Exploits (Total: 97712)

    
    
    
Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (2)
2021-02-03
Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (1)
2021-02-03
Car Rental Project 2.0 - Arbitrary File Upload to Remote Code Execution
2021-02-03
Pixelimity 1.0 - 'password' Cross-Site Request Forgery
2021-02-03
Solaris 10 1/13 (SPARC) - 'dtprintinfo' Local Privilege Escalation (3)
2021-02-02
Solaris 10 1/13 (SPARC) - 'dtprintinfo' Local Privilege Escalation (2)
2021-02-02
Solaris 10 1/13 (SPARC) - 'dtprintinfo' Local Privilege Escalation (1)
2021-02-02
Solaris 10 1/13 (Intel) - 'dtprintinfo' Local Privilege Escalation (3)
2021-02-02
Solaris 10 1/13 (Intel) - 'dtprintinfo' Local Privilege Escalation (2)
2021-02-02
Student Record System 4.0 - 'cid' SQL Injection
2021-02-02
WordPress 5.0.0 - Image Remote Code Execution
2021-02-01
Klog Server 2.4.1 - Command Injection (Authenticated)
2021-02-01
Roundcube Webmail 1.2 - File Disclosure
2021-02-01
Vehicle Parking Tracker System 1.0 - 'Owner Name' Stored Cross-Site Scripting
2021-02-01
H8 SSRMS - 'id' IDOR
2021-02-01
bloofoxCMS 0.5.2.1 - CSRF (Add user)
2021-02-01
MyBB Thread Redirect Plugin 0.2.1 - Cross-Site Scripting
2021-02-01
MyBB Trending Widget Plugin 1.2 - Cross-Site Scripting
2021-02-01
Park Ticketing Management System 1.0 - 'viewid' SQL Injection
2021-02-01
User Management System 1.0 - 'uid' SQL Injection
2021-02-01
Zoo Management System 1.0 - 'anid' SQL Injection
2021-02-01
MyBB Delete Account Plugin 1.4 - Cross-Site Scripting
2021-02-01
SonicWall SSL-VPN 8.0.0.0 - 'shellshock/visualdoor' Remote Code Execution (Unauthenticated)
2021-01-29
Simple Public Chat Room 1.0 - 'msg' Stored Cross-Site Scripting
2021-01-29
Simple Public Chat Room 1.0 - Authentication Bypass SQLi
2021-01-29
MyBB Hide Thread Content Plugin 1.0 - Information Disclosure
2021-01-29
Home Assistant Community Store (HACS) 1.10.0 - Path Traversal to Account Takeover
2021-01-29
Quick.CMS 6.7 - Remote Code Execution (Authenticated)
2021-01-29
Online Grading System 1.0 - 'uname' SQL Injection
2021-01-29
BloofoxCMS 0.5.2.1 - 'text' Stored Cross Site Scripting
2021-01-29
Metasploit Framework 6.0.11 - msfvenom APK template command injection
2021-01-28
WordPress Plugin SuperForms 4.9 - Arbitrary File Upload to Remote Code Execution
2021-01-28
jQuery UI 1.12.1 - Denial of Service (DoS)
2021-01-28
Umbraco CMS 7.12.4 - Remote Code Execution (Authenticated)
2021-01-28
Fuel CMS 1.4.1 - Remote Code Execution (2)
2021-01-28
OpenEMR 5.0.1 - Remote Code Execution (Authenticated) (2)
2021-01-28
CMSUno 1.6.2 - 'lang/user' Remote Code Execution (Authenticated)
2021-01-28
EgavilanMedia PHPCRUD 1.0 - 'Full Name' Stored Cross Site Scripting
2021-01-28
Openlitespeed Web Server 1.7.8 - Command Injection (Authenticated)
2021-01-27
STVS ProVision 5.9.10 - Cross-Site Request Forgery (Add Admin)
2021-01-27
STVS ProVision 5.9.10 - File Disclosure (Authenticated)
2021-01-27
Oracle WebLogic Server 12.2.1.0 - RCE (Unauthenticated)
2021-01-26
Tenda AC5 AC1200 Wireless - 'WiFi Name & Password' Stored Cross Site Scripting
2021-01-26
Simple College Website 1.0 - 'full' Stored Cross Site Scripting
2021-01-26
Simple College Website 1.0 - 'name' Sql Injection (Authentication Bypass)
2021-01-26
Cemetry Mapping and Information System 1.0 - 'user_email' Sql Injection (Authentication Bypass)
2021-01-26
Klog Server 2.4.1 - Unauthenticated Command Injection (Metasploit)
2021-01-25
Linux/x64 - Bind_tcp (0.0.0.0:4444) + Password (12345678) + Shell (/bin/sh) Shellcode (142 bytes)
2021-01-25
Library System 1.0 - 'category' SQL Injection
2021-01-25
CASAP Automated Enrollment System 1.0 - 'route' Stored XSS
2021-01-25
CASAP Automated Enrollment System 1.0 - 'First Name' Stored XSS
2021-01-25
Collabtive 3.1 - 'address' Persistent Cross-Site Scripting
2021-01-25
MyBB Timeline Plugin 1.0 - Cross-Site Scripting / CSRF
2021-01-25
Windows/x86 - Stager Generic MSHTA Shellcode (143 bytes)
2021-01-22
Atlassian Confluence Widget Connector Macro - SSTI
2021-01-22
ERPNext 12.14.0 - SQL Injection (Authenticated)
2021-01-22
CASAP Automated Enrollment System 1.0 - Authentication Bypass
2021-01-22
Library System 1.0 - Authentication Bypass Via SQL Injection
2021-01-22
Oracle WebLogic Server 14.1.1.0 - RCE (Authenticated)
2021-01-22
Selea Targa IP OCR-ANPR Camera - 'addr' Remote Code Execution (Unauthenticated)
2021-01-22
Selea Targa IP OCR-ANPR Camera - RTP/RTSP/M-JPEG Stream Disclosure (Unauthenticated)
2021-01-22
Selea Targa IP OCR-ANPR Camera - CSRF Add Admin
2021-01-22
Selea Targa IP OCR-ANPR Camera - Multiple SSRF (Unauthenticated)
2021-01-22
Selea Targa IP OCR-ANPR Camera - Directory Traversal File Disclosure (Unauthenticated)
2021-01-22
Selea Targa IP OCR-ANPR Camera - Developer Backdoor Config Overwrite
2021-01-22
Selea Targa IP OCR-ANPR Camera - 'files_list' Remote Stored XSS
2021-01-22
Selea CarPlateServer (CPS) 4.0.1.6 - Local Privilege Escalation
2021-01-22
Selea CarPlateServer (CPS) 4.0.1.6 - Remote Program Execution
2021-01-22
Anchor CMS 0.12.7 - CSRF (Delete user)
2021-01-21
Wordpress Plugin Simple Job Board 2.9.3 - Authenticated File Read (Metasploit)
2021-01-21
Nagios XI 5.7.5 - Multiple Persistent Cross-Site Scripting
2021-01-21
Apartment Visitors Management System 1.0 - 'email' SQL Injection
2021-01-21
Online Documents Sharing Platform 1.0 - 'user' SQL Injection
2021-01-21
Linux/x86 - Socat Bind Shellcode (113 bytes)
2021-01-20
Voting System 1.0 - File Upload RCE (Authenticated Remote Code Execution)
2021-01-20
Oracle Business Intelligence Enterprise Edition 11.1.1.7.140715 - Stored XSS
2021-01-20
ChurchRota 2.6.4 - RCE (Authenticated)
2021-01-20
Linux/x64 - Reverse (127.1.1.1:4444) Shell (/bin/sh) Shellcode (123 Bytes)
2021-01-19
osTicket 1.14.2 - SSRF
2021-01-19
Life Insurance Management System 1.0 - File Upload RCE (Authenticated)
2021-01-18
Life Insurance Management System 1.0 - 'client_id' SQL Injection
2021-01-18
Inteno IOPSYS 3.16.4 - root filesystem access via sambashare (Authenticated)
2021-01-18
Xwiki CMS 12.10.2 - Cross Site Scripting (XSS)
2021-01-18
Cisco UCS Manager 2.2(1d) - Remote Command Execution
2021-01-18
Netsia SEBA+ 0.16.1 - Authentication Bypass and Add Root User (Metasploit)
2021-01-15
E-Learning System 1.0 - Authentication Bypass & RCE POC
2021-01-15
Alumni Management System 1.0 - "Last Name field in Registration page" Stored XSS
2021-01-15
EyesOfNetwork 5.3 - File Upload Remote Code Execution
2021-01-15
Online Hotel Reservation System 1.0 - 'person' time-based SQL Injection
2021-01-15
Online Hotel Reservation System 1.0 - Cross-site request forgery (CSRF)
2021-01-15
Online Hotel Reservation System 1.0 - 'id' Time-based SQL Injection
2021-01-15
Online Hotel Reservation System 1.0 - 'description' Stored Cross-site Scripting
2021-01-15
WordPress Plugin Easy Contact Form 1.1.7 - 'Name' Stored Cross-Site Scripting (XSS)
2021-01-15
PHP-Fusion CMS 9.03.90 - Cross-Site Request Forgery (Delete admin shoutbox message)
2021-01-15
Cisco RV110W 1.2.1.7 - 'vpn_account' Denial of Service (PoC)
2021-01-14
Laravel 8.4.2 debug mode - Remote code execution
2021-01-14
Online Shopping Cart System 1.0 - 'id' SQL Injection
2021-01-14
Nagios XI 5.7.X - Remote Code Exection RCE (Authenticated)
2021-01-14
Online Movie Streaming 1.0 - Admin Authentication Bypass
2021-01-14
Online Hotel Reservation System 1.0 - Admin Authentication Bypass
2021-01-13
Exploits/page:


Page:
1-4-2 (www01)