Exploit-Database.net

Exploits (Total: 97937)


Chevereto 3.17.1 - Cross Site Scripting (Stored)				2021-05-12
Splinterware System Scheduler Professional 5.30 - Unquoted Service Path				2021-05-12
Odoo 12.0.20190101 - 'nssm.exe' Unquoted Service Path				2021-05-11
Microweber CMS 1.1.20 - Remote Code Execution (Authenticated)				2021-05-10
Linux/x86 - setreuid(0) + execve("/bin/sh") Shellcode (29 bytes)				2021-05-10
Human Resource Information System 0.1 - 'First Name' Persistent Cross-Site Scripting (Authenticated)				2021-05-10
PHP Timeclock 1.04 - 'Multiple' Cross Site Scripting (XSS)				2021-05-10
TFTP Broadband 4.3.0.1465 - 'tftpt.exe' Unquoted Service Path				2021-05-10
BOOTP Turbo 2.0.0.1253 - 'bootpt.exe' Unquoted Service Path				2021-05-10
DHCP Broadband 4.1.0.1503 - 'dhcpt.exe' Unquoted Service Path				2021-05-10
Timeclock 1.04 - Time and Boolean Based Blind SQL Injection # Date: May 3rd 2021				2021-05-07
Epic Games Rocket League 1.95 - Stack Buffer Overrun				2021-05-07
Human Resource Information System 0.1 - Remote Code Execution (Unauthenticated)				2021-05-07
Voting System 1.0 - Remote Code Execution (Unauthenticated)				2021-05-07
WifiHotSpot 1.0.0.0 - 'WifiHotSpotService.exe' Unquoted Service Path				2021-05-07
Sandboxie 5.49.7 - Denial of Service (PoC)				2021-05-07
Voting System 1.0 - Authentication Bypass (SQLI)				2021-05-07
Sandboxie Plus 0.7.4 - 'SbieSvc' Unquoted Service Path				2021-05-07
Epic Games Easy Anti-Cheat 4.0 - Local Privilege Escalation				2021-05-07
b2evolution 7-2-2 - 'cf_name' SQL Injection				2021-05-06
Wordpress Plugin WP Super Edit 2.5.4 - Remote File Upload				2021-05-06
Schlix CMS 2.2.6-6 - Remote Code Execution (Authenticated)				2021-05-06
Schlix CMS 2.2.6-6 - 'title' Persistent Cross-Site Scripting (Authenticated)				2021-05-06
Anote 1.0 - XSS to RCE				2021-05-05
Markdownify 1.2.0 - XSS to RCE				2021-05-05
Markright 1.0 - XSS to RCE				2021-05-05
Freeter 1.2.1 - XSS to RCE				2021-05-05
StudyMD 0.3.2 - XSS to RCE				2021-05-05
Marky 0.0.1 - XSS to RCE				2021-05-05
Moeditor 0.2.0 - XSS to RCE				2021-05-05
SnipCommand 0.1.0 - XSS to RCE				2021-05-05
Tagstoo 2.0.1 - Stored XSS to RCE				2021-05-05
Xmind 2020 - XSS to RCE				2021-05-05
Markdown Explorer 0.1.1 - XSS to RCE				2021-05-05
Savsoft Quiz 5 - 'User Account Settings' Persistent Cross-Site Scripting				2021-05-05
Internship Portal Management System 1.0 - Remote Code Execution Via File Upload (Unauthenticated)				2021-05-04
GitLab Community Edition (CE) 13.10.3 - 'Sign_Up' User Enumeration				2021-05-03
GitLab Community Edition (CE) 13.10.3 - User Enumeration				2021-05-03
Windows/x64 - Dynamic NoNull Add RDP Admin (BOKU:SP3C1ALM0V3) Shellcode (387 Bytes)				2021-05-03
Windows/x64 - Dynamic Null-Free WinExec PopCalc Shellcode (205 Bytes)				2021-05-03
Piwigo 11.3.0 - 'language' SQL				2021-05-03
Voting System 1.0 - Time based SQLI (Unauthenticated SQL injection)				2021-05-03
GetSimple CMS Custom JS 0.1 - CSRF to XSS to RCE				2021-05-03
GNU Wget < 1.18 - Arbitrary File Upload / Remote Code Execution (2)				2021-04-30
Moodle 3.6.1 - Persistent Cross-Site Scripting (XSS)				2021-04-30
NodeBB Plugin Emoji 3.2.1 - Arbitrary File Write				2021-04-29
Shortcut Hotkey Exploitation - Paper (Hebrew)				2021-04-29
FOGProject 1.5.9 - File Upload RCE (Authenticated)				2021-04-29
Cacti 1.2.12 - 'filter' SQL Injection / Remote Code Execution				2021-04-29
Kirby CMS 3.5.3.1 - 'file' Cross-Site Scripting (XSS)				2021-04-28

Exploits/page:

Page: