Exploits (Total: 96647)

    
    
    
Horde Groupware Webmail Edition 5.2.22 - PHAR Loading
2020-03-12
Horde Groupware Webmail Edition 5.2.22 - PHP File Inclusion
2020-03-12
rConfig 3.9 - 'searchColumn' SQL Injection
2020-03-12
rConfig 3.93 - 'ajaxAddTemplate.php' Authenticated Remote Code Execution
2020-03-12
ASUS AAHM 1.00.22 - 'asHmComSvc' Unquoted Service Path
2020-03-12
HRSALE 1.1.8 - Cross-Site Request Forgery (Add Admin)
2020-03-12
Wordpress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection
2020-03-12
WatchGuard Fireware AD Helper Component 5.8.5.10317 - Credential Disclosure
2020-03-12
Joomla! Component com_newsfeeds 1.0 - 'feedid' SQL Injection
2020-03-12
Wordpress Plugin Search Meter 2.13.2 - CSV injection
2020-03-11
ASUS AXSP 1.02.00 - 'asComSvc' Unquoted Service Path
2020-03-11
PHPStudy - Backdoor Remote Code execution (Metasploit)
2020-03-11
Nagios XI - Authenticated Remote Command Execution (Metasploit)
2020-03-11
Persian VIP Download Script 1.0 - 'active' SQL Injection
2020-03-11
YzmCMS 5.5 - 'url' Persistent Cross-Site Scripting
2020-03-11
Sysaid 20.1.11 b26 - Remote Command Execution
2020-03-11
Counter Strike: GO - '.bsp' Memory Control (PoC)
2020-03-11
Google Chrome 80 - JSCreate Side-effect Type Confusion (Metasploit)
2020-03-11
OpenSMTPD - OOB Read Local Privilege Escalation (Metasploit)
2020-03-11
Google Chrome 67, 68 and 69 - Object.create Type Confusion (Metasploit)
2020-03-11
Google Chrome 72 and 73 - Array.map Out-of-Bounds Write (Metasploit)
2020-03-11
PHP-FPM - Underflow Remote Code Execution (Metasploit)
2020-03-11
Apache ActiveMQ 5.x-5.11.1 - Directory Traversal Shell Upload (Metasploit)
2020-03-11
Microsoft Windows - 'WizardOpium' Local Privilege Escalation
2020-03-11
Sentrifugo HRMS 3.2 - 'id' SQL Injection
2020-03-11
60CycleCMS - 'news.php' SQL Injection
2020-03-11
ManageEngine Desktop Central - 'FileStorage getChartImage' Deserialization / Unauthenticated Remote Code Execution
2020-03-11
Deep Instinct Windows Agent 1.2.29.0 - 'DeepMgmtService' Unquoted Service Path
2020-03-11
ASUS GiftBox Desktop 1.1.1.127 - 'ASUSGiftBoxDesktop' Unquoted Service Path
2020-03-11
SpyHunter 4 - 'SpyHunter 4 Service' Unquoted Service Path
2020-03-11
Iskysoft Application Framework Service 2.4.3.241 - 'IsAppService' Unquoted Service Path
2020-03-11
netkit-telnet-0.17 telnetd (Fedora 31) - 'BraveStarr' Remote Code Execution
2020-03-11
EyesOfNetwork - AutoDiscovery Target Command Execution (Metasploit)
2020-03-11
Exchange Control Panel - Viewstate Deserialization (Metasploit)
2020-03-11
UniSharp Laravel File Manager 2.0.0 - Arbitrary File Read
2020-03-11
RICOH Aficio SP 5210SF Printer - 'entryNameIn' HTML Injection
2020-03-04
GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection
2020-03-04
Alfresco 5.2.4 - Persistent Cross-Site Scripting
2020-03-04
RICOH Aficio SP 5200S Printer - 'entryNameIn' HTML Injection
2020-03-04
Wing FTP Server 6.2.3 - Privilege Escalation
2020-03-02
Cacti v1.2.8 - Unauthenticated Remote Code Execution (Metasploit)
2020-03-02
Intelbras Wireless N 150Mbps WRN240 - Authentication Bypass (Config Upload)
2020-03-02
CA Unified Infrastructure Management Nimsoft 7.80 - Remote Buffer Overflow
2020-03-02
TP LINK TL-WR849N - Remote Code Execution
2020-03-02
Wing FTP Server 6.2.5 - Privilege Escalation
2020-03-02
Microsoft Exchange 2019 15.2.221.12 - Authenticated Remote Code Execution
2020-03-02
TL-WR849N 0.9.1 4.16 - Authentication Bypass (Upload Firmware)
2020-03-02
Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery (Add User)
2020-03-02
Netis WF2419 2.2.36123 - Remote Code Execution
2020-03-02
Cyberoam Authentication Client 2.1.2.7 - Buffer Overflow (SEH)
2020-03-02
Joplin Desktop 1.0.184 - Cross-Site Scripting
2020-03-02
qdPM < 9.1 - Remote Code Execution
2020-02-28
Cacti 1.2.8 - Unauthenticated Remote Code Execution
2020-02-27
Cacti 1.2.8 - Authenticated Remote Code Execution
2020-02-27
Apache Tomcat - AJP 'Ghostcat File Read/Inclusion
2020-02-27
Comtrend VR-3033 - Command Injection
2020-02-27
Business Live Chat Software 1.0 - Cross-Site Request Forgery (Add Admin)
2020-02-27
OpenSMTPD < 6.6.3p1 - Local Privilege Escalation + Remote Code Execution
2020-02-26
OpenSMTPD 6.6.3 - Arbitrary File Read
2020-02-26
PhpIX 2012 Professional - 'id' SQL Injection
2020-02-26
Core FTP LE 2.2 - Denial of Service (PoC)
2020-02-26
GUnet OpenEclass E-learning platform 1.7.3 - 'uname' SQL Injection
2020-02-26
Odin Secure FTP Expert 7.6.3 - Denial of Service (PoC)
2020-02-25
Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass
2020-02-25
WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass
2020-02-25
aSc TimeTables 2020.11.4 - Denial of Service (PoC)
2020-02-25
SpotFTP-FTP Password Recover 2.4.8 - Denial of Service (PoC)
2020-02-25
Diamorphine Rootkit - Signal Privilege Escalation (Metasploit)
2020-02-24
Apache James Server 2.3.2 - Insecure User Creation Arbitrary File Write (Metasploit)
2020-02-24
Android Binder - Use-After-Free (Metasploit)
2020-02-24
Cacti 1.2.8 - Remote Code Execution
2020-02-24
Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure
2020-02-24
DotNetNuke 9.5 - File Upload Restrictions Bypass
2020-02-24
DotNetNuke 9.5 - Persistent Cross-Site Scripting
2020-02-24
eLection 2.0 - 'id' SQL Injection
2020-02-24
Go SSH servers 0.0.2 - Denial of Service (PoC)
2020-02-24
ManageEngine EventLog Analyzer 10.0 - Information Disclosure
2020-02-24
I6032B-P POE 2.0MP Outdoor Camera - Remote Configuration Disclosure
2020-02-24
ATutor 2.2.4 - 'id' SQL Injection
2020-02-24
Windows\x86 - Null-Free WinExec Calc.exe Shellcode (195 bytes)
2020-02-24
SecuSTATION SC-831 HD Camera - Remote Configuration Disclosure
2020-02-24
AMSS++ 4.7 - Backdoor Admin Account
2020-02-24
CandidATS 2.1.0 - Cross-Site Request Forgery (Add Admin)
2020-02-24
Quick N Easy Web Server 3.3.8 - Denial of Service (PoC)
2020-02-24
SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure
2020-02-24
AMSS++ v 4.31 - 'id' SQL Injection
2020-02-24
ESCAM QD-900 WIFI HD Camera - Remote Configuration Disclosure
2020-02-24
Avaya IP Office Application Server 11.0.0.0 - Reflective Cross-Site Scripting
2020-02-24
Core FTP Lite 1.3 - Denial of Service (PoC)
2020-02-20
Easy2Pilot 7 - Cross-Site Request Forgery (Add User)
2020-02-20
Nanometrics Centaur 4.3.23 - Unauthenticated Remote Memory Leak
2020-02-20
DBPower C300 HD Camera - Remote Configuration Disclosure
2020-02-20
Virtual Freer 1.58 - Remote Command Execution
2020-02-20
Anviz CrossChex - Buffer Overflow (Metasploit)
2020-02-20
LabVantage 8.3 - Information Disclosure
2020-02-20
SOPlanning 1.45 - 'users' SQL Injection
2020-02-20
Cuckoo Clock v5.0 - Buffer Overflow
2020-02-20
SOPlanning 1.45 - Cross-Site Request Forgery (Add User)
2020-02-20
TFTP Turbo 4.6.1273 - 'TFTP Turbo 4' Unquoted Service Path
2020-02-20
WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting
2020-02-20
Exploits/page:


Page:
1-4-2 (www01)