Exploits (Total: 98605)

    
    
    
NUUO NVRmini 2 NE-4160 ShellShock Remote Code Execution
2016-08-07
NUUO Backdoor (strong_user.php) Remote Shell Access
2016-08-07
NUUO CSRF Add Admin Exploit
2016-08-07
NUUO 3.0.8 Arbitrary File Deletion
2016-08-07
VMware Host Guest Client Redirector DLL Hijacking
2016-08-07
WordPress Ecwid Ecommerce Shopping Cart 4.4 / 4.4.3 PHP Object Injection
2016-08-07
Yougapi Technology SQL Injection
2016-08-07
Island Webservices SQL Injection
2016-08-07
Websoft SQL Injection
2016-08-07
MaxBili┼čim SQL Bypass & Shell Upload
2016-08-07
WordPress Store Locator Plus 4.5.09 Cross Site Scripting
2016-08-07
WordPress Welcome Announcement 1.0.5 Cross Site Scripting
2016-08-07
WordPress Selected Text Sharer 1.0 CSRF / XSS
2016-08-07
NUUO NVRmini 2 3.0.8 - (strong_user.php) Backdoor Remote Shell Access
2016-08-07
NUUO NVRmini 2 3.0.8 - Arbitrary File Deletion
2016-08-07
NUUO NVRmini 2 3.0.8 - ShellShock Remote Code Execution
2016-08-07
NUUO NVRmini 2 3.0.8 - Multiple OS Command Injection
2016-08-07
NUUO NVRmini 2 3.0.8 - Local File Disclosure
2016-08-07
NUUO NVRmini 2 3.0.8 - (Add Admin) CSRF
2016-08-07
Kodi Web Server 16.1 - Denial of Service
2016-08-07
NUUO 3.0.8 Arbitrary File Deletion Vulnerability
2016-08-07
NUUO 3.0.8 strong_user.php Backdoor Remote Shell Access Vulnerability
2016-08-07
Kodi Web Server 16.1 - Denial of Service Exploit
2016-08-07
NUUO NVRmini 2 3.0.8 - Remote Root Exploit
2016-08-06
Internet Explorer 11 VBScript Engine Memory Corruption Exploit
CVE-2016-0189
2016-08-06
WordPress Activity Log 2.3.2 Cross Site Scripting Vulnerability
2016-08-06
WordPress Yoast SEO Cross Site Scripting Vulnerability
2016-08-06
WordPress Landing Pages 2.2.4 Cross Site Scripting Vulnerability
2016-08-06
Joomla k2 2.7.1 Extension Cross Site Scripting Vulnerability
2016-08-06
NUUO NVRmini2 / NVRsolo / Crystal And NETGEAR ReadyNAS Code Execution
2016-08-06
SMB Delivery Module
2016-08-06
ntop 2.5 Cross Site Request Forgery / Command Execution
2016-08-06
Samsung Security Manager 1.5 ActiveMQ Broker Service PUT Method Remote Code Execution
2016-08-06
NASdeluxe NDL-2400r 2.01.10 Command Injection
2016-08-06
Internet Explorer 11 VBScript Engine Memory Corruption
2016-08-06
PHP Power Browse 1.2 Path Traversal
2016-08-06
WordPress Yoast SEO Cross Site Scripting
2016-08-06
Codeginger Full Vulnerability & Upload Shell
2016-08-06
Tyco Cms Israel - Arbitrary file download
2016-08-06
SkaLinks Admin Page Bypass & Upload Shell
2016-08-06
Mediaone SQL Injection
2016-08-06
SEO Corporation SQL Injection & Upload Shell
2016-08-06
WordPress Landing Pages 2.2.4 Cross Site Scripting
2016-08-06
WordPress Activity Log 2.3.2 Cross Site Scripting
2016-08-06
FortiAnalyzer & FortiManager - Client Side Cross Site Scripting Web Vulnerability
2016-08-06
Dream Web Solutions SQL Injection
2016-08-06
Davolink DV-2051 Missing Access Control
2016-08-06
K2 Joomla! Extension Cross Site Scripting
2016-08-06
Samsung Security Manager 1.5 ActiveMQ Broker Service PUT Method Remote Code Execution Exploit
CVE-2015-3435
2016-08-06
Subrion CMS 4.0.5 - SQL Injection Vulnerability
2016-08-06
PHP Power Browse 1.2 - Directory Traversal Vulnerability
2016-08-06
WordPress Count per Day Plugin 3.5.4 - Stored Cross-Site Scripting Vulnerability
2016-08-06
NASdeluxe NDL-2400r 2.01.09 - OS Command Injection Vulnerability
2016-08-06
NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillance Application - Multiple V
CVE-2016-5674
2016-08-06
ntop 2.5 - Multiple Vulnerabilities
2016-08-06
NASdeluxe NDL-2400r 2.01.09 - OS Command Injection
2016-08-05
WordPress Count per Day Plugin 3.5.4 - Stored Cross-Site Scripting
2016-08-05
Davolink DV-2051 - Multiple Vulnerabilities
2016-08-05
PHP Power Browse 1.2 - Directory Traversal
2016-08-05
zFTP Client 20061220 - (Connection Name) Local Buffer Overflow
2016-08-05
Subrion CMS 4.0.5 - SQL Injection
2016-08-05
ntop 2.3 <= 2.5 - Multiple Vulnerabilities
2016-08-05
NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities
CVE-2016-5674
2016-08-05
curl re-using connections with wrong client cert
2016-08-05
curl use of connection struct after free
2016-08-05
Sxope Consolidate SQL Injection
2016-08-05
Caxita SQL Injection
2016-08-05
KarBec Computing SQL Injection & Upload Shell
2016-08-05
Paviansystems SQL Injection
2016-08-05
AIMBROS SQL Injection
2016-08-05
curl TLS session resumption client cert bypass
2016-08-05
Spruz Unauthenticated Password Reset Vulnerability
2016-08-05
CNC Direct CMS Bypass & Upload Shell
2016-08-05
Exploit Title: Trackling Group Inc Blind SQL Inject
2016-08-05
Ghina Barbir - Full Path Disclosure
2016-08-05
EasierNet CMS - Sqli Injection
2016-08-05
MERL Web Team SQL Injection
2016-08-05
EasierNet CMS Arbitrary file download Vulnerability
2016-08-05
FortiCloud - Reports Summary Persistent Vulnerabilities
2016-08-05
Joomla com_videoflow SQL injection Vulnerability
2016-08-04
EasierNet CMS Arbitrary file download
2016-08-04
webna cms admin page sqlinecjtion / ByPass
2016-08-04
zFTP 20061220+dfsg3-4.1 Buffer Overflow
2016-08-04
Easy Solutions SQL Injection
2016-08-04
Atutor 2.2.1 Path Traversal
2016-08-04
Joomla com_videoflow SQL injection Vulnerability
2016-08-04
zFTP 20061220+dfsg3-4.1 Buffer Overflow Exploit
2016-08-04
Atutor 2.2.1 Path Traversal Vulnerability
2016-08-04
Huawei eSpace IAD Information Disclosure Vulnerability
2016-08-04
Subrion v4.0.5 CMS - SQL Injection Vulnerability
2016-08-04
FortiManager (Series) - Persistent Bookmark Vulnerability
2016-08-04
Joomla Extra Search 2.2.8 SQL Injection Vulnerability
2016-08-03
WordPress Contact Bank 2.1.21 Cross Site Scripting Vulnerability
2016-08-03
WinSaber Privilege Escalation Vulnerability
2016-08-03
MediaTek Driver Privilege Escalation Vulnerability
CVE-2016-6492
2016-08-03
WordPress WangGuard 1.7.1 Cross Site Scripting Vulnerability
2016-08-03
WordPress Uji Countdown 2.0.6 Cross Site Scripting Vulnerability
2016-08-03
Polycom Command Shell Authorization Bypass Exploit
2016-08-03
Docebo LMS 6.9 Remote Code Execution Vulnerability
2016-08-03
Open Upload 0.4.2 - (Add Admin) CSRF Vulnerability
2016-08-03
BlueOnyx 5209R Cross Site Request Forgery
2016-08-03
Huawei eSpace IAD Information Disclosure
2016-08-03
WordPress Uji Countdown 2.0.6 Cross Site Scripting
2016-08-03
CMS - Flexit - XSS Reflected
2016-08-03
WikWiki 2.1 Cross Site Scripting
2016-08-03
Guppy CMS 5.01.03 Cross Site Scripting
2016-08-03
WinSaber Privilege Escalation
2016-08-03
mySCADAPro 7 Privilege Escalation
2016-08-03
Windows 7/x86 localhost Port Scanner Shellcode
2016-08-03
Polycom Command Shell Authorization Bypass
2016-08-03
VUPlayer 2.49 .pls Stack Buffer Overflow
2016-08-03
Wireshark 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 - RLC Dissector Denial of Service
2016-08-03
Wireshark 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 - WSP Dissector Denial of Service
2016-08-03
Wireshark 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 - PacketBB Dissector Denial of Service
CVE-2016-6505
2016-08-03
Wireshark 2.0.0 to 2.0.4 - MMSE, WAP, WBXML, and WSP Dissectors Denial of Service
CVE-2016-6512
2016-08-03
Wireshark 1.12.0 to 1.12.12 - NDS Dissector Denial of Service
CVE-2016-6504
2016-08-03
Wireshark 2.0.0 to 2.0.4 - CORBA IDL Dissectors Denial of Service
CVE-2016-6503
2016-08-03
Typesettercms v5.0.1 - (Delete Files) CSRF Vulnerability
2016-08-03
FortiAnalyzer & FortiManager - CS Cross Site Vulnerability
2016-08-03
Open Upload 0.4.2 - (Add Admin) CSRF
2016-08-02
ISPConfig 3.0.5 Cross Site Request Forgery
2016-08-02
DMA Radius Manager 4.1.5 Cross Site Request Forgery
2016-08-02
Beats By Dre Cross Site Request Forgery
2016-08-02
MediaTek Driver Privilege Escalation
2016-08-02
Joomla com_breezingforms Arbitrary File Upload
2016-08-02
Joomla com_breezingforms Arbitrary File Upload Vulnerability
2016-08-02
WordPress ALO EasyMail Newsletter Plugin 2.9.2 - CSRF Vulnerability
2016-08-02
WordPress WP Live Chat Support Plugin 6.2.03 - Stored XSS Vulnerability
2016-08-02
WordPress Booking Calendar Plugin 6.2 - SQL Injection Vulnerability
2016-08-02
Halliburton LogView Pro 9.7.5 - (.cgm/.tif/.tiff/.tifh) Crash PoC Exploit
2016-08-02
Dotclear v2.9.1 XSS vulns
2016-08-02
Docebo LMS 6.9 - (Moxie) API Calls RST RCE PoC
2016-08-02
WordPress ALO EasyMail Newsletter Plugin 2.9.2 CSRF
2016-08-02
Halliburton LogView Pro 9.7.5 Crash PoC
2016-08-02
Car CMS v3.00.30 - Search Cross Site Scripting Vulnerability
2016-08-02
Halliburton LogView Pro 9.7.5 - (.cgm/.tif/.tiff/.tifh) Crash PoC
2016-08-02
WordPress ALO EasyMail Newsletter Plugin 2.9.2 - (Add/Import Arbitrary Subscribers) CSRF
2016-08-02
WordPress WP Live Chat Support Plugin 6.2.03 - Stored XSS
2016-08-02
WordPress Booking Calendar Plugin 6.2 - SQL Injection
2016-08-02
WordPress More Fields 2.1 Plugin - CSRF
2016-08-02
Proticaret E-Commerce Script 3.0 - SQL Injection (2)
CVE-2014-9237
2016-08-02
D-Link Devices - Unauthenticated Remote Command Execution (2)
2016-08-02
Java Applet JMX - Remote Code Execution (2)
CVE-2013-0431
2016-08-02
HP SiteScope - Remote Code Execution (1)
2016-08-02
Samba lsa_io_trans_names Heap Overflow (OSX)
CVE-2007-2446
2016-08-02
iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)
CVE-2006-3459
2016-08-02
MySQL yaSSL - SSL Hello Message Buffer Overflow (Linux)
CVE-2008-0226
2016-08-02
HTTPDX - tolog() Function Format String (2)
CVE-2009-4769
2016-08-02
UFO: Alien Invasion IRC Client - Buffer Overflow Exploit (Windows)
2016-08-02
Linux/x86 - chroot()/execve() code shellcode (80 bytes)
2016-08-02
Docebo LMS 6.9 - (Moxie) API Calls RST RCE Vulnerability
2016-08-02
FortiManager (Series) - Multiple Web Vulnerabilities
2016-08-02
Linux Kernel 4.5 double fetch leading to heap overflow Exploit
2016-08-01
CSS Templates SQL Injection
2016-08-01
Linux >= 4.5 double fetch leading to heap overflow
2016-08-01
Car CMS v3.00.30 - Search Cross Site Scripting Vulnerability
2016-08-01
Zoll ePCR v2.6.4 iOS - Multiple Persistent Vulnerabilities
