Exploit-Database.net

Exploits (Total: 97710)


IPFire XSS / CSRF / Command Execution Vulnerabilities		2016-05-04
TRN Threaded Reader 3.6-23 Stack Buffer Overflow Exploit		2016-05-04
Alibaba Clone B2B Script - Admin Authentication Bypass Vulnerability		2016-05-04
TRN Threaded Reader 3.6-23 Stack Buffer Overflow		2016-05-04
libxml 2.9.2 Stack Overflow		2016-05-04
IPFire XSS / CSRF / Command Execution		2016-05-04
Alibaba Clone B2B Script - Admin Authentication Bypass		2016-05-04
ImageMagick lib - Multiple Vulns		2016-05-04
Zabbix Agent 3.0.1 mysql.size Shell Command Injection Exploit	CVE-2016-4338	2016-05-04
libxml 2.9.2 Stack Overflow Exploit	CVE-2016-3627	2016-05-04
NetCommWireless HSPA 3G10WVE Authentication Bypass / Code Execution Vulnerabilities	CVE-2015-6023,	2016-05-04
OXID eShop CE 4.9.7 Path Traversal / Privilege Escalation Vulnerabilities		2016-05-04
Moxa MiiNePort Weak Credential Management / CSRF Vulnerability	CVE-2016-2285,	2016-05-04
Swagger Editor 2.9.9 Cross Site Scripting		2016-05-04
OXID eShop CE 4.9.7 Path Traversal / Privilege Escalation		2016-05-04
NetCommWireless HSPA 3G10WVE Authentication Bypass / Code Execution		2016-05-04
Moxa MiiNePort Weak Credential Management / CSRF		2016-05-04
CMS Made Simple Cache Poisoning		2016-05-04
Zabbix Agent 3.0.1 mysql.size Shell Command Injection		2016-05-04
WordPress Advanced Custom Fields 4.4.7 Cross Site Scripting Vulnerability		2016-05-03
Acunetix WVS 10 - Remote Command Execution (System) Exploit		2016-05-03
WordPress Export to Ghost Unrestricted Export Download		2016-05-02
Acunetix WVS 10 - Remote command execution (SYSTEM privilege)		2016-05-02
QSEE - PRDiag* Commands Privilege Escalation Exploit	CVE-2015-6639	2016-05-02
Apache Struts Dynamic Method Invocation Remote Code Execution	CVE-2016-3081	2016-05-02
Acunetix WVS 10 - Remote Command Execution (System)		2016-05-02
.Net Framework Execute Native x86 Shellcode		2016-05-02
WordPress Ghost Plugin 0.5.5 - Unrestricted Export Download Vulnerability		2016-05-02
WordPress Ghost Plugin 0.5.5 - Unrestricted Export Download		2016-05-02
ShabdizCO CMS SQL Injection		2016-05-02
ShabdizCO CMS SQL Injection Vulnerability		2016-05-02
WK UDID v1.0.1 iOS - Command Inject Vulnerability		2016-05-02
Trend Micro Direct Pass - Bypass & Cross Site Vulnerability		2016-05-01
Observium 0.16.7533 Code Execution / Cross Site Request Forgery		2016-04-30
Observium 0.16.7533 Cross Site Request Forgery		2016-04-30
WordPress Truemag Theme Cross Site Scripting		2016-04-30
GLPI 0.90.2 SQL Injection		2016-04-30
AryaSaadatmand CMS SQL Injection		2016-04-30
Apache Struts 2.3.28 Dynamic Method Invocation Remote Code Execution		2016-04-30
Mozilla Firefox / Thunderbird DLL Hijacking		2016-04-30
Apache Struts 2.3.28 Dynamic Method Invocation Remote Code Execution Exploit	CVE-2016-3081	2016-04-30
AryaSaadatmand CMS SQL Injection Vulnerability		2016-04-30
Observium 0.16.7533 - Cross Site Request Forgery Vulnerability		2016-04-29
Observium 0.16.7533 - Authenticated Arbitrary Command Execution Vulnerability		2016-04-29
Merit Lilin IP Cameras - Multiple Vulnerabilities		2016-04-29
GLPi 0.90.2 - SQL Injection Vulnerability		2016-04-29
GLPi 0.90.2 - SQL Injection		2016-04-29
Wireshark - ett_zbee_zcl_pwr_prof_enphases Static Out-of-Bounds Read		2016-04-29
Wireshark - alloc_address_wmem Assertion Failure		2016-04-29
Wireshark - dissect_2008_16_security_4 Stack-Based Buffer Overflow		2016-04-29
Rough Auditing Tool for Security (RATS) 2.3 - Array Out of Block Crash		2016-04-29
Merit Lilin IP Cameras - Multiple Vulnerabilities		2016-04-29
Observium 0.16.7533 - Authenticated Arbitrary Command Execution		2016-04-29
Observium 0.16.7533 - Cross Site Request Forgery		2016-04-29
W21 Studio Admin Page Bypass		2016-04-29
Legulas CMS Cross Site Scripting		2016-04-29
Wordpress Truemag Theme - CS Cross Site Web Vulnerability		2016-04-29
Apache Cordova iOS 3.9.1 Arbitrary Plugin Execution		2016-04-29
Apache Cordova iOS 3.9.1 Access Bypass		2016-04-29
PHP 7.x ZIP Heap Overflow		2016-04-29
Apache Cordova iOS 3.9.1 Access Bypass Vulnerability	CVE-2015-5207	2016-04-28
Apache Cordova iOS 3.9.1 Arbitrary Plugin Execution Vulnerability	CVE-2015-5208	2016-04-28
Voo Branded Netgear CG3700b Firmware CSRF / Authentication Vulnerabilities		2016-04-28
PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow Exploit	CVE-2016-3078	2016-04-28
Windows Kernel - win32k.sys TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039)	CVE-2016-0145	2016-04-28
PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow	CVE-2016-3078	2016-04-28
Sophos XG Firewall (SF01V) Cross Site Scripting		2016-04-28
Oracle Discoverer Viewer BI Open Redirect		2016-04-28
Voo Branded Netgear CG3700b Firmware CSRF / Authentication		2016-04-28
VoipNow 4.0.1 Script Insertion		2016-04-28
RomPager 4.34 Authentication Bypass		2016-04-28
EMC ViPR SRM Cross Site Request Forgery		2016-04-28
Trend Micro Email Spoofing		2016-04-28
AWS CAPTCHA Bypass		2016-04-28
Mach Race OS X Local Privilege Escalation Exploit	CVE-2016-1757	2016-04-27
EMC ViPR SRM - Cross-Site Request Forgery Vulnerability	CVE-2016-0891	2016-04-27
RomPager 4.34 - Misfortune Cookie Router Authentication Bypass Exploit	CVE-2015-9222	2016-04-27
Windows - CSRSS BaseSrvCheckVDM Session 0 Process Creation Privilege Escalation (MS16-048)	CVE-2016-0151	2016-04-27
Multiple Vendors (RomPager <= 4.34) - Misfortune Cookie Router Authentication Bypass	CVE-2015-9222	2016-04-27
EMC ViPR SRM - Cross-Site Request Forgery	CVE-2016-0891	2016-04-27
i-Tech Nepal Radio CMS 2.0 SQL Injection		2016-04-27
IrIran Shopping Script 4.1 Cross Site Scripting		2016-04-27
ImpressCMS 1.3.9 - SQL Injection		2016-04-26
libgd 2.1.1 - Signedness Heap Overflow	CVE-2016-3074	2016-04-26
ImpressCMS 1.3.9 - SQL Injection Vulnerability		2016-04-26
Yasr Screen Reader 0.6.9 - Local Buffer Overflow Exploit		2016-04-26
Gemtek CPE7000 WLTCS-106 Administrator SID Retriever Exploit		2016-04-26
Advantech WebAccess Dashboard Viewer Arbitrary File Upload Exploit	CVE-2016-0854	2016-04-26
libgd 2.1.1 - Signedness Heap Overflow Vulnerability	CVE-2016-3074	2016-04-26
Yasr 0.6.9-5 Buffer Overflow		2016-04-26
RATS 2.3 Crash Proof Of Concept		2016-04-26
C And C++ For OS Filter Bypass / Script Insertion		2016-04-26
Negin Group CMS SQL Injection		2016-04-26
Cyberoam Central Console 02.03.1 Cross Site Scripting		2016-04-26
Django CMS 3.2.3 Cross Site Scripting		2016-04-26
Ubiquiti Networks XXE Injection		2016-04-26
Telisca IPS Lock 2 Remote Phone Lock		2016-04-26
Totemomail 4.x / 5.x Script Insertion		2016-04-26
NVV Ticket Krauth ATM - (NaN) Devide by Zero Vulnerability		2016-04-26
Advantech WebAccess Dashboard Viewer Arbitrary File Upload	CVE-2016-0854	2016-04-26
Yasr Screen Reader 0.6.9 - Local Buffer Overflow		2016-04-26
CompuSource Systems - Real Time Home Banking - Local Privilege Escalation		2016-04-26
Linux/x86_64 - Bind Shell Shellcode Generator		2016-04-26
PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow (MSF) Exploit		2016-04-26
Totemomail 4.x and 5.x - Persistent XSS Vulnerability		2016-04-26
C/C++ Offline Compiler and C For OS - Persistent XSS Vulnerability		2016-04-26
Gemtek CPE7000 - WLTCS-106 Administrator SID Retriever (MSF) Exploit		2016-04-26
CompuSource Systems - Real Time Home Banking - Local Privilege Escalation Exploit		2016-04-26
Rough Auditing Tool for Security (RATS) 2.3 - Crash PoC		2016-04-26
NationBuilder Multiple Stored XSS Vulnerabilities		2016-04-26
PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow (MSF)		2016-04-26
Linux x64 - Bind Shell Shellcode Generator		2016-04-26
CompuSource Systems - Real Time Home Banking - Local Privilege Escalation		2016-04-26
Gemtek CPE7000 - WLTCS-106 sysconf.cgi Unauthenticated Remote Command Execution (MSF)		2016-04-26
Gemtek CPE7000 - WLTCS-106 Administrator SID Retriever (MSF)		2016-04-26
VoipNow v4.0.1 - (xajax_handler) Persistent Vulnerability		2016-04-26
Oracle Discoverer Viewer BI - Open Redirect Vulnerability		2016-04-26
C/C++ Offline Compiler and C For OS - Persistent XSS		2016-04-25
Totemomail 4.x and 5.x - Persistent XSS		2016-04-25
NationBuilder Multiple Stored XSS Vulnerabilities		2016-04-25
Iran Web Business Engine CMS CS Cross Site Scripting (XSS)		2016-04-25
3A International SQL Injection		2016-04-25
Prezi Desktop Client - Persistent Cross Site Vulnerabilities		2016-04-25
Notes v4.5 iOS - Arbitrary File Upload Vulnerability		2016-04-25
Negin Group CMS - (v) Multiple Web Vulnerabilities		2016-04-25
Sophos XG Firewall (SF01V) - Persistent Web Vulnerability		2016-04-25
Trend Micro (Account) - Email Spoofing Web Vulnerability		2016-04-25
Digitalstrom Konfigurator 1.10.0 CSRF / Cross Site Scripting		2016-04-23
my devolo 1.2.8 Insecure Data Storage		2016-04-23
HP Data Protector 6.10 / 6.11 / 6.20 Install Service		2016-04-23
Advantech WebAccess 8.0 Dashboard Viewer Arbitrary File Upload Exploit	CVE-2016-0854	2016-04-22
ImpressCMS 1.3.9 SQL Injection Vulnerability		2016-04-22
Microsoft Windows 7-10 & Server 2008-2012 - Local Privilege Escalation (x32/x64) (MS16-032) Expl	CVE-2016-0099	2016-04-22
Symantec Brightmail 10.6.0-7 LDAP Credential Grabber		2016-04-22
WordPress iThemes Security Insecure Backup / Logfile Generation		2016-04-22
ImpressCMS 1.3.9 SQL Injection		2016-04-22
Webutler CMS 3.2 Cross Site Request Forgery		2016-04-22
libgd 2.1.1 Signedness		2016-04-22
Advantech WebAccess 8.0 Dashboard Viewer Arbitrary File Upload		2016-04-22
phpLiteAdmin 1.9.6 Cross Site Request Forgery / Cross Site Scripting		2016-04-22
Gemtek CPE7000 WLTCS-106 Authentication Bypass / Code Execution		2016-04-22
OpenTSDB Remote Code Execution		2016-04-22
phpMyFAQ 2.8.26 / 2.9.0-RC2 Cross Site Request Forgery		2016-04-22
Exponent CMS 2.3.5 Cross Site Scripting		2016-04-22
Exponent CMS 2.3.5 File Upload Cross Site Scripting		2016-04-22
Microsoft Windows 7-10 & Server 2008-2012 - Local Privilege Escalation (x32/x64) (MS16-032) (Powershell)	CVE-2016-0099	2016-04-22
Symantec Brightmail 10.6.0-7- LDAP Credentials Disclosure Exploit	CVE-2016-2203	2016-04-22
Linux/x86_64 - bindshell (Port 5600) - 86 bytes		2016-04-21
Gemtek CPE7000 / WLTCS-106 - Multiple Vulnerabilities		2016-04-21
Symantec Brightmail 10.6.0-7- LDAP Credentials Disclosure	CVE-2016-2203	2016-04-21
phpLiteAdmin 1.9.6 - Multiple Vulnerabilities		2016-04-21
Hyper-V - vmswitch.sys VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow		2016-04-21
Avast SandBox Escape via IOCTL Requests		2016-04-21
Webutler CMS 3.2 - Cross-Site Request Forgery		2016-04-21
PHPBack 1.3.0 - SQL Injection Vulnerability		2016-04-20
Wireshark <= 1.12.9 DLL hijacking exploit (riched20.dll.dll)		2016-04-20
Windows Kernel - DrawMenuBarTemp Wild-Write (MS16-039)	CVE-2016-0143	2016-04-20
Hyper-V - vmswitch.sys VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow		2016-04-20
PHPBack 1.3.0 - SQL Injection		2016-04-20
G-Data DLL Hijacking		2016-04-20
PHPBack v1.3.0 SQL Injection		2016-04-20
modified eCommerce 2.0.0.0 Rev 9678 SQL Injection		2016-04-20
pgpdump 0.29 Endless Loop		2016-04-20
Oliver 1.3.0 / 1.3.1 Cross Site Scripting		2016-04-20
TH692 Outdoor P2P HD Waterproof IP Camera Hard-Coded Credentials		2016-04-20
modified eCommerce Shopsoftware 2.0.0.0 rev 9678 - Blind SQL Injection Vulnerability	CVE-2016-3694	2016-04-19
modified eCommerce Shopsoftware 2.0.0.0 rev 9678 - Blind SQL Injection	CVE-2016-3694	2016-04-19
Open Audit SQL Injection Vulnerability		2016-04-19
Novell Service Desk Authenticated File Upload Exploit	CVE-2016-1593	2016-04-19
TH692 Outdoor P2P HD Waterproof IP Camera - Hard Coded Credentials Vulnerability		2016-04-19
Django CMS v3.2.3 - Filter Bypass & Persistent Vulnerability		2016-04-19
AVAST #13 - Persistent Cross Site Scripting Vulnerability		2016-04-19
pfSense Community Edition 2.2.6 - Multiple Vulnerabilities		2016-04-18
KNOX 2.3 Clipboard Data Disclosure Vulnerability	CVE-2016-3996	2016-04-18
PfSense Community Edition 2.2.6 Multiple Vulnerabilities		2016-04-18
TH692 Outdoor P2P HD Waterproof IP Camera - Hard Coded Credentials		2016-04-18
WordPress Kento Post View Counter Plugin 2.8 - CSRF/XSS		2016-04-18
WordPress leenk.me Plugin 2.5.0 - CSRF/XSS		2016-04-18
Website by: WebDetail SQL Injection		2016-04-18
Wordpress Plugins jQuery Html5 File Upload		2016-04-18
Novell ServiceDesk Authenticated File Upload		2016-04-18
Webnet CMS 1.2 XSS / File Disclosure / SQL Injection		2016-04-18
Zarafe.net CMS 1.0 SQL Injection		2016-04-18
KNOX 2.3 Clipboard Data Disclosure		2016-04-18
PfSense Community Edition 2.2.6 CSRF / XSS / Command Injection		2016-04-18
360degreeinfo Bypass admin panel		2016-04-18
Ahrare Andeysheh CMS - Multiple Web Vulnerabilities		2016-04-18
Cyberoam CC v02.03.1 - Multiple Persistent Vulnerabilities		2016-04-18
AVAST (My) #15 - (frontend.exception) CS XSS Vulnerability		2016-04-18
Wordpress LeenkMe version 2.5.0 Plugin CSRF and Stored XSS Vulnerabilities		2016-04-17
Wordpress Kento Post View Counter Plugin Unauthenticated XSS / CSRF Vulnerabilities		2016-04-17
Wordpress FAQ WD plugin 1.0.14 Unauthenticated XSS Vulnerability		2016-04-17
Wordpress Custom-metas plugin 1.5.1 Reflected XSS Vulnerability		2016-04-17
Wordpress jQuery Html5 Plugins File Upload Arbitrary File Upload Vulnerability		2016-04-17
AirOS 6.x - Arbitrary File Upload Vulnerability		2016-04-17
Internet Explorer 11 - MSHTML!CMarkupPointer::UnEmbed Use After Free Exploit		2016-04-17
Exim "perl_startup" Privilege Escalation	CVE-2016-1531	2016-04-17
AirOS 6.x - Arbitrary File Upload		2016-04-17
Linux/x86_64 - Read /etc/passwd - 65 bytes		2016-04-17
Microsoft Internet Explorer 11 MSHTML.DLL Remote Binary Planting Vulnerability		2016-04-17
Internet Explorer 11 - MSHTML!CMarkupPointer::UnEmbed Use After Free		2016-04-17
ham3d.net SQL Injection		2016-04-17
Ahrare Andeysheh Cms Multiple Vulnerabilities		2016-04-17
Wordpress Plugin Mega stor - Local File Inclusion		2016-04-17
Web TasarÄ±m DNZ WEB DÄ°ZAYN SQL Injection		2016-04-17
AirOS 6.x - Arbitrary File Upload		2016-04-17
Spotify ArtistExplorer BB #1 - Cross Site Script Vulnerability		2016-04-17
Internet Explorer 9, 10, 11 - CDOMStringDataList::InitFromString Out-of-Bounds Read		2016-04-15
pfSense Firewall <= 2.2.6 Cross-Site Request Forgery		2016-04-15
Microsoft Office Excel Out-of-Bounds Read Remote Code Execution		2016-04-15
ChitaSoft v3 CMS Cross Site Scripting Vulnerability		2016-04-15
Exim perl_startup Privilege Escalation Exploit		2016-04-15
ChitaSoft CMS 3 Cross Site Scripting		2016-04-15
Brickcom Network Cameras XSS / CSRF / Insecure Direct Object Reference		2016-04-15
PHPmongoDB 1.0.0 Cross Site Request Forgery / Cross Site Scripting		2016-04-15
Django CMS 3.2.3 Filter Bypass / Script Insertion		2016-04-15
Webline CMS 2016Q2 SQL Injection		2016-04-15
Exim perl_startup Privilege Escalation		2016-04-15
Direct Admin v1.50.0 - CS Cross Site Scripting Vulnerabilities		2016-04-15
Webnet CMS Multiple Vulnerabilities		2016-04-14
OpenWGA Developer Studio 3.1.0 OpenDialog Arbitrary Code Execution Vulnerability		2016-04-14
Django CMS 3.2.3 Filter Bypass / Script Insertion Vulnerabilities		2016-04-14
Internet Explorer 9, 10, 11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112) Explo	CVE-2015-6086	2016-04-14
pfSense Firewall 2.2.6 - Services CSRF Vulnerability		2016-04-14
Brickcom Corporation Network Cameras - Multiple Vulnerabilities		2016-04-14
PHPmongoDB 1.0.0 - Multiple Vulnerabilities		2016-04-14
Brickcom Corporation Network Cameras - Multiple Vulnerabilities		2016-04-14
pfSense Firewall <= 2.2.6 - Services CSRF		2016-04-14
Microsoft Office Excel Out-of-Bounds Read Remote Code Execution (MS16-042)	CVE-2016-0122	2016-04-14
RockMongo PHP MongoDB Administrator 1.1.8 - Multiple Vulnerabilities		2016-04-14
Internet Explorer 9, 10, 11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)	CVE-2015-6086	2016-04-14
C & C++ for OS - Filter Bypass & Persistent Vulnerability		2016-04-14
OpenWGA Content Manager 7.1.9 User-Agent HTTP Header XSS Vulnerability		2016-04-14
OpenWGA Developer Studio 3.1.0 OpenDialog Arbitrary Code Execution		2016-04-14
ImPAX Agility Multiple Cross Site Scripting Vulnerabilities		2016-04-14
Liberscol V2013-09-20 reflected XSS		2016-04-14
Canoas Web Host Admin Page Bypass		2016-04-14
Art23 Israel Cms Admin Bypass		2016-04-14
Epark IT Schools Management Admin Page Bypass		2016-04-14
Texas Instruments Calculators Emulator 3.03-nogdb+dfsg-3 Buffer Overflow		2016-04-14
Django CMS v3.2.3 - Filter Bypass & Persistent Vulnerability		2016-04-14
UBNT Bug Bounty #2 - XML External Entity Vulnerability		2016-04-14
Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass and Arbitrary File Upload Exploi	CVE-2016-0491	2016-04-13
Dell KACE K1000 File Upload Exploit		2016-04-13
Texas Instruments Calculators Emulator 3.03-nogdb+dfsg-3 Buffer Overflow Vulnerability		2016-04-13
Webline CMS 2016Q2 SQL Injection Vulnerability		2016-04-13
Dell KACE K1000 File Upload		2016-04-13
Texas Instrument Emulator 3.03 - Local Buffer Overflow		2016-04-13
Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass and Arbitrary File Upload Exploit	CVE-2016-0491	2016-04-13
Webline CMS (2016Q2) - SQL Injection Vulnerability		2016-04-13

Exploits/page:

Page: