Exploits (Total: 98122)

    
    
    
eduTrac 'showmask' Parameter Directory Traversal Vulnerability
CVE-2013-7097
2013-12-11
Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities
2013-12-11
eFront 3.6.14 (build 18012) - Stored XSS in Multiple Parameters
CVE-2013-7194
2013-12-11
vBulletin 5 - index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection
CVE-2013-3522
2013-12-11
EMC Data Protection Advisor DPA Illuminator - EJBInvokerServlet RCE
2013-12-11
Adobe ColdFusion 9 - Administrative Login Bypass
CVE-2013-0632
2013-12-11
HP LoadRunner EmulationAdmin - Web Service Directory Traversal
CVE-2013-4837
2013-12-11
IcoFX 2.5.0.0 - (.ico) Buffer Overflow Vulnerability
CVE-2013-4988
2013-12-11
vBulletin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection
CVE-2013-3522
2013-12-11
PlaySMS <= 0.9.9.2 - CSRF Vulnerability
2013-12-11
IcoFX 2.5.0.0 (.ico) - Buffer Overflow Vulnerability
CVE-2013-4988
2013-12-11
Adobe ColdFusion 9 Administrative Login Bypass Vulnerability
CVE-2013-0632
2013-12-11
Phone Drive Eightythree 4.1.1 iOS - Multiple Vulnerabilities
2013-12-10
Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities
2013-12-10
pam password hashes aren't compared case-sensitive
2013-12-10
mod_dav_svn 1.8.1 assertion triggered by non-canonical URLs
2013-12-10
mod_dontdothat 1.8.0 does not restrict requests from serf based clients.
2013-12-10
monitorix HTTP server 'handle_request()' session fixation & XSS
2013-12-10
CPython hash secret can be recoved remotely
2013-12-10
Linux Kernel <= 3.0.5 'ath9k_htc_set_bssid_mask()' Function Information Disclosure Vulnerability
CVE-2013-4579
2013-12-10
Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities
2013-12-10
PlaySms <= 0.9.9.2 - CSRF
2013-12-10
CGILua <= 3.0 - SQL Injection Vulnerability
2013-12-10
Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities
2013-12-09
Print n Share 5.5 iOS Multiple Web Vulnerabilities
2013-12-09
Feetan Inc WireShare v1.9.1 iOS Persistent Vulnerability
2013-12-09
osCMax Arbitrary File Upload and Full Path Information Disclosure Vulnerabilities
2013-12-09
CGILua <= 3.0 - SQL Injection
2013-12-09
GOM Player 2.2.53.5169 - SEH Buffer Overflow (.reg)
CVE-2013-6356
2013-12-09
Up.Time Monitoring Station post2file.php Arbitrary File Upload
2013-12-08
ZippyYum 3.4 Insecure Data Storage
2013-12-08
Joomla Flexicontent Remote Code Execution
2013-12-08
openSIS 5.2 PHP Code Injection
2013-12-08
Enorth Webpublisher CMS SQL Injection
2013-12-08
Ovidentia 7.9.6 Multiple Vulnerabilities
2013-12-08
Linux Kernel net/fib fib6_add potential NULL pointer dereference
2013-12-08
WordPress Page Flip Image Gallery Shell Upload
2013-12-08
WordPress DZS Video Gallery 3.1.3 Remote File Disclosure
2013-12-08
Eaton Network Shutdown Module 3.21 PHP Code Injection
2013-12-08
BoxBilling 3.6.11 Cross Site Scripting
2013-12-08
Jamroom 5.0.2 Cross Site Scripting
2013-12-08
D-Link DSR Router Remote Root Shell
2013-12-08
D-Link DSR Router Remote Root Shell Exploit
2013-12-08
Linux Kernel ping NULL pointer dereference on write to msg_name
2013-12-08
WordPress PhotoSmash Galleries Plugin 'bwbps-uploader.php' Arbitrary File Upload Vulnerability
2013-12-08
Print n Share 5.5 iOS - Multiple Web Vulnerabilities
2013-12-08
Feetan Inc WireShare 1.9.1 iOS - Persistent Vulnerability
2013-12-08
Ovidentia 7.9.6 - Multiple Vulnerabilities
2013-12-08
Wordpress Download Manager Free & Pro 2.5.8 - Persistent Cross-Site Scripting
2013-12-08
openSIS 5.2 PHP Code Injection Vulnerability
CVE-2013-1349
2013-12-08
Joomla Flexicontent Remote Code Execution Vulnerability
2013-12-08
phpLiteAdmin v1.X.X Auth Bypass/Download DB vulnerabilities?
