Exploits (Total: 98348)

    
    
    
WAGO 750-881 01.09.18 - Cross-Site Scripting Vulnerability
2018-10-18
Wikidforum 2.20 - Cross-Site Scripting Vulnerability
2018-10-18
OwnTicket 1.0 - 'TicketID' SQL Injection
2018-10-18
PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add admin)
2018-10-18
Learning with Texts 1.6.2 - 'start' SQL Injection
2018-10-18
Time and Expense Management System 3.0 - 'table' SQL Injection
2018-10-17
TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure
2018-10-17
Git Submodule - Arbitrary Code Execution
CVE-2018-17456
2018-10-17
Time and Expense Management System 3.0 - Cross-Site Request Forgery (Add Admin)
2018-10-17
FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials
2018-10-17
BigTree CMS 4.2.23 - Cross-Site Scripting
CVE-2018-18308
2018-10-17
Any Sound Recorder 2.93 - Buffer Overflow (SEH)
2018-10-17
VLC Media Player - MKV Use-After-Free (Metasploit)
CVE-2018-11529
2018-10-16
Solaris - RSH Stack Clash Privilege Escalation (Metasploit)
CVE-2017-1000364
2018-10-16
Microsoft Windows - 'FSCTL_FIND_FILES_BY_SID' Information Disclosure
CVE-2018-8411
2018-10-16
Heatmiser Wifi Thermostat 1.7 - Credential Disclosure
2018-10-16
GIU Gallery Image Upload 0.3.1 - 'category' SQL Injection
2018-10-16
MV Video Sharing Software 1.2 - 'searchname' SQL Injection
2018-10-16
Rukovoditel Project Management CRM 2.3 - 'path' SQL Injection
2018-10-16
Wordpress Plugin Support Board 1.2.3 - Cross-Site Scripting
2018-10-16
Vishesh Auto Index 3.1 - 'fid' SQL Injection
2018-10-16
Kados R10 GreenBee - 'release_id' SQL Injection
2018-10-16
Library CMS 2.1.1 - Cross-Site Scripting
2018-10-16
Navigate CMS 2.8.5 - Arbitrary File Download
2018-10-16
HotelDruid 2.2.4 - 'anno' SQL Injection
2018-10-16
KORA 2.7.0 - 'cid' SQL Injection
2018-10-15
Academic Timetable Final Build 7.0 - Information Disclosure
2018-10-15
NoMachine < 5.3.27 - Remote Code Execution
CVE-2018-17980
2018-10-15
Centos Web Panel 0.9.8.480 - Multiple Vulnerabilities
CVE-2018-18322
2018-10-15
FLIR Brickstream 3D+ - RTSP Stream Disclosure
2018-10-15
FLIR AX8 Thermal Camera 1.32.16 - RTSP Stream Disclosure
2018-10-15
MaxOn ERP Software 8.x-9.x - 'nomor' SQL Injection
2018-10-15
Advanced HRM 1.6 - Remote Code Execution
2018-10-15
College Notes Management System 1.0 - 'user' SQL Injection
2018-10-15
FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution
2018-10-15
AlchemyCMS 4.1 - Cross-Site Scripting
2018-10-15
Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin)
2018-10-15
FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure
2018-10-15
Snes9K 0.0.9z - Buffer Overflow (SEH)
2018-10-15
FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure
2018-10-15
Academic Timetable Final Build 7.0a-7.0b - 'id' SQL Injection
2018-10-15
FluxBB < 1.5.6 - SQL Injection
CVE-2014-10029
2018-10-12
SugarCRM 6.5.26 - Cross-Site Scripting
CVE-2018-17784
2018-10-12
HaPe PKH 1.1 - Arbitrary File Upload
2018-10-12
CAMALEON CMS 2.4 - Cross-Site Scripting
2018-10-12
