Exploit Database

Exploit Description	Date
SmartRG Router SR510n 2.6.13 Exploit, RCE (Remote Code Execution) REMOTE Author: Yerodin Richards	2022/11/11
CVAT 2.0 Exploit, SSRF (Server Side Request Forgery) WEBAPPS Author: Emir Polat	2022/11/11
IOTransfer V4 Exploit, Unquoted Service Path LOCAL Author: BLAY ABU SAFIAN	2022/11/11
AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 Exploit, Path Traversal REMOTE Author: Jens Regel	2022/11/11
MSNSwitch Firmware MNT.2408 Exploit, Remote Code Exectuion (RCE) REMOTE Author: Eli Fulkerson	2022/11/11
Open Web Analytics 1.7.3 Exploit, Remote Code Execution (RCE) WEBAPPS Author: Jacob Ebben	2022/11/11
Wordpress Plugin ImageMagick-Engine 1.7.4 Exploit, Remote Code Execution (RCE) (Authenticated) WEBAPPS Author: BDO1	2022/10/17
TP-Link Tapo c200 1.1.15 Exploit, Remote Code Execution (RCE) WEBAPPS Author: acefresk	2022/09/24
Aero CMS v0.0.1 Exploit, SQLi WEBAPPS Author: u11secur1t	2022/09/23
Wifi HD Wireless Disk Drive 11 Exploit, Local File Inclusion REMOTE Author: Chokri Hammedi	2022/09/21
Blink1Control2 2.2.7 Exploit, Weak Password Encryption LOCAL Author: 1ckz	2022/09/20
Airspan AirSpot 5410 version 0.3.4.1 Exploit, Remote Code Execution (RCE) REMOTE Author: Samy Younsi	2022/09/20
Mobile Mouse 3.6.0.4 Exploit, Remote Code Execution (RCE) REMOTE Author: Chokri Hammedi	2022/09/20
Gitea 1.16.6 Exploit, Remote Code Execution (RCE) (Metasploit) WEBAPPS Author: amgu	2022/09/15
Testa 3.5.1 Online Test Management System Exploit, Reflected Cross-Site Scripting (XSS) WEBAPPS Author: Ashkan Moghaddas	2022/08/28
Wordpress Plugin 3dady real-time web stats 1.0 Exploit, Stored Cross Site Scripting (XSS) WEBAPPS Author: nD3sc0n0c1d	2022/08/24
Wordpress Plugin WP-UserOnline 2.88.0 Exploit, Stored Cross Site Scripting (XSS) WEBAPPS Author: nD3sc0n0c1d	2022/08/24
Feehi CMS 2.1.1 Exploit, Remote Code Execution (RCE) (Authenticated) WEBAPPS Author: uyudh	2022/08/22
WiFiMouse 1.8.3.4 Exploit, Remote Code Execution (RCE) REMOTE Author: FEBIN MON SAJI	2022/08/15
Wordpress Plugin Zephyr Project Manager 3.2.42 Exploit, Multiple SQLi WEBAPPS Author: Rizacan Tufan	2022/08/14
Buffalo TeraStation Network Attached Storage (NAS) 1.66 Exploit, Authentication Bypass WEBAPPS Author: Jordan Glover	2022/08/11
PAN-OS 10.0 Exploit, Remote Code Execution (RCE) (Authenticated) REMOTE Author: nD3sc0n0c1d	2022/08/10
Prestashop blockwishlist module 2.1.0 Exploit, SQLi WEBAPPS Author: Karthik UJ	2022/08/10
WordPress Plugin Netroics Blog Posts Grid 1.0 Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Luqman Hakim Zahari	2022/08/08
WordPress Plugin Testimonial Slider and Showcase 2.2.6 Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Luqman Hakim Zahari	2022/08/05
Bookwyrm v0.4.3 Exploit, Authentication Bypass WEBAPPS Author: Akshay Ravi	2022/08/04
Sophos XG115w Firewall 17.0.10 MR-10 Exploit, Authentication Bypass WEBAPPS Author: Aryan Chehreghani	2022/08/04
ThingsBoard 3.3.1 'description' Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Steffen Langenfeld	2022/08/03
ThingsBoard 3.3.1 'name' Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Steffen Langenfeld	2022/08/03
Feehi CMS 2.1.1 Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Shivam Singh	2022/08/02
uftpd 2.10 Exploit, Directory Traversal (Authenticated) REMOTE Author: Aaron Esau	2022/08/02
Easy Chat Server 3.1 Exploit, Remote Stack Buffer Overflow (SEH) REMOTE Author: 00tpg	2022/08/01
WordPress Plugin Duplicator 1.4.7 Exploit, Information Disclosure WEBAPPS Author: ecuriTrus	2022/08/01
