Exploits (Total: 98598)

    
    
    
H8 SSRMS - 'id' IDOR
2021-02-01
bloofoxCMS 0.5.2.1 - CSRF (Add user)
2021-02-01
MyBB Thread Redirect Plugin 0.2.1 - Cross-Site Scripting
2021-02-01
MyBB Trending Widget Plugin 1.2 - Cross-Site Scripting
2021-02-01
Park Ticketing Management System 1.0 - 'viewid' SQL Injection
2021-02-01
User Management System 1.0 - 'uid' SQL Injection
2021-02-01
Zoo Management System 1.0 - 'anid' SQL Injection
2021-02-01
MyBB Delete Account Plugin 1.4 - Cross-Site Scripting
2021-02-01
SonicWall SSL-VPN 8.0.0.0 - 'shellshock/visualdoor' Remote Code Execution (Unauthenticated)
2021-01-29
Simple Public Chat Room 1.0 - 'msg' Stored Cross-Site Scripting
2021-01-29
Simple Public Chat Room 1.0 - Authentication Bypass SQLi
2021-01-29
MyBB Hide Thread Content Plugin 1.0 - Information Disclosure
2021-01-29
Home Assistant Community Store (HACS) 1.10.0 - Path Traversal to Account Takeover
2021-01-29
Quick.CMS 6.7 - Remote Code Execution (Authenticated)
2021-01-29
Online Grading System 1.0 - 'uname' SQL Injection
2021-01-29
BloofoxCMS 0.5.2.1 - 'text' Stored Cross Site Scripting
2021-01-29
Metasploit Framework 6.0.11 - msfvenom APK template command injection
2021-01-28
WordPress Plugin SuperForms 4.9 - Arbitrary File Upload to Remote Code Execution
2021-01-28
jQuery UI 1.12.1 - Denial of Service (DoS)
2021-01-28
Umbraco CMS 7.12.4 - Remote Code Execution (Authenticated)
2021-01-28
Fuel CMS 1.4.1 - Remote Code Execution (2)
2021-01-28
OpenEMR 5.0.1 - Remote Code Execution (Authenticated) (2)
2021-01-28
CMSUno 1.6.2 - 'lang/user' Remote Code Execution (Authenticated)
2021-01-28
EgavilanMedia PHPCRUD 1.0 - 'Full Name' Stored Cross Site Scripting
2021-01-28
Openlitespeed Web Server 1.7.8 - Command Injection (Authenticated)
2021-01-27
STVS ProVision 5.9.10 - Cross-Site Request Forgery (Add Admin)
2021-01-27
STVS ProVision 5.9.10 - File Disclosure (Authenticated)
2021-01-27
Oracle WebLogic Server 12.2.1.0 - RCE (Unauthenticated)
2021-01-26
Tenda AC5 AC1200 Wireless - 'WiFi Name & Password' Stored Cross Site Scripting
2021-01-26
Simple College Website 1.0 - 'full' Stored Cross Site Scripting
2021-01-26
Simple College Website 1.0 - 'name' Sql Injection (Authentication Bypass)
2021-01-26
Cemetry Mapping and Information System 1.0 - 'user_email' Sql Injection (Authentication Bypass)
2021-01-26
Klog Server 2.4.1 - Unauthenticated Command Injection (Metasploit)
2021-01-25
Linux/x64 - Bind_tcp (0.0.0.0:4444) + Password (12345678) + Shell (/bin/sh) Shellcode (142 bytes)
2021-01-25
Library System 1.0 - 'category' SQL Injection
2021-01-25
CASAP Automated Enrollment System 1.0 - 'route' Stored XSS
2021-01-25
CASAP Automated Enrollment System 1.0 - 'First Name' Stored XSS
2021-01-25
Collabtive 3.1 - 'address' Persistent Cross-Site Scripting
2021-01-25
MyBB Timeline Plugin 1.0 - Cross-Site Scripting / CSRF
2021-01-25
Windows/x86 - Stager Generic MSHTA Shellcode (143 bytes)
2021-01-22
Atlassian Confluence Widget Connector Macro - SSTI
2021-01-22
ERPNext 12.14.0 - SQL Injection (Authenticated)
2021-01-22
CASAP Automated Enrollment System 1.0 - Authentication Bypass
2021-01-22
Library System 1.0 - Authentication Bypass Via SQL Injection
2021-01-22
Oracle WebLogic Server 14.1.1.0 - RCE (Authenticated)
2021-01-22
Selea Targa IP OCR-ANPR Camera - 'addr' Remote Code Execution (Unauthenticated)
2021-01-22
Selea Targa IP OCR-ANPR Camera - RTP/RTSP/M-JPEG Stream Disclosure (Unauthenticated)
2021-01-22
Selea Targa IP OCR-ANPR Camera - CSRF Add Admin
2021-01-22
Selea Targa IP OCR-ANPR Camera - Multiple SSRF (Unauthenticated)
2021-01-22
Selea Targa IP OCR-ANPR Camera - Directory Traversal File Disclosure (Unauthenticated)
2021-01-22
Exploits/page:


Page:
1-4-2 (www02)