Exploits (Total: 98221)

    
    
    
Arq 5.10 - Local root Privilege Escalation
2018-01-29
Oracle WebLogic - wls-wsat Component Deserialization Remote Code Execution (Metasploit)
2018-01-29
macOS - 'sysctl_vfs_generic_conf' Stack Leak Through Struct Padding
2018-01-29
Banknotes Misproduction security & biometric weakness
2018-01-28
Banknotes Misproduction security & biometric weakness
2018-01-28
KeystoneJS < 4.0.0-beta.7 - Cross-Site Request Forgery
2018-01-28
Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh) Null Free Shellcode (80 bytes)
2018-01-28
Trend Micro Threat Discovery Appliance 2.6.1062r1 - 'dlp_policy_upload.cgi' Remote Code Execution
2018-01-28
Netis WF2419 Router - Cross-Site Request Forgery
2018-01-28
Buddy Zone 2.9.9 - SQL Injection
2018-01-28
Multilanguage Real Estate MLM Script 3.0 - 'srch' SQL Injection
2018-01-28
Hot Scripts Clone - 'subctid' SQL Injection
2018-01-28
TSiteBuilder 1.0 - SQL Injection
2018-01-28
Task Rabbit Clone 1.0 - 'id' SQL Injection
2018-01-28
Joomla! Component Jtag Members Directory 5.3.7 - Arbitrary File Download
2018-01-28
Joomla! Component JS Support Ticket 1.1.0 - Cross-Site Request Forgery
2018-01-28
Nexpose < 6.4.66 - Cross-Site Request Forgery
2018-01-28
Linux/x86 - Egghunter Shellcode (12 Bytes)
2018-01-28
Gnew 2018.1 - Cross-Site Request Forgery
2018-01-28
PACSOne Server 6.6.2 DICOM Web Viewer - SQL Injection
2018-01-28
PACSOne Server 6.6.2 DICOM Web Viewer - Directory Trasversal
2018-01-28
Artifex MuJS 1.0.2 - Integer Overflow
2018-01-28
Artifex MuJS 1.0.2 - Denial of Service
2018-01-28
BMC BladeLogic 8.3.00.64 - Remote Command Execution
2018-01-26
WordPress Plugin Learning Management System - 'course_id' SQL Injection
2018-01-26
ASUS DSL-N14U B1 Router 1.1.2.3_345 - Change Administrator Password
2018-01-26
Exodus Wallet (ElectronJS Framework) - Remote Code Execution
2018-01-26
Dodocool DC38 N300 - Cross-site Request Forgery
2018-01-26
Linux/x86 - Disable ASLR Security Obfuscated Shellcode (23 bytes)
2018-01-26
ManageEngine OpManager / Social IT Plus / IT360 - Multiple Vulnerabilities
2018-01-25
ManageEngine Netflow Analyzer / IT360 - Arbitrary File Download
2018-01-25
ManageEngine OpManager / Applications Manager / IT360 - 'FailOverServlet' Multiple Vulnerabilities
2018-01-25
ManageEngine EventLog Analyzer - Multiple Vulnerabilities (2)
2018-01-25
ManageEngine Desktop Central - Create Administrator
2018-01-25
Lorex LH300 Series - ActiveX Buffer Overflow (PoC)
2018-01-25
Linux/x86 - execve(/bin/sh) + ROT-N + Shift-N + XOR-N Encoded Shellcode (77 bytes)
2018-01-25
CMS Made Simple 1.11.9 - Multiple Vulnerabilities
2018-01-25
GetSimple CMS 3.3.1 - Cross-Site Scripting
2018-01-25
ICU library 52 < 54 - Multiple Vulnerabilities
2018-01-25
Pimcore CMS 1.4.9 <2.1.0 - Multiple Vulnerabilities
2018-01-25
SysAid Help Desk 14.4 - Multiple Vulnerabilities
2018-01-25
Billion / TrueOnline / ZyXEL Routers - Multiple Vulnerabilities
2018-01-25
BMC Track-It! 11.4 - Multiple Vulnerabilities
2018-01-25
Kaseya Virtual System Administrator (VSA) 7.0 < 9.1 - Authenticated Arbitrary File Upload
2018-01-25
AsusWRT Router < 3.0.0.4.380.7743 - Unauthenticated LAN Remote Code Execution
2018-01-25
Blizzard Update Agent - JSON RPC DNS Rebinding
2018-01-24
Oracle VirtualBox < 5.1.30 / < 5.2-rc1 - Guest to Host Escape
2018-01-24
GoAhead Web Server - 'LD_PRELOAD' Arbitrary Module Load (Metasploit)
2018-01-24
Kaltura - Remote PHP Code Execution over Cookie (Metasploit)
2018-01-24
Sync Breeze Enterprise 9.5.16 - Import Command Buffer Overflow (Metasploit)
2018-01-24
WordPress Plugin Email Subscribers & Newsletters 3.4.7 - Information Disclosure
2018-01-24
RAVPower 2.000.056 - Root Remote Code Execution
2018-01-24
Professional Local Directory Script 1.0 - SQL Injection
2018-01-24
Flexible Poll 1.2 - SQL Injection
2018-01-24
Quickad 4.0 - SQL Injection
2018-01-24
Photography CMS 1.0 - Cross-Site Request Forgery (Add Admin)
2018-01-24
Tumder 2.1 - SQL Injection
2018-01-23
Zechat 1.5 - SQL Injection
2018-01-23
Wchat 1.5 - SQL Injection
2018-01-23
Easy Car Script 2014 - SQL Injection
2018-01-23
RSVP Invitation Online 1.0 - Cross-Site Request Forgery (Update Admin)
2018-01-23
Affiligator 2.1.0 - SQL Injection
2018-01-23
LiveCRM SaaS Cloud 1.0 - SQL Injection
2018-01-23
Subsonic v6.1.3 - Flash Cross-Domain Policy Vulnerability
2018-01-23
NEC Univerge SV9100/SV8100 WebPro 10.0 - Configuration Download
2018-01-23
HP Connected Backup 8.6/8.8.6 - Local Privilege Escalation
2018-01-23
RAVPower 2.000.056 - Memory Disclosure
2018-01-23
CentOS Web Panel 0.9.8.12 - 'row_id' / 'domain' SQL Injection
2018-01-23
MixPad 5.00 - Buffer Overflow
2018-01-23
Zenario v7.6 CMS - SQL Injection Web Vulnerability
2018-01-22
CentOS Web Panel v0.9.8.12 - Persistent Vulnerabilities
2018-01-22
CentOS Web Panel v0.9.8.12 - CS Cross Site Vulnerabilities
2018-01-22
CentOS Web Panel v0.9.8.12 - SQL Injection Vulnerabilities
2018-01-22
Wordpress cafesalivation theme - Arbitrary file download Vulnerability
2018-01-22
Wordpress duena theme - Arbitrary file download Vulnerability
2018-01-22
Wordpress endlesshorizon theme - Arbitrary file download Vulnerability
2018-01-22
Wordpress newspro2891 theme - Arbitrary file download Vulnerability
2018-01-22
Wordpress liberator theme - Arbitrary file download Vulnerability
2018-01-22
Wordpress oxygen theme - Arbitrary file download Vulnerability
2018-01-22
CentOS Web Panel v0.9.8.12 - Multiple Persistent Web Vulnerabilities
2018-01-22
CentOS Web Panel v0.9.8.12 - Non-Persistent Cross Site Scripting Vulnerabilities
2018-01-22
Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh) + Password (MyPasswd) + Null-Free She
2018-01-22
Adminer v4.3.1 Server Side Request Forgery Exploit
2018-01-22
OTRS 5.0.x/6.0.x - Remote Command Execution
2018-01-21
PHPFreeChat 1.7 - Denial of Service
2018-01-21
CentOS Web Panel 0.9.8.12 - Multiple Vulnerabilities
2018-01-21
Shopware 5.2.5/5.3 - Cross-Site Scripting
2018-01-21
Oracle JDeveloper 11.1.x/12.x - Directory Traversal
2018-01-21
DarkComet (C2 Server) - File Upload
2018-01-21
PHPLib < 7.4 - SQL Injection Vulnerability
2018-01-21
SquirrelMail < 1.4.7 - Arbitrary Variable Overwrite Vulnerability
2018-01-21
Mambo < 4.5.4 - SQL Injection Vulnerability
2018-01-21
X-Cart < 4.1.3 - Arbitrary Variable Overwrite Vulnerability
2018-01-21
Claroline < 1.7.7 - Arbitrary File Inclusion Vulnerability
2018-01-21
Shopware 5.2.5 & v5.3 - Multiple Cross Site Scripting Web Vulnerabilities
2018-01-21
Docker Sudo Privilege Escalation Exploit
2018-01-21
macOS 10.13 (17A365) - Kernel Memory Disclosure due to Lack of Bounds Checking in AppleIntelCapriCon
2018-01-21
GitStack 2.3.10 Remote Code Execution Exploit
2018-01-21
Oracle JDeveloper IDE Directory Traversal Vulnerability
2018-01-21
glibc - getcwd() Local Privilege Escalation Exploit
2018-01-21
Smiths Medical Medfusion 4000 - DHCP Denial of Service Exploit
2018-01-21
D-Link DSL-2640R - Unauthenticated DNS Change Vulnerability
2018-01-21
Primefaces 5.x - Remote Code Execution Exploit
2018-01-21
Microsoft Edge Chakra JIT - Stack-to-Heap Copy Exploit
2018-01-21
Microsoft Edge Chakra - AsmJSByteCodeGenerator::EmitCall Out-of-Bounds Read Exploit
2018-01-21
Microsoft Edge Chakra JIT - Out-of-Bounds Write Exploit
2018-01-21
Microsoft Edge Chakra - Incorrect Scope Handling Exploit
2018-01-21
Microsoft Edge Chakra - JavascriptGeneratorFunction::GetPropertyBuiltIns Type Confusion Exploit
2018-01-21
Microsoft Edge Chakra JIT - Incorrect Bounds Calculation Exploit
2018-01-21
Seagate Personal Cloud - Multiple Vulnerabilities
2018-01-21
Transmission - RPC DNS Rebinding Exploit
2018-01-21
Zomato Clone Script - Arbitrary File Upload Vulnerability
2018-01-21
Reservo Image Hosting Script 1.5 - Cross-Site Scripting Vulnerability
2018-01-21
SugarCRM 3.5.1 - Cross-Site Scripting Vulnerability
2018-01-21
Linux/x86 - fork() + setreuid(0, 0) + execve(cp /bin/sh /tmp/sh; chmod 4755 /tmp/sh) Shellcode (126
2018-01-21
Linux/x86 - setuid(0) + execve(/bin/sh) Shellcode (27 bytes)
2018-01-21
BSD/x86 - execve (/bin/sh) Shellcode (28 bytes)
2018-01-21
BSD/x86 - execve (/bin/sh) + seteuid(0) Shellcode (31 bytes)
2018-01-21
D-Link DNS-325 ShareCenter 1.05B03 Shell Upload / Command Injection Vulnerabilities
2018-01-21
D-Link DNS-343 ShareCenter 1.05 Command Injection Vulnerability
2018-01-21
Shibboleth 2 XML Injection Vulnerability
2018-01-21
Seagate Media Server Arbitrary File / Folder Deletion Vulnerabilities
2018-01-21
VTech DigiGo 83.60630 Browser Overlay Attack Vulnerability
2018-01-21
Kaseya VSA 9.2 Authentication Bypass Vulnerability
2018-01-21
Kaseya VSA 9.2 Shell Upload Vulnerability
2018-01-21
Kaseya VSA R9.2 Arbitrary File Read Vulnerability
2018-01-21
Synology Photo Station 6.8.2-3461 - SYNOPHOTO_Flickr_MultiUpload Remote Code Execution Exploit
2018-01-21
Linux/x86-64 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (hell) Shellcode (136 byt
2018-01-21
Linux/x86-64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (hell) Shellcode (147 bytes)
2018-01-21
Linux/x86-64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (Password) Shellcode (173 bytes)
2018-01-21
Linux/x86-64 - Reverse TCP (192.168.1.9:4444/TCP) Shell (/bin/sh) + Password (doomedra) Shellcode (1
2018-01-21
Linux/x86-64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (doomedra) Shellcode (175 bytes)
2018-01-21
Linux/x86-64 - Reverse TCP (127.0.0.1:1337/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (109 byte
2018-01-21
Oracle PeopleSoft 8.5x - Remote Code Execution Vulnerability
2018-01-21
Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect Vulnerability
2018-01-21
OBS studio 20.1.3 - Local Buffer Overflow Exploit
2018-01-21
PerfexCRM 1.9.7 - Arbitrary File Upload Vulnerability
2018-01-21
Domains & Hostings Manager PRO 3.0 - Authentication Bypass Vulnerability
2018-01-21
RISE 1.9 - search SQL Injection Vulnerability
2018-01-21
ImgHosting 1.5 - Cross-Site Scripting Vulnerability
2018-01-21
pfSense < 2.1.4 - status_rrd_graph_img.php Command Injection Exploit
2018-01-21
Ruby on Rails gem version 1.2.0 rails_admin XSS Vulnerability
2018-01-21
Ruby on Rails gem version 1.4 delayed_job_web XSS Vulnerability
2018-01-21
ILIAS CMS 5.2.3 Cross Site Scripting Vulnerability
2018-01-21
Acadmic Microsoft - API Query Filter Cross Site Vulnerability
2018-01-20
Magento Commerce - CSRLF Web UI Security Vulnerability
2018-01-20
D-Link DNS-325 ShareCenter < 1.05B03 - Multiple Vulnerabilities
2018-01-19
D-Link DNS-343 ShareCenter < 1.05 - Command Injection
2018-01-19
Synology Photostation < 6.7.2-3429 - Multiple Vulnerabilities
2018-01-19
Mambo < 4.5.4 - SQL Injection
2018-01-19
X-Cart < 4.1.3 - Arbitrary Variable Overwrite
2018-01-19
Claroline < 1.7.7 - Arbitrary File Inclusion
2018-01-19
CubeCart < 3.0.12 - Multiple Vulnerabilities
2018-01-19
SquirrelMail < 1.4.7 - Arbitrary Variable Overwrite
2018-01-19
PHPLib < 7.4 - SQL Injection
2018-01-19
Gallery 2 < 2.0.2 - Multiple Vulnerabilities
2018-01-19
phpRPC < 0.7 - Remote Code Execution
2018-01-19
Mambo < 4.5.3h - Multiple Vulnerabilities
2018-01-19
PEAR LiveUser < 0.16.8 - Arbitrary File Access
2018-01-19
Geeklog < 1.4.0 - Multiple Vulnerabilities
2018-01-19
ADOdb < 4.71 - Cross Site Scripting
2018-01-19
XPCOM - Race Condition
2018-01-19
SquirrelMail < 1.4.5-RC1 - Arbitrary Variable Overwrite
2018-01-19
PHPXMLRPC < 1.1 - Remote Code Execution
2018-01-19
PEAR XML_RPC < 1.3.0 - Remote Code Execution
2018-01-19
XOOPS < 2.0.11 - Multiple Vulnerabilities
2018-01-19
Peercast < 0.1211 - Format String
2018-01-19
Burning Board < 2.3.1 - SQL Injection
2018-01-19
