciechowski
    2021-11-29 orangescrum 1.8.0 – ‘Multiple’ SQL Injection (Authenticated)
  • webapps
    		•  Hubert Wojciechowski
    2021-11-29 orangescrum 1.8.0 – Privilege escalation (Authenticated)
  • webapps
    		•  Hubert Wojciechowski
    2021-11-26 Bagisto 1.3.3 – Client-Side Template Injection
  • webapps
    		•  Mohamed Abdellatif Jaber
    2021-11-23 FLEX 1085 Web 1.6.0 – HTML Injection
  • webapps
    		•  Mr Empy
    2021-11-23 Webrun 3.6.0.42 – ‘P_0’ SQL Injection
  • webapps
    		•  Vinicius Alves