Exploit-Database.net

Exploits (Total: 98721)


Affiliate Pro 1.7 - 'Multiple' Cross Site Scripting (XSS)				2022-01-19
Rocket LMS 1.1 - Persistent Cross Site Scripting (XSS)				2022-01-19
uDoctorAppointment v2.1.1 - 'Multiple' Cross Site Scripting (XSS)				2022-01-19
Creston Web Interface 1.0.0.2159 - Credential Disclosure				2022-01-18
Nyron 1.0 - SQLi (Unauthenticated)				2022-01-18
Simple Chatbot Application 1.0 - 'message' Blind SQLi				2022-01-18
Simple Chatbot Application 1.0 - Remote Code Execution (RCE)				2022-01-18
OpenBMCS 2.4 - Information Disclosure				2022-01-18
OpenBMCS 2.4 - Server Side Request Forgery (SSRF) (Unauthenticated)				2022-01-18
OpenBMCS 2.4 - Create Admin / Remote Privilege Escalation				2022-01-18
OpenBMCS 2.4 - SQLi (Authenticated)				2022-01-18
OpenBMCS 2.4 - Cross Site Request Forgery (CSRF)				2022-01-18
Online Resort Management System 1.0 - SQLi (Authenticated)				2022-01-18
Archeevo 5.0 - Local File Inclusion				2022-01-18
WorkTime 10.20 Build 4967 - Unquoted Service Path				2022-01-18
WordPress Core 5.8.2 - 'WP_Query' SQL Injection				2022-01-17
Online Diagnostic Lab Management System 1.0 - SQL Injection (Unauthenticated)				2022-01-17
Online Diagnostic Lab Management System 1.0 - Stored Cross Site Scripting (XSS)				2022-01-17
Online Diagnostic Lab Management System 1.0 - Account Takeover (Unauthenticated)				2022-01-17
SalonERP 3.0.1 - 'sql' SQL Injection (Authenticated)				2022-01-17
Hospitals Patient Records Management System 1.0 - 'doctors' Stored Cross Site Scripting (XSS)				2022-01-17
Hospitals Patient Records Management System 1.0 - 'room_list' Stored Cross Site Scripting (XSS)				2022-01-17
Hospitals Patient Records Management System 1.0 - 'room_types' Stored Cross Site Scripting (XSS)				2022-01-17
WordPress Plugin Frontend Uploader 1.3.2 - Stored Cross Site Scripting (XSS) (Unauthenticated)				2022-01-12
Microsoft Windows Defender - Detections Bypass				2022-01-12
Microsoft Windows .Reg File - Dialog Spoof / Mitigation Bypass				2022-01-12
CoreFTP Server build 725 - Directory Traversal (Authenticated)				2022-01-10
Open-AudIT Community 4.2.0 - Cross-Site Scripting (XSS) (Authenticated)				2022-01-10
VUPlayer 2.49 - '.wax' Local Buffer Overflow (DEP Bypass)				2022-01-10
Online Railway Reservation System 1.0 - 'Multiple' Stored Cross Site Scripting (XSS) (Unauthenticated)				2022-01-10
Online Railway Reservation System 1.0 - Admin Account Creation (Unauthenticated)				2022-01-10
Online Railway Reservation System 1.0 - Remote Code Execution (RCE) (Unauthenticated)				2022-01-10
Online Railway Reservation System 1.0 - 'id' SQL Injection (Unauthenticated)				2022-01-10
HTTP Commander 3.1.9 - Stored Cross Site Scripting (XSS)				2022-01-10
Online Veterinary Appointment System 1.0 - 'Multiple' SQL Injection				2022-01-07
WordPress Plugin AAWP 3.16 - 'tab' Reflected Cross Site Scripting (XSS) (Authenticated)				2022-01-05
Automox Agent 32 - Local Privilege Escalation				2022-01-05
Projeqtor v9.3.1 - Stored Cross Site Scripting (XSS)				2022-01-05
Gerapy 0.9.7 - Remote Code Execution (RCE) (Authenticated)				2022-01-05
Dixell XWEB 500 - Arbitrary File Write				2022-01-05
TermTalk Server 3.24.0.2 - Arbitrary File Read (Unauthenticated)				2022-01-05
openSIS Student Information System 8.0 - 'multiple' SQL Injection				2022-01-05
Vodafone H-500-s 3.5.10 - WiFi Password Disclosure				2022-01-05
Terramaster TOS 4.2.15 - Remote Code Execution (RCE) (Unauthenticated)				2022-01-05
Virtual Airlines Manager 2.6.2 - 'multiple' SQL Injection				2022-01-05
TRIGONE Remote System Monitor 3.61 - Unquoted Service Path				2022-01-05
BeyondTrust Remote Support 6.0 - Reflected Cross-Site Scripting (XSS) (Unauthenticated)				2022-01-05
Hospitals Patient Records Management System 1.0 - Account TakeOver				2022-01-05
Hospitals Patient Records Management System 1.0 - 'id' SQL Injection (Authenticated)				2022-01-05
AWebServer GhostBuilding 18 - Denial of Service (DoS)				2022-01-05

Exploits/page:

Page: