المساعد الشخصي الرقمي

مشاهدة النسخة كاملة : exploit database


الصفحات : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 [49] 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68

  1. [webapps] - NUUO NVRmini 2 3.0.8 - Local File Disclosure
  2. [webapps] - NUUO NVRmini 2 3.0.8 - (Add Admin) CSRF
  3. [webapps] - NUUO NVRmini 2 3.0.8 - Remote Root Exploit
  4. [dos] - Kodi Web Server 16.1 - Denial of Service
  5. [webapps] - NASdeluxe NDL-2400r 2.01.09 - OS Command Injection
  6. [webapps] - WordPress Count per Day Plugin 3.5.4 - Stored Cross-Site Scripting
  7. [webapps] - Davolink DV-2051 - Multiple Vulnerabilities
  8. [webapps] - PHP Power Browse 1.2 - Directory Traversal
  9. [local] - zFTP Client 20061220 - (Connection Name) Local Buffer Overflow
  10. [webapps] - Subrion CMS 4.0.5 - SQL Injection
  11. [remote] - ntop 2.3
  12. [remote] - NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillanc
  13. [dos] - Wireshark 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 - RLC Dissector Denial of Service
  14. [dos] - Wireshark 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 - WSP Dissector Denial of Service
  15. [dos] - Wireshark 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 - PacketBB Dissector Denial of Se
  16. [dos] - Wireshark 2.0.0 to 2.0.4 - CORBA IDL Dissectors Denial of Service
  17. [dos] - Wireshark 2.0.0 to 2.0.4 - MMSE, WAP, WBXML, and WSP Dissectors Denial of Ser
  18. [dos] - Wireshark 1.12.0 to 1.12.12 - NDS Dissector Denial of Service
  19. [webapps] - Open Upload 0.4.2 - (Add Admin) CSRF
  20. [dos] - Halliburton LogView Pro 9.7.5 - (.cgm/.tif/.tiff/.tifh) Crash PoC
  21. [webapps] - WordPress WP Live Chat Support Plugin 6.2.03 - Stored XSS
  22. [webapps] - WordPress ALO EasyMail Newsletter Plugin 2.9.2 - (Add/Import Arbitrary Su
  23. [webapps] - WordPress Booking Calendar Plugin 6.2 - SQL Injection
  24. [papers] - [Hebrew] Digital Whisper Security Magazine #74
  25. [webapps] - PhpMyAdmin 4.6.2 - Post-Auth Remote Code Execution
  26. [dos] - WebKit - TypedArray.copyWithin Memory Corruption
  27. [webapps] - Trend Micro Deep Discovery 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) - hotf
  28. [shellcode] - Linux/x86 - NetCat Bind Shell with Port (44, 52 bytes)
  29. [remote] - Easy File Sharing Web Server 7.2 - SEH Overflow (Egghunter)
  30. [remote] - Barracuda Web Application Firewall 8.0.1.008 - Post Auth Remote Root Explo
  31. [remote] - Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Post Auth R
  32. [shellcode] - Windows x86 - localhost Port Scanner Shellcode (556 bytes)
  33. [webapps] - Wordpress Ultimate Product Catalog 3.9.8 - (do_shortcode via ajax) Blind
  34. [local] - mySCADAPro 7 - Local Privilege Escalation
  35. [local] - VUPlayer 2.49 - (.pls) Stack Buffer Overflow (DEP Bypass)
  36. [webapps] - AXIS Multiple Products - Authenticated Remote Command Execution via devto
  37. [remote] - Centreon 2.5.3 - Web Useralias Command Execution (Metasploit)
  38. [local] - VMware - Setuid vmware-mount Popen lsb_release Privilege Escalation (VMSA-2
  39. [remote] - Iris ID IrisAccess iCAM4000/iCAM7000 - Hardcoded Credentials Remote Shell
  40. [webapps] - Iris ID IrisAccess ICU 7000-2 - Remote Root Command Execution
  41. [webapps] - Iris ID IrisAccess ICU 7000-2 - Multiple Vulnerabilities
  42. [webapps] - PHP File Vault 0.9 - Directory Traversal
  43. [remote] - Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Post Auth R
  44. [webapps] - Micro Focus Filr 2 2.0.0.421, Filr 1.2 1.2.0.846 - Multiple Vulnerabiliti
  45. [webapps] - Bellini/Supercook Wi-Fi Yumi SC200 - Multiple Vulnerabilities
  46. [webapps] - PHP gettext (gettext.php) 1.0.12 - Unauthenticated Code Execution
  47. [local] - CoolPlayer+ Portable 2.19.6 - .m3u Stack Overflow (Egghunter+ASLR bypass)
  48. [papers] - Cryptshare 3.10.1.2 - Stored XSS
  49. [webapps] - GRR Système de Gestion et de Réservations de Ressources 3.0.0-RC1 - Arbit
  50. [dos] - PHP 7.0.8, 5.6.23 and 5.5.37 - bzread() Out-of-Bounds Write
  51. [webapps] - Ubee EVW3226 Modem/Router 1.0.20 - Multiple Vulnerabilities
  52. [webapps] - Technicolor TC7200 Modem/Router STD6.02.11 - Multiple Vulnerabilities
  53. [webapps] - Hitron CGNV4 Modem/Router 4.3.9.9-SIP-UPC - Multiple Vulnerabilities
  54. [webapps] - Compal CH7465LG-LC Modem/Router CH7465LG-NCIP-4.50.18.13-NOSH - Multiple
  55. [webapps] - CodoForum 3.2.1 - SQL Injection
  56. [local] - Rapid7 AppSpider 6.12 - Local Privilege Escalation
  57. [remote] - Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Remote Comm
  58. [remote] - Barracuda Spam & Virus Firewall 5.1.3.007 - Remote Command Execution (Meta
  59. [local] - MediaCoder 0.8.43.5852 - .m3u SEH Exploit
  60. [webapps] - Drupal CODER Module 2.5 - Remote Command Execution (Metasploit)
  61. [local] - mail.local(8) (NetBSD) - Local Root Exploit (NetBSD-SA2016-006)
  62. [remote] - Apache 2.4.7 & PHP
  63. [papers] - Novel contributions to the field - How I broke MySQL's codebase
  64. [remote] - TFTP Server 1.4 - WRQ Buffer Overflow Exploit (Egghunter)
  65. [shellcode] - Linux/x86-64 - Subtle Probing Reverse Shell, Timer, Burst, Password, Mu
  66. [webapps] - TeamPass Passwords Management System 2.1.26 - Arbitrary File Download
  67. [local] - Wowza Streaming Engine 4.5.0 - Local Privilege Escalation
  68. [webapps] - Wowza Streaming Engine 4.5.0 - Remote Privilege Escalation
  69. [webapps] - Wowza Streaming Engine 4.5.0 - Add Advanced Admin CSRF
  70. [remote] - OpenSSHD
  71. [webapps] - Wowza Streaming Engine 4.5.0 - Multiple XSS
  72. [webapps] - WordPress Video Player Plugin 1.5.16 - SQL Injection
  73. [shellcode] - Linux/CRISv32 - Axis Communication Connect Back Shellcode (189 bytes)
  74. [webapps] - Django CMS 3.3.0 - (Editor Snippet) Persistent XSS
  75. [remote] - Drupal RESTWS Module 7.x - Remote PHP Code Execution (Metasploit)
  76. [shellcode] - Linux/x86 - execve /bin/sh Shellcode (19 bytes)
  77. [webapps] - newsp.eu PHP Calendar Script 1.0 - User Credentials Disclosure
  78. [webapps] - NewsP Free News Script 1.4.7 - User Credentials Disclosure
  79. [papers] - Exploiting Apache James Server 2.3.2
  80. [remote] - Axis Communications MPQT/PACS 5.20.x - Server Side Include (SSI) Daemon Re
  81. [shellcode] - Linux/x86-64 - Syscall Persistent Bind Shell + (Multi-terminal) + Passw
  82. [remote] - Meinberg NTP Time Server ELX800/GPS M4x V5.30p - Remote Command Execution
  83. [WebApps] - vBulletin 5.x/4.x - Persistent XSS in AdminCP/ApiLog via xmlrpc API (Post
  84. [WebApps] - vBulletin 4.x - SQLi in breadcrumbs via xmlrpc API (Post-Auth)
  85. [Local] - Internet Explorer 11 (on Windows 10) - VBScript Memory Corruption Proof-of-
  86. [Remote] - DropBearSSHD
  87. [remote] - OpenSSHD
  88. [webapps] - Clear Voyager Hotspot IMW-C910W - Arbitrary File Disclosure
  89. [webapps] - Joomla Guru Pro (com_guru) Component - SQL Injection
  90. [shellcode] - Linux x86 Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.
  91. [webapps] - Apache Archiva 1.3.9 - Multiple CSRF Vulnerabilities
  92. [remote] - Riverbed SteelCentral NetProfiler/NetExpress Remote Code Execution
  93. [local] - MS16-032 Secondary Logon Handle Privilege Escalation
  94. [dos] - Adobe Flash Player 22.0.0.192 - DefineSprite Memory Corruption
  95. [dos] - Adobe Flash Player 22.0.0.192 - DefineBitsJPEG2 Memory Corruption
  96. [webapps] - GSX Analyzer 10.12 and 11 - Main.swf Hardcoded Superadmin Credentials
  97. [shellcode] - Windows x86 URLDownloadToFileA()+SetFileAttributesA()+WinExec( )+ExitPro
  98. [dos] - Adobe Flash Player 22.0.0.192 - SceneAndFrameData Memory Corruption
  99. [dos] - Adobe Flash Player 22.0.0.192 - TAG Memory Corruption
  100. [webapps] - Clinic Management System - Blind SQL Injection
  101. [webapps] - Beauty Parlour & SPA Saloon Management System - Blind SQL Injection
  102. [webapps] - WordPress All in One SEO Pack Plugin 2.3.6.1 - Persistent XSS
  103. [webapps] - Belkin Router AC1200 Firmware 1.00.27 - Authentication Bypass
  104. [remote] - Ruby on Rails ActionPack Inline ERB Code Execution
  105. [local] - MS16-016 mrxdav.sys WebDav Local Privilege Escalation
  106. [remote] - Tiki Wiki 15.1 - Unauthenticated File Upload Vulnerability (msf)
  107. [dos] - Adobe Flash - ATF Image Packing Overflow
  108. [webapps] - Tiki Wiki CMS 15.0 - Arbitrary File Download
  109. [shellcode] - Linux x86-64 Continuously-Probing Reverse Shell via Socket + Port-range
  110. [webapps] - Streamo Online Radio And TV Streaming CMS - SQL Injection
  111. [webapps] - CyberPower Systems PowerPanel 3.1.2 - XXE Out-Of-Band Data Retrieval
  112. [webapps] - php Real Estate Script 3 - Arbitrary File Disclosure
  113. [shellcode] - Linux x86 TCP Reverse Shellcode - 75 bytes
  114. [dos] - Microsoft WinDbg logviewer.exe - Crash PoC
  115. [dos] - Microsoft Process Kill Utility (kill.exe) 6.3.9600.17298 - Crash PoC
  116. [local] - InstantHMI 6.1 - Privilege Escalation
  117. [local] - Hide.Me VPN Client 1.2.4 - Privilege Escalation
  118. [webapps] - WordPress Lazy Content Slider Plugin 3.4 - (Add Catetory) CSRF
  119. [local] - GE Proficy HMI/SCADA CIMPLICITY 8.2 - Local Privilege Escalation
  120. [webapps] - OPAC KpwinSQL - Multiple Vulnerabilities
  121. [dos] - Core FTP LE 2.2 - Path Field Local Buffer Overflow
  122. [local] - VUPlayer 2.49 - .m3u Buffer Overflow Exploit (Win 7 DEP Bypass)
  123. [remote] - Nagios XI Chained Remote Code Execution
  124. [local] - Samsung Android JACK - Privilege Escalation
  125. [webapps] - OpenFire 3.10.2 - 4.0.1 - Multiple Vulnerabilities
  126. [remote] - GNU Wget < 1.18 - Arbitrary File Upload/Remote Code Execution
  127. [webapps] - PaKnPost Pro 1.14 - Multiple Vulnerabilities
  128. [webapps] - Advanced Webhost Billing System (AWBS) 2.9.6 - Multiple Vulnerabilities
  129. [shellcode] - Linux 64bit Ncat Shellcode (SSL, MultiChannel, Persistant, Fork, IPv4/6
  130. [webapps] - 24online SMS_2500i 8.3.6 build 9.0 - SQL Injection
  131. [webapps] - CIMA DocuClass ECM - Multiple Vulnerabilities
  132. [shellcode] - Linux x86 TCP Bind Shell Port 4444 - 98 bytes
  133. [webapps] - eCardMAX 10.5 - Multiple Vulnerabilities
  134. [webapps] - WebCalendar 1.2.7 - Multiple Vulnerabilities
  135. [webapps] - WordPress Real3D FlipBook Plugin - Multiple Vulnerabilities
  136. [local] - Debian Exim - Spool Local Root Privilege Escalation
  137. [local] - Ubuntu 16.04 Kernel 4.4.0-21-generic - netfilter target_offset Local root E
  138. [shellcode] - Linux 64bit NetCat Bind Shell Shellcode - 64 bytes
  139. [webapps] - Ktools Photostore 4.7.5 - Multiple Vulnerabilities
  140. [webapps] - XpoLog Center 6 - Remote Command Execution CSRF
  141. [local] - Ubuntu 16.04 local root exploit - netfilter target_offset OOB
  142. [webapps] - Phoenix Exploit Kit - Remote Code Execution
  143. [webapps] - Ktools Photostore 4.7.5 - Blind SQL Injection
  144. [webapps] - Concrete5 5.7.3.1 - (Application::dispatch) Local File Inclusion
  145. [webapps] - Ubiquiti Administration Portal - CSRF to Remote Command Execution
  146. [local] - Cuckoo Sandbox Guest 2.0.1 - XMLRPC Privileged Remote Code Execution
  147. [webapps] - WordPress Ultimate Membership Pro Plugin 3.3 - SQL Injection
  148. [local] - Lenovo ThinkPad - System Management Mode Arbitrary Code Execution Exploit
  149. [local] - Windows 7 SP1 x86 - Privilege Escalation (MS16-014)
  150. [dos] - Symantec Antivirus - Missing Bounds Checks in dec2zip ALPkOldFormatDecompress
  151. [dos] - Symantec Antivirus - Integer Overflow in TNEF Decoder
  152. [dos] - Symantec Antivirus - Heap Overflow Modifying MIME Messages
  153. [dos] - Symantec Antivirus - Remote Stack Buffer Overflow in dec2lha Library
  154. [dos] - Symantec Antivirus - Multiple Remote Memory Corruption Unpacking RAR
  155. [webapps] - Untangle NGFW 12.1.0 beta - execEvil() Command Injection
  156. [shellcode] - Linux x86_64 /etc/passwd File Sender Shellcode
  157. [webapps] - Riverbed SteelCentral NetProfiler & NetExpress 10.8.7 - Multiple Vulnerab
  158. [webapps] - SugarCRM 6.5.18 - PHP Code Injection
  159. [shellcode] - Linux x86 /bin/sh Shellcode + ASLR Bruteforce
  160. [local] - HNB 1.9.18-10 - Local Buffer Overflow
  161. [webapps] - BigTree CMS 4.2.11 - SQL Injection
  162. [local] - PInfo 0.6.9-5.1 - Local Buffer Overflow
  163. [webapps] - iBilling 3.7.0 - Stored and Reflected XSS
  164. [webapps] - MyLittleForum 2.3.5 - PHP Command Injection
  165. [local] - Panda Security Multiple Products - Privilege Escalation
  166. [webapps] - Kagao 3.0 - Multiple Vulnerabilities
  167. [webapps] - Option CloudGate CG0192-11897 - Multiple Vulnerabilities
  168. [dos] - Magnet Networks Tesley CPVA 642 Router – Weak WPA-PSK Passphrase Algorithm