2016-08-01
FortiManager & FortiAnalyzer - Persistent Web Vulnerability
2016-08-01
WordPress All In One WP Security & Firewall plugin login CAPTCHA Multiple Vulnerabilities
2016-07-31
WordPress Easy Testimonials Plugin Stored Cross-Site Scripting Vulnerability
2016-07-31
WordPress Insert PHP Plugin allows authenticated user to execute arbitrary PHP Vulnerability
2016-07-31
INDIAN EMBASSY Jadon CMS SQL INJECTION Vulnerability
2016-07-31
SEO Company Lahore Sql injection
2016-07-31
All In One WP Security & Firewall plugin login CAPTCHA Multiple vulnerabilities
2016-07-31
Easy Testimonials WordPress Plugin Stored Cross-Site Scripting
2016-07-31
Insert PHP WordPress Plugin allows authenticated user to execute arbitrary PHP
2016-07-31
Vicon Network Camera Authentication Bypass
2016-07-31
Joomla com_jbusinessdirectory SQL injection Vulnerability
2016-07-31
Joomla com_seyret SQL Injection Vulnerability
2016-07-31
Vicon Network Camera Authentication Bypass Vulnerability
2016-07-30
Linux/x86 - NetCat Bind Shell with Port (44 / 52 bytes)
2016-07-30
PhpMyAdmin 4.6.2 - Post-Auth Remote Code Execution Exploit
CVE-2016-5734
2016-07-30
Trend Micro Deep Discovery 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) - hotfix_upload.cgi filename Remo
CVE-2016-5840
2016-07-30
AppArmor securityfs < 4.8 - aa_fs_seq_hash_show Reference Count Leak Exploit
2016-07-30
WebKit - TypedArray.fill Memory Corruption Exploit
2016-07-30
WebKit - TypedArray.copyWithin Memory Corruption Exploit
2016-07-30
Easy File Sharing Web Server 7.2 - SEH Overflow (Egghunter) Exploit
2016-07-30
CHERRY B.UNLIMITED AES JD-0400EU-2/01 Insufficient Protections
2016-07-30
CHERRY B.UNLIMITED AES JD-0400EU-2/01 Keystroke Injection
2016-07-30
Perixx Computer PERIDUO-710W Keystroke Injection
2016-07-30
Perixx Computer PERIDUO-710W Insufficient Protections
2016-07-30
Perixx Computer PERIDUO-710W Crypto Issues / Replay Attacks
2016-07-30
Fotoware Fotoweb 8.0 Cross Site Scripting
2016-07-30
ZMS CMS 3.2 Cross Site Scripting
2016-07-30
Intel Crosswalk Project Man-In-The-Middle
2016-07-30
Logitech K520 Crypto Issues / Replay Attacks
2016-07-30
Microsoft Wireless Desktop 2000 Insufficent Verification / Mouse Spoofing
2016-07-30
Kaspersky Safe Browser Man-In-The-Middle
2016-07-30
PhpMyAdmin 4.6.2 - Post-Auth Remote Code Execution
CVE-2016-5734
2016-07-30
WebKit - TypedArray.copyWithin Memory Corruption
2016-07-30
WebKit - TypedArray.fill Memory Corruption
2016-07-30
Linux ARM/ARM64 - perf_event_open() Arbitrary Memory Read
2016-07-30
AppArmor securityfs < 4.8 - aa_fs_seq_hash_show Reference Count Leak
2016-07-30
Trend Micro Deep Discovery 3.7, 3.8 SP1 (3.81), and 3.8 SP2 (3.82) - hotfix_upload.cgi filename Remote Code Execution
CVE-2016-5840
2016-07-29
Linux/x86 - NetCat Bind Shell with Port (44, 52 bytes)
2016-07-29
Easy File Sharing Web Server 7.2 - SEH Overflow (Egghunter)
2016-07-29
Barracuda Web Application Firewall 8.0.1.008 - Post Auth Remote Root Exploit (Metasploit)
2016-07-29
Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Post Auth Remote Root Exploit (Metasploit) (3)
2016-07-29
Windows/x86 - localhost Port Scanner Shellcode (556 bytes)
2016-07-29
Iranian Connection Network CMS SQL Injection Vulnerability
2016-07-29
tnt CMS SQL Injection Vulnerability
2016-07-29
Barracuda Web App Firewall/Load Balancer Post Auth Remote Root Exploit
2016-07-29
WordPress Ultimate Product Catalog 3.9.8 SQL Injection
2016-07-29
Windows x86 - localhost Port Scanner Shellcode (556 bytes)
2016-07-29
Wordpress Ultimate Product Catalog 3.9.8 - (do_shortcode via ajax) Blind SQL Injection
2016-07-29
mySCADAPro 7 - Local Privilege Escalation
2016-07-29
VUPlayer 2.49 - (.pls) Stack Buffer Overflow (DEP Bypass) Exploit
2016-07-29
mySCADAPro 7 - Local Privilege Escalation Vulnerability
2016-07-29
Wordpress Ultimate Product Catalog 3.9.8 - Blind SQL Injection Vulnerability
2016-07-29
Barracuda Web App Firewall v8.0.1.008 PostAuth Remote Root Exploit
2016-07-29
Barracuda Web App Firewall / Load Balancer Remote Root Exploit #3
2016-07-29
VUPlayer 2.49 - (.pls) Stack Buffer Overflow (DEP Bypass)
2016-07-29
AXIS Multiple Products - Authenticated Remote Command Execution via devtools Vector
CVE-2015-8257
2016-07-29
Zortam Media Studio 20.60 Buffer Overflow
2016-07-29
Guppy CMS v5.01.03 - Client Side Cross Site Vulnerability
2016-07-29
WinSaber - Unquoted Service Path Privilege Escalation
2016-07-29
Exponent CMS 2.3.9 XSS / User Injection
2016-07-28
Saveya Script Insertion
2016-07-28
Zoll Checklist v1.2.2 iOS - Multiple Persistent Vulnerabilities
2016-07-28
ITShomal CMS XSS Vulnerability
2016-07-28
Vizyonnet SQL Injection
2016-07-28
Sony Infocom CMS Admin Page Bypass
2016-07-28
B2B Clone SQL ─░njection
2016-07-28
Joomla com_seyret SQL Injection
2016-07-28
Imrokraft Solutions CMS Admin Page Bypass Vulnerability
2016-07-28
AXIS Authenticated Remote Command Execution Vulnerability
CVE-2015-8257
2016-07-28
Imrokraft Solutions CMS Admin Page ByPass
2016-07-28
Avaya VOSS 4.1.0.0 SPB Traffic Traversal
2016-07-28
Nusiorung CMS 2016 SQL Injection
2016-07-28
DornCMS 1.4 FileManager Cross Site Scripting
2016-07-28
Huge IT Joomla Catalog Extension 1.0.4 XSS / SQL Injection
2016-07-28
Centreon Web Interface 2.5.3 Command Execution
2016-07-28
AXIS Authenticated Remote Command Execution
2016-07-28
Joomla Huge IT Slider 1.0.9 XSS / SQL Injection Vulnerabilities
CVE-2016-1000121,
2016-07-28
Joomla Huge IT Catalog Extension 1.0.4 XSS / SQL Injection Vulnerabilities
CVE-2016-1000119
2016-07-28
ZMS v3.2 CMS - Client Side Cross Site Web Vulnerabilities
2016-07-28
MediaCoder 0.8.45 - Buffer Overflow Vulnerability
2016-07-28
Nusiorung CMS 2016 SQL Injection Vulnerability
2016-07-27
DornCMS 1.4 FileManager Cross Site Scripting Vulnerability
2016-07-27
Centreon 2.5.3 - Web Useralias Command Execution (Metasploit) Exploit
2016-07-27
Linux/x86_64 syscall(SYS_execve,"/bin/sh", ["/bin/sh", NULL], NULL) 55 bytes
2016-07-27
Centreon 2.5.3 - Web Useralias Command Execution (Metasploit)
2016-07-27
VMware - Setuid vmware-mount Popen lsb_release Privilege Escalation (VMSA-2013-0010)
CVE-2013-1662
2016-07-27
WordPress ColorWay 3.4.1 Cross Site Scripting Vulnerability
2016-07-27
Iris ID IrisAccess iCAM4000/iCAM7000 - Hardcoded Credentials Remote Shell Access
2016-07-27
Iris ID IrisAccess ICU 7000-2 - Multiple Vulnerabilities
2016-07-27
Iris ID IrisAccess ICU 7000-2 - Remote Root Command Execution
2016-07-27
Huawei ISM Professional Cross Site Scripting
2016-07-27
Dropbox 6.4.14 DLL Hijacking
2016-07-27
Silurus Classifieds 2.0 Cross Site Scripting
2016-07-27
Exploits/page:


Page:
1-4-2 (www01)