Exploits (Total: 97839)

    
    
    
4images v1.7.11 - 'Profile Image' Stored Cross-Site Scripting
2021-01-04
Wordpress Core 5.2.2 - 'post previews' XSS
2021-01-04
Easy CD & DVD Cover Creator 4.13 - Denial of Service (PoC)
2021-01-04
MiniTool ShadowMaker 3.2 - 'MTAgentService' Unquoted Service Path
2021-01-04
Apartment Visitors Management System 1.0 - Authentication Bypass
2020-12-24
GitLab 11.4.7 - RCE (Authenticated)
2020-12-24
WordPress Plugin WP-PostRatings 1.86 - 'postratings_image' Cross-Site Scripting
2020-12-24
WordPress Plugin Adning Advertising 1.5.5 - Arbitrary File Upload
2020-12-24
Baby Care System 1.0 - 'roleid' SQL Injection
2020-12-23
TerraMaster TOS 4.2.06 - Unauthenticated Remote Code Execution (Metasploit)
2020-12-23
Sales and Inventory System for Grocery Store 1.0 - Multiple Stored XSS
2020-12-23
Wordpress Epsilon Framework Multiple Themes - Unauthenticated Function Injection
2020-12-23
Online Learning Management System 1.0 - 'id' SQL Injection
2020-12-23
Online Learning Management System 1.0 - Multiple Stored XSS
2020-12-23
Online Learning Management System 1.0 - Authentication Bypass
2020-12-23
Class Scheduling System 1.0 - Multiple Stored XSS
2020-12-23
10-Strike Network Inventory Explorer Pro 9.05 - Buffer Overflow (SEH)
2020-12-22
TerraMaster TOS 4.2.06 - RCE (Unauthenticated)
2020-12-22
Faculty Evaluation System 1.0 - Stored XSS
2020-12-22
Artworks Gallery Management System 1.0 - 'id' SQL Injection
2020-12-22
Webmin 1.962 - 'Package Updates' Escape Bypass RCE (Metasploit)
2020-12-22
WordPress Plugin W3 Total Cache - Unauthenticated Arbitrary File Read (Metasploit)
2020-12-22
Multi Branch School Management System 3.5 - "Create Branch" Stored XSS
2020-12-22
Library Management System 3.0 - "Add Category" Stored XSS
2020-12-22
CSE Bookstore 1.0 - Multiple SQL Injection
2020-12-22
Pandora FMS 7.0 NG 750 - 'Network Scan' SQL Injection (Authenticated)
2020-12-22
Victor CMS 1.0 - File Upload To RCE
2020-12-22
Sony Playstation 4 (PS4) < 7.02 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)
2020-12-21
Sony Playstation 4 (PS4) < 6.72 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)
2020-12-21
Online Marriage Registration System 1.0 - 'searchdata' SQL Injection
2020-12-21
Point of Sale System 1.0 - Multiple Stored XSS
2020-12-21
Flexmonster Pivot Table & Charts 2.7.17 - 'Remote JSON' Reflected XSS
2020-12-21
Flexmonster Pivot Table & Charts 2.7.17 - 'To remote CSV' Reflected XSS
2020-12-21
Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS
2020-12-21
Flexmonster Pivot Table & Charts 2.7.17 - 'Remote Report' Reflected XSS
2020-12-21
SCO Openserver 5.0.7 - 'outputform' Command Injection
2020-12-21
SCO Openserver 5.0.7 - 'section' Reflected XSS
2020-12-21
Spiceworks 7.5 - HTTP Header Injection
2020-12-21
Academy-LMS 4.3 - Stored XSS
2020-12-21
Spotweb 1.4.9 - 'search' SQL Injection
2020-12-21
Queue Management System 4.0.0 - "Add User" Stored XSS
2020-12-21
Wordpress Plugin Contact Form 7 5.3.1 - Unrestricted File Upload
2020-12-21
FRITZ!Box 7.20 - DNS Rebinding Protection Bypass
2020-12-19
Xeroneit Library Management System 3.1 - "Add Book Category " Stored XSS
2020-12-19
SyncBreeze 10.0.28 - 'login' Denial of Service (Poc)
2020-12-19
Smart Hospital 3.1 - "Add Patient" Stored XSS
2020-12-19
Wordpress Plugin Duplicator 1.3.26 - Unauthenticated Arbitrary File Read (Metasploit)
2020-12-19
Alumni Management System 1.0 - 'id' SQL Injection
2020-12-19
Alumni Management System 1.0 - "Course Form" Stored XSS
2020-12-19
Alumni Management System 1.0 - Unrestricted File Upload To RCE
2020-12-19
Point of Sale System 1.0 - Authentication Bypass
2020-12-19
Nxlog Community Edition 2.10.2150 - DoS (Poc)
2020-12-19
Victor CMS 1.0 - Multiple SQL Injection (Authenticated)
2020-12-19
PHPJabbers Appointment Scheduler 2.3 - Reflected XSS (Cross-Site Scripting)
2020-12-19
Employee Record System 1.0 - Multiple Stored XSS
2020-12-19
Interview Management System 1.0 - 'id' SQL Injection
2020-12-19
Interview Management System 1.0 - Stored XSS in Add New Question
2020-12-19
Online Tours & Travels Management System 1.0 - "id" SQL Injection
2020-12-19
Customer Support System 1.0 - 'id' SQL Injection
2020-12-19
Customer Support System 1.0 - "First Name" & "Last Name" Stored XSS
2020-12-19
Medical Center Portal Management System 1.0 - 'id' SQL Injection
2020-12-19
Content Management System 1.0 - 'id' SQL Injection
2020-12-19
Content Management System 1.0 - 'email' SQL Injection
2020-12-19
Content Management System 1.0 - 'First Name' Stored XSS
2020-12-19
Linksys RE6500 1.0.11.001 - Unauthenticated RCE
2020-12-19
Dolibarr ERP-CRM 12.0.3 - Remote Code Execution (Authenticated)
2020-12-19
Seotoaster 3.2.0 - Stored XSS on Edit page properties
2020-12-19
PrestaShop ProductComments 4.2.0 - 'id_products' Time Based Blind SQL Injection
2020-12-19
Magic Home Pro 1.5.1 - Authentication Bypass
2020-12-19
Raysync 3.3.3.8 - RCE
2020-12-19
Grav CMS 1.6.30 Admin Plugin 1.9.18 - 'Page Title' Persistent Cross-Site Scripting
2020-12-19
GitLab 11.4.7 - Remote Code Execution (Authenticated)
2020-12-19
Cisco ASA 9.14.1.10 and FTD 6.6.0.1 - Path Traversal (2)
2020-12-19
Solaris SunSSH 11.0 x86 - libpam Remote Root
2020-12-19
Online Marriage Registration System (OMRS) 1.0 - Remote Code Execution (Authenticated)
2020-12-19
libbabl 0.1.62 - Broken Double Free Detection (PoC)
2020-12-19
Task Management System 1.0 - 'page' Local File Inclusion
2020-12-19
Gitlab 11.4.7 - Remote Code Execution
2020-12-19
Macally WIFISD2-2A82 2.000.010 - Guest to Root Privilege Escalation
2020-12-19
Rumble Mail Server 0.51.3135 - 'username' Stored XSS
2020-12-19
Rumble Mail Server 0.51.3135 - 'domain and path' Stored XSS
2020-12-19
Rumble Mail Server 0.51.3135 - 'servername' Stored XSS
2020-12-19
WordPress Plugin Total Upkeep 1.14.9 - Database and Files Backup Download
2020-12-19
Seacms 11.1 - 'checkuser' Stored XSS
2020-12-19
Seacms 11.1 - 'file' Local File Inclusion
2020-12-19
Seacms 11.1 - 'ip and weburl' Remote Command Execution
2020-12-19
System Explorer 7.0.0 - 'SystemExplorerHelpService' Unquoted Service Path
2020-12-19
MiniWeb HTTP Server 0.8.19 - Buffer Overflow (PoC)
2020-12-19
LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection
2020-12-19
Rukovoditel 2.6.1 - Cross-Site Request Forgery (Change password)
2020-12-19
Courier Management System 1.0 - 'ref_no' SQL Injection
2020-12-19
Courier Management System 1.0 - 'MULTIPART street ((custom) ' SQL Injection
2020-12-19
Courier Management System 1.0 - 'First Name' Stored XSS
2020-12-19
Dolibarr 12.0.3 - SQLi to RCE
2020-12-19
Supply Chain Management System - Auth Bypass SQL Injection
2020-12-19
Rukovoditel 2.6.1 - RCE
2020-12-19
Jenkins 2.235.3 - 'Description' Stored XSS
2020-12-19
Medical Center Portal Management System 1.0 - Multiple Stored XSS
2020-12-19
Openfire 4.6.0 - 'sql' Stored XSS
2020-12-19
Openfire 4.6.0 - 'users' Stored XSS
2020-12-19
Exploits/page:


Page:
1-4-2 (www01)