Exploit-Database.net

Exploits (Total: 97528)


Netsia SEBA+ 0.16.1 - Authentication Bypass and Add Root User (Metasploit)				2021-01-15
E-Learning System 1.0 - Authentication Bypass & RCE POC				2021-01-15
Alumni Management System 1.0 - "Last Name field in Registration page" Stored XSS				2021-01-15
EyesOfNetwork 5.3 - File Upload Remote Code Execution				2021-01-15
Online Hotel Reservation System 1.0 - 'person' time-based SQL Injection				2021-01-15
Online Hotel Reservation System 1.0 - Cross-site request forgery (CSRF)				2021-01-15
Online Hotel Reservation System 1.0 - 'id' Time-based SQL Injection				2021-01-15
Online Hotel Reservation System 1.0 - 'description' Stored Cross-site Scripting				2021-01-15
WordPress Plugin Easy Contact Form 1.1.7 - 'Name' Stored Cross-Site Scripting (XSS)				2021-01-15
PHP-Fusion CMS 9.03.90 - Cross-Site Request Forgery (Delete admin shoutbox message)				2021-01-15
Cisco RV110W 1.2.1.7 - 'vpn_account' Denial of Service (PoC)				2021-01-14
Laravel 8.4.2 debug mode - Remote code execution				2021-01-14
Online Shopping Cart System 1.0 - 'id' SQL Injection				2021-01-14
Nagios XI 5.7.X - Remote Code Exection RCE (Authenticated)				2021-01-14
Online Movie Streaming 1.0 - Admin Authentication Bypass				2021-01-14
Online Hotel Reservation System 1.0 - Admin Authentication Bypass				2021-01-13
Erlang Cookie - Remote Code Execution				2021-01-13
Practical Insight Into Injections - Paper				2021-01-13
Linux/x86 - bind shell on port 13377 Shellcode (65 bytes)				2021-01-12
SmartAgent 3.1.0 - Privilege Escalation				2021-01-12
Cemetry Mapping and Information System 1.0 - Multiple SQL Injections				2021-01-12
Gila CMS 2.0.0 - Remote Code Execution (Unauthenticated)				2021-01-12
Prestashop 1.7.7.0 - 'id_product' Time Based Blind SQL Injection				2021-01-11
PortableKanban 4.3.6578.38136 - Encrypted Password Retrieval				2021-01-11
OpenCart 3.0.36 - ATO via Cross Site Request Forgery				2021-01-11
WordPress Plugin Custom Global Variables 1.0.5 - 'name' Stored Cross-Site Scripting (XSS)				2021-01-11
Cemetry Mapping and Information System 1.0 - Multiple Stored Cross-Site Scripting				2021-01-11
EyesOfNetwork 5.3 - LFI				2021-01-11
Anchor CMS 0.12.7 - 'markdown' Stored Cross-Site Scripting				2021-01-11
EyesOfNetwork 5.3 - RCE & PrivEsc				2021-01-11
Wordpress Plugin wpDiscuz 7.0.4 - Unauthenticated Arbitrary File Upload (Metasploit)				2021-01-08
WordPress Plugin Autoptimize 2.7.6 - Authenticated Arbitrary File Upload (Metasploit)				2021-01-08
Apache Flink 1.11.0 - Unauthenticated Arbitrary File Read (Metasploit)				2021-01-08
Cockpit Version 234 - Server-Side Request Forgery (Unauthenticated)				2021-01-08
Online Doctor Appointment System 1.0 - Multiple Stored XSS				2021-01-08
Life Insurance Management System 1.0 - Multiple Stored XSS				2021-01-08
dnsrecon 0.10.0 - CSV Injection				2021-01-08
CRUD Operation 1.0 - Multiple Stored XSS				2021-01-07
ECSIMAGING PACS 6.21.5 - SQL injection				2021-01-07
Curfew e-Pass Management System 1.0 - Stored XSS				2021-01-07
Cockpit CMS 0.6.1 - Remote Code Execution				2021-01-07
Employee Record System 1.0 - Unrestricted File Upload to Remote Code Execution				2021-01-07
ECSIMAGING PACS 6.21.5 - Remote code execution				2021-01-07
iBall-Baton WRA150N Rom-0 Backup - File Disclosure (Sensitive Information)				2021-01-07
Sonatype Nexus 3.21.1 - Remote Code Execution (Authenticated)				2021-01-06
H2 Database 1.4.199 - JNI Code Execution				2021-01-06
Gitea 1.7.5 - Remote Code Execution				2021-01-06
PaperStream IP (TWAIN) 1.42.0.5685 - Local Privilege Escalation				2021-01-06
Resumes Management and Job Application Website 1.0 - Multiple Stored XSS				2021-01-06
Resumes Management and Job Application Website 1.0 - RCE (Unauthenticated)				2021-01-06

Exploits/page:

Page: