Exploit-Database.net

Exploits (Total: 97839)


PrestaShop 1.7.6.7 - 'location' Blind Sql Injection				2021-04-09
Linux Kernel 5.4 - 'BleedingTooth' Bluetooth Zero-Click Remote Code Execution				2021-04-08
Composr 10.0.36 - Remote Code Execution				2021-04-08
DMA Radius Manager 4.4.0 - Cross-Site Request Forgery (CSRF)				2021-04-08
CMSimple 5.2 - 'External' Stored XSS				2021-04-08
Dell OpenManage Server Administrator 9.4.0.0 - Arbitrary File Read				2021-04-07
Composr CMS 10.0.36 - Cross Site Scripting				2021-04-07
Atlassian Jira Service Desk 4.9.1 - Unrestricted File Upload to XSS				2021-04-07
Mini Mouse 9.3.0 - Local File inclusion / Path Traversal				2021-04-06
Google Chrome 81.0.4044 V8 - Remote Code Execution				2021-04-06
Google Chrome 86.0.4240 V8 - Remote Code Execution				2021-04-06
Mini Mouse 9.2.0 - Path Traversal				2021-04-05
Mini Mouse 9.2.0 - Remote Code Execution				2021-04-05
OpenEMR 4.1.0 - 'u' SQL Injection				2021-04-05
Basic Shopping Cart 1.0 - Authentication Bypass				2021-04-05
Simple Food Website 1.0 - Authentication Bypass				2021-04-05
Rockstar Service - Insecure File Permissions				2021-04-05
F5 BIG-IP 16.0.x - iControl REST Remote Code Execution (Unauthenticated)				2021-04-02
ZBL EPON ONU Broadband Router 1.0 - Remote Privilege Escalation				2021-04-02
phpPgAdmin 7.13.0 - COPY FROM PROGRAM Command Execution (Authenticated)				2021-04-01
ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (2)				2021-04-01
ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (1)				2021-04-01
Latrix 0.6.0 - 'txtaccesscode' SQL Injection				2021-04-01
CourseMS 2.1 - 'name' Stored XSS				2021-03-31
DD-WRT 45723 - UPNP Buffer Overflow (PoC)				2021-03-31
Zabbix 3.4.7 - Stored XSS				2021-03-31
Openlitespeed 1.7.9 - 'Notes' Stored Cross-Site Scripting				2021-03-30
GetSimple CMS 3.3.16 - Reflected XSS to RCE				2021-03-30
SyncBreeze 10.1.16 - XML Parsing Stack-based Buffer Overflow				2021-03-29
Novel Boutique House-plus 3.5.1 - Arbitrary File Download				2021-03-29
Budget Management System 1.0 - 'Budget title' Stored XSS				2021-03-29
Equipment Inventory System 1.0 - 'multiple' Stored XSS				2021-03-29
Concrete5 8.5.4 - 'name' Stored XSS				2021-03-29
TP-Link Devices - 'setDefaultHostname' Stored Cross-site Scripting (Unauthenticated)				2021-03-29
vsftpd 3.0.3 - Remote Denial of Service				2021-03-29
WordPress Plugin WP Super Cache 1.7.1 - Remote Code Execution (Authenticated)				2021-03-29
Exploiting XXE to SSRF - Paper				2021-03-29
Apache Ghostcat CVE 2020-1938 - Paper				2021-03-29
Moodle 3.10.3 - 'label' Persistent Cross Site Scripting				2021-03-29
Regis Inventory And Monitoring System 1.0 - 'Item List' Stored XSS				2021-03-29
GetSimple CMS Custom JS Plugin 0.1 - CSRF to Persistent XSS				2021-03-29
Dolibarr ERP/CRM 11.0.4 - File Upload Restrictions Bypass (Authenticated RCE)				2021-03-29
Genexis Platinum-4410 P4410-V2-1.31A - 'start_addr' Persistent Cross-Site Scripting				2021-03-29
Linksys EA7500 2.0.8.194281 - Cross-Site Scripting				2021-03-29
Ovidentia 6 - 'id' SQL injection (Authenticated)				2021-03-29
Ext2Fsd v0.68 - 'Ext2Srv' Unquoted Service Path				2021-03-29
Codiad 2.8.4 - Remote Code Execution (Authenticated)				2021-03-29
Elodea Event Collector 4.9.3 - 'ElodeaEventCollectorService' Unquoted Service Path				2021-03-29
ActivIdentity 8.2 - 'ac.sharedstore' Unquoted Service Path				2021-03-29
ELAN Touchpad 15.2.13.1_X64_WHQL - 'ETDService' Unquoted Service Path				2021-03-29

Exploits/page:

Page: