Exploit-Database.net

Exploits (Total: 98512)


Microsoft SharePoint Server 2019 - Remote Code Execution (2)				2021-07-23
WordPress Plugin Simple Post 1.1 - 'Text field' Stored Cross-Site Scripting (XSS)				2021-07-23
ElasticSearch 7.13.3 - Memory disclosure				2021-07-23
CSZ CMS 1.2.9 - 'Multiple' Arbitrary File Deletion				2021-07-23
KevinLAB BEMS 1.0 - File Path Traversal Information Disclosure (Authenticated)				2021-07-23
KevinLAB BEMS 1.0 - Unauthenticated SQL Injection / Authentication Bypass				2021-07-23
KevinLAB BEMS 1.0 - Undocumented Backdoor Account				2021-07-23
Webmin 1.973 - 'run.cgi' Cross-Site Request Forgery (CSRF)				2021-07-23
WordPress Plugin KN Fix Your Title 1.0.1 - 'Separator' Stored Cross-Site Scripting (XSS)				2021-07-23
PEEL Shopping 9.3.0 - 'id' Time-based SQL Injection				2021-07-23
Linux/x86 - Egghunter Reverse TCP Shell dynamic IP and port Shellcode				2021-07-23
Dolibarr ERP/CRM 10.0.6 - Login Brute Force				2021-07-23
WordPress Plugin Mimetic Books 0.2.13 - 'Default Publisher ID field' Stored Cross-Site Scripting (XSS)				2021-07-23
WordPress Plugin LearnPress 3.2.6.8 - Privilege Escalation				2021-07-23
WordPress Plugin LearnPress 3.2.6.7 - 'current_items' SQL Injection (Authenticated)				2021-07-23
Aruba Instant (IAP) - Remote Code Execution				2021-07-23
Linux Kernel 2.6.19 < 5.9 - 'Netfilter Local Privilege Escalation				2021-07-23
Aruba Instant 8.7.1.0 - Arbitrary File Modification				2021-07-23
Seagate BlackArmor NAS sg2000-2000.1331 - Command Injection				2021-07-23
ForgeRock Access Manager/OpenAM 14.6.3 - Remote Code Execution (RCE) (Unauthenticated)				2021-07-23
Argus Surveillance DVR 4.0 - Weak Password Encryption				2021-07-23
WordPress Plugin Popular Posts 5.3.2 - Remote Code Execution (RCE) (Authenticated)				2021-07-15
osCommerce 2.3.4.1 - Remote Code Execution (2)				2021-07-15
WordPress Plugin Current Book 1.0.1 - 'Book Title and Author field' Stored Cross-Site Scripting (XSS)				2021-07-14
Webmin 1.973 - Cross-Site Request Forgery (CSRF)				2021-07-14
Linux/x86 - Reverse (dynamic IP and port/TCP) Shell (/bin/sh) Shellcode (86 bytes)				2021-07-13
Linux/x86 - Bind (User Specified Port) Shell (/bin/sh) Shellcode (102 bytes)				2021-07-13
Garbage Collection Management System 1.0 - SQL Injection + Arbitrary File Upload				2021-07-13
OpenEMR 5.0.1.3 - 'manage_site_files' Remote Code Execution (Authenticated) (2)				2021-07-13
Invoice System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)				2021-07-13
WordPress Plugin WPFront Notification Bar 1.9.1.04012 - Stored Cross-Site Scripting (XSS)				2021-07-13
Apache Tomcat 9.0.0.M1 - Cross-Site Scripting (XSS)				2021-07-13
Apache Tomcat 9.0.0.M1 - Open Redirect				2021-07-13
Zoo Management System 1.0 - 'Multiple' Stored Cross-Site-Scripting (XSS)				2021-07-09
Church Management System 1.0 - SQL Injection (Authentication Bypass) + Arbitrary File Upload + RCE				2021-07-09
Wordpress Plugin SP Project & Document Manager 4.21 - Remote Code Execution (RCE) (Authenticated)				2021-07-08
Online Covid Vaccination Scheduler System 1.0 - Arbitrary File Upload to Remote Code Execution (Unauthenticated)				2021-07-08
Wyomind Help Desk 1.3.6 - Remote Code Execution (RCE)				2021-07-08
Employee Record Management System 1.2 - Stored Cross-Site Scripting (XSS)				2021-07-08
Exam Hall Management System 1.0 - Unrestricted File Upload + RCE (Unauthenticated)				2021-07-08
WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution (RCE) (Authenticated) (2)				2021-07-07
Online Covid Vaccination Scheduler System 1.0 - 'username' time-based blind SQL Injection				2021-07-07
Rocket.Chat 3.12.1 - NoSQL Injection to RCE (Unauthenticated) (2)				2021-07-07
WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 - Directory Traversal				2021-07-06
Phone Shop Sales Managements System 1.0 - 'Multiple' Arbitrary File Upload to Remote Code Execution				2021-07-06
Phone Shop Sales Managements System 1.0 - Authentication Bypass (SQLi)				2021-07-06
Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation				2021-07-06
Exam Hall Management System 1.0 - Unrestricted File Upload (Unauthenticated)				2021-07-06
Billing System Project 1.0 - Remote Code Execution (RCE) (Unauthenticated)				2021-07-06
Pallets Werkzeug 0.15.4 - Path Traversal				2021-07-06

Exploits/page:

Page: