Exploit-Database.net

Exploits (Total: 97857)


WordPress Plugin Download Manager 2.5 - Cross-Site Request Forgery				2019-08-15
D-Link DIR-600M - Authentication Bypass (Metasploit)				2019-08-15
Joomla! Component JS Jobs (com_jsjobs) 1.2.5 - 'customfields.php' SQL Injection				2019-08-15
Windows PowerShell - Unsanitized Filename Command Execution				2019-08-15
SugarCRM Enterprise 9.0.0 - Cross-Site Scripting				2019-08-15
Mitsubishi Electric smartRTU / INEA ME-RTU - Unauthenticated OS Command Injection Bind Shell				2019-08-15
Mitsubishi Electric smartRTU / INEA ME-RTU - Unauthenticated Configuration Download				2019-08-15
Sony PlayStation Vita - The First F00D Exploit				2019-08-13
Azorult Botnet - SQL Injection				2019-08-13
Agent Tesla Botnet - Arbitrary Code Execution				2019-08-13
Linux/x86 - Multiple In-Memory Modules (Prompt + Privilege Restore + Break Chroot Jail + Backdoor) + Signature Evasion Shellcode				2019-08-13
Linux/x86 - execve("/bin/sh") + tolower() Shellcode				2019-08-13
Linux/Tru64 alpha - execve(/bin/sh) Shellcode (108 bytes)				2019-08-13
Steam Windows Client - Local Privilege Escalation				2019-08-13
WebKit - UXSS via XSLT and Nested Document Replacements				2019-08-12
Linux - Use-After-Free Reads in show_numa_stats()				2019-08-12
VxWorks 6.8 - TCP Urgent Pointer = 0 Integer Underflow				2019-08-12
Joomla! Component JS Jobs (com_jsjobs) 1.2.5 - 'cities.php' SQL Injection				2019-08-12
Ghidra (Linux) 9.0.4 - .gar Arbitrary Code Execution				2019-08-12
Webmin 1.920 - Unauthenticated Remote Code Execution (Metasploit)				2019-08-12
ManageEngine OpManager 12.4x - Unauthenticated Remote Command Execution (Metasploit)				2019-08-12
ManageEngine Application Manager 14.2 - Privilege Escalation / Remote Command Execution (Metasploit)				2019-08-12
ManageEngine OpManager 12.4x - Privilege Escalation / Remote Command Execution (Metasploit)				2019-08-12
osTicket 1.12 - Persistent Cross-Site Scripting				2019-08-12
osTicket 1.12 - Formula Injection				2019-08-12
osTicket 1.12 - Persistent Cross-Site Scripting via File Upload				2019-08-12
Joomla! Component JS Support Ticket (com_jssupportticket) 1.1.6 - 'ticket.php' Arbitrary File Deletion				2019-08-12
Joomla! Component JS Support Ticket (com_jssupportticket) 1.1.6 - 'ticketreply.php' SQL Injection				2019-08-12
UNA 10.0.0 RC1 - 'polyglot.php' Persistent Cross-Site Scripting				2019-08-12
Cisco Adaptive Security Appliance - Path Traversal (Metasploit)				2019-08-12
BSI Advance Hotel Booking System 2.0 - 'booking_details.php Persistent Cross-Site Scripting				2019-08-12
Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 - SQL Injection				2019-08-08
Adive Framework 2.0.7 - Cross-Site Request Forgery				2019-08-08
Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 - Arbitrary File Download				2019-08-08
Baldr Botnet Panel - Arbitrary Code Execution (Metasploit)				2019-08-08
Aptana Jaxer 1.0.3.4547 - Local File inclusion				2019-08-08
Daily Expense Manager 1.0 - Cross-Site Request Forgery (Delete Income)				2019-08-08
Open-School 3.0 / Community Edition 2.3 - Cross-Site Scripting				2019-08-08
Google Chrome 74.0.3729.0 / 76.0.3789.0 - Heap Use-After-Free in blink::PresentationAvailabilityState::UpdateAvailability				2019-08-07
WordPress Plugin JoomSport 3.3 - SQL Injection				2019-08-07
ARMBot Botnet - Arbitrary Code Execution				2019-08-05
Apache Tika 1.15 - 1.17 - Header Command Injection (Metasploit)				2019-08-05
macOS iMessage - Heap Overflow when Deserializing				2019-08-05
1CRM On-Premise Software 8.5.7 - Persistent Cross-Site Scripting				2019-08-02
Rest - Cafe and Restaurant Website CMS - 'slug' SQL Injection				2019-08-02
Sar2HTML 3.2.1 - Remote Command Execution				2019-08-02
Cisco Catalyst 3850 Series Device Manager - Cross-Site Request Forgery				2019-08-02
Linux/x86 - Force Reboot Shellcode (51 bytes)				2019-08-02
Linux/x86 - ASLR Disable Polymorphic Shellcode (107 bytes)				2019-08-02
Linux/x86 - chmod(/etc/shadow, 0666) Polymorphic Shellcode (53 bytes)				2019-08-02

Exploits/page:

Page: