Exploit Database

Exploit Description	Date
phpMyFAQ 2.9.8 Exploit, Cross-Site Request Forgery(CSRF) WEBAPPS Author: odeSecLa	2025/12/03
phpMyFAQ 2.9.8 Exploit, Cross-Site Request Forgery (CSRF) WEBAPPS Author: odeSecLa	2025/12/03
MaNGOSWebV4 4.0.6 Exploit, Reflected XSS WEBAPPS Author: odeSecLa	2025/12/03
Django 5.1.13 Exploit, SQL Injection WEBAPPS Author: Wafcontrol Security Team	2025/12/03
phpMyFaq 2.9.8 Exploit, Cross Site Request Forgery (CSRF) WEBAPPS Author: odeSecLa	2025/12/03
MobileDetect 2.8.31 Exploit, Cross-Site Scripting (XSS) WEBAPPS Author: odeSecLa	2025/12/03
phpIPAM 1.4 Exploit, SQL-Injection WEBAPPS Author: odeSecLa	2025/12/03
OpenRepeater 2.1 Exploit, OS Command Injection WEBAPPS Author: odeSecLa	2025/12/03
phpMyAdmin 5.0.0 Exploit, SQL Injection WEBAPPS Author: odeSecLa	2025/12/03
RosarioSIS 6.7.2 Exploit, Cross Site Scripting (XSS) WEBAPPS Author: odeSecLa	2025/12/03
RosarioSIS 6.7.2 Exploit, Cross-Site Scripting (XSS) WEBAPPS Author: odeSecLa	2025/12/03
PluckCMS 4.7.10 Exploit, Unrestricted File Upload WEBAPPS Author: odeSecLa	2025/12/03
openSIS Community Edition 8.0 Exploit, SQL Injection WEBAPPS Author: odeSecLa	2025/12/03
YOURLS 1.8.2 Exploit, Cross-Site Request Forgery (CSRF) WEBAPPS Author: odeSecLa	2025/12/02
phpMyFAQ 3.1.7 Exploit, Reflected Cross-Site Scripting (XSS) WEBAPPS Author: odeSecLa	2025/12/02
phpIPAM 1.5.1 Exploit, SQL Injection WEBAPPS Author: odeSecLa	2025/12/02
Piwigo 13.6.0 Exploit, SQL Injection WEBAPPS Author: odeSecLa	2025/12/02
phpIPAM 1.6 Exploit, Reflected-Cross-Site Scripting (XSS) WEBAPPS Author: odeSecLa	2025/12/02
phpIPAM 1.6 Exploit, Reflected Cross-Site Scripting (XSS) WEBAPPS Author: odeSecLa	2025/12/02
Flowise 3.0.4 Exploit, Remote Code Execution (RCE) WEBAPPS Author: ltt	2025/10/31
Casdoor 2.95.0 Exploit, Cross-Site Request Forgery (CSRF) WEBAPPS Author: Van Lam Nguyen	2025/10/29
Ilevia EVE X1/X5 Server 4.7.18.0.eden Exploit, Reverse Rootshell REMOTE Author: iquidWor	2025/09/16
Microsoft Windows Server 2025 Hyper-V NT Kernel Integration VSP Exploit, Elevation of Privilege LOCAL Author: Milad Karimi (Ex3ptionaL)	2025/09/16
ClipBucket 5.5.0 Exploit, Arbitrary File Upload REMOTE Author: Mukundsinh Solanki (r00td3str0y3r)	2025/09/16
ClipBucket 5.5.2 Build #90 Exploit, Server-Side Request Forgery (SSRF) REMOTE Author: Mukundsinh Solanki (r00td3str0y3r)	2025/09/16
Tourism Management System 2.0 Exploit, Arbitrary Shell Upload WEBAPPS Author: Debug Security	2025/09/16
Casdoor 2.55.0 Exploit, Cross-Site Request Forgery (CSRF) WEBAPPS Author: Van Lam Nguyen	2025/09/16
dotCMS 25.07.02-1 Exploit, Authenticated Blind SQL Injection WEBAPPS Author: Matan Sandori (OSCP_ OSEP_ OSWE)	2025/09/16
ELEX WooCommerce WordPress Plugin 1.4.3 Exploit, SQL Injection WEBAPPS Author: Byte Reaper	2025/09/16
XWiki Platform 15.10.10 Exploit, Metasploit Module for Remote Code Execution (RCE) WEBAPPS Author: Maksim Rogov	2025/09/16
Concrete CMS 9.4.3 Exploit, Stored XSS WEBAPPS Author: Chokri Hammedi	2025/09/16
Mbed TLS 3.6.4 Exploit, Use-After-Free LOCAL Author: Byte Reaper	2025/09/16
HTTP/2 2.0 Exploit, Denial Of Service (DOS) REMOTE Author: Madhusudhan Rajappa	2025/09/16
HTMLDOC 1.9.13 Exploit, Stack Buffer Overflow REMOTE Author: ulfgarpr	2025/09/16
GeoVision ASManager Windows Application 6.1.2.0 Exploit, Remote Code Execution (RCE) REMOTE Author: Giorgi Dograshvili	2025/08/26
GeoVision ASManager Windows Application 6.1.2.0 Exploit, Credentials Disclosure LOCAL Author: Giorgi Dograshvili	2025/08/26
StoryChief Wordpress Plugin 1.0.42 Exploit, Arbitrary File Upload WEBAPPS Author: pl0de	2025/08/26
Ivanti Endpoint Manager Mobile 12.5.0.0 Exploit, Authentication Bypass REMOTE Author: �brahimsq	2025/08/26
Lingdang CRM 8.6.4.7 Exploit, SQL Injection WEBAPPS Author: Beatriz Fresno Naumova	2025/08/26
Birth Chart Compatibility WordPress Plugin 2.0 Exploit, Full Path Disclosure WEBAPPS Author: Byte Reaper	2025/08/26
Tenda AC20 16.03.08.12 Exploit, Command Injection REMOTE Author: Byte Reaper	2025/08/18
Lantronix Provisioning Manager 7.10.3 Exploit, XML External Entity Injection (XXE) WEBAPPS Author: Byte Reaper	2025/08/18
Soosyze CMS 2.0 Exploit, Brute Force Login WEBAPPS Author: Beatriz Fresno Naumova	2025/08/18
Microsoft Windows 10.0.19045 Exploit, NTLMv2 Hash Disclosure REMOTE Author: Ruben Enkaoua	2025/08/18
PHPMyAdmin 3.0 Exploit, Bruteforce Login Bypass REMOTE Author: Nikola Markovic	2025/08/18
RiteCMS 3.0.0 Exploit, Reflected Cross Site Scripting (XSS) WEBAPPS Author: Gurjot Singh	2025/08/18
BigAnt Office Messenger 5.6.06 Exploit, SQL Injection WEBAPPS Author: Nicat Abbasov	2025/08/18
JetBrains TeamCity 2023.11.4 Exploit, Authentication Bypass WEBAPPS Author: �brahimsq	2025/08/11
ServiceNow Multiple Versions Exploit, Input Validation & Template Injection WEBAPPS Author: �brahimsq	2025/08/11
Ghost CMS 5.59.1 Exploit, Arbitrary File Read WEBAPPS Author: �brahimsq	2025/08/11
Ghost CMS 5.42.1 Exploit, Path Traversal WEBAPPS Author: �brahimsq	2025/08/11
Belkin F9K1009 F9K1010 2.00.04/2.00.09 Exploit, Hard Coded Credentials REMOTE Author: Byte Reaper	2025/08/11
VMware vSphere Client 8.0.3.0 Exploit, Reflected Cross-Site Scripting (XSS) WEBAPPS Author: Imraan Khan (Lich-Sec)	2025/08/11
Microsoft SharePoint Server 2019 (16.0.10383.20020) Exploit, Remote Code Execution (RCE) REMOTE Author: Agampreet Singh	2025/08/11
Tigo Energy Cloud Connect Advanced (CCA) 4.0.1 Exploit, Command Injection REMOTE Author: Byte Reaper	2025/08/11
Microsoft Edge Renderer Process (Mojo IPC) 134.0.6998.177 Exploit, Sandbox Escape WEBAPPS Author: u11secur1t	2025/08/11
Grav CMS 1.7.48 Exploit, Remote Code Execution (RCE) WEBAPPS Author: bin/nek	2025/08/11
Citrix NetScaler ADC/Gateway 14.1 Exploit, Memory Disclosure REMOTE Author: Yesith Alvarez	2025/08/11
atjiu pybbs 6.0.0 Exploit, Cross Site Scripting (XSS) WEBAPPS Author: Byte Reaper	2025/08/11
Microsoft Windows Exploit, Storage QoS Filter Driver Checker LOCAL Author: u11secur1t	2025/08/11
projectworlds Online Admission System 1.0 Exploit, SQL Injection WEBAPPS Author: Byte Reaper	2025/08/11
Cisco ISE 3.0 Exploit, Authorization Bypass REMOTE Author: �brahimsq	2025/08/11
Cisco ISE 3.0 Exploit, Remote Code Execution (RCE) REMOTE Author: �brahimsq	2025/08/11
Microsoft Virtual Hard Disk (VHDX) 11 Exploit, Remote Code Execution (RCE) LOCAL Author: u11secur1t	2025/08/03
Ultimate Member WordPress Plugin 2.6.6 Exploit, Privilege Escalation WEBAPPS Author: Gurjot Singh	2025/08/03
Swagger UI 1.0.3 Exploit, Cross-Site Scripting (XSS) REMOTE Author: Byte Reaper	2025/08/03
LPAR2RRD 8.04 Exploit, Remote Code Execution (RCE) WEBAPPS Author: Byte Reaper	2025/08/03
Copyparty 1.18.6 Exploit, Reflected Cross-Site Scripting (XSS) WEBAPPS Author: Byte Reaper	2025/08/03
Microsoft Edge (Chromium-based) 135.0.7049.114/.115 Exploit, Information Disclosure REMOTE Author: u11secur1t	2025/08/03
Gandia Integra Total 4.4.2236.1 Exploit, SQL Injection WEBAPPS Author: Byte Reaper	2025/08/03
Adobe ColdFusion 2023.6 Exploit, Remote File Read WEBAPPS Author: �brahimsq	2025/07/28
Linux PAM Environment Exploit, Variable Injection Local Privilege Escalation LOCAL Author: �brahimsq	2025/07/28
Mezzanine CMS 6.1.0 Exploit, Stored Cross Site Scripting (XSS) WEBAPPS Author: Kevin Dicks	2025/07/28
XWiki 14 Exploit, SQL Injection via getdeleteddocuments.vm WEBAPPS Author: Byte Reaper	2025/07/28
Invision Community 4.7.20 Exploit, (calendar/view.php) SQL Injection WEBAPPS Author: Egidio Romano	2025/07/28
Xlight FTP 1.1 Exploit, Denial Of Service (DOS) DOS Author: Fernando Mengali	2025/07/28
LiveHelperChat 4.61 Exploit, Stored Cross Site Scripting (XSS) via Department Assignment Alias Nick Field WEBAPPS Author: Manojkumar J	2025/07/22
LiveHelperChat 4.61 Exploit, Stored Cross Site Scripting (XSS) via the Chat Transfer Function WEBAPPS Author: Manojkumar J	2025/07/22
LiveHelperChat 4.61 Exploit, Stored Cross Site Scripting (XSS) via Personal Canned Messages WEBAPPS Author: Manojkumar J	2025/07/22
LiveHelperChat 4.61 Exploit, Stored Cross Site Scripting (XSS) via Facebook Integration Page Name Field WEBAPPS Author: Manojkumar J	2025/07/22
LiveHelperChat 4.61 Exploit, Stored Cross Site Scripting (XSS) via Operator Surname WEBAPPS Author: Manojkumar J	2025/07/22
LiveHelperChat 4.61 Exploit, Stored Cross Site Scripting (XSS) via Telegram Bot Username WEBAPPS Author: Manojkumar J	2025/07/22
Discourse 3.1.1 Exploit, Unauthenticated Chat Message Access WEBAPPS Author: �brahimsq	2025/07/22
Tenda FH451 1.0.0.9 Router Exploit, Stack-based Buffer Overflow REMOTE Author: Byte Reaper	2025/07/22
Joomla JS Jobs plugin 1.4.2 Exploit, SQL injection WEBAPPS Author: Adam Wallwork	2025/07/22
Microsoft Edge Windows 10 Version 1511 Exploit, Cross Site Scripting (XSS) REMOTE Author: u11secur1t	2025/07/22
Simple File List WordPress Plugin 4.2.2 Exploit, File Upload to RCE WEBAPPS Author: Md Amanat Ullah (xSwads)	2025/07/22
Pie Register WordPress Plugin 3.7.1.4 Exploit, Authentication Bypass to RCE WEBAPPS Author: Md Amanat Ullah (xSwads)	2025/07/22
NodeJS 24.x Exploit, Path Traversal REMOTE Author: Abdualhadi khalifa	2025/07/16
WP Publications WordPress Plugin 1.2 Exploit, Stored XSS WEBAPPS Author: Zeynalxan Quliyev	2025/07/16
White Star Software Protop 4.4.2-2024-11-27 Exploit, Local File Inclusion (LFI) WEBAPPS Author: Imraan Khan (Lich-Sec)	2025/07/16
MikroTik RouterOS 7.19.1 Exploit, Reflected XSS REMOTE Author: Prak Sokchea	2025/07/16
SugarCRM 14.0.0 Exploit, SSRF/Code Injection WEBAPPS Author: Egidio Romano	2025/07/16
Langflow 1.2.x Exploit, Remote Code Execution (RCE) WEBAPPS Author: Raghad Abdallah Al-syouf	2025/07/16
TOTOLINK N300RB 8.54 Exploit, Command Execution HARDWARE Author: Skander BELABED - Magellan Sécurité	2025/07/16
Microsoft Graphics Component Windows 11 Pro (Build 26100+) Exploit, Local Elevation of Privileges LOCAL Author: u11secur1t	2025/07/16
PivotX 3.0.0 RC3 Exploit, Remote Code Execution (RCE) WEBAPPS Author: ayTo	2025/07/16
Microsoft Brokering File System Windows 11 Version 22H2 Exploit, Elevation of Privilege LOCAL Author: u11secur1t	2025/07/16
Keras 2.15 Exploit, Remote Code Execution (RCE) REMOTE Author: Mohammed Idrees Banyamer	2025/07/16
Discourse 3.2.x Exploit, Anonymous Cache Poisoning WEBAPPS Author: �brahimsq	2025/07/08

phpMyFAQ 2.9.8 Exploit, Cross-Site Request Forgery(CSRF)
WEBAPPS Author: odeSecLa

2025/12/03

phpMyFAQ 2.9.8 Exploit, Cross-Site Request Forgery (CSRF)
WEBAPPS Author: odeSecLa

2025/12/03

MaNGOSWebV4 4.0.6 Exploit, Reflected XSS
WEBAPPS Author: odeSecLa

2025/12/03

Django 5.1.13 Exploit, SQL Injection
WEBAPPS Author: Wafcontrol Security Team

2025/12/03

phpMyFaq 2.9.8 Exploit, Cross Site Request Forgery (CSRF)
WEBAPPS Author: odeSecLa

2025/12/03

MobileDetect 2.8.31 Exploit, Cross-Site Scripting (XSS)
WEBAPPS Author: odeSecLa

2025/12/03