The Exploit Database

Syndikovat obsah
The Exploit Database - Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, Security Articles, Tutorials and more.
Aktualizace: 7 min 54 sek zpět

[webapps] WP Fastest Cache 1.2.2 - Unauthenticated SQL Injection

28 Únor, 2024 - 01:00
WP Fastest Cache 1.2.2 - Unauthenticated SQL Injection

[local] (shellcode) Linux-x64 - create a shell with execve() sending argument using XOR (/bin//sh) [55 bytes]

28 Únor, 2024 - 01:00
(shellcode) Linux-x64 - create a shell with execve() sending argument using XOR (/bin//sh) [55 bytes]

[webapps] Blood Bank v1.0 - Multiple SQL Injection

28 Únor, 2024 - 01:00
Blood Bank v1.0 - Multiple SQL Injection

[local] Saflok - Key Derication Function Exploit

28 Únor, 2024 - 01:00
Saflok - Key Derication Function Exploit

[webapps] WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8 - "Dashboard Redirect" field Stored Cross-Site Scripting (XSS)

28 Únor, 2024 - 01:00
WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8 - "Dashboard Redirect" field Stored Cross-Site Scripting (XSS)

[webapps] WP Rocket < 2.10.3 - Local File Inclusion (LFI)

28 Únor, 2024 - 01:00
WP Rocket < 2.10.3 - Local File Inclusion (LFI)

[webapps] Atlassian Confluence Data Center and Server - Authentication Bypass (Metasploit)

27 Únor, 2024 - 01:00
Atlassian Confluence Data Center and Server - Authentication Bypass (Metasploit)

[remote] TEM Opera Plus FM Family Transmitter 35.45 - XSRF

27 Únor, 2024 - 01:00
TEM Opera Plus FM Family Transmitter 35.45 - XSRF

[remote] TEM Opera Plus FM Family Transmitter 35.45 - Remote Code Execution

27 Únor, 2024 - 01:00
TEM Opera Plus FM Family Transmitter 35.45 - Remote Code Execution

[webapps] Wordpress Plugin Canto < 3.0.5 - Remote File Inclusion (RFI) and Remote Code Execution (RCE)

27 Únor, 2024 - 01:00
Wordpress Plugin Canto < 3.0.5 - Remote File Inclusion (RFI) and Remote Code Execution (RCE)

[remote] Executables Created with perl2exe < V30.10C - Arbitrary Code Execution

27 Únor, 2024 - 01:00
Executables Created with perl2exe < V30.10C - Arbitrary Code Execution

[webapps] Automatic-Systems SOC FL9600 FastLine - The device contains hardcoded login and password for super admin

27 Únor, 2024 - 01:00
Automatic-Systems SOC FL9600 FastLine - The device contains hardcoded login and password for super admin

[webapps] Automatic-Systems SOC FL9600 FastLine - Directory Transversal

27 Únor, 2024 - 01:00
Automatic-Systems SOC FL9600 FastLine - Directory Transversal

[webapps] SuperStoreFinder - Multiple Vulnerabilities

27 Únor, 2024 - 01:00
SuperStoreFinder - Multiple Vulnerabilities

[webapps] Moodle 4.3 - Reflected XSS

27 Únor, 2024 - 01:00
Moodle 4.3 - Reflected XSS

[webapps] Moodle 4.3 - Insecure Direct Object Reference

27 Únor, 2024 - 01:00
Moodle 4.3 - Insecure Direct Object Reference

[webapps] Zoo Management System 1.0 - Unauthenticated RCE

27 Únor, 2024 - 01:00
Zoo Management System 1.0 - Unauthenticated RCE

[webapps] dawa-pharma 1.0-2022 - Multiple-SQLi

27 Únor, 2024 - 01:00
dawa-pharma 1.0-2022 - Multiple-SQLi

[remote] IBM i Access Client Solutions v1.1.2 - 1.1.4, v1.1.4.3 - 1.1.9.4 - Remote Credential Theft

26 Únor, 2024 - 01:00
IBM i Access Client Solutions v1.1.2 - 1.1.4, v1.1.4.3 - 1.1.9.4 - Remote Credential Theft

[remote] Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'Credentials Disclosure'

26 Únor, 2024 - 01:00
Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'Credentials Disclosure'