Invision Power Board (IP.Board) < 2.0.3 - Multiple Vulnerabilities
2018-01-19
AZBB < 1.0.07d - Multiple Vulnerabilities
2018-01-19
PhotoPost < 4.85 - Multiple Vulnerabilities
2018-01-19
ReviewPost < 2.84 - Multiple Vulnerabilities
2018-01-19
PhotoPost Classifieds < 2.01 - Multiple Vulnerabilities
2018-01-19
PHP-Calendar < 0.10.1 - Arbitrary File Inclusion
2018-01-19
WHM.AutoPilot < 2.4.6.5 - Multiple Vulnerabilities
2018-01-19
PsychoStats < 2.2.4 Beta - Cross Site Scripting
2018-01-19
dbPowerAmp < 2.0/10.0 - Buffer Overflow
2018-01-19
LiveWorld Multiple Products - Cross Site Scripting
2018-01-19
HelpCenter Live! < 1.2.7 - Multiple Vulnerabilities
2018-01-19
Invision Power Board (IP.Board) < 1.3.1 - Design Error
2018-01-19
PHPX < 3.26 - Multiple Vulnerabilities
2018-01-19
OpenBB < 1.0.6 - Multiple Vulnerabilities
2018-01-19
phpBugTracker < 0.9.1 - Multiple Vulnerabilities
2018-01-19
TikiWiki < 1.8.1 - Multiple Vulnerabilities
2018-01-19
PhotoPost < 4.6 - Multiple Vulnerabilities
2018-01-19
Invision Gallery < 1.0.1 - SQL Injection
2018-01-19
Invision Power Top Site List < 1.1 RC 2 - SQL Injection
2018-01-19
phpBB < 2.0.7a - Multiple Vulnerabilities
2018-01-19
Mambo < 4.5 - Multiple Vulnerabilities
2018-01-19
vBulletin < 3.0.0 RC4 - Cross Site Scripting
2018-01-19
Phorum < 5.0.3 Beta - Cross Site Scripting
2018-01-19
phpBB < 2.0.6d - Cross Site Scripting
2018-01-19
Invision Power Board (IP.Board) < 1.3 - SQL Injection
2018-01-19
Trillian Pro < 2.01 - Design Error
2018-01-19
phpShop < 0.6.1-b - Multiple Vulnerabilities
2018-01-19
phpGedView < 2.65 beta 5 - Multiple Vulnerabilities
2018-01-19
MetaDot < 5.6.5.4b5 - Multiple Vulnerabilities
2018-01-19
PostNuke < 0.726 Phoenix - Multiple Vulnerabilities
2018-01-19
osCommerce < 2.2-MS2 - Multiple Vulnerabilities
2018-01-19
ASPapp Multiple Products - Multiple Vulnerabilities
2018-01-19
AutoRank PHP < 2.0.4 - SQL Injection (PoC)
2018-01-19
Aardvark Topsites < 4.1.0 - Multiple Vulnerabilities
2018-01-19
Invision Power Board (IP.Board) < 2.0 Alpha 3 - SQL Injection (PoC)
2018-01-19
Invision Power Top Site List < 2.0 Alpha 3 - SQL Injection (PoC)
2018-01-19
DUWare Multiple Products - Multiple Vulnerabilities
2018-01-19
macOS 10.13 (17A365) - Kernel Memory Disclosure due to Lack of Bounds Checking in 'AppleIntelCapriController::getDisplayPipeCapability'
2018-01-19
Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh) + Password (MyPasswd) + Null-Free Shellcode (156 bytes)
2018-01-19
GitStack 2.3.10 - Unauthenticated Remote Code Execution
2018-01-19
Smiths Medical Medfusion 4000 - 'DHCP' Denial of Service
2018-01-18
glibc - 'getcwd()' Local Privilege Escalation
2018-01-18
Windows/x86 (XP SP3) - MessageBox Shellcode (11 bytes)
2018-01-18
Windows/x86 (XP SP3) (English) - calc Shellcode (16 bytes)
2018-01-18
Windows/x86 (XP SP3) (Turkish) - cmd.exe Shellcode (42 bytes)
2018-01-18
Windows/x86 (XP SP3) (Turkish) - cmd.exe Shellcode (52 bytes)
2018-01-18
Windows/x86 (XP SP3) (Turkish) - calc.exe Shellcode (53 bytes)
2018-01-18
Windows/x86 (XP SP3) (Turkish) - MessageBoxA Shellcode (109 bytes)
2018-01-18
Windows/x86 - Message Box + Null-Free Shellcode (140 bytes)
2018-01-18
Windows/x86 - calc.exe + Null-Free Shellcode (100 bytes)
2018-01-18
Windows/x86 - Download File (http://skypher.com/dll) + LoadLibrary + Null-Free Shellcode (164 bytes)
2018-01-18
Windows/x86 (XP Professional SP3) (French) - calc.exe Shellcode (31 bytes)
2018-01-18
Windows/x86 (XP Professional SP2) - calc Shellcode (57 bytes)
2018-01-18
Windows/x86 (XP Professional SP2) (English) - Wordpad Shellcode (15 bytes)
2018-01-18
Windows/x86 (XP SP3) (French) - Sleep 90 Seconds Shellcode (14 bytes)
2018-01-18
Windows/x86 - Create Admin User (X) Shellcode (304 bytes)
2018-01-18
Windows/x86 (2000) - Reverse TCP (192.168.0.247:8721/TCP) Connect + Vampiric Import Shellcode (179 bytes)
2018-01-18
Windows/x86 (NT/XP/2000/2003) - Bind TCP (8721/TCP) Shell Shellcode (356 bytes)
2018-01-18
Linux/x86 - ROT-7 execve() Shellcode (Encoder/Decoder) (74 bytes)
2018-01-18
Linux/x86 - setreuid() + execve(/usr/bin/python) Shellcode (54 bytes)
2018-01-18
Linux/x86 - Reverse TCP (127.1.1.1:1337/TCP) Shell Shellcode (74 bytes)
2018-01-18
Linux/x86 - Bind TCP (1337/TCP) Shell Shellcode (89 bytes)
2018-01-18
Linux/x86 - shutdown -h now Shellcode (56 bytes)
2018-01-18
Linux/x86 - chmod 0777 /etc/shadow + Obfuscated Shellcode (51 bytes)
2018-01-18
Linux/x86 - JMP-FSTENV execve Shellcode (67 bytes)
2018-01-18
Linux/x86 - shift-bit execve() Encoder Shellcode (114 bytes)
2018-01-18
Linux/x86 - Copy /etc/passwd to /tmp/outfile Shellcode (97 bytes)
2018-01-18
Linux/x86 - execve(/bin/sh) Using jump/call/pop Shellcode (52 bytes)
2018-01-18
Linux/x86 - Download (http://192.168.2.222/x) + chmod() + execute Shellcode (108 bytes)
2018-01-18
Linux/x86 - Reverse TCP (127.1.1.1:12345/TCP) cat /etc/passwd Shellcode (111 bytes)
2018-01-18
Linux/x86 - Bind TCP Shell Shellcode (112 bytes)
2018-01-18
Linux/x86 - execve(/bin/sh) + Obfuscated Shellcode (30 bytes)
2018-01-18
Linux/x86 - Egghunter (0x5090) Shellcode (38 bytes)
2018-01-18
Linux/x86 - /proc/sys/net/ipv4/ip_forward 0 + exit() Shellcode (83 bytes)
2018-01-18
Linux/x86 - Bind TCP (31337/TCP) Shell Shellcode (108 bytes)
2018-01-18
Linux/x86 - Uzumaki Encryptor Shellcode (Generator)
2018-01-18
Linux/x86 - execve(/bin/shUzumaki) + Uzumaki Encoded + Null-Free Shellcode (50 bytes)
2018-01-18
Linux/x86 - execve wget + Mutated + Null-Free Shellcode (96 bytes)
2018-01-18
Linux/x86 - Fork Bomb + Mutated + Null-Free Shellcode (15 bytes)
2018-01-18
Linux/x86 - Reboot + Mutated + Null-Free Shellcode (55 bytes)
2018-01-18
Linux/x86 - Read /etc/passwd file + Null-Free Shellcode (51 bytes)
2018-01-18
Linux/x86 - execve(/bin/sh) + Null-Free Shellcode (21 bytes) (6)
2018-01-18
Exploits/page:


Page:
1-4-2 (www02)