المساعد الشخصي الرقمي

مشاهدة النسخة كاملة : exploit database


الصفحات : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 [42] 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62

  1. [webapps] - e-Soft24 Jokes Portal Script Seo 1.3 - Authentication Bypass
  2. [webapps] - MC Smart Shop Script - SQL Injection
  3. [webapps] - MC Buy and Sell Cars Script 1.1 - SQL Injection
  4. [webapps] - MC Yellow Pages Script - SQL Injection
  5. [webapps] - MC Real Estate Pro Script - Improper Access Restrictions
  6. [webapps] - MC Hosting Coupons Script - Cross-Site Request Forgery
  7. [webapps] - MC Inventory Manager Script - Multiple Vulnerabilities
  8. [webapps] - MC Coming Soon Script - Arbitrary File Upload / Improper Access Restricti
  9. [webapps] - My Private Tutor Website Script - Authentication Bypass
  10. [webapps] - Hindu Matrimonial Script - Authentication Bypass
  11. [webapps] - Just Dial Marketplace Script - Authentication Bypass
  12. [webapps] - Entrepreneur Matrimonial Script - Authentication Bypass
  13. [webapps] - Open Source Real-Estate Script - SQL Injection
  14. [webapps] - Inout StickBoard 1.0 Script - Improper Access Restrictions
  15. [webapps] - Inout Search Engine Ultimate Edition 7.0/8.0 Script - Improper Access Res
  16. [dos] - Mozilla Firefox < 50.1.0 - Use After Free
  17. [remote] - Cisco Firepower Management Console 6.0 - Post Authentication UserAdd
  18. [webapps] - Zeroshell 3.6.0/3.7.0 Net Services - Remote Code Execution
  19. [local] - aSc Timetables 2017 - Buffer Overflow
  20. [webapps] - Airbnb Clone Script - Arbitrary File Upload
  21. [webapps] - School Management Software 2.75 - SQL Injection
  22. [webapps] - Penny Auction Script - Arbitrary File Upload
  23. [webapps] - ECommerce-TIBSECART - Arbitrary File Upload
  24. [webapps] - ECommerce-Multi-Vendor Software - Arbitrary File Upload
  25. [webapps] - Job Portal Script 9.11 - Authentication Bypass
  26. [webapps] - Online Food Delivery 2.04 - Authentication Bypass
  27. [webapps] - Dating Script 3.25 - SQL Injection
  28. [webapps] - Travel Portal Script 9.33 - SQL Injection
  29. [webapps] - Movie Portal Script 7.35 - SQL Injection
  30. [dos] - Boxoft Wav 1.0 - Buffer Overflow
  31. [papers] - OpenSSL - Weak KDF
  32. [webapps] - Starting Page 1.3 - 'category' Parameter SQL Injection
  33. [webapps] - My link trader 1.1 - 'id' Parameter SQL Injection
  34. [dos] - Adobe Flash Player 24.0.0.186 - 'ActionGetURL2' Out-of-Bounds Memory Corrupti
  35. [dos] - Adobe Flash Player 24.0.0.186 - 'ActionGetURL2' Out-of-Bounds Memory Corrupti
  36. [webapps] - WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 - Privile
  37. [webapps] - FMyLife Clone Script (Pro Edition) 1.1 - Cross-Site Request Forgery (Add
  38. [webapps] - Starting Page 1.3 - SQL Injection
  39. [remote] - DiskBoss Enterprise 7.5.12 - 'POST' Buffer Overflow (SEH)
  40. [webapps] - Friends in War Make or Break 1.7 - 'imgid' Parameter SQL Injection
  41. [webapps] - My Php Dating 2.0 - 'id' Parameter SQL Injection
  42. [webapps] - My Php Dating 2.0 - SQL Injection
  43. [webapps] - Splunk 6.1.1 - 'Referer' Header Cross-Site Scripting
  44. [webapps] - My Link Trader 1.1 - Authentication Bypass
  45. [local] - Advanced Desktop Locker 6.0.0 - Lock Screen Bypass
  46. [webapps] - DirectAdmin 1.50.1 - Denial of Service
  47. [dos] - Brave Browser 1.2.16/1.9.56 - Address Bar URL Spoofing
  48. [dos] - Google Android max86902 Driver - 'sysfs' Interfaces Race Condition
  49. [papers] - Web App Penetration Testing - Local File Inclusion (LFI)
  50. [remote] - Microsoft Windows 10 Edge - 'chakra.dll' Info Leak / Type Confusion Remote
  51. [webapps] - Atlassian Confluence Jira 5.9.12 - Persistent Cross-Site Scripting
  52. [local] - Kaspersky 17.0.0 - Local CA root is Incorrectly Protected
  53. [webapps] - My Click Counter 1.0 - Authentication Bypass
  54. [webapps] - PHPMailer < 5.2.20 / SwiftMailer
  55. [dos] - QNAP NAS Devices - Heap Overflow
  56. [remote] - Internet Download Accelerator 6.10.1.1527 - FTP Buffer Overflow (SEH)
  57. [papers] - [Hebrew] Digital Whisper Security Magazine #79
  58. [shellcode] - Windows x64 - Password Protected Bind Shellcode (825 bytes)
  59. [webapps] - Zend Framework / zend-mail < 2.4.11 - Remote Code Execution
  60. [webapps] - WordPress Plugin Slider Templatic Tevolution
  61. [webapps] - Dell SonicWALL Global Management System GMS 8.1 - Blind SQL Injection
  62. [webapps] - Dell SonicWALL Secure Mobile Access SMA 8.1 - Cross-Site Scripting / Cros
  63. [local] - Android - get_user/put_user Exploit (Metasploit)
  64. [webapps] - Joomla! Component aWeb Cart Watching System for Virtuemart 2.6.0 - SQL In
  65. [webapps] - PHPMailer < 5.2.18 - Remote Code Execution (Python)
  66. [webapps] - SwiftMailer < 5.4.5-DEV - Remote Code Execution
  67. [webapps] - WordPress Plugin Simply Poll 1.4.1 - SQL Injection
  68. [webapps] - PHPMailer < 5.2.20 - Remote Code Execution
  69. [webapps] - PHPMailer < 5.2.18 - Remote Code Execution (PHP)
  70. [webapps] - PHPMailer 5.2.17 - Remote Code Execution
  71. [local] - Wampserver 3.0.6 - Insecure File Permissions Privilege Escalation
  72. [dos] - FTPShell Server 6.36 - '.csv' Local Denial of Service
  73. [webapps] - Joomla! Component Blog Calendar - SQL Injection
  74. [dos] - XAMPP Control Panel - Denial Of Service
  75. [local] - OpenSSH < 7.4 - 'UsePrivilegeSeparation Disabled' Forwarded Unix Domain Soc
  76. [remote] - OpenSSH < 7.4 - agent Protocol Arbitrary Library Loading
  77. [webapps] - Apache mod_session_crypto - Padding Oracle
  78. [dos] - Microsoft Internet Explorer 11 MSHTML - CPaste*Command::Convert*Bitmapto*Png
  79. [local] - Vesta Control Panel 0.9.8-16 - Local Privilege Escalation
  80. [dos] - MacOS 10.12 - Double vm_deallocate in Userspace MIG Code Use-After-Free
  81. [dos] - MacOS < 10.12.2 / iOS < 10.2 Kernel - ipc_port_t Reference Count Leak Due to
  82. [local] - MacOS < 10.12.2 / iOS < 10.2 Kernel - _kernelrpc_mach_port_insert_right_tra
  83. [local] - MacOS < 10.12.2 / iOS < 10.2 - Broken Kernel Mach Port Name uref Handling P
  84. [dos] - MacOS 10.12.1 / iOS < 10.2 - powerd Arbitrary Port Replacement
  85. [dos] - MacOS 10.12.1 / iOS < 10.2 - syslogd Arbitrary Port Replacement