HaPe PKH 1.1 - Cross-Site Request Forgery (Update Admin)
2018-10-12
Phoenix Contact WebVisit 2985725 - Authentication Bypass
CVE-2016-8371
2018-10-12
LUYA CMS 1.0.12 - Cross-Site Scripting
2018-10-12
HaPe PKH 1.1 - 'id' SQL Injection
2018-10-12
Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Injection
CVE-2018-8532
2018-10-11
Phoenix Contact WebVisit 6.40.00 - Password Disclosure
CVE-2016-8366
2018-10-11
Microsoft SQL Server Management Studio 17.9 - '.xel' XML External Entity Injection
2018-10-11
jQuery-File-Upload 9.22.0 - Arbitrary File Upload
2018-10-11
Microsoft SQL Server Management Studio 17.9 - XML External Entity Injection
2018-10-11
E-Registrasi Pencak Silat 18.10 - 'id_partai' SQL Injection
2018-10-11
WAGO 750-881 01.09.18 - Cross-Site Scripting
2018-10-11
Wikidforum 2.20 - Cross-Site Scripting
2018-10-11
VLC Media Player 2.2.8 MKV Use-After-Free Exploit
2018-10-11
DELL EMC OneFS Storage Administration 8.1.2.0 .zshrc Overwrite Exploit
2018-10-11
WhatsApp - RTP Processing Heap Corruption Exploit
2018-10-10
MicroTik RouterOS < 6.43rc3 - Remote Root Exploit
2018-10-10
XMeye P2P Cloud Remote Code Execution / Integrity Issues Vulnerabilities
2018-10-10
jQuery-File-Upload 9.22.0 Arbitrary File Upload Vulnerability
2018-10-10
NPLUG Wireless Repeater 1.0.0.14 CSRF / XSS / Authentication Bypass Vulnerabilities
2018-10-10
Responsive Filemanager 9.8.1 Authentication Bypass Vulnerability
2018-10-10
Responsive Filemanager 9.8.1 Cross Site Scripting Vulnerability
2018-10-10
Sitepress Multilingual 3.6.3 Cross Site Scripting Vulnerability
2018-10-10
Ektron CMS 9.20 SP2 - Improper Access Restrictions Vulnerability
2018-10-10
FileZilla 3.33 - Buffer Overflow Exploit
2018-10-10
WhatsApp - RTP Processing Heap Corruption
2018-10-10
FLIR Systems FLIR Thermal Traffic Cameras Websocket Device Manipulation Exploit
2018-10-10
ghostscript - executeonly Bypass with errorhandler Setup Exploit
2018-10-10
Free MP3 CD Ripper 2.8 - .wma Buffer Overflow (SEH) (DEP Bypass) Exploit
2018-10-10
Microsoft Edge Chakra JIT - Type Confusion Exploit
2018-10-10
Microsoft Edge Chakra JIT - BailOutOnInvalidatedArrayHeadSegment Check Bypass Exploit
2018-10-10
MicroTik RouterOS < 6.43rc3 - Remote Root
CVE-2018-14847
2018-10-10
Ektron CMS 9.20 SP2 - Improper Access Restrictions
CVE-2018-12596
2018-10-10
FileZilla 3.33 - Buffer Overflow (PoC)
2018-10-10
Virtualmin 6.03 Multiple Vulnerabilities
2018-10-10
ifwatchd - Privilege Escalation (Metasploit)
CVE-2014-2533
2018-10-09
Delta Electronics Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow (Metasploit)
CVE-2018-10594
2018-10-09
ghostscript - executeonly Bypass with errorhandler Setup
CVE-2018-17961
2018-10-09
Microsoft Edge Chakra JIT - Type Confusion
CVE-2018-8467
2018-10-09
Microsoft Edge Chakra JIT - 'BailOutOnInvalidatedArrayHeadSegment' Check Bypass
CVE-2018-8466
2018-10-09
net-snmp 5.7.3 - Denial of Service
CVE-2015-5621
2018-10-09
Wikidforum 2.20 - 'message_id' SQL Injection
2018-10-09
Delta Electronics Delta Industrial Automation COMMGR 1.08 Stack Buffer Overflow Exploit
2018-10-09
ifwatchd Privilege Escalation Exploit
2018-10-09
Seqrite End Point Security 7.4 - Privilege Escalation
CVE-2018-17775
2018-10-09
Free MP3 CD Ripper 2.8 - '.wma' Buffer Overflow (SEH) (DEP Bypass)
2018-10-09
Wikidforum 2.20 - 'select_sort' SQL Injection
2018-10-09
360 3.5.0.1033 - Sandbox Escape Exploit
2018-10-09
Wikidforum 2.20 Multiple SQL Injection Vulnerability
2018-10-09
Navigate CMS - Unauthenticated Remote Code Execution Exploit
2018-10-09
Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)
2018-10-09
Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode (181 bytes)
2018-10-09
Linux Kernel - Pointer Leak via BPF Exploit
2018-10-09
Linux Kernel < 4.11.8 - mq_notify: double sock_put() Local Privilege Escalation
2018-10-09
Cisco Prime Infrastructure - Unauthenticated Remote Code Execution Exploit
2018-10-08
Android - sdcardfs Changes current->fs Without Proper Locking Exploit
2018-10-08
Git Submodule - Arbitrary Code Execution Vulnerability
2018-10-08
Imperva SecureSphere 13 - Remote Command Execution Exploit
2018-10-08
net-snmp 5.7.3 - Unauthenticated Denial of Service Exploit
2018-10-08
net-snmp 5.7.3 - Authenticated Denial of Service Exploit
2018-10-08
Microsoft Windows - Net-NTLMv2 Reflection DCOM/RPC (Metasploit)
CVE-2016-3225
2018-10-08
Navigate CMS - Unauthenticated Remote Code Execution (Metasploit)
CVE-2018-17552
2018-10-08
Zahir Enterprise Plus 6 - Stack Buffer Overflow (Metasploit)
CVE-2018-17408
2018-10-08
Unitrends UEB - HTTP API Remote Code Execution (Metasploit)
CVE-2017-12478
2018-10-08
Android - sdcardfs Changes current->fs Without Proper Locking
CVE-2018-9515
2018-10-08
Linux - Kernel Pointer Leak via BPF
2018-10-08
Cisco Prime Infrastructure - Unauthenticated Remote Code Execution
CVE-2018-15379
2018-10-08
A Red Teamer’s guide to pivoting
2018-10-08
Linux Kernel < 4.11.8 - 'mq_notify: double sock_put()' Local Privilege Escalation
CVE-2017-11176
2018-10-08
Git Submodule - Arbitrary Code Execution
CVE-2018-17456
2018-10-08
net-snmp 5.7.3 - Authenticated Denial of Service (PoC)
2018-10-08
net-snmp 5.7.3 - Unauthenticated Denial of Service (PoC)
2018-10-08
Imperva SecureSphere 13 - Remote Command Execution
2018-10-08
Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode (181 bytes)
2018-10-08
360 3.5.0.1033 - Sandbox Escape
2018-10-08
FLIR Thermal Traffic Cameras 1.01-0bb5b27 - Information Disclosure
2018-10-08
Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)
2018-10-08
FLIR Thermal Traffic Cameras 1.01-0bb5b27 - RTSP Stream Disclosure Vulnerability
2018-10-07
Chamilo LMS 1.11.8 - firstname Cross-Site Scripting Vulnerability
2018-10-07
FLIR Thermal Traffic Cameras 1.01-0bb5b27 - RTSP Stream Disclosure
2018-10-06
Chamilo LMS 1.11.8 - 'firstname' Cross-Site Scripting
2018-10-06
Chrome OS /sbin/crash_reporter Symlink Traversal Vulnerability
2018-10-06
Windows Net-NTLMv2 Reflection DCOM/RPC Exploit
2018-10-06
Unitrends UEB HTTP API Remote Code Execution Exploit
2018-10-06
Claromentis Discuss 1.2.1 Cross Site Scripting Vulnerability
2018-10-06
Chamilo LMS 1.11.8 - Cross-Site Scripting Vulnerability
2018-10-06
Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Request Forgery (Add Admin) Vulnerabilities
2018-10-06
Easy File Sharing Web Server 7.2 - Domain Name Buffer Overflow Exploit
2018-10-06
Chamilo LMS 1.11.8 - Cross-Site Scripting
2018-10-05
ISPConfig < 3.1.13 - Remote Command Execution
2018-10-05
D-Link Central WiFiManager Software Controller 1.03 - Multiple Vulnerabilities
CVE-2018-17440
2018-10-05
Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Request Forgery (Add Admin)
2018-10-05
ISPConfig Remote Command Execution Exploit
2018-10-05
DLink Central WiFiManager Software Controller Code Execution / XSS Exploit
2018-10-05
WordPress Pie Register 3.0.15 Cross Site Scripting Vulnerability
2018-10-05
Photo #Nettoyeur 1.4.5 Insecure File Permission Vulnerability
2018-10-05
Billion ADSL Router 400G 20151105641 - Cross-Site Scripting Vulnerability
2018-10-05
WUZHICMS 2.0 - Cross-Site Scripting Vulnerability
2018-10-05
Coaster CMS 5.5.0 - Cross-Site Scripting Vulnerability
2018-10-05
OPAC EasyWeb Five 5.7 - biblio SQL Injection Vulnerability
2018-10-05
OPAC EasyWeb Five 5.7 - nome SQL Injection Vulnerability
2018-10-05
Linux Kernel 2.6.x / 3.10.x / 4.14.x (x64) - Mutagen Astronomy Local Privilege Escalation Exploit
2018-10-05
Linux/x64 - Execute /bin/nc -lvp 9090 Shellcode (60 bytes)
2018-10-05
Flippa Marketplace Clone 1.0 - date_started SQL Injection Vulnerability
2018-10-05
Education Website 1.0 - subject SQL Injection Vulnerability
2018-10-05
Binary MLM Software 1.0 - pid SQL Injection Vulnerability
2018-10-05
Singleleg MLM Software 1.0 - msg_id SQL Injection Vulnerability
2018-10-05
Hotel Booking Engine 1.0 - h_room_type SQL Injection Vulnerability
2018-10-05
Linux/x64 - execve ("/bin/bash") Shellcode (27 bytes)
2018-10-05
Fork CMS 5.4.0 - Cross-Site Scripting Vulnerability
2018-10-05
H2 Database 1.4.196 - Remote Code Execution Exploit
2018-10-05
Zahir Enterprise Plus 6 build 10b - Buffer Overflow (SEH) Exploit
2018-10-05
Snes9K 0.0.9z - Denial of Service (PoC) Exploit
2018-10-05
Linux/x64 - execve ("/bin/sh") Shellcode (24 bytes)
2018-10-05
Airties AIR5750 1.0.0.18 Cross Site Scripting Vulnerability
2018-10-05
Airties AIR5650 1.0.0.18 Cross Site Scripting Vulnerability
2018-10-05
Airties AIR5453 1.0.0.18 Cross Site Scripting Vulnerability
2018-10-05
Airties AIR5443v2 1.0.0.18 Cross Site Scripting Vulnerability
2018-10-05
Airties AIR5442 1.0.0.18 Cross Site Scripting Vulnerability
2018-10-05
Airties AIR5343v2 1.0.0.18 Cross Site Scripting Vulnerability
2018-10-05
Airties AIR5021 1.0.0.18 Cross Site Scripting Vulnerability
2018-10-05
ManageEngine AssetExplorer 6.2.0 Cross Site Scripting Vulnerability
2018-10-05
Intel Extreme Tuning Utility 6.4.1.23 Code Execution / Privilege Escalation Vulnerabilities
2018-10-05
AppArmor Filesystem Blacklisting Bypass Vulnerability
2018-10-05
Seqrite End Point Security 7.4 Privilege Escalation Vulnerability
2018-10-05
Skype On Debian Microsoft Apt Repo Addition Vulnerability
2018-10-05
Microsoft Edge - Sandbox Escape Exploit
2018-10-05
PCProtect 4.8.35 - Privilege Escalation Vulnerability
2018-10-05
WebKit - WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded
2018-10-05
WebKit - WebCore::SVGTextLayoutAttributes::context Use-After-Free Exploit
2018-10-05
WebKit - WebCore::RenderLayer::updateDescendantDependentFlags Use-After-Free Exploit
2018-10-05
WebKit - WebCore::SVGTRefElement::updateReferencedText Use-After-Free Exploit
2018-10-05
WebKit - WebCore::RenderMultiColumnSet::updateMinimumColumnHeight Use-After-Free Exploit
2018-10-05
WebKit - WebCore::InlineTextBox::paint Out-of-Bounds Read Exploit
2018-10-05
NICO-FTP 3.0.1.19 - Buffer Overflow (SEH)(ASLR) Exploit
2018-10-05
Linux/x86 - execve(/bin/sh) + NOT +SHIFT-N+ XOR-N Encoded Shellcode (50 bytes)
2018-10-05
virtualenv 16.0.0 - Sandbox Escape Vulnerability
2018-10-05
LayerBB Forum 1.1.1 - search_query SQL Injection Vulnerability
2018-10-05
FTP Voyager 16.2.0 - Denial of Service Exploit
2018-10-05
Airties AIR5342 1.0.0.18 - Cross-Site Scripting Vulnerability
2018-10-05
RICOH MP C1803 JPN Printer - Cross-Site Scripting Vulnerability
2018-10-05
PTC ThingWorx Password Disclosure / Cross Site Scripting Vulnerabilities
2018-10-05
Joomla Jimtawl 2.2.7 Component - id SQL Injection Vulnerability
2018-10-05
Zechat 1.5 - uname SQL Injection Vulnerability
2018-10-05
Wikindx 5.3.2 Multiple Cross-Site Scripting Vulnerability
2018-10-05
WebKit - WebCore::Node::ensureRareData Use-After-Free Exploit
2018-10-05
WebKit - WebCore::AXObjectCache::handleMenuItemSelected Use-After-Free Exploit
2018-10-05
WebKit - WebCore::SVGAnimateElementBase::resetAnimatedType Use-After-Free Exploit
2018-10-05
WordPress WebARX Website Firewall 4.9.8 XSS / Bypass Vulnerabilities
2018-10-05
WordPress Breadcrumb NavXT 6.1.0 Username Disclosure
2018-10-05
NICO-FTP 3.0.1.19 - Buffer Overflow (SEH)(ASLR)
2018-10-04
LayerBB Forum 1.1.1 - 'search_query' SQL Injection
2018-10-04
Linux\x86 - (NOT +SHIFT-N+ XOR-N) + encoded (/bin/sh) Shellcode (50 byes)
2018-10-04
virtualenv 16.0.0 - Sandbox Escape
CVE-2018-17793
2018-10-04
FTP Voyager 16.2.0 - Denial of Service (PoC)
2018-10-03
RICOH MP C1803 JPN Printer - Cross-Site Scripting
CVE-2018-17310
2018-10-03
Airties AIR5342 1.0.0.18 - Cross-Site Scripting
CVE-2018-17587
2018-10-03
Joomla! Component Jimtawl 2.2.7 - 'id' SQL Injection
2018-10-03
Zechat 1.5 - 'uname' SQL Injection
2018-10-03
OPAC EasyWeb Five 5.7 - 'nome' SQL Injection
2018-10-02
Coaster CMS 5.5.0 - Cross-Site Scripting
2018-10-02
OPAC EasyWeb Five 5.7 - 'biblio' SQL Injection
2018-10-02
Phrack: Twenty years of Escaping the Java Sandbox (Ieu Eauvidoum & disk noise)
2018-10-01
Linux Kernel 2.6.x / 3.10.x / 4.14.x (RedHat / Debian / CentOS) (x64) - 'Mutagen Astronomy' Local Privilege Escalation
CVE-2018-14634
2018-10-01
Billion ADSL Router 400G 20151105641 - Cross-Site Scripting
2018-10-01
WUZHICMS 2.0 - Cross-Site Scripting
CVE-2018-17832
2018-10-01
Flippa Marketplace Clone 1.0 - 'date_started' SQL Injection
2018-10-01
Binary MLM Software 1.0 - 'pid' SQL Injection
2018-10-01
Singleleg MLM Software 1.0 - 'msg_id' SQL Injection
2018-10-01
Education Website 1.0 - 'subject' SQL Injection
2018-10-01
Hotel Booking Engine 1.0 - 'h_room_type' SQL Injection
2018-10-01
Fork CMS 5.4.0 - Cross-Site Scripting
2018-10-01
ManageEngine AssetExplorer 6.2.0 - Cross-Site Scripting
2018-10-01
H2 Database 1.4.196 - Remote Code Execution
2018-10-01
Zahir Enterprise Plus 6 build 10b - Buffer Overflow (SEH)
2018-10-01
Snes9K 0.0.9z - Denial of Service (PoC)
2018-10-01
Microsoft Edge - Sandbox Escape
CVE-2018-8463
2018-09-28
PCProtect 4.8.35 - Privilege Escalation
2018-09-28
Rausoft ID.prove 2.95 - Username SQL injection Vulnerability
2018-09-27
Citrix StorageZones Controller Improper Access Restrictions / Traversal Exploit
2018-09-27
WordPress WP Insert 2.4.2 Arbitrary File Upload Vulnerability
2018-09-27
ManageEngine Desktop Central 10.0.271 - Cross-Site Scripting Vulnerability
2018-09-27
iWay Data Quality Suite Web Console 10.6.1.ga - XML External Entity Injection Vulnerability
2018-09-27
EE 4GEE Mini EE40_00_02.00_44 - Privilege Escalation
2018-09-27
Rausoft ID.prove 2.95 - 'Username' SQL injection
2018-09-27
ManageEngine Desktop Central 10.0.271 - Cross-Site Scripting
2018-09-27
iWay Data Quality Suite Web Console 10.6.1.ga - XML External Entity Injection
2018-09-27
CrossFont 7.5 - Denial of Service Exploit
2018-09-26
TransMac 12.2 - Denial of Service Exploit
2018-09-26
Linux/ARM - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free #Shellcode (92 Bytes)
2018-09-26
Linux - #VMA Use-After-Free via Buggy vmacache_flush_all() Fastpath Exploit
2018-09-26
Joomla Responsive Portfolio 1.6.1 Component - filter_order_Dir SQL Injection Vulnerability
2018-09-26
Joomla Timetable Schedule 3.6.8 Component - SQL Injection Vulnerability
2018-09-26
Linux - VMA Use-After-Free via Buggy vmacache_flush_all() Fastpath
CVE-2018-17182
2018-09-26
Linux/ARM - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 Bytes)
2018-09-26
CrossFont 7.5 - Denial of Service (PoC)
2018-09-26
TransMac 12.2 - Denial of Service (PoC)
2018-09-26
Faleemi Desktop Software 1.8.2 - 'Device alias' Local Buffer Overflow (SEH)
2018-09-25
Joomla eXtroForms 2.1.5 Component - filter_type_id SQL Injection Vulnerability
2018-09-25
Joomla Music Collection 3.0.3 Component - SQL Injection Vulnerability
2018-09-25
Joomla Raffle Factory 3.5.2 Component - SQL Injection Vulnerability
2018-09-25
Joomla Dutch Auction Factory 2.0.2 Component - filter_order_Dir SQL Injection Vulnerability
2018-09-25
Joomla Article Factory Manager 4.3.9 Component - SQL Injection Vulnerability
2018-09-25
Joomla AlphaIndex Dictionaries 1.0 Component - SQL Injection Vulnerability
2018-09-25
Joomla Reverse Auction Factory 4.3.8 Component - SQL Injection Vulnerability
2018-09-25
Joomla Collection Factory 4.1.9 Component - SQL Injection Vulnerability
2018-09-25
Exploits/page:


Page:
1-4-2 (www01)