Exploits (Total: 93883)

    
    
    
Linux - Broken uid/gid Mapping for Nested User Namespaces
CVE-2018-18955
2018-11-16
Easy Outlook Express Recovery 2.0 - Denial of Service (PoC)
2018-11-16
Mumsoft Easy Software 2.0 - Denial of Service (PoC)
2018-11-16
DomainMOD 4.11.01 - Cross-Site Scripting
CVE-2018-19136
2018-11-16
Helpdezk 1.1.1 - Arbitrary File Upload
2018-11-16
Warranty Tracking System 11.06.3 - 'txtCustomerCode' SQL Injection
2018-11-16
Wordpress Plugin Ninja Forms 3.3.17 - Cross-Site Scripting
CVE-2018-19287
2018-11-15
PHP Mass Mail 1.0 - Arbitrary File Upload
2018-11-15
2-Plan Team 1.0.4 - Arbitrary File Upload
2018-11-15
Simple E-Document 1.31 - 'username' SQL Injection
2018-11-15
Kordil EDMS 2.2.60rc3 - Arbitrary File Upload
2018-11-15
Meneame English Pligg 5.8 - 'search' SQL Injection
2018-11-15
The Powerful Resource of PHP Stream Wrappers
2018-11-15
Notepad3 1.0.2.350 - Denial of Service (PoC)
2018-11-15
EverSync 0.5 - Arbitrary File Download
2018-11-15
Webkit (Chome < 61) - 'MHTML' Universal Cross-site Scripting
CVE-2017-5124
2018-11-15
Webkit (Safari) - Universal Cross-site Scripting
CVE-2017-7089
2018-11-15
PHP 5.2.3 imap (Debian Based) - 'imap_open' Disable Functions Bypass
2018-11-15
Galaxy Forces MMORPG 0.5.8 - 'type' SQL Injection
2018-11-15
Net-Billetterie 2.9 - 'login' SQL Injection
2018-11-15
BitZoom 1.0 - 'rollno' SQL Injection
2018-11-15
PHP-Proxy 5.1.0 - Local File Inclusion
CVE-2018-19246
2018-11-15
Precurio Intranet Portal 2.0 - Cross-Site Request Forgery (Add Admin)
2018-11-15
SwitchVPN For MacOS 2.1012.03 Privilege Escalation Exploit
2018-11-14
SwitchVPN For MacOS / Windows 2.1012.03 Man-In-The-Middle Vulnerability
2018-11-14
OCS Inventory NG ocsreports Shell Upload Vulnerability
2018-11-14
ntpd 4.2.8p10 - Out-of-Bounds Read Exploit
2018-11-14
AMPPS 2.7 - Denial of Service Exploit
2018-11-14
Bosch Video Management System 8.0 - Configuration Client Denial of Service (PoC)
2018-11-14
DoceboLMS 1.2 - SQL Injection / Arbitrary File Upload
2018-11-14
Electricks eCommerce 1.0 - Persistent Cross-Site Scripting
2018-11-14
Pedidos 1.0 - SQL Injection
2018-11-14
Rmedia SMS 1.0 - SQL Injection
2018-11-14
SwitchVPN for macOS 2.1012.03 - Privilege Escalation
CVE-2018-18860
2018-11-14
Advanced Comment System 1.0 - SQL Injection
CVE-2018-18619
2018-11-14
Dell OpenManage Network Manager 6.2.0.51 SP3 - Multiple Vulnerabilities
CVE-2018-15767
2018-11-14
Atlassian Jira - Authenticated Upload Code Execution (Metasploit)
2018-11-14
AMPPS 2.7 - Denial of Service (PoC)
2018-11-14
EdTv 2 - 'id' SQL Injection
2018-11-14
Electricks eCommerce 1.0 - Cross-Site Request Forgery (Change Admin Password)
2018-11-14
Helpdezk 1.1.1 - 'query' SQL Injection
2018-11-14
ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)
CVE-2018-7182
2018-11-14
iServiceOnline 1.0 - 'r' SQL Injection
2018-11-14
Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shellcode 58 bytes
2018-11-13
xorg-x11-server < 1.20.1 - Local Privilege Escalation Exploit
2018-11-13
XAMPP Control Panel 3.2.2 - Buffer Overflow (SEH) (Unicode) Exploit
2018-11-13
Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service Exploit
2018-11-13
Evince 3.24.0 - Command Injection Exploit
2018-11-13
CuteFTP Mac 3.1 - Denial of Service Exploit
2018-11-13
SIPve 0.0.2-R19 - SQL Injection
2018-11-13
Webiness Inventory 2.3 - SQL Injection
2018-11-13
Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery (Add Admin)
2018-11-13
Maitra Mail Tracking System 1.7.2 - SQL Injection / Database File Download
2018-11-13
Alive Parish 2.0.4 - SQL Injection / Arbitrary File Upload
2018-11-13
ClipperCMS 1.3.3 - Cross-Site Request Forgery (File Upload)
CVE-2018-19135
2018-11-13
Silurus Classifieds Script 2.0 - 'wcategory' SQL Injection
2018-11-13
Gumbo CMS 0.99 - SQL Injection
2018-11-13
ABC ERP 0.6.4 - Cross-Site Request Forgery (Update Admin)
2018-11-13
Easyndexer 1.0 - Arbitrary File Download
2018-11-13
Tina4 Stack 1.0.3 - Cross-Site Request Forgery (Update Admin)
2018-11-13
Tina4 Stack 1.0.3 - SQL Injection / Database File Download
2018-11-13
xorg-x11-server < 1.20.1 - Local Privilege Escalation
CVE-2018-14665
2018-11-13
Data Center Audit 2.6.2 - Cross-Site Request Forgery (Update Admin)
2018-11-13
Musicco 2.0.0 - Arbitrary Directory Download
2018-11-13
Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service
CVE-2018-15437
2018-11-13
XAMPP Control Panel 3.2.2 - Buffer Overflow (SEH) (Unicode)
2018-11-13
Alienor Web Libre 2.0 - SQL Injection
2018-11-13
Surreal ToDo 0.6.1.2 - Local File Inclusion
2018-11-13
Surreal ToDo 0.6.1.2 - SQL Injection
2018-11-13
Evince 3.24.0 - Command Injection
CVE-2017-1000083
2018-11-13
CuteFTP Mac 3.1 - Denial of Service (PoC)
2018-11-13
CentOS Web Panel 0.9.8.740 - Cross-Site Request Forgery / Cross-Site Scripting
CVE-2018-18772
2018-11-13
Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shellcode (58 bytes)
2018-11-13
Cisco Prime Infrastructure Unauthenticated Remote Code Execution Exploit
2018-11-13
Android 5.0 Battery Information Broadcast Information Disclosure Vulnerability
2018-11-13
Android RSSI Broadcast Information Disclosure Vulnerability
2018-11-13
ServerZilla 1.0 - email SQL Injection Vulnerability
2018-11-12
Nominas 0.27 - username SQL Injection Vulnerability
2018-11-12
GPS Tracking System 2.12 - username SQL Injection Vulnerability
2018-11-12
Facturation System 1.0 - modid SQL Injection Vulnerability
2018-11-12
The Don 1.0.1 - login SQL Injection Vulnerability
2018-11-12
Paroiciel 11.20 - tRecIdListe SQL Injection Vulnerability
2018-11-12
Easyndexer 1.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
2018-11-12
Vignette Content Management 6 Security Bypass Vulnerability
2018-11-12
Advanced Comment System 1.0 SQL Injection Vulnerability
2018-11-12
Netscape Enterprise 3.63 Cross Site Scripting Vulnerability
2018-11-12
Mongoose Web Server 6.9 - Denial of Service Exploit
2018-11-12
CuteFTP 9.3.0.3 - Denial of Service Exploit
2018-11-12
TP-Link Archer C50 Wireless Router 171227 - CSRF (Configuration File Disclosure) Vulnerability
2018-11-12
WordPress WP User Manager 2.0.8 SQL Injection Vulnerability
2018-11-12
WordPress PeepSo 1.11.2 XSS / SQL Injection Vulnerabilities
2018-11-12
Wordpress Media File Manager 1.4.2 Plugin - Directory Traversal Vulnerability
2018-11-12
Data Center Audit 2.6.2 - username SQL Injection Vulnerability
2018-11-12
TufinOS 2.17 Build 1193 - XML External Entity Injection Vulnerability
2018-11-12
HeidiSQL 9.5.0.5196 - Denial of Service Exploit
2018-11-12
Nominas 0.27 - 'username' SQL Injection
2018-11-12
Mongoose Web Server 6.9 - Denial of Service (PoC)
2018-11-12
D-LINK Central WifiManager CWM-100 - Server-Side Request Forgery
2018-11-12
ServerZilla 1.0 - 'email' SQL Injection
2018-11-12
GPS Tracking System 2.12 - 'username' SQL Injection
2018-11-12
Easyndexer 1.0 - Cross-Site Request Forgery (Add Admin)
2018-11-12
CuteFTP 9.3.0.3 - Denial of Service (PoC)
2018-11-12
Facturation System 1.0 - 'modid' SQL Injection
2018-11-12
The Don 1.0.1 - 'login' SQL Injection
2018-11-12
TP-Link Archer C50 Wireless Router 171227 - Cross-Site Request Forgery (Configuration File Disclosure)
2018-11-12
Paroiciel 11.20 - 'tRecIdListe' SQL Injection
2018-11-12
Wordpress Plugin Media File Manager 1.4.2 - Directory Traversal
2018-11-12
TufinOS 2.17 Build 1193 - XML External Entity Injection
2018-11-12
Data Center Audit 2.6.2 - 'username' SQL Injection
2018-11-12
HeidiSQL 9.5.0.5196 - Denial of Service (PoC)
2018-11-12
Windows/x86 - Messagebox Shellcode 358 bytes
2018-11-11
Cisco Immunet / Cisco AMP For Endpoints Scanning Denial Of Service Exploit
2018-11-11
Microsoft Windows 10 (Build 17134) - Local Privilege Escalation (UAC Bypass) Exploit
2018-11-11
D-LINK Central WifiManager (CWM 100) 1.03 r0098 Man-In-The-Middle Vulnerability
2018-11-11
D-LINK Central WifiManager (CWM 100) 1.03 r0098 Server-Side Request Forgery Vulnerability
2018-11-11
D-LINK Central WifiManager (CWM 100) 1.03 r0098 DLL Hijacking Exploit
2018-11-11
OpenSLP 2.0.0 - Multiple Vulnerabilities
2018-11-11
Microsoft Windows 10 (Build 17134) - Local Privilege Escalation (UAC Bypass)
2018-11-09
OpenSLP 2.0.0 - Multiple Vulnerabilities
CVE-2016-7567
2018-11-09
Cradlepoint Router Password Disclosure Vulnerability
2018-11-08
Dell OpenManage Network Manager 6.2.0.51 SP3 Privilege Escalation Exploit
2018-11-07
CI User Login and Management 1.0 - Arbitrary File Upload Vulnerability
2018-11-07
Arm Whois 3.11 - Buffer Overflow (SEH) Exploit
2018-11-07
libiec61850 1.3 - Stack Based Buffer Overflow
2018-11-07
LibreHealth 2.0.0 - Arbitrary File Actions Vulnerability
2018-11-07
OpenBiz Cubi Lite 3.0.8 - username SQL Injection Vulnerability
2018-11-07
Grocery crud 1.6.1 - search_field SQL Injection Vulnerability
2018-11-07
VSAXESS V2.6.2.70 build20171226_053 - organization Denial of Service Exploit
2018-11-07
OOP CMS BLOG 1.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
2018-11-07
eToolz 3.4.8.0 - Denial of Service Exploit
2018-11-07
OOP CMS BLOG 1.0 - search SQL Injection Vulnerability
2018-11-07
PlayJoom 0.10.1 - catid SQL Injection Vulnerability
2018-11-07
Blue Server 1.1 - Denial of Service Exploit
2018-11-07
XNU Kernel iOS / macOS heap buffer overflow Exploit
2018-11-07
FaceTime - VCPDecompressionDecodeFrame Memory Corruption Exploit
2018-11-07
FaceTime - readSPSandGetDecoderParams Stack Corruption Exploit
2018-11-07
FaceTime - RTP Video Processing Heap Corruption Exploit
2018-11-07
Morris Worm fingerd Stack Buffer Overflow Exploit
2018-11-07
Morris Worm sendmail Debug Mode Shell Escape Exploit
2018-11-07
blueimp jQuery Arbitrary File Upload Exploit
2018-11-07
QBee Camera / iSmartAlarm Credential Disclosure Vulnerability
2018-11-07
CMS Made Simple 2.2.7 Remote Code Execution Exploit
2018-11-07
CentOS Web Panel Root Account Takeover <= v0.9.8.740 Remote Command Execution Exploit
2018-11-07
Easy File Sharing Web Server 7.2 - author Remote Buffer Overflow (SEH) Exploit
2018-11-07
Microsoft Internet Explorer 11 - Null Pointer Dereference Exploit
2018-11-07
Softros LAN Messenger 9.2 - Denial of Service Exploit
2018-11-07
Intel (Skylake / Kaby Lake) - PortSmash CPU SMT Side-Channel Exploit
2018-11-07
Virgin Media Hub 3.0 Router - Denial of Service Exploit
2018-11-07
Mongo Web Admin 6.0 - Information Disclosure Vulnerability
2018-11-07
Poppy Web Interface Generator 0.8 - Arbitrary File Upload Vulnerability
2018-11-07
Voovi Social Networking Script 1.0 - user SQL Injection Vulnerability
2018-11-07
PHP Proxy 3.0.3 - Local File Inclusion Exploit
2018-11-07
Advantech WebAccess SCADA 8.3.2 - Remote Code Execution Exploit
2018-11-07
WebVet 0.1a - id SQL Injection Vulnerability
2018-11-07
SiAdmin 1.1 - id SQL Injection Vulnerability
2018-11-07
LiquidVPN For macOS 1.3.7 Privilege Escalation Vulnerability
2018-11-07
Royal TSX Information Disclosure Vulnerability
2018-11-07
Yot CMS 3.3.1 - aid SQL Injection Vulnerability
2018-11-07
qdPM 9.1 - filter_by SQL Injection Vulnerability
2018-11-07
Zint Barcode Generator 2.6 - Denial of Service Exploit
2018-11-07
CdCatalog 2.3.1 - Denial of Service Exploit
2018-11-07
WinMTR 0.91 - Denial of Service Exploit
2018-11-07
Gate Pass Management System 2.1 - login SQL Injection Vulnerability
2018-11-07
Jelastic 5.4 - host SQL Injection Vulnerability
2018-11-07
Fantastic Blog CMS 1.0 - id SQL Injection Vulnerability
2018-11-07
Sourcetree Git Arbitrary Code Execution Vulnerability
2018-11-07
Anviz AIM CrossChex Standard 4.3 Excel Macro Injection Vulnerability
2018-11-07
WebDrive 18.00.5057 - Denial of Service Exploit
2018-11-07
Arm Whois 3.11 - Denial of Service Exploit
2018-11-07
Artha The Open Thesaurus 1.0.3.0 - Denial of Service Exploit
2018-11-07
gVisor runsc Guest -> Host Breakout Via Filesystem Cache Desync
2018-11-07
EE 4GEE HH70VB-2BE8GB3 HH70_E1_02.00_19 Hard-Coded Credentails Vulnerability
2018-11-07
Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution Exploit
2018-11-07
Asaancart Simple PHP Shopping Cart 0.9 - Arbitrary File Upload / SQL Injection Vulnerabilities
2018-11-07
Notes Manager 1.0 - Arbitrary File Upload Vulnerability
2018-11-07
Microstrategy Web 7 - Cross-Site Scripting / Directory Traversal Vulnerabilities
2018-11-07
University Application System 1.0 - SQL Injection / Cross-Site Request Forgery (Add Admin)
2018-11-07
Exploit
2018-11-07
Exploit
2018-11-06
Exploit
2018-11-06
OpenBiz Cubi Lite 3.0.8 - 'username' SQL Injection
2018-11-06
OOP CMS BLOG 1.0 - 'search' SQL Injection
2018-11-06
libiec61850 1.3 - Stack Based Buffer Overflow
CVE-2018-18957
2018-11-06
eToolz 3.4.8.0 - Denial of Service (PoC)
2018-11-06
Arm Whois 3.11 - Buffer Overflow (SEH)
2018-11-06
Grocery crud 1.6.1 - 'search_field' SQL Injection
2018-11-06
OOP CMS BLOG 1.0 - Cross-Site Request Forgery (Add Admin)
2018-11-06
CMS Made Simple 2.2.7 - Remote Code Execution
CVE-2018-10517
2018-11-06
Blue Server 1.1 - Denial of Service (PoC)
2018-11-06
Morris Worm - fingerd Stack Buffer Overflow (Metasploit)
2018-11-06
blueimp's jQuery 9.22.0 - (Arbitrary) File Upload (Metasploit)
CVE-2018-9206
2018-11-06
Morris Worm - sendmail Debug Mode Shell Escape (Metasploit)
2018-11-06
FaceTime - 'VCPDecompressionDecodeFrame' Memory Corruption
CVE-2018-4366
2018-11-06
FaceTime - 'readSPSandGetDecoderParams' Stack Corruption
CVE-2018-4367
2018-11-06
FaceTime - RTP Video Processing Heap Corruption
CVE-2018-4384
2018-11-06
Intel (Skylake / Kaby Lake) - 'PortSmash' CPU SMT Side-Channel
CVE-2018-5407
2018-11-05
Voovi Social Networking Script 1.0 - 'user' SQL Injection
2018-11-05
Royal TS/X - Information Disclosure
CVE-2018-18865
2018-11-05
LiquidVPN 1.36 / 1.37 - Privilege Escalation
CVE-2018-18856
2018-11-05
Softros LAN Messenger 9.2 - Denial of Service (PoC)
2018-11-05
PHP Proxy 3.0.3 - Local File Inclusion
2018-11-05
Mongo Web Admin 6.0 - Information Disclosure
2018-11-05
Microsoft Internet Explorer 11 - Null Pointer Difference
2018-11-05
Poppy Web Interface Generator 0.8 - Arbitrary File Upload
2018-11-05
Virgin Media Hub 3.0 Router - Denial of Service (PoC)
2018-11-05
WebVet 0.1a - 'id' SQL Injection
2018-11-05
Advantech WebAccess SCADA 8.3.2 - Remote Code Execution
CVE-2018-15705
2018-11-05
SiAdmin 1.1 - 'id' SQL Injection
2018-11-05
Zint Barcode Generator 2.6 - Denial of Service (PoC)
2018-11-04
CdCatalog 2.3.1 - Denial of Service (PoC)
2018-11-04
WinMTR 0.91 - Denial of Service (PoC)
2018-11-04
Yot CMS 3.3.1 - 'aid' SQL Injection
2018-11-04
qdPM 9.1 - 'filter_by' SQL Injection
2018-11-04
Gate Pass Management System 2.1 - 'login' SQL Injection
2018-11-04
Anviz AIM CrossChex Standard 4.3 - CSV Injection
2018-11-04
Jelastic 5.4 - 'host' SQL Injection
2018-11-04
Fantastic Blog CMS 1.0 - 'id' SQL Injection
2018-11-04
Arm Whois 3.11 - Denial of Service (PoC)
2018-11-04
WebDrive 18.00.5057 - Denial of Service (PoC)
2018-11-04
Artha The Open Thesaurus 1.0.3.0 - Denial of Service (PoC)
2018-11-04
SmartFTP Client 9.0.2615.0 - Denial of Service (PoC)
2018-11-04
Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution
2018-11-04
CI User Login and Management 1.0 - Arbitrary File Upload
2018-11-04
Asaancart Simple PHP Shopping Cart 0.9 - Arbitrary File Upload / SQL Injection
2018-11-04
Microstrategy Web 7 - Cross-Site Scripting / Directory Traversal
CVE-2018-18775
2018-11-04
Instagram Clone 1.0 - Arbitrary File Upload
2018-11-04
Notes Manager 1.0 - Arbitrary File Upload
2018-11-04
University Application System 1.0 - SQL Injection / Cross-Site Request Forgery (Add Admin)
2018-11-04
Expense Management 1.0 - Arbitrary File Upload
2018-11-04
SIPp 3.3.990 - Local Buffer Overflow (PoC)
2018-11-04
QNAP NetBak Replicator 4.5.6.0607 - Denial of Service (PoC)
2018-11-04
Nutanix AOS & Prism < 5.5.5 (LTS) / < 5.8.1 (STS) - SFTP Authentication Bypass
2018-11-04
MyBB Downloads 2.0.3 - SQL Injection
2018-11-04
ZyXEL VMG3312-B10B < 1.00(AAPP.7) - Credential Disclosure
2018-11-04
Phrack: Viewer Discretion Advised: (De)coding an iOS Kernel Vulnerability (Adam Donenfeld)
2018-11-04
Any Sound Recorder 2.93 - Buffer Overflow Local (SEH) (Metasploit)
2018-11-04
Windows/x64 - Remote (Bind TCP) Keylogger Shellcode (864 bytes) (Generator)
2018-11-04
xorg-x11-server 1.20.3 - Privilege Escalation
CVE-2018-14665
2018-11-04
NETGEAR WiFi Router R6120 - Credential Disclosure
2018-11-04
Webiness Inventory 2.9 - Arbitrary File Upload
2018-11-04
phptpoint Pharmacy Management System 1.0 - 'username' SQL Injection
2018-11-04
R 3.4.4 (Windows 10 x64) - Buffer Overflow (DEP/ASLR Bypass)
2018-11-04
Electricks eCommerce 1.0 - 'prodid' SQL Injection
2018-11-04
South Gate Inn Online Reservation System 1.0 - 'q' SQL Injection
2018-11-04
K-iwi Framework 1775 - SQL Injection
CVE-2018-18755
2018-11-04
SaltOS Erp Crm 3.1 r8126 - Database File Download
CVE-2018-18762
2018-11-04
SaltOS Erp Crm 3.1 r8126 - SQL Injection (2)
CVE-2018-18763
2018-11-04
Modbus Slave 7.0.0 - Denial of Service (PoC)
CVE-2018-18759
2018-11-04
SaltOS Erp Crm 3.1 r8126 - SQL Injection
CVE-2018-18761
2018-11-04
E-Negosyo System 1.0 - SQL Injection
CVE-2018-18801
2018-11-04
RhinOS CMS 3.x - Arbitrary File Download
CVE-2018-18760
2018-11-04
PayPal-Credit Card-Debit Card Payment 1.0 - SQL Injection
CVE-2018-18800
2018-11-04
School Attendance Monitoring System 1.0 - SQL Injection
CVE-2018-18798
2018-11-04
School Attendance Monitoring System 1.0 - Arbitrary File Upload
CVE-2018-18799
2018-11-04
School Attendance Monitoring System 1.0 - Cross-Site Request Forgery (Update Admin)
CVE-2018-18797
2018-11-04
School Event Management System 1.0 - Cross-Site Request Forgery (Update Admin)
CVE-2018-18794
2018-11-04
School Event Management System 1.0 - Arbitrary File Upload
CVE-2018-18793
2018-11-04
School Event Management System 1.0 - SQL Injection
CVE-2018-18795
2018-11-04
Point of Sales (POS) in VB.Net MySQL Database 1.0 - SQL Injection
CVE-2018-18805
2018-11-04
Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection
CVE-2018-18804
2018-11-04
Curriculum Evaluation System 1.0 - SQL Injection
CVE-2018-18803
2018-11-04
Aplaya Beach Resort Online Reservation System 1.0 - SQL Injection / Cross-Site Request Forgery
2018-11-04
MTGAS MOGG Web Simulator Script - SQL Injection
2018-11-04
ASRock Drivers - Privilege Escalation
CVE-2018-10709
2018-11-04
systemd - chown_one() can Dereference Symlinks
CVE-2018-15687
2018-11-04
systemd - reexec State Injection
CVE-2018-15686
2018-11-04
Card Payment 1.0 - Cross-Site Request Forgery (Update Admin)
2018-11-04
Paramiko 2.4.1 - Authentication Bypass
CVE-2018-7750
2018-11-04
Local Server 1.0.9 - Denial of Service (PoC)
2018-11-04
Modbus Slave PLC 7 - '.msw' Buffer Overflow (PoC)
2018-11-04
School Equipment Monitoring System 1.0 - 'login' SQL Injection
2018-11-04
AlienIP 2.41 - Denial of Service (PoC)
2018-11-04
Open Faculty Evaluation System 7 - 'batch_name' SQL Injection
2018-11-04
Library Management System 1.0 - 'frmListBooks' SQL Injection
2018-11-04
Navicat 12.0.29 - 'SSH' Denial of Service (PoC)
2018-11-04
Grapixel New Media 2 - 'pageref' SQL Injection
2018-11-04
Open Faculty Evaluation System 5.6 - 'batch_name' SQL Injection
2018-11-04
Veterinary Clinic Management 00.02 - 'editpetnum' SQL Injection
2018-11-04
Delta Sql 1.8.2 - 'id' SQL Injection
2018-11-04
MPS Box 0.1.8.0 - Arbitrary File Upload
2018-11-04
Quick Count 2.0 - 'txtInstID' SQL Injection
2018-11-04
xorg-x11-server < 1.20.3 - Local Privilege Escalation
CVE-2018-14665
2018-11-04
WebEx - Local Service Permissions Exploit (Metasploit)
CVE-2018-15442
2018-11-04
WebExec - Authenticated User Code Execution (Metasploit)
CVE-2018-15442
2018-11-04
libtiff 4.0.9 - Decodes Arbitrarily Sized JBIG into a Target Buffer
CVE-2018-18557
2018-11-04
Open STA Manager 2.3 - Arbitrary File Download
2018-11-04
MPS Box 0.1.8.0 - 'uuid' SQL Injection
2018-11-04
AjentiCP 1.2.23.13 - Cross-Site Scripting
CVE-2018-18548
2018-11-04
AiOPMSD Final 1.0.0 - 'q' SQL Injection
2018-11-04
Simple POS and Inventory 1.0 - 'cat' SQL Injection
2018-11-04
ClipBucket 2.8 - 'id' SQL Injection
2018-11-04
Adult Filter 1.0 - Buffer Overflow (SEH)
2018-11-04
User Management 1.1 - Cross-Site Scripting
CVE-2018-18419
2018-11-04
Delta Sql 1.8.2 - Arbitrary File Upload
2018-11-04
Simple Chat System 1.0 - 'id' SQL Injection
2018-11-04
phptpoint Hospital Management System 1.0 - 'user' SQL injection
2018-11-04
phptpoint Pharmacy Management System 1.0 - 'username' SQL injection
2018-11-04
Ekushey Project Manager CRM 3.1 - Cross-Site Scripting
CVE-2018-18417
2018-11-04
ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution
2018-11-04
BORGChat 1.0.0 build 438 - Denial of Service (PoC)
2018-11-04
D-Link Routers - Directory Traversal
CVE-2018-10822
2018-11-04
D-Link Routers - Plaintext Password
CVE-2018-10824
2018-11-04
D-Link Routers - Command Injection
CVE-2018-10823
2018-11-04
Microsoft Data Sharing - Local Privilege Escalation (PoC)
2018-11-04
Apache OFBiz 16.11.04 - XML External Entity Injection
2018-11-04
LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting
CVE-2018-18416
2018-11-04
exim 4.90 - Remote Code Execution
CVE-2018-6789
2018-11-04
Adult Filter 1.0 - Denial of Service (PoC)
2018-11-04
Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes
2018-11-04
Axioscloud Sissiweb Registro Elettronico 7.0.0 - 'Error_desc' Cross-Site Scripting
CVE-2018-18437
2018-11-04
Fifa Master XLS 2.3.2 - 'usw' SQL Injection
2018-11-04
SG ERP 1.0 - 'info' SQL Injection
2018-11-04
MGB OpenSource Guestbook 0.7.0.2 - 'id' SQL Injection
2018-11-04
SIM-PKH 2.4.1 - 'id' SQL Injection
2018-11-04
School ERP Pro+Responsive 1.0 - 'fid' SQL Injection
2018-11-04
School ERP Pro+Responsive 1.0 - Arbitrary File Download
2018-11-04
ServersCheck Monitoring Software 14.3.3 - 'id' SQL Injection
2018-11-04
Microsoft Windows 10 - Local Privilege Escalation (UAC Bypass)
2018-11-04
SIM-PKH 2.4.1 - Arbitrary File Upload
2018-11-04
ServersCheck Monitoring Software 14.3.3 - Arbitrary File Write
2018-11-04
Appsource School Management System 1.0 - 'student_id' SQL Injection
2018-11-04
Viva Visitor & Volunteer ID Tracking 0.95.1 - 'fname' SQL Injection
2018-11-04
The Open ISES Project 3.30A - Arbitrary File Download
2018-11-04
eNdonesia Portal 8.7 - 'artid' SQL Injection
2018-11-04
Windows - SetImeInfoEx Win32k NULL Pointer Dereference (Metasploit)
CVE-2018-8120
2018-11-04
Apple iOS Kernel - Use-After-Free due to bad Error Handling in Personas
2018-11-04
Apple iOS/macOS - Kernel Memory Corruption due to Integer Overflow in IOHIDResourceQueue::enqueueReport
2018-11-04
Apple iOS/macOS - Sandbox Escape due to mach Message sent from Shared Memory
2018-11-04
Apple iOS - Kernel Stack Memory Disclosure due to Failure to Check copyin Return Value
2018-11-04
Apple iOS/macOS - Sandbox Escape due to Trusted Length Field in Shared Memory used by HID Event Subsystem
2018-11-04
Apple Intel GPU Driver - Use-After-Free/Double-Delete due to bad Locking
2018-11-04
School ERP Ultimate 2018 - 'fid' SQL Injection
2018-11-04
The Open ISES Project 3.30A - 'tick_lat' SQL Injection
2018-11-04
Audacity 2.3 - Denial of Service (PoC)
2018-11-04
Oracle Siebel CRM 8.1.1 - CSV Injection
2018-11-04
School ERP Ultimate 2018 - Arbitrary File Download
2018-11-04
Modbus Poll 7.2.2 - Denial of Service (PoC)
2018-11-04
MySQL Edit Table 1.0 - 'id' SQL Injection
2018-11-04
Expense Management 1.0 - Arbitrary File Upload Vulnerability
2018-10-31
MyBB Downloads 2.0.3 - SQL Injection Vulnerability
2018-10-31
NETGEAR WiFi Router R6120 - Credential Disclosure Vulnerability
2018-10-31
Webiness Inventory 2.9 - Arbitrary File Upload Vulnerability
2018-10-31
Electricks eCommerce 1.0 - prodid SQL Injection Vulnerability
2018-10-31
South Gate Inn Online Reservation System 1.0 - q SQL Injection Vulnerability
2018-10-31
K-iwi Framework 1775 - SQL Injection Vulnerability
2018-10-31
SaltOS Erp Crm 3.1 r8126 - Database File Download Vulnerability
2018-10-31
SaltOS Erp Crm 3.1 r8126 - SQL Injection Vulnerability (2)
2018-10-31
SaltOS Erp Crm 3.1 r8126 - SQL Injection Vulnerability
2018-10-31
E-Negosyo System 1.0 - SQL Injection Vulnerability
2018-10-31
RhinOS CMS 3.x - Arbitrary File Download Vulnerability
2018-10-31
SmartFTP Client 9.0.2615.0 - Denial of Service Exploit
2018-10-31
School Attendance Monitoring System 1.0 - SQL Injection Vulnerability
2018-10-31
School Attendance Monitoring System 1.0 - Arbitrary File Upload Vulnerability
2018-10-31
School Attendance Monitoring System 1.0 - Cross-Site Request Forgery (Update Admin) Vulnerability
2018-10-31
School Event Management System 1.0 - Cross-Site Request Forgery (Update Admin) Vulnerability
2018-10-31
School Event Management System 1.0 - Arbitrary File Upload Vulnerability
2018-10-31
School Event Management System 1.0 - SQL Injection Vulnerability
2018-10-31
Point of Sales (POS) in VB.Net MySQL Database 1.0 - SQL Injection Vulnerability
2018-10-31
Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection Vulnerability
2018-10-31
Curriculum Evaluation System 1.0 - SQL Injection Vulnerability
2018-10-31
Aplaya Beach Resort Online Reservation System 1.0 - SQL Injection / Cross-Site Request Forgery
2018-10-31
MTGAS MOGG Web Simulator Script - SQL Injection Vulnerability
2018-10-31
Card Payment 1.0 - Cross-Site Request Forgery (Update Admin) Vulnerability
2018-10-31
Library Management System 1.0 - frmListBooks SQL Injection Vulnerability
2018-10-31
Grapixel New Media 2 - pageref SQL Injection Vulnerability
2018-10-31
Open Faculty Evaluation System 7 - batch_name SQL Injection Vulnerability
2018-10-31
Instagram Clone 1.0 - Arbitrary File Upload Vulnerability
2018-10-31
SIPp 3.3.990 - Local Buffer Overflow Exploit
2018-10-31
QNAP NetBak Replicator 4.5.6.0607 - Denial of Service Exploit
2018-10-31
ZyXEL VMG3312-B10B < 1.00(AAPP.7) - Credential Disclosure Exploit
2018-10-31
systemd - reexec State Injection Exploit
2018-10-31
xorg #x11 #server 1.20.3 - Privilege Escalation Exploit (3)
2018-10-30
R 3.4.4 ( #Windows10 x64) - Buffer Overflow (DEP/ASLR Bypass) Exploit
2018-10-30
AnySoundRecorder 2.93 - Buffer Overflow Local (SEH) Exploit
2018-10-30
PayPal / Credit Card / Debit Card Payment 1.0 SQL Injection Vulnerability
2018-10-30
Windows/x64 - Remote (Bind TCP) Keylogger Shellcode (Generator) 864 bytes
2018-10-30
Nutanix AOS & Prism < 5.5.5 (LTS) / < 5.8.1 (STS) SFTP Authentication Bypass Vulnerability
2018-10-30
Navicat 12.0.29 - SSH Denial of Service Exploit
2018-10-30
AlienIP 2.41 - Denial of Service Exploit
2018-10-30
systemd - chown_one() can Dereference Symlinks Exploit
2018-10-30
Modbus Slave 7.0.0 - Denial of Service Exploit
2018-10-30
Modbus Slave PLC 7 - .msw Buffer Overflow Exploit