  169. [webapps] - XuezhuLi FileSharing - Directory Traversal
  170. [webapps] - XuezhuLi FileSharing - (Add User) CSRF
  171. [webapps] - FinderView - Multiple Vulnerabilities
  172. [shellcode] - Linux Netcat Reverse Shell - 32bit - 77 bytes
  173. [webapps] - Getsimple CMS 3.3.10 - Arbitrary File Upload
  174. [webapps] - Alibaba Clone B2B Script - Arbitrary File Disclosure
  175. [papers] - [Hebrew] Digital Whisper Security Magazine #73
  176. [local] - Linux Kernel
  177. [remote] - PCMAN FTP 2.0.7 - ls Command Buffer Overflow (Metasploit)
  178. [papers] - [Hebrew] Digital Whisper Security Magazine #71
  179. [papers] - [Hebrew] Digital Whisper Security Magazine #72
  180. [remote] - Wolf CMS 0.8.2 - Arbitrary File Upload Exploit (Metasploit)
  181. [shellcode] - Windows x86 ShellExecuteA(NULL,NULL,"cmd.exe",NULL,NULL,1) Shellcode
  182. [webapps] - Radiant CMS 1.1.3 - Mutiple Persistent XSS Vulnerabilities
  183. [webapps] - YetiForce CRM < 3.1 - Persistent XSS
  184. [webapps] - SAP NetWeaver AS JAVA 7.1 - 7.5 - Directory Traversal
  185. [webapps] - SAP NetWeaver AS JAVA 7.1 - 7.5 - ctcprotocol Servlet XXE
  186. [dos] - Windows - Custom Font Disable Policy Bypass
  187. [local] - Linux - ecryptfs and /proc/$pid/environ Privilege Escalation
  188. [dos] - Windows Kernel - ATMFD.DLL NamedEscape 0x250C Pool Corruption (MS16-074)
  189. [dos] - Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap-Based Out-o
  190. [dos] - Internet Explorer 11 - Garbage Collector Attribute Type Confusion (MS16-063)
  191. [webapps] - Joomla Publisher Pro (com_publisher) Component - SQL Injection
  192. [webapps] - Yona CMS - (Add Admin) CSRF
  193. [webapps] - IonizeCMS 1.0.8 - (Add Admin) CSRF
  194. [dos] - Banshee 2.6.2 - .mp3 Crash PoC
  195. [remote] - DarkComet Server Remote File Download Exploit (msf)
  196. [local] - ACROS Security 0patch 2016.05.19.539 - (0PatchServicex64.exe) Unquoted Serv
  197. [webapps] - Symphony CMS 2.6.7 - Session Fixation
  198. [webapps] - Airia - Webshell Upload Exploit
  199. [webapps] - Airia - (Add content) CSRF
  200. [local] - Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow (msf)
  201. [shellcode] - Windows XP - 10 - Download & Execute Shellcode
  202. [webapps] - Premium SEO Pack 1.9.1.3 - wp_options Overwrite
  203. [webapps] - Joomla BT Media (com_bt_media) Component - SQL Injection
  204. [webapps] - sNews CMS 1.7.1 - Multiple Vulnerabilities
  205. [shellcode] - Linux x86_64 execve Shellcode - 15 bytes
  206. [webapps] - WordPress Ultimate Product Catalog Plugin 3.8.1 - Privilege Escalation
  207. [remote] - op5 v7.1.9 Configuration Command Execution
  208. [webapps] - phpATM 1.32 - Multiple Vulnerabilities
  209. [webapps] - phpATM 1.32 - Remote Command Execution (Shell Upload) on Windows Servers
  210. [webapps] - Vicidial 2.11 - Scripts Stored XSS
