Exploits (Total: 94451)

    
    
    
Pydio / AjaXplorer < 5.0.4 - Unauthenticated Arbitrary File Upload
2019-01-18
Microsoft Edge Chakra - 'JsBuiltInEngineInterfaceExtensionObject::InjectJsBuiltInLibraryCode' Use-After-Free
2019-01-18
Microsoft Edge Chakra - 'InitClass' Type Confusion
2019-01-18
Microsoft Edge Chakra - 'NewScObjectNoCtor' or 'InitProto' Type Confusion
2019-01-18
Microsoft Edge Chakra - 'InlineArrayPush' Type Confusion
2019-01-18
Webmin 1.900 - Remote Command Execution (Metasploit)
2019-01-18
Joomla! Core 3.9.1 - Persistent Cross-Site Scripting in Global Configuration Textfilter Settings
2019-01-18
FastTube 1.0.1.0 - Denial of Service (PoC)
2019-01-18
VPN Browser+ 1.1.0.0 - Denial of Service (PoC)
2019-01-18
7 Tik 1.0.1.0 - Denial of Service (PoC)
2019-01-18
Eco Search 1.0.2.0 - Denial of Service (PoC)
2019-01-18
One Search 1.1.0.0 - Denial of Service (PoC)
2019-01-18
Watchr 1.1.0.0 - Denial of Service (PoC)
2019-01-18
SCP Client - Multiple Vulnerabilities (SSHtranger Things)
2019-01-18
phpTransformer 2016.9 - Directory Traversal
2019-01-18
phpTransformer 2016.9 - SQL Injection
2019-01-18
SeoToaster Ecommerce / CRM / CMS 3.0.0 - Local File Inclusion
2019-01-18
Check Point ZoneAlarm 8.8.1.110 - Local Privilege Escalation
2019-01-17
Microsoft Windows CONTACT - Remote Code Execution
2019-01-17
Oracle Reports Developer Component 12.2.1.3 - Cross-site Scripting
2019-01-17
blueman - set_dhcp_handler D-Bus Privilege Escalation (Metasploit)
2019-01-16
Microsoft Windows 10 - XmlDocument Insecure Sharing Privilege Escalation
2019-01-16
Microsoft Windows 10 - 'RestrictedErrorInfo' Unmarshal Section Handle Use-After-Free
2019-01-16
WebKit JSC JIT - GetIndexedPropertyStorage Use-After-Free
2019-01-16
Blueimp's jQuery File Upload 9.22.0 - Arbitrary File Upload Exploit
2019-01-16
Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory in Invalid Array Length
2019-01-16
Coship Wireless Router 4.0.0.48 / 4.0.0.40 / 5.0.0.54 / 5.0.0.55 / 10.0.0.49 - Unauthenticated Admin Password Reset
2019-01-16
GL-AR300M-Lite 2.27 - Authenticated Command Injection / Arbitrary File Download / Directory Traversal
2019-01-16
NTPsec 1.1.2 - 'config' Authenticated Out-of-Bounds Write Denial of Service (PoC)
2019-01-16
NTPsec 1.1.2 - 'ntp_control' Authenticated NULL Pointer Dereference (PoC)
2019-01-16
NTPsec 1.1.2 - 'ntp_control' Out-of-Bounds Read (PoC)
2019-01-16
NTPsec 1.1.2 - 'ctl_getitem' Out-of-Bounds Read (PoC)
2019-01-16
ShoreTel / Mitel Connect ONSITE 19.49.5200.0 - Remote Code Execution
2019-01-16
doorGets CMS 7.0 - Arbitrary File Download
2019-01-16
Roxy Fileman 1.4.5 - Arbitrary File Download
2019-01-16
FortiGate FortiOS < 6.0.3 - LDAP Credential Disclosure
2019-01-16
Spotify 1.0.96.181 - 'Proxy configuration' Denial of Service (PoC)
2019-01-16
Windows Debugging 101
2019-01-15
[Portuguese] Reverse Engineering 101 using Radare2
2019-01-15
Windows Privilege Escalations
2019-01-15
An Internal Pentest Audit Against Active Directory
2019-01-15
PHP Source Code Analysis
2019-01-15
PoC || GTFO 0x16
2019-01-15
PoC || GTFO 0x15
2019-01-15
PoC || GTFO 0x14
2019-01-15
PoC || GTFO 0x13
2019-01-15
PoC || GTFO 0x12
2019-01-15
PoC || GTFO 0x11
2019-01-15
PoC || GTFO 0x10
2019-01-15
ownDMS 4.7 - SQL Injection
2019-01-15
Microsoft Windows VCF - Remote Code Execution
2019-01-15
Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) Shellcode (100 bytes)
2019-01-15
1Password < 7.0 - Denial of Service
2019-01-15
AudioCode 400HD - Command Injection
2019-01-14
Portier Vision 4.4.4.2 / 4.4.4.6 - SQL Injection
2019-01-14
Microsoft Windows 10 - COM Desktop Broker Privilege Escalation
2019-01-14
Microsoft Windows 10 - Browser Broker Cross Session Privilege Escalation
2019-01-14
Microsoft Windows 10 - DSSVC MoveFileInheritSecurity Privilege Escalation
2019-01-14
Microsoft Windows 10 - DSSVC CanonicalAndValidateFilePath Security Feature Bypass
2019-01-14
Microsoft Windows 10 - DSSVC DSOpenSharedFile Arbitrary File Delete Privilege Escalation
2019-01-14
Microsoft Windows 10 - DSSVC DSOpenSharedFile Arbitrary File Open Privilege Escalation
2019-01-14
Microsoft Windows 10 - SSPI Network Authentication Session 0 Privilege Escalation
2019-01-14
Dokany 1.2.0.1000 - Stack-Based Buffer Overflow Privilege Escalation
2019-01-14
Bigcart - Ecommerce Multivendor System 1.0 - SQL Injection
2019-01-14
Umbraco CMS 7.12.4 - Authenticated Remote Code Execution
2019-01-14
Job Portal Platform 1.0 - SQL Injection
2019-01-14
Real Estate Custom Script 2.0 - SQL Injection
2019-01-14
ThinkPHP 5.X - Remote Command Execution
2019-01-14
Hucart CMS 5.7.4 - Cross-Site Request Forgery (Add Administrator Account)
2019-01-14
HealthNode Hospital Management System 1.0 - SQL Injection
2019-01-14
Lenovo R2105 - Cross-Site Request Forgery (Command Execution)
2019-01-14
Cleanto 5.0 - SQL Injection
2019-01-14
Find a Place CMS Directory 1.5 - SQL Injection
2019-01-14
Craigs Classified Ads CMS Theme 1.0.2 - SQL Injection
2019-01-14
Hootoo HT-05 - Remote Code Execution (Metasploit)
2019-01-14
xorg-x11-server < 1.20.3 - Local Privilege Escalation (Solaris 11 inittab)
2019-01-14
Live Call Support Widget 1.5 - Remote Code Execution / SQL Injection
2019-01-14
Live Call Support Widget 1.5 - Cross-Site Request Forgery (Add Admin)
2019-01-14
Twilio WEB To Fax Machine System Application 1.0 - SQL Injection
2019-01-14
Modern POS 1.3 - SQL Injection
2019-01-14
Modern POS 1.3 - Arbitrary File Download
2019-01-14
Horde Imp - 'imap_open' Remote Command Execution
2019-01-14
i-doit CMDB 1.12 - SQL Injection
2019-01-14
i-doit CMDB 1.12 - Arbitrary File Download
2019-01-14
Across DR-810 ROM-0 - Backup File Disclosure
2019-01-14
Luminance Studio 2.17 - Denial of Service (PoC)
2019-01-11
Blob Studio 2.17 - Denial of Service (PoC)
2019-01-11
Liquid Studio 2.17 - Denial of Service (PoC)
2019-01-11
Pixel Studio 2.17 - Denial of Service (PoC)
2019-01-11
Paint Studio 2.17 - Denial of Service (PoC)
2019-01-11
Tree Studio 2.17 - Denial of Service (PoC)
2019-01-11
Selfie Studio 2.17 - Denial of Service (PoC)
2019-01-11
Windows/x86 - Download With Tftp And Execute Shellcode (51-60 bytes)(msvcrt.system)(Generator)
2019-01-11
Joomla! Component JoomCRM 1.1.1 - SQL Injection
2019-01-11
Joomla! Component JoomProject 1.1.3.2 - Information Disclosure
2019-01-11
Code Blocks 17.12 - Local Buffer Overflow (SEH) (Unicode)
2019-01-11
Adapt Inventory Management System 1.0 - SQL Injection
2019-01-11
OpenSource ERP 6.3.1. - SQL Injection
2019-01-10
eBrigade ERP 4.5 - SQL Injection
2019-01-10
Event Locations 1.0.1 - 'id' SQL Injection
2019-01-10
Event Calendar 3.7.4 - 'id' SQL Injection
2019-01-10
MLMPro 1.0 - SQL Injection
2019-01-10
Architectural 1.0 - 'email' SQL Injection
2019-01-10
Shield CMS 2.2 - 'email' SQL Injection
2019-01-10
doitX 1.0 - 'search' SQL Injection
2019-01-10
Matrix MLM Script 1.0 - Information Disclosure
2019-01-10
eBrigade ERP 4.5 - Arbitrary File Download
2019-01-10
PEAR Archive_Tar < 1.4.4 - PHP Object Injection
2019-01-10
RGui 3.5.0 - Local Buffer Overflow (SEH)(DEP Bypass)
2019-01-10
BlogEngine 3.3 - XML External Entity Injection
2019-01-09
polkit - Temporary auth Hijacking via PID Reuse and Non-atomic Fork
2019-01-09
Microsoft Windows - DSSVC CheckFilePermission Arbitrary File Deletion
2019-01-09
Linux/x86 - wget chmod execute over execve /bin/sh -c Shellcode (119 bytes)
2019-01-09
ZTE MF65 BD_HDV6MF65V1.0.0B05 - Cross-Site Scripting
2019-01-09
Microsoft Office SharePoint Server 2016 - Denial of Service (Metasploit)
2019-01-09
Heatmiser Wifi Thermostat 1.7 - Cross-Site Request Forgery (Update Admin)
2019-01-09
Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory. Denial of Service (PoC)
2019-01-09
Microsoft Windows - Windows Error Reporting Local Privilege Escalation
2019-01-09
MDwiki < 0.6.2 - Cross-Site Scripting
2019-01-09
Wireshark - 'get_t61_string' Heap Out-of-Bounds Read
2019-01-08
Dolibarr ERP-CRM 8.0.4 - 'rowid' SQL Injection
2019-01-08
CF Image Hosting Script 1.6.5 - (Delete all Pictures) Privilege Escalation
2019-01-08
KioWare Server Version 4.9.6 - Weak Folder Permissions Privilege Escalation
2019-01-07
Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS)
2019-01-07
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - JS/HTML Code Injection
2019-01-07
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - Cross-Site Request Forgery
2019-01-07
Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service (PoC)
2019-01-07
SpotFTP Password Recover 2.4.2 - 'Name' Denial of Service (PoC)
2019-01-07
BlueAuditor 1.7.2.0 - 'Key' Denial of Service (PoC)
2019-01-07
Ajera Timesheets 9.10.16 - Deserialization of Untrusted Data
2019-01-07
Roxy Fileman 1.4.5 - Unrestricted File Upload / Directory Traversal
2019-01-07
MyT Project Management 1.5.1 - 'Charge[group_total]' SQL Injection
2019-01-07
Wordpress Plugin UserPro < 4.9.21 - User Registration Privilege Escalation
2019-01-07
phpMoAdmin MongoDB GUI 1.1.5 - Cross-Site Request Forgery / Cross-Site Scripting
2019-01-07
PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Scripting
2019-01-07
MyBB OUGC Awards Plugin 1.8.3 - Persistent Cross-Site Scripting
2019-01-07
LayerBB 1.1.1 - Persistent Cross-Site Scripting
2019-01-07
Microsoft Edge 44.17763.1.0 - NULL Pointer Dereference
2019-01-07
All in One Video Downloader 1.2 - Authenticated SQL Injection
2019-01-07
Embed Video Scripts - Persistent Cross-Site Scripting
2019-01-07
Mailcleaner - Authenticated Remote Code Execution (Metasploit)
2019-01-07
Hashicorp Consul - Remote Command Execution via Services API (Metasploit)
2019-01-02
Hashicorp Consul - Remote Command Execution via Rexec (Metasploit)
2019-01-02
WebKit JSC - 'JSArray::shiftCountWithArrayStorage' Out-of-Bounds Read/Write
2019-01-02
WebKit JSC - 'AbstractValue::set' Use-After-Free
2019-01-02
Ayukov NFTP FTP Client 2.0 - Buffer Overflow
2019-01-02
NetworkSleuth 3.0.0.0 - 'Key' Denial of Service (PoC)
2019-01-02
EZ CD Audio Converter 8.0.7 - Denial of Service (PoC)
2019-01-02
Frog CMS 0.9.5 - Cross-Site Scripting
2019-01-02
WordPress Plugin Adicon Server 1.2 - 'selectedPlace' SQL Injection
2019-01-02
Vtiger CRM 7.1.0 - Remote Code Execution
2019-01-02
NBMonitor Network Bandwidth Monitor 1.6.5.0 - 'Name' Denial of Service (PoC)
2019-01-02
PLC Wireless Router GPN2.4P21-C-CN Cross Site Scripting Vulnerability
2018-12-27
Terminal Services Manager 3.1 - Local Buffer Overflow (SEH) Exploit
2018-12-27
bludit Pages Editor 3.0.0 - Arbitrary File Upload Vulnerability
2018-12-27
Craft CMS 3.0.25 - Cross-Site Scripting Vulnerability
2018-12-27
MAGIX Music Editor 3.1 - Buffer Overflow (SEH) Exploit
2018-12-27
ShareAlarmPro 2.1.4 - Denial of Service Exploit
2018-12-27
NetShareWatcher 1.5.8 - Denial of Service Exploit
2018-12-27
Product Key Explorer 4.0.9 - Denial of Service Exploit
2018-12-27
WordPress Audio Record 1.0 Plugin - Arbitrary File Upload Vulnerability
2018-12-27
WordPress Baggage Freight Shipping Australia 0.1.0 Plugin - Arbitrary File Upload
2018-12-27
Iperius Backup 5.8.1 - Buffer Overflow (SEH) Exploit
2018-12-27
Linux/x64 - Disable ASLR Security Shellcode (93 Bytes)
2018-12-27
Linux/x86 - Kill All Processes Shellcode (14 bytes)
2018-12-27
Google Chrome 70 - SQLite Magellan Crash Exploit
2018-12-27
Microsoft Windows - MsiAdvertiseProduct Arbitrary File Copy/Read Exploit
2018-12-27
FrontAccounting 2.4.5 - SubmitUser SQL Injection Vulnerability
2018-12-27
WSTMart 2.0.8 - Cross-Site Scripting Vulnerability
2018-12-27
WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin) Vulnerability
2018-12-27
PhpSpreadsheet < 1.5.0 - XML External Entity (XXE) Vulnerability
2018-12-27
Kubernetes - (Unauthenticated) Arbitrary Requests Exploit
2018-12-27
Kubernetes - (Authenticated) Arbitrary Requests Exploit
2018-12-27
Adobe Flash ActiveX Plugin 28.0.0.137 - Remote Code Execution Exploit
2018-12-27
phpMyAdmin 4.8.4 - AllowArbitraryServer Arbitrary File Read Exploit
2018-12-27
Keybase keybase-redirector - ($PATH) Local Privilege Escalation Exploit
2018-12-27
ASUS Aura Sync versions 1.07.22 Driver Privilege Escalation Exploit
2018-12-27
Juniper Secure Access SSL VPN Privilege Escalation Vulnerability
2018-12-27
ZeusCart 4.0 - Cross-Site Request Forgery (Deactivate Customer Accounts) Vulnerability
2018-12-27
Microsoft Windows - MsiAdvertiseProduct Arbitrary File Read Exploit
2018-12-27
Microsoft Edge 42.17134.1.0 - Tree::ANode::DocumentLayout Denial of Service Exploit
2018-12-27
VBScript - MSXML Execution Policy Bypass Exploit
2018-12-27
VBScript - VbsErase Reference Leak Use-After-Free Exploit
2018-12-27
XMPlay 3.8.3 - .m3u Local Stack Overflow Code Execution Exploit
2018-12-27
AnyBurn 4.3 - Local Buffer Overflow (SEH) Exploit
2018-12-27
Base64 Decoder 1.1.2 - Local Buffer Overflow (SEH) Exploit
2018-12-27
Netatalk < 3.1.12 - Authentication Bypass Exploit
2018-12-27
SQLScan 1.0 - Denial of Service Exploit
2018-12-27
Erlang Port Mapper Daemon Cookie Remote Code Execution Exploit
2018-12-27
IBM Operational Decision Manager 8.x - XML External Entity Injection
2018-12-27
Linux Kernel 4.4 - rtnetlink Stack Memory Disclosure Exploit
2018-12-27
Rukovoditel Project Management CRM 2.3.1 - Remote Code Execution Exploit
2018-12-27
LanSpy 2.0.1.159 - Local Buffer Overflow Exploit
2018-12-27
Yeswiki Cercopitheque - id SQL Injection Vulnerability
2018-12-27
Bolt CMS < 3.6.2 - Cross-Site Scripting Vulnerability
2018-12-27
Integria IMS 5.0.83 - search_string Cross-Site Scripting Vulnerability
2018-12-27
Integria IMS 5.0.83 - Cross-Site Request Forgery Vulnerability
2018-12-27
Hotel Booking Script 3.4 - CSRF (Change Admin Password) Vulnerability
2018-12-27
Nsauditor 3.0.28.0 - Local SEH Buffer Overflow Exploit
2018-12-27
Excel Password Recovery 8.2.0.0 - Local Buffer Overflow Denial of Service Exploit
2018-12-27
Microsoft Windows - jscript!JsArrayFunctionHeapSort Out-of-Bounds Write Exploit
2018-12-27
MiniShare 1.4.1 - Remote Buffer Overflow HEAD and POST Method Exploit
2018-12-27
SDL Web Content Manager 8.5.0 - XML External Entity Injection Vulnerability
2018-12-27
PDF Explorer 1.5.66.2 - SEH Local Exploit
2018-12-27
GNU inetutils < 1.9.4 - (telnet.c) Multiple Overflows Exploit
2018-12-27
Windows Persistent Service Installer Exploit
2018-12-27
Zoho ManageEngine OpManager 12.3 SQL Injection Vulnerability
2018-12-27
Razer Cortex Debugger Remote Command Execution Vulnerability
2018-12-27
KARMA 6.0.0 SQL Injection Vulnerability
2018-12-27
Transcend Wi-Fi SD Card Cross Site Request Forgery / Traversal Vulnerabilities
2018-12-27
ShareAlarmPro 2.1.4 - Denial of Service (PoC)
2018-12-27
NetShareWatcher 1.5.8 - Denial of Service (PoC)
2018-12-27
WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - Arbitrary File Upload
2018-12-27
bludit Pages Editor 3.0.0 - Arbitrary File Upload
2018-12-27
Iperius Backup 5.8.1 - Buffer Overflow (SEH)
2018-12-27
Terminal Services Manager 3.1 - Local Buffer Overflow (SEH)
2018-12-27
Product Key Explorer 4.0.9 - Denial of Service (PoC)
2018-12-27
MAGIX Music Editor 3.1 - Buffer Overflow (SEH)
2018-12-27
WordPress Plugin Audio Record 1.0 - Arbitrary File Upload
2018-12-27
Craft CMS 3.0.25 - Cross-Site Scripting
2018-12-27
Kubernetes - (Authenticated) Arbitrary Requests
2018-12-24
Kubernetes - (Unauthenticated) Arbitrary Requests
2018-12-24
Adobe Flash ActiveX Plugin 28.0.0.137 - Remote Code Execution (PoC)
2018-12-24
PhpSpreadsheet < 1.5.0 - XML External Entity (XXE)
2018-12-24
Netatalk - Bypass Authentication
2018-12-24
Searching systematically for PHP disable_functions bypasses
2018-12-24
Keybase keybase-redirector - '$PATH' Local Privilege Escalation
2018-12-24
Pure In-Memory (Shell)Code Injection In Linux Userland
2018-12-24
Google Chrome 70 - SQLite Magellan Crash (PoC)
2018-12-24
phpMyAdmin 4.8.4 - 'AllowArbitraryServer' Arbitrary File Read
2018-12-24
Microsoft Windows - 'MsiAdvertiseProduct' Arbitrary File Copy/Read
2018-12-24
Linux/x86 - Kill All Processes Shellcode (14 bytes)
2018-12-24
Angry IP Scanner for Linux 3.5.3 - Denial of Service (PoC)
2018-12-24
FrontAccounting 2.4.5 - 'SubmitUser' SQL Injection
2018-12-24
WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin)
2018-12-24
WSTMart 2.0.8 - Cross-Site Scripting
2018-12-24
Netatalk < 3.1.12 - Authentication Bypass
2018-12-21
SQLScan 1.0 - Denial of Service (PoC)
2018-12-21
Microsoft Windows - 'MsiAdvertiseProduct' Arbitrary File Read
2018-12-21
ZeusCart 4.0 - Cross-Site Request Forgery (Deactivate Customer Accounts)
2018-12-21
Microsoft Edge 42.17134.1.0 - 'Tree::ANode::DocumentLayout' Denial of Service
2018-12-21
AnyBurn 4.3 - Local Buffer Overflow (SEH)
2018-12-21
Erlang - Port Mapper Daemon Cookie RCE (Metasploit)
2018-12-20
VBScript - MSXML Execution Policy Bypass
2018-12-20
VBScript - VbsErase Reference Leak Use-After-Free
2018-12-20
Base64 Decoder 1.1.2 - Local Buffer Overflow (SEH)
2018-12-20
XMPlay 3.8.3 - '.m3u' Local Stack Overflow Code Execution
2018-12-20
LanSpy 2.0.1.159 - Buffer Overflow (SEH) (Egghunter)
2018-12-20
IBM Operational Decision Manager 8.x - XML External Entity Injection
2018-12-19
PDF Explorer 1.5.66.2 - Buffer Overflow (SEH)
2018-12-19
Yeswiki Cercopitheque - 'id' SQL Injection
2018-12-19
Bolt CMS < 3.6.2 - Cross-Site Scripting
2018-12-19
Integria IMS 5.0.83 - Cross-Site Request Forgery
2018-12-19
Integria IMS 5.0.83 - 'search_string' Cross-Site Scripting
2018-12-19
Rukovoditel Project Management CRM 2.3.1 - Remote Code Execution (Metasploit)
2018-12-19
Hotel Booking Script 3.4 - Cross-Site Request Forgery (Change Admin Password)
2018-12-19
LanSpy 2.0.1.159 - Local Buffer Overflow
2018-12-19
PassFab RAR 9.3.2 - Buffer Overflow (SEH)
2018-12-19
Linux/x64 - Disable ASLR Security Shellcode (93 Bytes)
2018-12-19
Linux Kernel 4.4 - 'rtnetlink' Stack Memory Disclosure
2018-12-19
Nsauditor 3.0.28.0 - Local SEH Buffer Overflow
2018-12-18
MegaPing - Local Buffer Overflow Denial of Service
2018-12-18
Exel Password Recovery 8.2.0.0 - Local Buffer Overflow Denial of Service
2018-12-18
AnyBurn 4.3 - Local Buffer Overflow Denial of Service
2018-12-18
Microsoft Windows - 'jscript!JsArrayFunctionHeapSort' Out-of-Bounds Write
2018-12-18
SDL Web Content Manager 8.5.0 - XML External Entity Injection
2018-12-18
MiniShare 1.4.1 - Remote Buffer Overflow HEAD and POST Method
2018-12-18
PassFab RAR Password Recovery SEH Local Exploit
2018-12-18
Mikrotik RouterOS Telnet Arbitrary Root File Creation Vulnerability
2018-12-18
MegaPing Denial of Service Exploit
2018-12-18
Excel Password Recovery Professional Denial of Service Exploit
2018-12-18
AnyBurn Local Buffer Overflow Exploit
2018-12-18
Nsauditor Local SEH Buffer Overflow Exploit
2018-12-18
Safari - Proxy Object Type Confusion Exploit
2018-12-18
Cisco RV110W - Password Disclosure / Command Execution Exploit
2018-12-18
Huawei Router HG532e - Command Execution Exploit
2018-12-18
Double Your Bitcoin Script Automatic - Authentication Bypass Vulnerability
2018-12-18
Facebook And Google Reviews System For Businesses 1.1 - Remote Code Execution
2018-12-18
Facebook And Google Reviews System For Businesses 1.1 - SQL Injection Vulnerability
2018-12-18
Facebook And Google Reviews System For Businesses - CSRF (Change Admin Password)
2018-12-18
Angry IP Scanner 3.5.3 - Denial of Service Exploit
2018-12-18
UltraISO 9.7.1.3519 - Output FileName Denial of Service
2018-12-18
Zortam MP3 Media Studio 24.15 - Local Buffer Overflow Exploit
2018-12-18
Responsive FileManager 9.13.4 - Multiple Vulnerabilities
2018-12-18
GNU inetutils < 1.9.4 - 'telnet.c' Multiple Overflows (PoC)
2018-12-17
Safari - Proxy Object Type Confusion (Metasploit)
2018-12-16
Double Your Bitcoin Script Automatic - Authentication Bypass
2018-12-16
UltraISO 9.7.1.3519 - 'Output FileName' Denial of Service (PoC)
2018-12-16
Facebook And Google Reviews System For Businesses 1.1 - Remote Code Execution
2018-12-16
Facebook And Google Reviews System For Businesses 1.1 - SQL Injection
2018-12-16
Angry IP Scanner 3.5.3 - Denial of Service (PoC)
2018-12-16
Facebook And Google Reviews System For Businesses - Cross-Site Request Forgery (Change Admin Password)
2018-12-16
Huawei Router HG532e - Command Execution
2018-12-16
Fortify Software Security Center (SSC) 17.10/17.20/18.10 - Information Disclosure (2)
2018-12-16
Fortify Software Security Center (SSC) 17.10/17.20/18.10 - Information Disclosure
2018-12-16
Zortam MP3 Media Studio 24.15 - Local Buffer Overflow (SEH)
2018-12-16
Responsive FileManager 9.13.4 - Multiple Vulnerabilities
2018-12-16
Cisco RV110W - Password Disclosure / Command Execution
2018-12-16
CyberLink LabelPrint 2.5 - Stack Buffer Overflow (Metasploit)
2018-12-16
WebKit JIT - Int32/Double Arrays can have Proxy Objects in the Prototype Chains
2018-12-16
Linux - 'userfaultfd' Bypasses tmpfs File Permissions
2018-12-16
Linux/x86 - Bind (1337/TCP) Ncat (/usr/bin/ncat) Shell (/bin/bash) + Null-Free Shellcode (95 bytes)
2018-12-16
Adobe ColdFusion 2018 - Arbitrary File Upload
2018-12-16
ThinkPHP 5.0.23/5.1.31 - Remote Code Execution
2018-12-16
WordPress Plugin AutoSuggest 0.24 - 'wpas_keys' SQL Injection
2018-12-16
HotelDruid 2.3.0 - 'id_utente_mod' SQL Injection
2018-12-16
Apache OFBiz 16.11.05 - Cross-Site Scripting
2018-12-16
IceWarp Mail Server 11.0.0.0 - Cross-Site Scripting
2018-12-16
Sitecore CMS 8.2 - Cross-Site Scripting / Arbitrary File Disclosure
2018-12-16
ZTE ZXHN H168N - Improper Access Restrictions
2018-12-16
Huawei B315s-22 - Information Leak
2018-12-16
TP-Link wireless router Archer C1200 - Cross-Site Scripting
2018-12-16
PrinterOn Enterprise 4.1.4 - Arbitrary File Deletion
2018-12-16
LanSpy 2.0.1.159 - Local Buffer Overflow (PoC)
2018-12-16
DomainMOD 4.11.01 - Cross-Site Scripting
2018-12-16
SmartFTP Client 9.0.2623.0 - Denial of Service (PoC)
2018-12-16
PrestaShop 1.6.x/1.7.x - Remote Code Execution
2018-12-16
Alumni Tracer SMS Notification - SQL Injection / Cross-Site Request Forgery
2018-12-16
Tourism Website Blog - Remote Code Execution / SQL Injection
2018-12-16
McAfee True Key - McAfee.TrueKey.Service Privilege Escalation
2018-12-16
XNU - POSIX Shared Memory Mappings have Incorrect Maximum Protection
2018-12-16
Windows UAC Protection Bypass Exploit
2018-12-13
Linux - userfaultfd Bypasses tmpfs File Permissions Exploit
2018-12-13
WebKit JIT - Int32/Double Arrays can have Proxy Objects in the Prototype Chains Exploit
2018-12-13
CyberLink LabelPrint 2.5 - Stack Buffer Overflow Exploit
2018-12-13
MixPad v4.40 - Unicode Buffer Overflow Exploit
2018-12-13
WordPress Snap Creek Duplicator Code Injection Exploit
2018-12-13
PrestaShop 1.6.x/1.7.x - Remote Code Execution Exploit
2018-12-12
ThinkPHP 5.0.23/5.1.31 - Remote Code Execution Vulnerability
2018-12-12
Tourism Website Blog - Remote Code Execution / SQL Injection Vulnerabilities
2018-12-12
Linux/x86 - execve(/usr/bin/ncat -lvp 1337 -e /bin/bash)+Null-Free Shellcode (95 bytes)
2018-12-12
Adobe ColdFusion 2018 - Arbitrary File Upload Vulnerability
2018-12-12
McAfee True Key - McAfee.TrueKey.Service Privilege Escalation Vulnerability
2018-12-12
HotelDruid 2.3.0 - id_utente_mod SQL Injection Vulnerability
2018-12-12
WordPress AutoSuggest 0.24 Plugin - wpas_keys SQL Injection Vulnerability
2018-12-12
Alumni Tracer SMS Notification - SQL Injection / Cross-Site Request Forgery Vulnerabilities
2018-12-12
Sitecore CMS 8.2 - Cross-Site Scripting / Arbitrary File Disclosure Vulnerabilities
2018-12-12
IceWarp Mail Server 11.0.0.0 - Cross-Site Scripting Vulnerability
2018-12-12
Huawei B315s-22 - Information Leak Vulnerability
2018-12-12
TP-Link wireless router Archer C1200 - Cross-Site Scripting Vulnerability
2018-12-12
Apache OFBiz 16.11.05 - Cross-Site Scripting Vulnerability
2018-12-12
PrinterOn Enterprise 4.1.4 - Arbitrary File Deletion Vulnerability
2018-12-12
LanSpy 2.0.1.159 - Local Buffer Overflow Exploit
2018-12-12
SmartFTP Client 9.0.2623.0 - Denial of Service Exploit
2018-12-12
DomainMOD 4.11.01 - Cross-Site Scripting Vulnerability
2018-12-12
ZTE Home Gateway ZXHN H168N 2.2 Access Control Bypass Vulnerability
2018-12-12
XNU POSIX Shared Memory Mapping Issue Exploit
2018-12-12
Google Chrome 70.0.3538.77 Cross Site Scripting / Man-In-The-Middle Vulnerability
2018-12-12
Textpad 8.1.2 - Denial Of Service Exploit
2018-12-12
i-doit CMDB 1.11.2 - Remote Code Execution Exploit
2018-12-12
Adiscon LogAnalyzer 4.1.7 - Cross-Site Scripting Vulnerability
2018-12-12
DomainMOD 4.11.01 - DisplayName Cross-Site Scripting Vulnerability
2018-12-12
FutureNet NXR-G240 Series ShellShock Command Injection Exploit
2018-12-12
MiniShare 1.4.1 HEAD / POST Buffer Overflow Exploit
2018-12-12
macOS 10.14.1 Carbon Core Memory corruption Vulnerability
2018-12-12
Chrome V8 Math.expm1 Incorrect Type Information Vulnerability
2018-12-12
Rockwell Automation Allen-Bradley 1752-EN2T/C, 1769-L33ER/A Cross Site Scripting Vulnerability
2018-12-12
HasanMWB 1.0 - SQL Injection Vulnerability
2018-12-12
CubeCart 6.2.2 Cross Site Scripting Vulnerability
2018-12-12
FreshRSS 1.11.1 - Cross-Site Scripting Vulnerability
2018-12-12
Wireshark - cdma2k_message_ACTIVE_SET_RECORD_FIELDS Stack Corruption Vulnerability
2018-12-12
Wireshark - find_signature Heap Out-of-Bounds Read Vulnerability
2018-12-12
DomainMOD 4.11.01 - Custom SSL Fields Cross-Site Scripting Vulnerability
2018-12-12
DomainMOD 4.11.01 - Custom Domain Fields Cross-Site Scripting Vulnerability
2018-12-12
DomainMOD 4.11.01 - Registrar Cross-Site Scripting Vulnerability
2018-12-12
NUUO NVRMini2 3.9.1 - Authenticated Command Injection Exploit
2018-12-12
HP Intelligent Management Java Deserialization Remote Code Execution Exploit
2018-12-12
Emacs - movemail Privilege Escalation Exploit
2018-12-12
Microsoft Lync for Mac 2011 - Injection Forced Browsing/Download Exploit
2018-12-12
Linux/x86 - /usr/bin/head -n99 cat etc/passwd Shellcode (61 Bytes)
2018-12-12
Xorg X11 Server (AIX) - Local Privilege Escalation Exploit
2018-12-12
OpenSSH < 7.7 - User Enumeration Exploit (2)
2018-12-12
Linux/x64 - Reverse (0.0.0.0:1907/TCP) Shell Shellcode (119 Bytes)
2018-12-12
Rockwell Automation Allen-Bradley PowerMonitor 1000 - Incorrect Access Control Authentication Bypass
2018-12-12
DomainMOD 4.11.01 - Owner name Field Cross-Site Scripting Vulnerability
2018-12-12
Dolibarr ERP/CRM 8.0.3 - Cross-Site Scripting Vulnerability
2018-12-12
PHP Server Monitor 3.3.1 - Cross-Site Request Forgery Vulnerability
2018-12-12
Apache Superset 0.23 - Remote Code Execution Exploit
2018-12-12
Wordpress Advanced-Custom-Fields 5.7.7 Plugins - Cross-Site Scripting Vulnerability
2018-12-12
Joomla JE Photo Gallery 1.1 Component - categoryid SQL Injection Exploit
2018-12-12
PaloAlto Networks Expedition Migration Tool 1.0.106 - Information Disclosure Exploit
2018-12-12
Budabot 4.0 - Denial of Service Exploit
2018-12-12
Mozilla Firefox 63.0.1 - Denial of Service Exploit
2018-12-12
Rockwell Automation Allen-Bradley PowerMonitor 1000 - Cross-Site Scripting Vulnerability
2018-12-12
CyberArk 9.7 - Memory Disclosure Exploit
2018-12-12
Fleetco Fleet Maintenance Management 1.2 - Remote Code Execution Exploit
2018-12-12
KeyBase Botnet v1.5 - SQL Injection Vulnerability
2018-12-12
Tarantella Enterprise Security Bypass Vulnerability
2018-12-12
Tarantella Enterprise Directory Traversal Vulnerability
2018-12-12
ATool 1.0.0.22 Stack Buffer Overflow Vulnerability
2018-12-12
Apache Spark - Unauthenticated Command Execution Exploit
2018-12-12
KPOT Botnet - File Download/Source Code Disclosure Vulnerability
2018-12-12
Linux Kernel 4.8 (Ubuntu 16.04) - Leak sctp Kernel Pointer Exploit
2018-12-12
xorg-x11-server < 1.20.3 - modulepath Local Privilege Escalation Exploit
2018-12-12
HTML5 Video Player 1.2.5 - Buffer Overflow Exploit
2018-12-12
Synaccess netBooter NP-02x/NP-08x 6.8 - Authentication Bypass Vulnerability
2018-12-12
Schneider Electric PLC - Session Calculation Authentication Bypass Exploit
2018-12-12
Moxa NPort W2x50A 2.1 OS Command Injection Vulnerability
2018-12-12
knc (Kerberized NetCat) Denial Of Service Exploit
2018-12-12
Microsoft VBScript rtFilter Out-Of-Bounds Read Exploit
2018-12-12
Microsoft VBScript OLEAUT32!VariantClear / scrrun!VBADictionary::put_Item Use-After-Free
2018-12-12
DomainMOD 4.11.01 - 'DisplayName' Cross-Site Scripting
2018-12-09
Adiscon LogAnalyzer 4.1.7 - Cross-Site Scripting
2018-12-09
i-doit CMDB 1.11.2 - Remote Code Execution
2018-12-09
Textpad 8.1.2 - Denial Of Service (PoC)
2018-12-09
HasanMWB 1.0 - SQL Injection
2018-12-08
FreshRSS 1.11.1 - Cross-Site Scripting
2018-12-08
Emacs - movemail Privilege Escalation (Metasploit)
2018-12-08
HP Intelligent Management - Java Deserialization RCE (Metasploit)
2018-12-08
Wireshark - 'find_signature' Heap Out-of-Bounds Read
2018-12-08
Wireshark - 'cdma2k_message_ACTIVE_SET_RECORD_FIELDS' Stack Corruption
2018-12-08
DomainMOD 4.11.01 - Registrar Cross-Site Scripting
2018-12-08
NUUO NVRMini2 3.9.1 - Authenticated Command Injection
2018-12-08
DomainMOD 4.11.01 - Custom SSL Fields Cross-Site Scripting
2018-12-08
DomainMOD 4.11.01 - Custom Domain Fields Cross-Site Scripting
2018-12-08
Dolibarr ERP/CRM 8.0.3 - Cross-Site Scripting
2018-12-08
KeyBase Botnet 1.5 - SQL Injection
2018-12-08
Linux/x64 - Reverse (0.0.0.0:1907/TCP) Shell Shellcode (119 Bytes)
2018-12-08
NEC Univerge Sv9100 WebPro - 6.00 - Predictable Session ID / Clear Text Password Storage
2018-12-08
DomainMOD 4.11.01 - Owner name Field Cross-Site Scripting
2018-12-08
Linux/x86 - /usr/bin/head -n99 cat etc/passwd Shellcode (61 Bytes)
2018-12-08
OpenSSH < 7.7 - User Enumeration (2)
2018-12-08
Xorg X11 Server (AIX) - Local Privilege Escalation
2018-12-08
Rockwell Automation Allen-Bradley PowerMonitor 1000 - Incorrect Access Control Authentication Bypass
2018-12-08
Microsoft Lync for Mac 2011 - Injection Forced Browsing/Download
2018-12-08
WordPress Plugin Advanced-Custom-Fields 5.7.7 - Cross-Site Scripting
2018-12-08
Budabot 4.0 - Denial of Service (PoC)
2018-12-08
Apache Superset < 0.23 - Remote Code Execution
2018-12-08
PHP Server Monitor 3.3.1 - Cross-Site Request Forgery
2018-12-08
Mozilla Firefox 63.0.1 - Denial of Service (PoC)
2018-12-08
Joomla! Component JE Photo Gallery 1.1 - 'categoryid' SQL Injection
2018-12-08
PaloAlto Networks Expedition Migration Tool 1.0.106 - Information Disclosure
2018-12-08
Rockwell Automation Allen-Bradley PowerMonitor 1000 - Cross-Site Scripting
2018-12-08
Fleetco Fleet Maintenance Management 1.2 - Remote Code Execution
2018-12-08
CyberArk 9.7 - Memory Disclosure
2018-12-08
Apache Spark - Unauthenticated Command Execution (Metasploit)
2018-12-08
VBScript - 'rtFilter' Out-of-Bounds Read
2018-12-08
VBScript - 'OLEAUT32!VariantClear' and 'scrrun!VBADictionary::put_Item' Use-After-Free
2018-12-08
xorg-x11-server < 1.20.3 - 'modulepath' Local Privilege Escalation
2018-12-08
HTML5 Video Player 1.2.5 - Buffer Overflow (Metasploit)
2018-12-08
Synaccess netBooter NP-02x/NP-08x 6.8 - Authentication Bypass
2018-12-08
Linux Kernel 4.8 (Ubuntu 16.04) - Leak sctp Kernel Pointer
2018-12-08
Schneider Electric PLC - Session Calculation Authentication Bypass
2018-12-08
TeamCity Agent - XML-RPC Command Execution (Metasploit)
2018-12-08
Mac OS X - libxpc MITM Privilege Escalation (Metasploit)
2018-12-08
Linux - Nested User Namespace idmap Limit Local Privilege Escalation (Metasploit)
2018-12-08
PHP imap_open - Remote Code Execution (Metasploit)
2018-12-08
Unitrends Enterprise Backup - bpserverd Privilege Escalation (Metasploit)
2018-12-08
WebKit JSC - BytecodeGenerator::hoistSloppyModeFunctionIfNecessary Does not Invalidate the 'ForInContext' Object
2018-12-08
WebKit JIT - 'ByteCodeParser::handleIntrinsicCall' Type Confusion
2018-12-08
WebKit JSC JIT - 'JSPropertyNameEnumerator' Type Confusion
2018-12-08
Netgear Devices - Unauthenticated Remote Command Execution (Metasploit)
2018-12-08
Xorg X11 Server - SUID privilege escalation (Metasploit)
2018-12-08
WebKit JSC JIT - JSPropertyNameEnumerator Type Confusion Exploit
2018-12-01
WebKit JSC JIT - ByteCodeParser::handleIntrinsicCall Type Confusion Exploit
2018-12-01
WebKit JSC - BytecodeGenerator::hoistSloppyModeFunctionIfNecessary Exploit
2018-12-01
TeamCity Agent XML-RPC Command Execution Exploit
2018-12-01
PHP imap_open Remote Code Execution Exploit
2018-12-01
Mac OS X libxpc MITM Privilege Escalation Exploit
2018-12-01
Linux Nested User Namespace idmap Limit Local Privilege Escalation Exploit
2018-12-01
Unitrends Enterprise Backup bpserverd Privilege Escalation Exploit
2018-12-01
Cisco WebEx Meetings Privilege Escalation Vulnerability
2018-12-01
SonarSource SonarQube 7.3 Information Disclosure Vulnerability
2018-12-01
Avahi 0.7 Denial Of Service Vulnerability
2018-12-01
BMC Remedy 7.1 User Impersonation Vulnerability
2018-12-01
Netgear Unauthenticated Remote Command Execution Exploit
2018-12-01
phpMyAdmin 4.8.1 Authenticated Local File Inclusion Vulnerability
2018-12-01
ELBA5 5.8.0 - Remote Code Execution Exploit
2018-12-01
Arm Whois 3.11 - Buffer Overflow (ASLR) Exploit
2018-12-01
Ticketly 1.0 - kind_id SQL Injection Vulnerability
2018-12-01
No-Cms 1.0 - order_by SQL Injection Vulnerability
2018-12-01
Zyxel VMG1312-B10D 5.13AAXA.8 - Directory Traversal Vulnerability
2018-12-01
MariaDB Client 10.1.26 - Denial of Service Exploit
2018-12-01
Arm Whois 3.11 - Buffer Overflow (ASLR)
2018-11-26
ELBA5 5.8.0 - Remote Code Execution
2018-11-26
Zyxel VMG1312-B10D 5.13AAXA.8 - Directory Traversal
2018-11-26
Wordpress Easy Testimonials 3.2 Plugins - Cross-Site Scripting Vulnerability
2018-11-26
No-Cms 1.0 - 'order_by' SQL Injection
2018-11-26
Ticketly 1.0 - 'kind_id' SQL Injection
2018-11-26
MariaDB Client 10.1.26 - Denial of Service (PoC)
2018-11-26
Wordpress Plugins Easy Testimonials 3.2 - Cross-Site Scripting
2018-11-26
Ricoh myPrint 2.9.2.4 - Hard-Coded Credentials
2018-11-26
Oracle Secure Global Desktop Administration Console 4.4 Cross Site Scripting Vulnerability
2018-11-26
Consona Password Reset Security Bypass Vulnerability
2018-11-26
Cory Support 1.0 SQL Injection Vulnerability
2018-11-26
Xorg X11 Server SUID Privilege Escalation Exploit
2018-11-26
Joomla Admin 3.7.4 Database Disclosure Vulnerability
2018-11-26
Joomla MacGallery Database Disclosure Vulnerability
2018-11-25
WordPress Absolutely Glamorous Custom Admin 6.4.1 Database Disclosure Vulnerability
2018-11-25
WordPress Pods 2.7.9 Database Disclosure Vulnerability
2018-11-25
WordPress Universal Post Manager 1.5.0 Database Disclosure Vulnerability
2018-11-25
Miss Marple Enterprise Edition File Upload / Hardcoded AES Key Vulnerability
2018-11-23
Governikus Autent SDK 3.8.1 Signature Bypass Vulnerability
2018-11-23
WordPress CherryFramework Themes 3.1.4 - Backup File Download Vulnerability
2018-11-23
WebOfisi E-Ticaret V4 - urun SQL Injection Vulnerability
2018-11-23
Ticketly 1.0 - name SQL Injection Vulnerability
2018-11-23
Richfaces 3.x Remote Code Execution Vulnerability
2018-11-23
Microsoft Windows - DfMarshal Unsafe Unmarshaling Privilege Escalation Exploit
2018-11-23
macOS 10.13 - workq_kernreturn Denial of Service Exploit
2018-11-23
Ticketly 1.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
2018-11-23
Exploits/page:


Page:
1.2.2-prod (www01)