2018-10-30
Paramiko 2.4.1 - Authentication Bypass Exploit
2018-10-30
Local Server 1.0.9 - Denial of Service Exploit
2018-10-30
School Equipment Monitoring System 1.0 - login SQL Injection Vulnerability
2018-10-30
HID ActivID ActivClient 7.1.0.202 Heap Spray / Denial Of Service Vulnerability
2018-10-30
Joomla Responsive eXtro jQuery Gallery 2.1.0 Component - filter_category SQL Injection Vulnerability
2018-10-30
Joomla Com_Ajax Component Jsnextfw Plugin Jform_Article Incorrect Default Permission Vulnerability
2018-10-30
WordPress Arforms 3.5.1 Arbitrary File Delete Exploit
2018-10-30
ASRock Drivers Privilege Escalation / Code Execution Exploit
2018-10-30
Webiness Inventory 2.9 Shell Upload Exploit
2018-10-30
Shell In A Box 2.2.0 Denial Of Service Exploit
2018-10-30
MPS Box 0.1.8.0 - Arbitrary File Upload Vulnerability
2018-10-30
Veterinary Clinic Management 00.02 - editpetnum SQL Injection Vulnerability
2018-10-30
Quick Count 2.0 - txtInstID SQL Injection Vulnerability
2018-10-30
Delta Sql 1.8.2 - id SQL Injection Vulnerability
2018-10-30
Linux systemd Line Splitting Exploit
2018-10-30
Linux systemd Symlink Dereference Via chown_one() Exploit
2018-10-30
xorg-x11-server 1.20.3 - Local Privilege Escalation Exploit (2)
2018-10-30
xorg-x11-server 1.20.3 - Local Privilege Escalation Exploit
2018-10-30
Oracle Hyperion Planning 11.1.2.4 Cross Site Scripting Vulnerability
2018-10-30
Open STA Manager 2.3 - Arbitrary File Download Vulnerability
2018-10-30
MPS Box 0.1.8.0 - uuid SQL Injection Vulnerability
2018-10-30
AjentiCP 1.2.23.13 - Cross-Site Scripting Vulnerability
2018-10-30
AiOPMSD Final 1.0.0 - q SQL Injection Vulnerability
2018-10-30
ClipBucket 2.8 - id SQL Injection Vulnerability
2018-10-30
User Management 1.1 - Cross-Site Scripting Vulnerability
2018-10-30
Delta Sql 1.8.2 - Arbitrary File Upload Vulnerability
2018-10-30
Simple POS and Inventory 1.0 - cat SQL Injection Vulnerability
2018-10-30
Simple Chat System 1.0 - id SQL Injection Vulnerability
2018-10-30
ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution Exploit
2018-10-30
Ekushey Project Manager CRM 3.1 - Cross-Site Scripting Vulnerability
2018-10-30
PHPTPoint Pharmacy Management System 1.0 - username SQL injection Vulnerability
2018-10-30
BORGChat 1.0.0 build 438 - Denial of Service Exploit
2018-10-30
libtiff 4.0.9 - Decodes Arbitrarily Sized JBIG into a Target Buffer Exploit
2018-10-30
Adult Filter 1.0 - Buffer Overflow (SEH) Exploit
2018-10-30
PHPTPoint Hospital Management System 1 SQL Injection Vulnerability
2018-10-30
AudioCodes 440HD / 450HD IP Phone 3.1.2.89 Man-In-The-Middle Vulnerability
2018-10-30
Polycom VVX 500 / VVX 601 5.8.0.12848 Man-In-The-Middle Vulnerability
2018-10-30
Polycom VVX 500 / VVX 601 5.8.0.12848 Information Exposure Vulnerability
2018-10-30
WebExec Authenticated User Code Execution Exploit
2018-10-30
WebEx Local Service Permissions Code Execution Exploit
2018-10-30
WordPress Question Answer 1.2.30 Cross Site Scripting Vulnerability
2018-10-30
WordPress Pie Register 3.0.17 Cross Site Scripting Vulnerability
2018-10-30
Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes
2018-10-30
jQuery-File-Upload < v9.22.1 (ImageMagick / Ghostscript) - Remote Code Execution Exploit
2018-10-30
Fifa Master XLS 2.3.2 - usw SQL Injection Vulnerability
2018-10-30
SG ERP 1.0 - info SQL Injection Vulnerability
2018-10-30
Axioscloud Sissiweb Registro Elettronico 7.0.0 - Error_desc Cross-Site Scripting Vulnerability
2018-10-30
Adult Filter 1.0 - Denial of Service Exploit
2018-10-30
Microsoft Data Sharing - Local Privilege Escalation Exploit
2018-10-30
Apache OFBiz 16.11.04 - XML External Entity Injection Exploit
2018-10-30
exim 4.90 - Remote Code Execution Exploit
2018-10-30
D-Link Routers - Command Injection Vulnerability
2018-10-30
D-Link Routers - Directory Traversal Vulnerability
2018-10-30
D-Link Routers - Plaintext Password Vulnerability
2018-10-30
SIM-PKH 2.4.1 SQL Injection Vulnerability
2018-10-24
Microsoft Active Directory Federated Services (ADFS) User Enumeration Vulnerability
2018-10-24
ServersCheck Monitoring Software 14.3.3 SQL Injection Vulnerability
2018-10-24
ServersCheck Monitoring Software 14.3.3 Cross Site Scripting Vulnerability
2018-10-24
MGB OpenSource Guestbook 0.7.0.2 - id SQL Injection Vulnerability
2018-10-23
SIM-PKH 2.4.1 - Arbitrary File Upload
2018-10-23
Appsource School Management System 1.0 - student_id SQL Injection Vulnerability
2018-10-23
Traq 3.7.1 CSRF / XSS / SQL Injection Vulnerabilities
2018-10-23
VestaCP 0.9.8-22 Cross Site Scripting Vulnerability
2018-10-23
AjentiCP 1.2.23.13 Cross Site Scripting Vulnerability
2018-10-23
Microsoft Windows 10 UAC Bypass By computerDefault Exploit
2018-10-23
Chrome Debugger Extension API Is Too Powerful Vulnerability
2018-10-23
ServersCheck Monitoring Software 14.3.3 - Denial of Service Exploit
2018-10-23
Apple iOS Kernel - Use-After-Free due to bad Error Handling in Personas Exploit
2018-10-22
Apple iOS Kernel - Stack Memory Disclosure due to Failure to Check copyin Return Value Exploit
2018-10-22
Apple iOS / macOS - Kernel Memory Corruption due to Integer Overflow Exploit
2018-10-22
Apple iOS / macOS - Sandbox Escape due to mach Message sent from Shared Memory Exploit
2018-10-22
Apple iOS / macOS - Sandbox Escape due to Trusted Length Field in Shared Memory Exploit
2018-10-22
Viva Visitor & Volunteer ID Tracking 0.95.1 - fname SQL Injection Vulnerability
2018-10-22
Apple Intel GPU Driver - Use-After-Free/Double-Delete due to bad Locking Exploit
2018-10-22
eNdonesia Portal 8.7 - artid SQL Injection Vulnerability
2018-10-22
The Open ISES Project 3.30A - Arbitrary File Download Vulnerability
2018-10-22
The Open ISES Project 3.30A - tick_lat SQL Injection Vulnerability
2018-10-22
School ERP Ultimate 2018 - fid SQL Injection Vulnerability
2018-10-22
Oracle Siebel CRM 8.1.1 - CSV Injection Vulnerability
2018-10-22
School ERP Ultimate 2018 - Arbitrary File Download Vulnerability
2018-10-22
MySQL Edit Table 1.0 - id SQL Injection Vulnerability
2018-10-22
Modbus Poll 7.2.2 - Denial of Service Exploit
2018-10-22
Microsoft Windows SetImeInfoEx Win32k NULL Pointer Dereference Exploit
2018-10-22
WiFiRanger 7.0.8rc3 Incorrect Access Control / Privilege Escalation Vulnerability
2018-10-22
Viprinet VPN Hub Router Cross Site Scripting Vulnerability
2018-10-22
AudaCity 2.3 - High processor usage Denial of Service Exploit
2018-10-21
libSSH - Authentication Bypass Exploit
2018-10-21
Linux/x86 print "If psycho say this is the end?" Shellcode (75 bytes)
2018-10-21
libSSH - Authentication Bypass
CVE-2018-10933
2018-10-19
Linux Semi-Arbitrary Task Stack Read On ARM64 / x86 Exploit
2018-10-18
Chrome Mojo DataPipe*Dispatcher Deserialization Lacking Validation Exploit
2018-10-18
Snes9K 0.0.9z - Buffer Overflow (SEH) Exploit
2018-10-18
OwnTicket 1.0 - TicketID SQL Injection Vulnerability
2018-10-18
Learning with Texts 1.6.2 - start SQL Injection Vulnerability
2018-10-18
PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add admin) Vulnerability
2018-10-18
TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure Vulnerability
2018-10-18
ManageEngine OPManager 12.3 Cross Site Scripting Vulnerability
2018-10-18
LANGO Codeigniter Multilingual Script 1.0 Cross Site Scripting Vulnerability
2018-10-18
Ekushey Project Manager CRM 3.1 Cross Site Scripting Vulnerability
2018-10-18
IBM Security AppScan Standard 9.0.3 .udt Denial Of Service Exploit
2018-10-18
Acunetix Web Vulnerability Scanner 10 *.slg Buffer Overflow (PoC) Exploit
2018-10-18
Any Sound Recorder 2.93 - Buffer Overflow (SEH) Exploit
2018-10-18
Time and Expense Management System 3.0 - CSRF (Add Admin) Vulnerability
2018-10-18
FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials Vulnerability
2018-10-18
VLC Media Player - MKV Use-After-Free Exploit
2018-10-18
Microsoft Windows - FSCTL_FIND_FILES_BY_SID Information Disclosure Exploit
2018-10-18
HighPortal 12.5 Cross Site Scripting Vulnerability
2018-10-18
Heatmiser Wifi Thermostat 1.7 - Credential Disclosure Exploit
2018-10-18
GIU Gallery Image Upload 0.3.1 - category SQL Injection Vulnerability
2018-10-18
Navigate CMS 2.8.5 - Arbitrary File Download Vulnerability
2018-10-18
MV Video Sharing Software 1.2 - searchname SQL Injection Vulnerability
2018-10-18
Rukovoditel Project Management CRM 2.3 - path SQL Injection Vulnerability
2018-10-18
Vishesh Auto Index 3.1 - fid SQL Injection Vulnerability
2018-10-18
Kados R10 GreenBee - release_id SQL Injection Vulnerability
2018-10-18
HotelDruid 2.2.4 - anno SQL Injection Vulnerability
2018-10-18
Wordpress Support Board 1.2.3 Plugin - Cross-Site Scripting Vulnerability
2018-10-18
Library CMS 2.1.1 - Cross-Site Scripting Vulnerability
2018-10-18
Solaris RSH Stack Clash Privilege Escalation Exploit
2018-10-18
Exploits/page:


Page:
1.1.11-prod (www01)