  86. [dos] - MacOS Kernel 10.12.1 - Writable Privileged IOKit Registry Properties Code Exe
  87. [local] - IBM AIX 6.1/7.1/7.2 - 'Bellmail' Privilege Escalation
  88. [remote] - NETGEAR WNR2000v5 - Remote Code Execution
  89. [dos] - Microsoft Edge - SIMD.toLocaleString Uninitialized Memory (MS16-145)
  90. [dos] - Microsoft Edge - Internationalization Initialization Type Confusion (MS16-144
  91. [dos] - Microsoft Internet Explorer 11 MSHTML - CSplice*Tree*Engine::Remove*Splice Us
  92. [dos] - Google Android - WifiNative::setHotlist Stack Overflow
  93. [webapps] - WordPress Plugin 404 Redirection Manager 1.0 - SQL Injection
  94. [dos] - Google Chrome < 31.0.1650.48 - HTTP 1xx base::String*Tokenizer*T::Quick*Get*N
  95. [local] - Naenara Browser 3.5 (RedStar 3.0 Desktop) - 'JACKRABBIT' Client-Side Comman
  96. [local] - RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock)
  97. [shellcode] - Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode (72 byte
  98. [dos] - Orthanc DICOM Server 1.1.0 - Memory Corruption
  99. [local] - iOS 10.1.1 / macOS 10.12 16A323 XNU Kernel - set_dp_control_port Lack of Lo
  100. [dos] - OsiriX DICOM Viewer 8.0.1 - Memory Corruption
  101. [dos] - ConQuest DICOM Server 1.4.17d - Stack Buffer Overflow
  102. [dos] - DCMTK 3.6.0 storescp - Stack Buffer Overflow
  103. [papers] - [Hebrew] Digital Whisper Security Magazine #75
  104. [local] - FortiClient SSLVPN 5.4 - Credentials Disclosure
  105. [dos] - PHP 7.0 - JsonSerializable::jsonSerialize json_encode Local Denial of Service
  106. [webapps] - ZKTeco ZKAccess Security System 5.3.1 - Persistent Cross-Site Scripting
  107. [webapps] - ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authorization Bypass
  108. [webapps] - ZKTeco ZKBioSecurity 3.0 - Directory Traversal
  109. [webapps] - ZKTeco ZKBioSecurity 3.0 - (Add Superadmin) Cross-Site Request Forgery
  110. [webapps] - ZKTeco ZKBioSecurity 3.0 - Hardcoded Credentials Remote SYSTEM Code Execu
  111. [local] - ZKTeco ZKAccess Professional 3.5.3 - Insecure File Permissions Privilege Es
  112. [local] - ZKTeco ZKTime.Net 3.0.1.6 - Insecure File Permissions Privilege Escalation
  113. [dos] - PHP 7.0 - AppendIterator::append Local Denial of Service
  114. [dos] - PHP 5.0.0 - snmpset() Local Denial of Service
  115. [dos] - PHP 5.0.0 - fbird_[p]connect() Local Denial of Service
  116. [dos] - PHP 5.0.0 - snmpwalkoid() Local Denial of Service
  117. [dos] - PHP 5.0.0 - html_doc_file() Local Denial of Service
  118. [dos] - PHP 5.0.0 - hw_docbyanchor() Local Denial of Service
  119. [dos] - PHP 5.0.0 - imap_mail() Local Denial of Service
  120. [webapps] - FreePBX 13.0.35 - SQL Injection
  121. [dos] - Adobe Flash - MovieClip Transform Getter Use-After-Free
  122. [dos] - Adobe Flash - Use-After-Free When Returning Rectangle
  123. [dos] - Adobe Flash - Stage.align Setter Use-After-Free
  124. [dos] - Adobe Flash - BitmapData.copyPixels Use-After-Free
  125. [dos] - Adobe Flash - Selection.setFocus Use-After-Free
  126. [webapps] - PLC Wireless Router GPN2.4P21-C-CN - Arbitrary File Disclosure
  127. [papers] - [Persian] Android Security and Forensic Science
  128. [webapps] - HelpDeskZ 1.0.2 - Unauthenticated Shell Upload
  129. [webapps] - INTELLINET IP Camera INT-L100M20N - Unauthorized admin Credential Change
  130. [dos] - PHP 7.0 - Object Cloning Local Denial of Service
  131. [dos] - PHP 5.0.0 - domxml_open_file() Local Denial of Service
  132. [local] - NScan 0.9.1 - (Target) Buffer Overflow
  133. [dos] - Goron Webserver 2.0 - Multiple Vulnerabilities
  134. [webapps] - FreePBX 13.0.35 - Remote Command Execution
  135. [remote] - Phoenix Exploit Kit - Remote Code Execution (Metasploit)
  136. [webapps] - chatNow - Multiple Vulnerabilities
  137. [webapps] - SimplePHPQuiz - Blind SQL Injection
  138. [dos] - Eye of Gnome 3.10.2 - GMarkup Out of Bounds Write
  139. [webapps] - WordPress Mail Masta Plugin 1.0 - Local File Inclusion
  140. [dos] - ObiHai ObiPhone 1032/1062 < 5-0-0-3497 - Multiple Vulnerabilities
  141. [webapps] - WordPress 4.5.3 - Directory Traversal / Denial of Service
  142. [papers] - Hunting HTML 5 postMessage Vulnerabilities
  143. [webapps] - Sakai 10.7 - Multiple Vulnerabilities
  144. [webapps] - VideoIQ Camera - Local File Disclosure
  145. [webapps] - Honeywell IP-Camera HICC-1100PT - Local File Disclosure
  146. [webapps] - JVC IP-Camera VN-T216VPRU - Local File Disclosure
  147. [webapps] - Vanderbilt IP-Camera CCPW3025-IR, CVMW3025-IR - Local File Disclosure
  148. [webapps] - Fortigate Firewalls - Remote Code Execution (EGREGIOUSBLUNDER)
  149. [remote] - TOPSEC Firewalls - Remote Exploit (ELIGIBLEBACHELOR)
  150. [webapps] - TOPSEC Firewalls - Remote Code Execution (ELIGIBLEBOMBSHELL)
  151. [webapps] - TOPSEC Firewalls - Remote Code Execution (ELIGIBLECANDIDATE)
  152. [webapps] - TOPSEC Firewalls - Remote Code Execution (ELIGIBLECONTESTANT)
  153. [local] - Cisco ASA / PIX - Privilege Escalation (EPICBANANA)
  154. [local] - WatchGuard Firewalls - ifconfig Privilege Escalation (ESCALATEPLOWMAN)
  155. [webapps] - tcPbX - (tcpbx_lang) Local File Inclusion
  156. [webapps] - MESSOA IP Cameras (Multiple Models) - Unauthenticated Password Change
  157. [webapps] - ZYCOO IP Phone System - Remote Command Execution
  158. [local] - Windows - Fileless UAC Protection Bypass Privilege Escalation (Metasploit)
  159. [webapps] - MESSOA IP-Camera NIC990 - Auth Bypass / Configuration Download
  160. [webapps] - TOSHIBA IP-Camera IK-WP41A - Auth Bypass / Configuration Download
  161. [webapps] - C2S DVR Management IRDOME-II-C2S, IRBOX-II-C2S, DVR - Credentials Disclos
  162. [webapps] - JVC IP-Camera VN-T216VPRU - Credentials Disclosure
  163. [webapps] - Vanderbilt IP-Camera CCPW3025-IR, CVMW3025-IR - Credentials Disclosure
  164. [webapps] - SIEMENS IP Cameras (Multiple Models) - Credential Disclosure / Configurat
  165. [remote] - Cisco ASA 8.X - Authentication Bypass (EXTRABACON)
  166. [webapps] - Honeywell IP-Camera HICC-1100PT - Credentials Disclosure
  167. [webapps] - SIEMENS IP Camera CCMW1025 x.2.2.1798 - Remote Admin Credentials Change
  168. [shellcode] - Windows x86 - InitiateSystemShutdownA() Shellcode (599 bytes)
  169. [dos] - Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap-Based Buffer Overf
  170. [webapps] - SIEMENS IP-Camera CVMS2025-IR, CCMS2025 - Credentials Disclosure
  171. [dos] - Internet Explorer - MSHTML!CMultiReadStreamLifetimeManager::ReleaseThr eadStat
  172. [webapps] - Nagios Incident Manager 2.0.0 - Multiple Vulnerabilities
  173. [webapps] - Nagios Network Analyzer 2.2.0 - Multiple Vulnerabilities
  174. [webapps] - Nagios Log Server 1.4.1 - Multiple Vulnerabilities
  175. [webapps] - Pi-Hole Web Interface 2.8.1 - Stored XSS in Whitelist/Blacklist
  176. [webapps] - Lepton CMS 2.2.0 / 2.2.1 - PHP Code Injection
  177. [webapps] - Lepton CMS 2.2.0 / 2.2.1 - Directory Traversal
  178. [shellcode] - Windows x86 - CreateProcessA cmd.exe Shellcode (253 bytes)
  179. [shellcode] - Windows x86 - MessageBoxA Shellcode (242 bytes)
  180. [papers] - [Turkish] Drupal Coder Vulnerability Analysis & MSF Module Dev
  181. [dos] - Google Chrome 26.0.1410.43 (Webkit) - OBJECT Element Use After Free PoC
  182. [webapps] - WSO2 Carbon 4.4.5 - (Denial of Service) CSRF
  183. [webapps] - WSO2 Carbon 4.4.5 - Stored XSS
  184. [webapps] - WSO2 Carbon 4.4.5 - Local File Inclusion
  185. [webapps] - WSO2 Identity Server 5.1.0 - Multiple Vulnerabilities
  186. [dos] - Microsoft Office Word 2013,2016 - sprmSdyaTop Denial of Service (MS16-099)
  187. [webapps] - Zabbix 2.2.x, 3.0.x - SQL Injection
  188. [webapps] - GitLab - "impersonate" Feature Privilege Escalation
  189. [remote] - Samsung Smart Home Camera SNH-P-6410 - Command Injection
  190. [remote] - Easy FTP Server - "APPE" Command Buffer Overflow Remote Exploit
  191. [remote] - Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Sca
  192. [webapps] - FreePBX 13 / 14 - Remote Code Execution
  193. [webapps] - ColoradoFTP 1.3 Prime Edition (Build 8) - Directory Traversal
  194. [local] - EyeLock Myris 3.3.2 - SDK Service Unquoted Service Path Privilege Escalatio
  195. [webapps] - vBulletin 5.2.2 - Preauth Server Side Request Forgery (SSRF)
  196. [webapps] - EyeLock nano NXT 3.5 - Local File Disclosure
  197. [webapps] - EyeLock nano NXT 3.5 - Remote Root Exploit
  198. [dos] - SAP SAPCAR - Multiple Vulnerabilities
  199. [webapps] - WebNMS Framework Server 5.2 and 5.2 SP1 - Multiple Vulnerabilities
  200. [dos] - Microsoft Office Word 2007,2010,2013,2016 - Out-of-Bounds Read Remote Code Ex
  201. [webapps] - Nagios Network Analyzer 2.2.1 - Multiple CSRF
  202. [shellcode] - Linux/x86 - zsh TCP Bind Shell Port 9090 (96 bytes)
  203. [shellcode] - Linux/x86 - zsh Reverse TCP Shellcode port 9090 (80 bytes)
  204. [webapps] - WordPress Add From Server Plugin < 3.3.2 - (File Upload) CSRF
  205. [webapps] - phpCollab CMS 2.5 - (emailusers.php) SQL Injection
  206. [local] - Microsoft Windows Group Policy - Privilege Escalation (MS16-072)
  207. [webapps] - Navis WebAccess - SQL Injection
  208. [remote] - Drupal Module Coder < 7.x-1.3 / 7.x-2.6 - Remote Code Execution Exploit (S
  209. [webapps] - NUUO NVRmini 2 3.0.8 - (strong_user.php) Backdoor Remote Shell Access
  210. [webapps] - NUUO NVRmini 2 3.0.8 - Arbitrary File Deletion
  211. [webapps] - NUUO NVRmini 2 3.0.8 - ShellShock Remote Code Execution
  212. [webapps] - NUUO NVRmini 2 3.0.8 - Multiple OS Command Injection
  213. [webapps] - NUUO NVRmini 2 3.0.8 - Local File Disclosure
  214. [webapps] - NUUO NVRmini 2 3.0.8 - (Add Admin) CSRF
  215. [webapps] - NUUO NVRmini 2 3.0.8 - Remote Root Exploit
  216. [dos] - Kodi Web Server 16.1 - Denial of Service
  217. [webapps] - NASdeluxe NDL-2400r 2.01.09 - OS Command Injection
  218. [webapps] - WordPress Count per Day Plugin 3.5.4 - Stored Cross-Site Scripting
  219. [webapps] - Davolink DV-2051 - Multiple Vulnerabilities
  220. [webapps] - PHP Power Browse 1.2 - Directory Traversal
  221. [local] - zFTP Client 20061220 - (Connection Name) Local Buffer Overflow
  222. [webapps] - Subrion CMS 4.0.5 - SQL Injection
  223. [remote] - ntop 2.3
  224. [remote] - NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillanc
  225. [dos] - Wireshark 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 - RLC Dissector Denial of Service
  226. [dos] - Wireshark 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 - WSP Dissector Denial of Service
  227. [dos] - Wireshark 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 - PacketBB Dissector Denial of Se
  228. [dos] - Wireshark 2.0.0 to 2.0.4 - CORBA IDL Dissectors Denial of Service
  229. [dos] - Wireshark 2.0.0 to 2.0.4 - MMSE, WAP, WBXML, and WSP Dissectors Denial of Ser
  230. [dos] - Wireshark 1.12.0 to 1.12.12 - NDS Dissector Denial of Service
  231. [webapps] - Open Upload 0.4.2 - (Add Admin) CSRF
  232. [dos] - Halliburton LogView Pro 9.7.5 - (.cgm/.tif/.tiff/.tifh) Crash PoC
  233. [webapps] - WordPress WP Live Chat Support Plugin 6.2.03 - Stored XSS
  234. [webapps] - WordPress ALO EasyMail Newsletter Plugin 2.9.2 - (Add/Import Arbitrary Su
  235. [webapps] - WordPress Booking Calendar Plugin 6.2 - SQL Injection
  236. [papers] - [Hebrew] Digital Whisper Security Magazine #74
  237. [webapps] - PhpMyAdmin 4.6.2 - Post-Auth Remote Code Execution
  238. [dos] - WebKit - TypedArray.copyWithin Memory Corruption
  239. [webapps] - Trend Micro Deep Discovery 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) - hotf
  240. [shellcode] - Linux/x86 - NetCat Bind Shell with Port (44, 52 bytes)
  241. [remote] - Easy File Sharing Web Server 7.2 - SEH Overflow (Egghunter)
  242. [remote] - Barracuda Web Application Firewall 8.0.1.008 - Post Auth Remote Root Explo
  243. [remote] - Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Post Auth R
  244. [shellcode] - Windows x86 - localhost Port Scanner Shellcode (556 bytes)
  245. [webapps] - Wordpress Ultimate Product Catalog 3.9.8 - (do_shortcode via ajax) Blind
  246. [local] - mySCADAPro 7 - Local Privilege Escalation
  247. [local] - VUPlayer 2.49 - (.pls) Stack Buffer Overflow (DEP Bypass)
  248. [webapps] - AXIS Multiple Products - Authenticated Remote Command Execution via devto
  249. [remote] - Centreon 2.5.3 - Web Useralias Command Execution (Metasploit)
  250. [local] - VMware - Setuid vmware-mount Popen lsb_release Privilege Escalation (VMSA-2