2013-12-08
Wordpress Download Manager Free & Pro 2.5.8 - Persistent Cross Site Scripting
2013-12-08
osCmax e-Commerce v2.5.3 (FU/ObjectInject) Multiple Vulnerabilities
2013-12-08
Apple Safari For Windows PhishingAlert Security Bypass Weakness
2013-12-07
Enorth Webpublisher CMS SQL Injection Vulnerability
CVE-2013-6985
2013-12-07
Jamroom 5.0.2 Cross Site Scripting Vulnerability
CVE-2013-6804
2013-12-07
Wordpress page-flip-image-gallery plugins Remote File Upload
2013-12-07
BoxBilling 3.6.11 (mod_notification) Stored Cross-Site Scripting Vulnerability
2013-12-07
Zimbra Privilegie escalation LFI Vulnerability
2013-12-07
Print n Share v5.5 iOS - Multiple Web Vulnerabilities
2013-12-06
NeoBill 0.9-alpha eCommerce Command Execution SQL Injection and LFI
2013-12-06
Wireless Transfer App 3.7 iOS Multiple Web Vulnerabilities
2013-12-06
WordPress Easy Career Openings SQL Injection
2013-12-06
RedAxScript v1.1 <= Multiple Blind SQL Injection Vulnerabilities
2013-12-06
NagiosQL 3.2.0 SP2 Cross Site Scripting
2013-12-06
MySQL 5.0.x Denial Of Service
2013-12-06
Sonicwall GMS 7.x Filter Bypass
2013-12-06
WordPress Easy Career Openings Plugin 'jobid' Parameter SQL Injection Vulnerability
2013-12-06
NeoBill /install/index.php language Parameter Traversal Local File Inclusion
2013-12-06
NeoBill /install/include/solidstate.php Multiple Parameter SQL Injection
2013-12-06
NeoBill /modules/nullregistrar/phpwhois/example.php query Parameter Remote Code Execution
2013-12-06
Enorth Webpublisher CMS 'thisday' Parameter SQL Injection Vulnerability
CVE-2013-6985
2013-12-06
Wordpress page-flip-image-gallery Plugins - Remote File Upload
2013-12-06
WordPress Plugin DZS Video Gallery 3.1.3 - Remote and Local File Disclosure Vulnerability
2013-12-06
Zimbra - Privilegie Escalation via LFI (0day)
CVE-2013-7091
2013-12-06
BoxBilling 3.6.11 (mod_notification) Stored Cross-Site Scripting Vulnerability
2013-12-06
D-Link DSR Router Series - Remote Root Shell Exploit
CVE-2013-5945
2013-12-06
Zine: D-Link DSR Router Series - Remote Root Shell
CVE-2013-5945
2013-12-06
Eaton Network Shutdown Module <= 3.21 - Remote PHP Code Injection
2013-12-06
Feetan Inc WireShare v1.9.1 iOS - Persistent Vulnerability
2013-12-05
Steinberg MyMp3PRO 5.0 DEP Bypass With ROP
2013-12-05
Steinberg MyMp3PRO 5.0 Buffer Overflow
2013-12-05
Steinberg MyMp3PRO 5.0 SEH Buffer Overflow
2013-12-05
HTMLPurifier Hash Length Extension
2013-12-05
Hex Workshop 6.7 DLL Hijack
2013-12-05
Imagam iFiles 1.16.0 File Inclusion / Shell Upload / Command Injection
2013-12-05
Joomla Hotornot2 Shell Upload
2013-12-05
Microsoft Windows NDPROXY Local SYSTEM Privilege Escalation
2013-12-05
mod_nss incorrect handling of NSSVerifyClient in directory context
2013-12-05
NDPROXY Local SYSTEM privilege escalation
2013-12-05
Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities
2013-12-05
Sonicwall Gms 7.x - Filter Bypass & Persistent Vulnerability (0Day)
CVE-2013-7025
2013-12-05
MySQL 5.0.x IF Query Handling Remote Denial Of Service Vulnerability
CVE-2007-2583
2013-12-05
Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability
2013-12-04
Tftpd32 Client Side Format String
2013-12-04
Kaseya uploadImage Arbitrary File Upload
2013-12-04
ISL Light Desktop 3.5.4 Information Disclosure
2013-12-04
Notepad++ Plugin Notepad 1.5 Local Exploit
2013-12-04
simple_format helper XSS Vulnerability
2013-12-04
number_to_currency XSS Vulnerability
2013-12-04
Steinberg MyMp3PRO 5.0 - Buffer Overflow/SEH Buffer Overflow/DEP Bypass with ROP
CVE-2013-7186
2013-12-04
Imagam iFiles 1.16.0 iOS - Multiple Web Vulnerabilities
2013-12-04
MySQL 5.0.x - IF Query Handling Remote Denial of Service Vulnerability
CVE-2007-2583
2013-12-04
Steinberg MyMp3PRO v5.0 Buffer Overflow
2013-12-04
Steinberg MyMp3PRO v5.0 SEH Buffer Overflow
2013-12-04
Steinberg MyMp3PRO v5.0 DEP Bypass with ROP
2013-12-04
NeoBill v0.9-alpha eCommerce <= (RCE/SQLi/LFI) Vulnerabilities
2013-12-04
NDPROXY Local SYSTEM Privilege Escalation
CVE-2013-5065
2013-12-04
Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities
2013-12-03
WordPress Js-Multi-Hotel 2.2.1 Cross Site Scripting
2013-12-03
TVT TD-2308SS-B DVR directory traversal
2013-12-03
FlashComs Chat <= 6.5 - Arbitrary File Upload Vulnerability
2013-12-03
DPR2320R2 [Scientific-Atlanta, Inc. Cisco ] - Multiple CSRF Vulnerability
2013-12-03
TP-Link TD-8840t CSRF Vulnerability
2013-12-03
Joomla Alphauserpoints phpThumb.php Shell Upload
2013-12-03
Helpdesk Pilot Cross Site Request Forgery / Cross Site Scripting
2013-12-03
WordPress Blooog 1.1 jplayer.swf Cross Site Scripting
2013-12-03
phpThumb 1.7.12 Server Side Request Forgery
2013-12-03
WordPress OptimizePress Theme File Upload
2013-12-03
Cisco Prime Data Center Network Manager Arbitrary File Upload
2013-12-03
Photo Transfer Wifi 1.4.4 Script Insertion
2013-12-03
Ruby Gem Sprout 0.7.246 Command Injection
2013-12-03
OpenSSL BN (multiprecision integer arithmetics) Multiple issues
2013-12-03
Windows NDPROXY - Local SYSTEM Privilege Escalation (MS14-002)
CVE-2013-5065
2013-12-03
Dokeos 2.2 RC2 (index.php language param) - SQL Injection
CVE-2013-6341
2013-12-03
Chamilo Lms 1.9.6 (profile.php password0 param) - SQL Injection
CVE-2013-6787
2013-12-03
Microsoft Tagged Image File Format (TIFF) Integer Overflow
CVE-2013-3906
2013-12-03
Kimai 0.9.2 - 'db_restore.php' SQL Injection
2013-12-03
ABB MicroSCADA wserver.exe - Remote Code Execution
2013-12-03
Cisco Prime Data Center Network Manager - Arbitrary File Upload
CVE-2013-5486
2013-12-03
Notepad++ Plugin Notepad 1.5 - Local Exploit
2013-12-03
Chamilo LMS 1.9.6 (profile.php, password0 param) - SQL Injection Vulnerability
CVE-2013-6787
2013-12-03
Dokeos 2.2 RC2 (index.php, language param) - SQL Injection Vulnerability
CVE-2013-6341
2013-12-03
Notepad++ Plugin Notepad# 1.5 - Local Exploit
2013-12-03
Cisco Prime Data Center Network Manager Arbitrary File Upload Vulnerability
CVE-2013-5486
2013-12-03
ABB MicroSCADA wserver.exe Remote Code Execution Vulnerability
2013-12-03
Kimai v0.9.2 'db_restore.php' SQL Injection Vulnerability
2013-12-03
Microsoft Tagged Image File Format (TIFF) Integer Overflow Vulnerability
CVE-2013-3906
2013-12-03
Imagam iFiles v1.16.0 iOS - Multiple Web Vulnerabilities
2013-12-02
WordPress dzs-videogallery Plugins Remote File Upload Vulnerability
2013-12-02
TouchID and !simple passcodes
2013-12-02
Multiple D-Link DIR Series Routers 'model/__show_info.php' Local File Disclosure Vulnerability
2013-12-02
Wordpress Formcraft Plugin - SQL Injection Vulnerability
CVE-2013-7187
2013-12-02
Photo Transfer Wifi 1.4.4 iOS - Multiple Web Vulnerabilities
2013-12-02
DPR2320R2 [Scientific-Atlanta, Inc. Cisco ] - Multiple CSRF Vulnerability
2013-12-02
TP-Link TD-8840t - CSRF Vulnerability
2013-12-02
Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow Vulnerability
2013-12-02
Photo Transfer Wifi 1.4.4 iOS - Multiple Web Vulnerabilities
2013-12-01
WordPress Folo Theme Cross Site Scripting
2013-12-01
Kingsoft Office Writer 2012 8.1.0.3385 Buffer Overflow
2013-12-01
ABB MicroSCADA wserver.exe Remote Code Execution
2013-12-01
Joomla com_jmultimedia Remote Command Execution
2013-12-01
Static Http Server 1.0 Denial Of Service (DoS) Exploit
2013-12-01
TP-Link TL-WR740N / TL-WR740ND 150M Wireless Lite N Router HTTP DoS
2013-12-01
Wordpress Orange Themes CSRF File Upload Vulnerability
2013-12-01
ZIP Password Recovery Professional 5.1 (.zip) - Crash POC
2013-12-01
Uptime Agent 5.0.1 Stack Overflow Vulnerability
2013-12-01
phpThumb 'phpThumb.php' Arbitrary File Upload Vulnerability
2013-12-01
TVT TD-2308SS-B DVR - Directory Traversal Vulnerability
CVE-2013-6023
2013-12-01
Wordpress Orange Themes - CSRF File Upload Vulnerability
2013-12-01
WordPress dzs-videogallery Plugins Remote File Upload Vulnerability
2013-12-01
Zend-Framework - Full Info Disclosure Vulnerability
2013-12-01
ZIP Password Recovery Professional 5.1 (.zip) - Crash POC
2013-12-01
Joomla JMultimedia Command Execution Exploit
2013-12-01
Ametys CMS 3.5.2 XPath Injection Vulnerability
2013-12-01
GILE WebDesign SQL Injection Vulnerability
2013-11-30
UnrealIRCd remote DoS
2013-11-30
MyBB <= 1.6.11 - Remote Code Execution
2013-11-30
ZIP Password Recovery Professional 5.1 - (.zip) Crash PoC
2013-11-30
Scientific-Atlanta, Inc. DPR2320R2 - Multiple CSRF Vulnerability
CVE-2013-7043
2013-11-30
Audacious Player 3.4.2/3.4.1 - (.mp3) Crash PoC
2013-11-30
TP-Link TD-8840t - CSRF Vulnerability
2013-11-30
Kingsoft Office Writer 2012 8.1.0.3385 - (.wps) Buffer Overflow Exploit (SEH)
CVE-2013-3934
2013-11-30
Zend-Framework - Full Info Disclosure
2013-11-30
Uptime Agent 5.0.1 - Stack Overflow Vulnerability
2013-11-30
TP-Link TL-WR740N / TL-WR740ND - 150M Wireless Lite N Router HTTP DoS
2013-11-30
Ametys CMS 3.5.2 - (lang parameter) XPath Injection Vulnerability
2013-11-30
FlashComs Chat <= 6.5 - Arbitrary File Upload Vulnerability
2013-11-30
Association WebDesign SQL Injection Vulnerability
2013-11-30
Adobe Acrobat Reader ASLR/DEP Bypass Exploit with SANDBOX BYPASS
2013-11-29
NewsAktuell PressePortal DE Remote SQL Injection Web Vulnerability
2013-11-29
AndroidOS 4.3 / com.android.settings Permission Bypass
2013-11-29
Apache Solr XXE
2013-11-29
Ametys CMS 3.5.2 (lang parameter) XPath Injection Vulnerability
2013-11-29
PressePortal DE - Remote SQL Injection Web Vulnerability
2013-11-28
Wondershare Player 1.6.0 DLL Hijacking
2013-11-28
BZR Player 0.97 DLL Hijack
2013-11-28
Audacious Player 3.4.2 / 3.4.1 Denial Of Service
2013-11-28
Wordpress optinfirex plugin Cross site scripting
2013-11-28
Wordpress amerisale-re plugin Cross site scripting
2013-11-28
Kimai 0.9.2 db_restore.php SQL Injection
2013-11-28
Dokeos 2.2 RC2 SQL Injection
2013-11-28
Open-Xchange frontend6 6.22.4 / backend 7.4.0 Cross Site Scripting
2013-11-28
Chamilo LMS 1.9.6 SQL Injection
2013-11-28
Yahoo Open Redirect Vulnerability or "Designing vulnerabilities"
2013-11-28
AMD CPU Publ. 51810 Errata 793 Denial of Service
2013-11-28
Adobe Acrobat Reader - ASLR/DEP Bypass Exploit with SANDBOX BYPASS
CVE-2013-0640
2013-11-28
Kimai 0.9.2 db_restore.php SQL Injection Vulnerability
2013-11-28
Palo Alto Networks Pan-OS 5.0.8 Multiple Vulnerabilities
2013-11-27
Apache Solr 4.5.0 remote code execution
2013-11-27
Palo Alto Networks Pan-OS 5.0.8 - Multiple Vulnerabilities
2013-11-27
Apache Roller OGNL Injection
CVE-2013-4212
2013-11-27
Microsoft Internet Explorer - COALineDashStyleArray Unsafe Memory Access (MS12-022)
CVE-2012-0016
2013-11-27
Microsoft Internet Explorer - CardSpaceClaimCollection ActiveX Integer Underflow (MS13-090)
CVE-2013-3918
2013-11-27
[Portuguese] Exploiting LFD Vulnerabilities
2013-11-27
Dokeos 2.2 RC2 SQL Injection Vulnerability
CVE-2013-6341
2013-11-27
Claroline 1.11.8 Cross Site Scripting Vulnerability
CVE-2013-6267
2013-11-27
Chamilo LMS 1.9.6 SQL Injection Vulnerability
CVE-2013-6787
2013-11-27
Palo Alto Networks Pan-OS 5.0.8 - Multiple Vulnerabilities
2013-11-27
MS12-022 Microsoft Internet Explorer COALineDashStyleArray Unsafe Memory Access
CVE-2013-0074
2013-11-27
WordPress Contact Form 7 3.5.2 Shell Upload
2013-11-26
WordPress Folo Shell Upload
2013-11-26
WordPress Blogggie Shell Upload
2013-11-26
WordPress Pinboard Shell Upload
2013-11-26
WordPress Elemin Shell Upload
2013-11-26
WordPress Blogfolio Shell Upload
2013-11-26
Tapuz Flix Password Bypass
2013-11-26
TPLINK WR740N / WR740ND Cross Site Request Forgery
2013-11-26
Rackspace Windows Agent / Updater Arbitrary Code Execution
2013-11-26
Kernel MSM Memory Leak
2013-11-26
Microsoft Internet Explorer COALineDashStyleArray Unsafe Memory Access
2013-11-26
MS13-090 CardSpaceClaimCollection ActiveX Integer Underflow
2013-11-26
Ganglia web interface XSS
2013-11-26
WordPress dzs-videogallery Plugins - Remote File Upload Vulnerability
2013-11-26
Apache Roller OGNL Injection Vulnerability
CVE-2013-4212
2013-11-26
Google Gmail IOS Mobile Application - Persistent / Stored XSS
2013-11-25
WBR-3406 Password Change Bypass & CSRF Vulnerability
2013-11-25
Satechi travel router v1.5 Unauthorized console access
2013-11-25
NETGEAR ReadyNAS Perl Code Evaluation
CVE-2013-2751
2013-11-25
DesktopCentral AgentLogUpload Arbitrary File Upload
CVE-2013-7390
2013-11-25
Static Http Server 1.0 - Denial of Service (DoS) Exploit
2013-11-25
TPLINK WR740N/WR740ND - Multiple CSRF Vulnerabilities
2013-11-25
NETGEAR ReadyNAS Perl Code Evaluation Vulnerability
CVE-2013-2751
2013-11-25
Juniper Junos J-Web - Privilege Escalation Vulnerability
2013-11-25
LimeSurvey 2.00+ (build 131107) - Multiple Vulnerabilities
2013-11-25
ALLPlayer 5.7 (.m3u) - SEH Buffer Overflow (Unicode)
2013-11-25
Boilsoft RM TO MP3 Converter 1.72 (.wav) Crash POC
2013-11-24
Pirelli Discus DRG A125g Local Password Disclosure Vulnerability
2013-11-24
Pirelli Discus DRG A125g Remote Change WiFi Password Vulnerability
2013-11-24
Pirelli Discus DRG A125g Remote Change SSID Value Vulnerability
2013-11-24
ImpressPages CMS 3.8 Stored XSS Vulnerability
2013-11-24
Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow
2013-11-24
ALLPlayer 5.7 - (.m3u) SEH Buffer Overflow (Unicode)
CVE-2013-7409
2013-11-24
MyBB Ajaxfs 2 Plugin - SQL Injection Vulnerability
CVE-2013-6936
2013-11-24
Pirelli Discus DRG A125g - Remote Change WiFi Password Vulnerability
2013-11-24
Pirelli Discus DRG A125g - Local Password Disclosure Vulnerability
2013-11-24
Pirelli Discus DRG A125g - Remote Change SSID Value Vulnerability
2013-11-24
Google Gmail IOS Mobile Application - Persistent / Stored XSS Vulnerability
2013-11-24
Boilsoft RM TO MP3 Converter 1.72 - Crash POC (.wav) Vulnerability
2013-11-24
Exploits/page:


Page:
1-4-2 (www01)