multiple

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2021-09-23 Gurock Testrail 7.2.0.3014 – ‘files.md5’ Improper Access Control
  • webapps
    		•  Sick Codes
    2021-09-22 Cloudron 6.2 – ‘returnTo ‘ Cross Site Scripting (Reflected)
  • webapps
    		•  Akıner Kısa
    2021-09-20 T-Soft E-Commerce 4 – change ‘admin credentials’ Cross-Site Request Forgery (CSRF)
  • webapps
    		•  Alperen Ergel
    2021-09-06 Antminer Monitor 0.5.0 – Authentication Bypass
  • webapps
    		•  Vulnz
    2021-09-02 WPanel 4.3.1 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  Sentinal920
    2021-08-30 Strapi CMS 3.0.0-beta.17.4 – Remote Code Execution (RCE) (Unauthenticated)
  • webapps
    		•  Musyoka Ian
    2021-08-30 Strapi 3.0.0-beta.17.7 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  David Utón
    2021-08-30 Strapi 3.0.0-beta – Set Password (Unauthenticated)
  • webapps
    		•  David Anglada
    2021-08-30 ZesleCP 3.1.9 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  numan türle
    2021-08-27 CyberPanel 2.1 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  numan türle
    2021-08-26 ProcessMaker 3.5.4 – Local File inclusion
  • webapps
    		•  Ai Ho
    2021-08-12 Altova MobileTogether Server 7.3 – XML External Entity Injection (XXE)
  • webapps
    		•  RedTeam Pentesting GmbH
    2021-08-10 Cockpit CMS 0.11.1 – ‘Username Enumeration & Password Reset’ NoSQL Injection
  • webapps
    		•  Brian Ombongi
    2021-08-05 GFI Mail Archiver 15.1 – Telerik UI Component Arbitrary File Upload (Unauthenticated)
  • webapps
    		•  Amin Bohio
    2021-07-29 Oracle Fatwire 6.3 – Multiple Vulnerabilities
  • webapps
    		•  J. Francisco Bolivar
    2021-07-26 Elasticsearch ECE 7.13.3 – Anonymous Database Dump
  • webapps
    		•  Joan Martinez
    2021-07-23 ElasticSearch 7.13.3 – Memory disclosure
  • webapps
    		•  r0ny
    2021-07-13 Apache Tomcat 9.0.0.M1 – Open Redirect
  • webapps
    		•  Central InfoSec
    2021-07-13 Apache Tomcat 9.0.0.M1 – Cross-Site Scripting (XSS)
  • webapps
    		•  Central InfoSec
    2021-07-08 Wyomind Help Desk 1.3.6 – Remote Code Execution (RCE)
  • webapps
    		•  Patrik Lantz
    2021-07-06 Visual Tools DVR VX16 4.2.28.0 – OS Command Injection (Unauthenticated)
  • webapps
    		•  Andrea D\'Ubaldo
    2021-07-06 perfexcrm 1.10 – ‘State’ Stored Cross-site scripting (XSS)
  • webapps
    		•  Alhasan Abbas
    2021-07-02 Scratch Desktop 3.17 – Remote Code Execution
  • webapps
    		•  Stig Magnus Baugstø
    2021-07-01 Vianeos OctoPUS 5 – ‘login_user’ SQLi
  • webapps
    		•  Audencia Business SCHOOL Red Team