Exploits (Total: 97839)

    
    
    
Adobe Connect 10 - Username Disclosure
2021-02-09
AnyTXT Searcher 1.2.394 - 'ATService' Unquoted Service Path
2021-02-09
Epson USB Display 1.6.0.0 - 'EMP_UDSA' Unquote Service Path
2021-02-09
Linux/x64 - execve "cat /etc/shadow" Shellcode (66 bytes)
2021-02-09
Online Car Rental System 1.0 - Stored Cross Site Scripting
2021-02-09
WordPress Plugin Supsystic Backup 2.3.9 - Local File Inclusion
2021-02-08
WordPress Plugin Supsystic Contact Form 1.7.5 - Multiple Vulnerabilities
2021-02-08
WordPress Plugin Supsystic Data Tables Generator 1.9.96 - Multiple Vulnerabilities
2021-02-08
WordPress Plugin Supsystic Digital Publications 1.6.9 - Multiple Vulnerabilities
2021-02-08
Microsoft Internet Explorer 11 32-bit - Use-After-Free
2021-02-08
WordPress Plugin Supsystic Membership 1.4.7 - 'sidx' SQL injection
2021-02-08
WordPress Plugin Supsystic Newsletter 1.5.5 - 'sidx' SQL injection
2021-02-08
Alt-N MDaemon webmail 20.0.0 - 'file name' Stored Cross Site Scripting (XSS)
2021-02-08
Alt-N MDaemon webmail 20.0.0 - 'Contact name' Stored Cross Site Scripting (XSS)
2021-02-08
AMD Fuel Service - 'Fuel.service' Unquote Service Path
2021-02-08
YetiShare File Hosting Script 5.1.0 - 'url' Server-Side Request Forgery
2021-02-08
WordPress Plugin Pricing Table by Supsystic 1.8.7 - Multiple Vulnerabilities
2021-02-08
WordPress Plugin Ultimate Maps 1.1.12 - 'sidx' SQL injection
2021-02-08
WordPress Plugin Welcart e-Commerce 2.0.0 - 'search[order_column][0]' SQL injection
2021-02-08
Millewin 13.39.146.1 - Local Privilege Escalation
2021-02-08
Jenzabar 9.2.2 - 'query' Reflected XSS.
2021-02-08
SmartFoxServer 2X 2.17.0 - God Mode Console WebSocket XSS
2021-02-08
SmartFoxServer 2X 2.17.0 - Credentials Disclosure
2021-02-08
SmartFoxServer 2X 2.17.0 - God Mode Console Remote Code Execution
2021-02-08
SEO Panel 4.6.0 - Remote Code Execution (2)
2021-02-05
PhreeBooks 5.2.3 ERP - Remote Code Execution (2)
2021-02-05
LiteSpeed Web Server Enterprise 5.4.11 - Command Injection (Authenticated)
2021-02-05
Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (2)
2021-02-03
Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (1)
2021-02-03
Car Rental Project 2.0 - Arbitrary File Upload to Remote Code Execution
2021-02-03
Pixelimity 1.0 - 'password' Cross-Site Request Forgery
2021-02-03
Solaris 10 1/13 (SPARC) - 'dtprintinfo' Local Privilege Escalation (3)
2021-02-02
Solaris 10 1/13 (SPARC) - 'dtprintinfo' Local Privilege Escalation (2)
2021-02-02
Solaris 10 1/13 (SPARC) - 'dtprintinfo' Local Privilege Escalation (1)
2021-02-02
Solaris 10 1/13 (Intel) - 'dtprintinfo' Local Privilege Escalation (3)
2021-02-02
Solaris 10 1/13 (Intel) - 'dtprintinfo' Local Privilege Escalation (2)
2021-02-02
Student Record System 4.0 - 'cid' SQL Injection
2021-02-02
WordPress 5.0.0 - Image Remote Code Execution
2021-02-01
Klog Server 2.4.1 - Command Injection (Authenticated)
2021-02-01
Roundcube Webmail 1.2 - File Disclosure
2021-02-01
Vehicle Parking Tracker System 1.0 - 'Owner Name' Stored Cross-Site Scripting
2021-02-01
H8 SSRMS - 'id' IDOR
2021-02-01
bloofoxCMS 0.5.2.1 - CSRF (Add user)
2021-02-01
MyBB Thread Redirect Plugin 0.2.1 - Cross-Site Scripting
2021-02-01
MyBB Trending Widget Plugin 1.2 - Cross-Site Scripting
2021-02-01
Park Ticketing Management System 1.0 - 'viewid' SQL Injection
2021-02-01
User Management System 1.0 - 'uid' SQL Injection
2021-02-01
Zoo Management System 1.0 - 'anid' SQL Injection
2021-02-01
MyBB Delete Account Plugin 1.4 - Cross-Site Scripting
2021-02-01
SonicWall SSL-VPN 8.0.0.0 - 'shellshock/visualdoor' Remote Code Execution (Unauthenticated)
2021-01-29
Simple Public Chat Room 1.0 - 'msg' Stored Cross-Site Scripting
2021-01-29
Simple Public Chat Room 1.0 - Authentication Bypass SQLi
2021-01-29
MyBB Hide Thread Content Plugin 1.0 - Information Disclosure
2021-01-29
Home Assistant Community Store (HACS) 1.10.0 - Path Traversal to Account Takeover
2021-01-29
Quick.CMS 6.7 - Remote Code Execution (Authenticated)
2021-01-29
Online Grading System 1.0 - 'uname' SQL Injection
2021-01-29
BloofoxCMS 0.5.2.1 - 'text' Stored Cross Site Scripting
2021-01-29
Metasploit Framework 6.0.11 - msfvenom APK template command injection
2021-01-28
WordPress Plugin SuperForms 4.9 - Arbitrary File Upload to Remote Code Execution
2021-01-28
jQuery UI 1.12.1 - Denial of Service (DoS)
2021-01-28
Umbraco CMS 7.12.4 - Remote Code Execution (Authenticated)
2021-01-28
Fuel CMS 1.4.1 - Remote Code Execution (2)
2021-01-28
OpenEMR 5.0.1 - Remote Code Execution (Authenticated) (2)
2021-01-28
CMSUno 1.6.2 - 'lang/user' Remote Code Execution (Authenticated)
2021-01-28
EgavilanMedia PHPCRUD 1.0 - 'Full Name' Stored Cross Site Scripting
2021-01-28
Openlitespeed Web Server 1.7.8 - Command Injection (Authenticated)
2021-01-27
STVS ProVision 5.9.10 - Cross-Site Request Forgery (Add Admin)
2021-01-27
STVS ProVision 5.9.10 - File Disclosure (Authenticated)
2021-01-27
Oracle WebLogic Server 12.2.1.0 - RCE (Unauthenticated)
2021-01-26
Tenda AC5 AC1200 Wireless - 'WiFi Name & Password' Stored Cross Site Scripting
2021-01-26
Simple College Website 1.0 - 'full' Stored Cross Site Scripting
2021-01-26
Simple College Website 1.0 - 'name' Sql Injection (Authentication Bypass)
2021-01-26
Cemetry Mapping and Information System 1.0 - 'user_email' Sql Injection (Authentication Bypass)
2021-01-26
Klog Server 2.4.1 - Unauthenticated Command Injection (Metasploit)
2021-01-25
Linux/x64 - Bind_tcp (0.0.0.0:4444) + Password (12345678) + Shell (/bin/sh) Shellcode (142 bytes)
2021-01-25
Library System 1.0 - 'category' SQL Injection
2021-01-25
CASAP Automated Enrollment System 1.0 - 'route' Stored XSS
2021-01-25
CASAP Automated Enrollment System 1.0 - 'First Name' Stored XSS
2021-01-25
Collabtive 3.1 - 'address' Persistent Cross-Site Scripting
2021-01-25
MyBB Timeline Plugin 1.0 - Cross-Site Scripting / CSRF
2021-01-25
Windows/x86 - Stager Generic MSHTA Shellcode (143 bytes)
2021-01-22
Atlassian Confluence Widget Connector Macro - SSTI
2021-01-22
ERPNext 12.14.0 - SQL Injection (Authenticated)
2021-01-22
CASAP Automated Enrollment System 1.0 - Authentication Bypass
2021-01-22
Library System 1.0 - Authentication Bypass Via SQL Injection
2021-01-22
Oracle WebLogic Server 14.1.1.0 - RCE (Authenticated)
2021-01-22
Selea Targa IP OCR-ANPR Camera - 'addr' Remote Code Execution (Unauthenticated)
2021-01-22
Selea Targa IP OCR-ANPR Camera - RTP/RTSP/M-JPEG Stream Disclosure (Unauthenticated)
2021-01-22
Selea Targa IP OCR-ANPR Camera - CSRF Add Admin
2021-01-22
Selea Targa IP OCR-ANPR Camera - Multiple SSRF (Unauthenticated)
2021-01-22
Selea Targa IP OCR-ANPR Camera - Directory Traversal File Disclosure (Unauthenticated)
2021-01-22
Selea Targa IP OCR-ANPR Camera - Developer Backdoor Config Overwrite
2021-01-22
Selea Targa IP OCR-ANPR Camera - 'files_list' Remote Stored XSS
2021-01-22
Selea CarPlateServer (CPS) 4.0.1.6 - Local Privilege Escalation
2021-01-22
Selea CarPlateServer (CPS) 4.0.1.6 - Remote Program Execution
2021-01-22
Anchor CMS 0.12.7 - CSRF (Delete user)
2021-01-21
Wordpress Plugin Simple Job Board 2.9.3 - Authenticated File Read (Metasploit)
2021-01-21
Nagios XI 5.7.5 - Multiple Persistent Cross-Site Scripting
2021-01-21
Apartment Visitors Management System 1.0 - 'email' SQL Injection
2021-01-21
Online Documents Sharing Platform 1.0 - 'user' SQL Injection
2021-01-21
Exploits/page:


Page:
1-4-2 (www01)