Exploits (Total: 98598)

    
    
    
OpenClinic GA 5.194.18 - Local Privilege Escalation
2021-10-25
Balbooa Joomla Forms Builder 2.0.6 - SQL Injection (Unauthenticated)
2021-10-25
Apache HTTP Server 2.4.50 - Remote Code Execution (RCE) (2)
2021-10-25
Build Smart ERP 21.0817 - 'eidValue' SQL Injection (Unauthenticated)
2021-10-25
Engineers Online Portal 1.0 - File Upload Remote Code Execution (RCE)
2021-10-25
Netgear Genie 2.4.64 - Unquoted Service Path
2021-10-25
WordPress Plugin TaxoPress 3.0.7.1 - Stored Cross-Site Scripting (XSS) (Authenticated)
2021-10-25
Hikvision Web Server Build 210702 - Command Injection
2021-10-25
Online Course Registration 1.0 - Blind Boolean-Based SQL Injection (Authenticated)
2021-10-22
Clinic Management System 1.0 - SQL injection to Remote Code Execution
2021-10-22
Jetty 9.4.37.v20210219 - Information Disclosure
2021-10-22
Easy Chat Server 3.1 - Directory Traversal and Arbitrary File Read
2021-10-21
Small CRM 3.0 - 'description' Stored Cross-Site Scripting (XSS)
2021-10-21
NIMax 5.3.1f0 - 'VISA Alias' Denial of Service (PoC)
2021-10-21
NIMax 5.3.1 - 'Remote VISA System' Denial of Service (PoC)
2021-10-21
Dolibarr ERP-CRM 14.0.2 - Stored Cross-Site Scripting (XSS) / Privilege Escalation
2021-10-20
Macro Expert 4.7 - Unquoted Service Path
2021-10-20
SonicWall SMA 10.2.1.0-17sv - Password Reset
2021-10-20
Online Motorcycle (Bike) Rental System 1.0 - Blind Time-Based SQL Injection (Unauthenticated)
2021-10-19
myfactory FMS 7.1-911 - 'Multiple' Reflected Cross-Site Scripting (XSS)
2021-10-19
WordPress Theme Enfold 4.8.3 - Reflected Cross-Site Scripting (XSS)
2021-10-19
Plastic SCM 10.0.16.5622 - WebAdmin Server Access
2021-10-18
Company's Recruitment Management System 1.0 - 'Add New user' Cross-Site Request Forgery (CSRF)
2021-10-18
Company's Recruitment Management System 1.0 - 'description' Stored Cross-Site Scripting (XSS)
2021-10-18
Mitsubishi Electric & INEA SmartRTU - Reflected Cross-Site Scripting (XSS)
2021-10-18
Mitsubishi Electric & INEA SmartRTU - Source Code Disclosure
2021-10-18
Company's Recruitment Management System 1.0. - 'title' Stored Cross-Site Scripting (XSS)
2021-10-18
Wordpress Plugin Duplicator 1.3.26 - Unauthenticated Arbitrary File Read
2021-10-18
Support Board 3.3.4 - 'Message' Stored Cross-Site Scripting (XSS)
2021-10-18
i-Panel Administration System 2.0 - Reflected Cross-site Scripting (XSS)
2021-10-15
SolarWinds Kiwi CatTools 3.11.8 - Unquoted Service Path
2021-10-15
TextPattern CMS 4.8.7 - Remote Command Execution (RCE) (Authenticated)
2021-10-15
Sonicwall SonicOS 7.0 - Host Header Injection
2021-10-15
Logitech Media Server 8.2.0 - 'Title' Cross-Site Scripting (XSS)
2021-10-15
Student Quarterly Grading System 1.0 - 'grade' Stored Cross-Site Scripting (XSS)
2021-10-15
Simple Issue Tracker System 1.0 - SQLi Authentication Bypass
2021-10-15
Online Learning System 2.0 - 'Multiple' SQLi Authentication Bypass
2021-10-15
Pharmacy Point of Sale System 1.0 - 'Add New User' Cross-Site Request Forgery (CSRF)
2021-10-15
Cypress Solutions CTM-200 2.7.1 - Root Remote OS Command Injection
2021-10-15
Cypress Solutions CTM-200/CTM-ONE - Hard-coded Credentials Remote Root (Telnet/SSH)
2021-10-15
Apache HTTP Server 2.4.50 - Path Traversal & Remote Code Execution (RCE)
2021-10-15
Keycloak 12.0.1 - 'request_uri ' Blind Server-Side Request Forgery (SSRF) (Unauthenticated)
2021-10-15
Company's Recruitment Management System 1.0 - 'Multiple' SQL Injection (Unauthenticated)
2021-10-15
Simple Payroll System 1.0 - SQLi Authentication Bypass
2021-10-15
Loan Management System 1.0 - SQLi Authentication Bypass
2021-10-08
Cmder Console Emulator 1.3.18 - 'Cmder.exe' Denial-of-Service (PoC)
2021-10-08
Online Employees Work From Home Attendance System 1.0 - SQLi Authentication Bypass
2021-10-08
Online Enrollment Management System 1.0 - Authentication Bypass
2021-10-08
Simple Online College Entrance Exam System 1.0 - 'Multiple' SQL injection
2021-10-08
Simple Online College Entrance Exam System 1.0 - Account Takeover
2021-10-08
Exploits/page:


Page:
1-4-2 (www02)