The Exploit Database

Syndikovat obsah
The Exploit Database - Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, Security Articles, Tutorials and more.
Aktualizace: 5 min 12 sek zpět

[webapps] Markdown Explorer 0.1.1 - XSS to RCE

5 Květen, 2021 - 02:00
Markdown Explorer 0.1.1 - XSS to RCE

[webapps] Savsoft Quiz 5 - 'User Account Settings' Persistent Cross-Site Scripting

5 Květen, 2021 - 02:00
Savsoft Quiz 5 - 'User Account Settings' Persistent Cross-Site Scripting

[webapps] Internship Portal Management System 1.0 - Remote Code Execution Via File Upload (Unauthenticated)

4 Květen, 2021 - 02:00
Internship Portal Management System 1.0 - Remote Code Execution Via File Upload (Unauthenticated)

[webapps] GitLab Community Edition (CE) 13.10.3 - 'Sign_Up' User Enumeration

3 Květen, 2021 - 02:00
GitLab Community Edition (CE) 13.10.3 - 'Sign_Up' User Enumeration

[webapps] GitLab Community Edition (CE) 13.10.3 - User Enumeration

3 Květen, 2021 - 02:00
GitLab Community Edition (CE) 13.10.3 - User Enumeration

[webapps] Piwigo 11.3.0 - 'language' SQL

3 Květen, 2021 - 02:00
Piwigo 11.3.0 - 'language' SQL

[webapps] Voting System 1.0 - Time based SQLI (Unauthenticated SQL injection)

3 Květen, 2021 - 02:00
Voting System 1.0 - Time based SQLI (Unauthenticated SQL injection)

[webapps] GetSimple CMS Custom JS 0.1 - CSRF to XSS to RCE

3 Květen, 2021 - 02:00
GetSimple CMS Custom JS 0.1 - CSRF to XSS to RCE

[remote] GNU Wget < 1.18 - Arbitrary File Upload / Remote Code Execution (2)

30 Duben, 2021 - 02:00
GNU Wget < 1.18 - Arbitrary File Upload / Remote Code Execution (2)

[webapps] Moodle 3.6.1 - Persistent Cross-Site Scripting (XSS)

30 Duben, 2021 - 02:00
Moodle 3.6.1 - Persistent Cross-Site Scripting (XSS)

[webapps] NodeBB Plugin Emoji 3.2.1 - Arbitrary File Write

29 Duben, 2021 - 02:00
NodeBB Plugin Emoji 3.2.1 - Arbitrary File Write

[webapps] FOGProject 1.5.9 - File Upload RCE (Authenticated)

29 Duben, 2021 - 02:00
FOGProject 1.5.9 - File Upload RCE (Authenticated)

[webapps] Cacti 1.2.12 - 'filter' SQL Injection / Remote Code Execution

29 Duben, 2021 - 02:00
Cacti 1.2.12 - 'filter' SQL Injection / Remote Code Execution

[webapps] Kirby CMS 3.5.3.1 - 'file' Cross-Site Scripting (XSS)

28 Duben, 2021 - 02:00
Kirby CMS 3.5.3.1 - 'file' Cross-Site Scripting (XSS)

[dos] WordPress Plugin WPGraphQL 1.3.5 - Denial of Service

27 Duben, 2021 - 02:00
WordPress Plugin WPGraphQL 1.3.5 - Denial of Service

[webapps] Montiorr 1.7.6m - File Upload to XSS

27 Duben, 2021 - 02:00
Montiorr 1.7.6m - File Upload to XSS

[webapps] Kimai 1.14 - CSV Injection

27 Duben, 2021 - 02:00
Kimai 1.14 - CSV Injection

[webapps] SEO Panel 4.8.0 - 'order_col' Blind SQL Injection (2)

26 Duben, 2021 - 02:00
SEO Panel 4.8.0 - 'order_col' Blind SQL Injection (2)

[webapps] OpenPLC 3 - Remote Code Execution (Authenticated)

26 Duben, 2021 - 02:00
OpenPLC 3 - Remote Code Execution (Authenticated)

[webapps] Hasura GraphQL 1.3.3 - Remote Code Execution

26 Duben, 2021 - 02:00
Hasura GraphQL 1.3.3 - Remote Code Execution