Exploits (Total: 98598)

    
    
    
Windows/x64 - Dynamic Null-Free WinExec PopCalc Shellcode (205 Bytes)
2021-05-03
Piwigo 11.3.0 - 'language' SQL
2021-05-03
Voting System 1.0 - Time based SQLI (Unauthenticated SQL injection)
2021-05-03
GetSimple CMS Custom JS 0.1 - CSRF to XSS to RCE
2021-05-03
GNU Wget < 1.18 - Arbitrary File Upload / Remote Code Execution (2)
2021-04-30
Moodle 3.6.1 - Persistent Cross-Site Scripting (XSS)
2021-04-30
NodeBB Plugin Emoji 3.2.1 - Arbitrary File Write
2021-04-29
Shortcut Hotkey Exploitation - Paper (Hebrew)
2021-04-29
FOGProject 1.5.9 - File Upload RCE (Authenticated)
2021-04-29
Cacti 1.2.12 - 'filter' SQL Injection / Remote Code Execution
2021-04-29
Kirby CMS 3.5.3.1 - 'file' Cross-Site Scripting (XSS)
2021-04-28
WordPress Plugin WPGraphQL 1.3.5 - Denial of Service
2021-04-27
Montiorr 1.7.6m - File Upload to XSS
2021-04-27
Kimai 1.14 - CSV Injection
2021-04-27
SEO Panel 4.8.0 - 'order_col' Blind SQL Injection (2)
2021-04-26
OpenPLC 3 - Remote Code Execution (Authenticated)
2021-04-26
Hasura GraphQL 1.3.3 - Remote Code Execution
2021-04-26
Sipwise C5 NGCP CSC - Click2Dial Cross-Site Request Forgery (CSRF)
2021-04-23
Sipwise C5 NGCP CSC - 'Multiple' Stored/Reflected Cross-Site Scripting (XSS)
2021-04-23
DzzOffice 2.02.1 - 'Multiple' Cross-Site Scripting (XSS)
2021-04-23
GetSimple CMS My SMTP Contact Plugin 1.1.2 - CSRF to Stored XSS to RCE
2021-04-23
Moodle 3.10.3 - 'url' Persistent Cross Site Scripting
2021-04-23
RemoteClinic 2.0 - 'Multiple' Stored Cross-Site Scripting (XSS)
2021-04-22
OTRS 6.0.1 - Remote Command Execution (2)
2021-04-22
CMS Made Simple 2.2.15 - 'title' Cross-Site Scripting (XSS)
2021-04-22
Hasura GraphQL 1.3.3 - Service Side Request Forgery (SSRF)
2021-04-21
Hasura GraphQL 1.3.3 - Local File Read
2021-04-21
Hasura GraphQL 1.3.3 - Denial of Service
2021-04-21
GravCMS 1.10.7 - Unauthenticated Arbitrary YAML Write/Update (Metasploit)
2021-04-21
Adtran Personal Phone Manager 10.8.1 - DNS Exfiltration
2021-04-21
Adtran Personal Phone Manager 10.8.1 - 'Multiple' Reflected Cross-Site Scripting (XSS)
2021-04-21
Adtran Personal Phone Manager 10.8.1 - 'emailAddress' Stored Cross-Site Scripting (XSS)
2021-04-21
OpenEMR 5.0.2.1 - Remote Code Execution
2021-04-21
rconfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) (2)
2021-04-21
Tenda D151 & D301 - Configuration Download (Unauthenticated)
2021-04-21
RemoteClinic 2 - 'Multiple' Cross-Site Scripting (XSS)
2021-04-21
Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass
2021-04-21
BlackCat CMS 1.3.6 - 'Multiple' Stored Cross-Site Scripting (XSS)
2021-04-21
WordPress Plugin RSS for Yandex Turbo 1.29 - Stored Cross-Site Scripting (XSS)
2021-04-21
Fast PHP Chat 1.3 - 'my_item_search' SQL Injection
2021-04-21
Multilaser Router RE018 AC1200 - Cross-Site Request Forgery (Enable Remote Access)
2021-04-21
GetSimple CMS My SMTP Contact Plugin 1.1.1 - CSRF to RCE
2021-04-17
glFTPd 2.11a - Remote Denial of Service
2021-04-17
htmly 2.8.0 - 'description' Stored Cross-Site Scripting (XSS)
2021-04-17
Tileserver-gl 3.0.0 - 'key' Reflected Cross-Site Scripting (XSS)
2021-04-17
Linux/x64 - execve(/bin/sh) Shellcode (21 bytes) (2)
2021-04-17
Horde Groupware Webmail 5.2.22 - Stored XSS
2021-04-17
Linux/x86 - execve(/bin/sh) Shellcode (17 bytes)
2021-04-17
jQuery 1.0.3 - Cross-Site Scripting (XSS)
2021-04-14
jQuery 1.2 - Cross-Site Scripting (XSS)
2021-04-14
Exploits/page:


Page:
1-4-2 (www02)