  211. [webapps] - WordPress Gravity Forms Plugin 1.8.19 - Arbitrary File Upload
  212. [dos] - Blat 3.2.14 - Stack Overflow
  213. [local] - Solarwinds Virtualization Manager - Privilege Escalation
  214. [webapps] - Tiki-Wiki CMS Calendar 14.2, 12.5 LTS, 9.11 LTS, and 6.15 - Remote Code E
  215. [webapps] - SlimCMS 0.1 - CSRF (Change Admin Password)
  216. [webapps] - Roxy Fileman 1.4.4 - Arbitrary File Upload
  217. [webapps] - ATCOM PBX IP01, IP08 , IP4G, IP2G4A - Authentication Bypass
  218. [shellcode] - Linux/Windows/BSD x86_64 execve("/bin//sh", {"//bin/sh", "-c", "cmd"},
  219. [shellcode] - Linux x86 TCP Bind Shell Port 4444 (656 bytes)
  220. [shellcode] - Linux x86_64 Shellcode Null-Free Reverse TCP Shell
  221. [shellcode] - Linux/x86 - Bindshell with Configurable Port - 87 bytes
  222. [shellcode] - Linux x86_64 - Reverse Shell Shellcode
  223. [dos] - Google Chrome - GPU Process MailboxManagerImpl Double-Read
  224. [dos] - Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (2)
  225. [dos] - Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (1)
  226. [remote] - Bomgar Remote Support Unauthenticated Code Execution (msf)
  227. [webapps] - PHPLive 4.4.8 - 4.5.4 - Password Recovery SQL Injection
  228. [webapps] - jbFileManager - Directory Traversal
  229. [webapps] - BookingWizz Booking System < 5.5 - Multiple Vulnerabilities
  230. [local] - AdobeUpdateService 3.6.0.248 - Unquoted Service Path Privilege Escalation
  231. [webapps] - Joomla En Masse (com_enmasse) Component 5.1 - 6.4 - SQL Injection
  232. [webapps] - Dokeos 2.2.1 - Blind SQL Injection
  233. [webapps] - Hyperoptic (Tilgin) Router HG23xx - Multiple Vulnerabilities
  234. [webapps] - w2wiki - Multiple XSS Vulnerabilities
  235. [webapps] - Ultrabenosaurus ChatBoard - CSRF (Send Message)
  236. [webapps] - Ultrabenosaurus ChatBoard - Stored XSS
  237. [dos] - Oracle Orakill.exe 11.2.0 - Buffer Overflow
  238. [webapps] - WordPress Social Stream Plugin 1.5.15 - wp_options Overwrite
  239. [dos] - Oracle Orakill.exe 11.2.0 - Buffer Overflow
  240. [remote] - Apache Continuum Arbitrary Command Execution
  241. [dos] - Foxit PDF Reader 1.0.1.0925 - CFX_BaseSegmentedArray::IterateIndex Memory Cor
  242. [dos] - Foxit PDF Reader 1.0.1.0925 -kdu_core::kdu_codestream::get_subsampling Memory
  243. [dos] - Foxit PDF Reader 1.0.1.0925 - CFX_WideString::operator= Invalid Read
  244. [dos] - Foxit PDF Reader 1.0.1.0925 - CPDF_DIBSource::TranslateScanline24bpp Out-of-B
  245. [dos] - Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentPa
  246. [dos] - iSQL 1.0 - isql_main.c Buffer Overflow PoC
  247. [local] - iSQL 1.0 - Shell Command Injection
  248. [webapps] - Zabbix 2.2 - 3.0.3 - RCE with API JSON-RPC
  249. [webapps] - Joomla PayPlans (com_payplans) Extension 3.3.6 - SQL Injection
  250. [webapps] - Grid Gallery 1.0 - Admin Panel Authentication Bypass