WordPress Plugin Duplicator 1.4.6 Exploit, Unauthenticated Backup Download WEBAPPS Author: ecuriTrus	2022/08/01
Wavlink WN533A8 Exploit, Cross-Site Scripting (XSS) WEBAPPS Author: Ahmed Alroky	2022/08/01
Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) Exploit, Remote Code Execution REMOTE Author: iquidWor	2022/07/29
Carel pCOWeb HVAC BACnet Gateway 2.1.0 Exploit, Directory Traversal WEBAPPS Author: iquidWor	2022/07/29
Asus GameSDK v1.0.0.4 Exploit, 'GameSDK.exe' Unquoted Service Path LOCAL Author: Angelo Pio Amirante	2022/07/29
WordPress Plugin Visual Slide Box Builder 3.2.9 Exploit, SQLi WEBAPPS Author: u11secur1t	2022/07/27
NanoCMS v0.4 Exploit, Remote Code Execution (RCE) (Authenticated) WEBAPPS Author: 1ckz	2022/07/26
Webmin 1.996 Exploit, Remote Code Execution (RCE) (Authenticated) WEBAPPS Author: Emir Polat	2022/07/25
Omnia MPX 1.5.0+r1 Exploit, Path Traversal REMOTE Author: Momen Eldawakhly	2022/07/24
mPDF 7.0 Exploit, Local File Inclusion WEBAPPS Author: Musyoka Ian	2022/07/23
WordPress Plugin WP-UserOnline 2.87.6 Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Steffin Stanly	2022/07/21
Dr. Fone 4.0.8 Exploit, 'net_updater32.exe' Unquoted Service Path LOCAL Author: sant149	2022/07/21
IOTransfer 4.0 Exploit, Remote Code Execution (RCE) REMOTE Author: Tomer Peled	2022/07/21
Dingtian-DT-R002 3.1.276A Exploit, Authentication Bypass WEBAPPS Author: Victor Hanna	2022/07/13
rpc.py 0.6.0 Exploit, Remote Code Execution (RCE) REMOTE Author: Elias Hohl	2022/07/12
CodoForum v5.1 Exploit, Remote Code Execution (RCE) WEBAPPS Author: Krish Pandey	2022/07/06
Geonetwork 4.2.0 Exploit, XML External Entity (XXE) WEBAPPS Author: Amel BOUZIANE-LEBLOND	2022/07/01
Nginx 1.20.0 Exploit, Denial of Service (DOS) REMOTE Author: Mohammed Alshehri	2022/06/29
Mailhog 1.0.1 Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: uln	2022/06/27
WordPress Plugin Weblizar 8.9 Exploit, Backdoor WEBAPPS Author: Sobhan Mahmoodi	2022/06/27
ChurchCRM 4.4.5 Exploit, SQLi WEBAPPS Author: u11secur1t	2022/06/15
Pandora FMS v7.0NG.742 Exploit, Remote Code Execution (RCE) (Authenticated) WEBAPPS Author: NICOR	2022/06/14
Real Player 16.0.3.51 Exploit, 'external::Import()' Directory Traversal to Remote Code Execution (RCE) LOCAL Author: Eduardo Braun Prado	2022/06/14
Real Player v.20.0.8.310 G2 Control Exploit, 'DoGoToURL()' Remote Code Execution (RCE) LOCAL Author: Eduardo Braun Prado	2022/06/14
Wavlink WN530HG4 Exploit, Password Disclosure WEBAPPS Author: Ahmed Alroky	2022/06/12
Wavlink WN533A8 Exploit, Password Disclosure WEBAPPS Author: Ahmed Alroky	2022/06/12
Old Age Home Management System 1.0 Exploit, SQLi Authentication Bypass WEBAPPS Author: wseptia	2022/06/12
Sourcegraph Gitserver 3.36.3 Exploit, Remote Code Execution (RCE) REMOTE Author: ltelu	2022/06/10
Confluence Data Center 7.18.0 Exploit, Remote Code Execution (RCE) WEBAPPS Author: Fellipe Oliveira	2022/06/10
TP-Link Router AX50 firmware 210730 Exploit, Remote Code Execution (RCE) (Authenticated) REMOTE Author: Tomas Melicher	2022/06/08
Algo 8028 Control Panel Exploit, Remote Code Execution (RCE) (Authenticated) REMOTE Author: Filip Carlsson	2022/06/07
HP LaserJet Professional M1210 MFP Series Receive Fax Service Exploit, Unquoted Service Path LOCAL Author: Ali Alipour	2022/06/06
WordPress Plugin Motopress Hotel Booking Lite 4.2.4 Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Sanjay Singh	2022/06/05
Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 Exploit, Remote Code Execution (RCE) REMOTE Author: iquidWor	2022/06/03
Contao 4.13.2 Exploit, Cross-Site Scripting (XSS) WEBAPPS Author: Chetanya Sharma	2022/06/03
Avantune Genialcloud ProJ 10 Exploit, Cross-Site Scripting (XSS) WEBAPPS Author: Andrea Intilangelo	2022/06/01
Marval MSM v14.19.0.12476 Exploit, Cross-Site Request Forgery (CSRF) REMOTE Author: Momen Eldawakhly	2022/05/27
Marval MSM v14.19.0.12476 Exploit, Remote Code Execution (RCE) (Authenticated) REMOTE Author: Momen Eldawakhly	2022/05/27
Telesquare SDT-CW3B1 1.1.0 Exploit, OS Command Injection REMOTE Author: Bryan Leong	2022/05/24
OpenCart v3.x Newsletter Module Exploit, Blind SQLi WEBAPPS Author: Saud Alenazi	2022/05/19
Zyxel USG FLEX 5.21 Exploit, OS Command Injection REMOTE Author: Valentin Lobstein	2022/05/18
Showdoc 2.10.3 Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Akshay Ravi	2022/05/17
SolarView Compact 6.00 Exploit, 'pow' Cross-Site Scripting (XSS) WEBAPPS Author: Ahmed Alroky	2022/05/15
SolarView Compact 6.00 Exploit, 'time_begin' Cross-Site Scripting (XSS) WEBAPPS Author: Ahmed Alroky	2022/05/15
SolarView Compact 6.00 Exploit, Directory Traversal REMOTE Author: Ahmed Alroky	2022/05/15
SolarView Compact 6.0 Exploit, OS Command Injection REMOTE Author: Ahmed Alroky	2022/05/15
PyScript Exploit, Read Remote Python Source Code REMOTE Author: Momen Eldawakhly	2022/05/12
SDT-CW3B1 1.1.0 Exploit, OS Command Injection REMOTE Author: Ahmed Alroky	2022/05/12
Royal Event Management System 1.0 Exploit, 'todate' SQL Injection (Authenticated) WEBAPPS Author: Eren Gozaydin	2022/05/12
College Management System 1.0 Exploit, 'course_code' SQL Injection (Authenticated) WEBAPPS Author: Eren Gozaydin	2022/05/12
F5 BIG-IP 16.0.x Exploit, Remote Code Execution (RCE) REMOTE Author: Yesith Alvarez	2022/05/12
Survey Sparrow Enterprise Survey Software 2022 Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Pankaj Kumar Thakur	2022/05/11
TLR-2005KSH Exploit, Arbitrary File Delete WEBAPPS Author: Ahmed Alroky	2022/05/11
TLR-2005KSH Exploit, Arbitrary File Upload WEBAPPS Author: Ahmed Alroky	2022/05/11
Ruijie Reyee Mesh Router Exploit, Remote Code Execution (RCE) (Authenticated) REMOTE Author: Minh Khoa	2022/05/11
WordPress Plugin Blue Admin 21.06.01 Exploit, Cross-Site Request Forgery (CSRF) WEBAPPS Author: Abisheik M	2022/05/11
Beehive Forum Exploit, Account Takeover WEBAPPS Author: Pablo Santiago	2022/05/11
Navigate CMS 2.9.4 Exploit, Server-Side Request Forgery (SSRF) (Authenticated) WEBAPPS Author: heshireca	2022/05/11
Tenda HG6 v3.3.0 Exploit, Remote Command Injection REMOTE Author: iquidWor	2022/05/11
Wondershare Dr.Fone 12.0.7 Exploit, Remote Code Execution (RCE) REMOTE Author: Netanel Cohen	2022/05/11
Wondershare Dr.Fone 12.0.7 Exploit, Privilege Escalation (ElevationService) LOCAL Author: Netanel Cohen	2022/05/11
ExifTool 12.23 Exploit, Arbitrary Code Execution LOCAL Author: NICOR	2022/05/11
Prime95 Version 30.7 build 9 Exploit, Remote Code Execution (RCE) REMOTE Author: Yehia Elghaly	2022/05/11
ManageEngine ADSelfService Plus Build 6118 Exploit, NTLMv2 Hash Exposure REMOTE Author: Metin Yunus Kandemir	2022/05/11
Wondershare Dr.Fone 11.4.10 Exploit, Insecure File Permissions LOCAL Author: kuCyberSe	2022/05/11
TCQ Exploit, ITeCProteccioAppServer.exe Exploit, Unquoted Service Path LOCAL Author: Edgar Carrillo Egea	2022/05/11
UDisk Monitor Z5 Phone Exploit, 'MonServiceUDisk.exe' Unquoted Service Path LOCAL Author: Edgar Carrillo Egea	2022/05/11

SmartRG Router SR510n 2.6.13 Exploit, RCE (Remote Code Execution)
REMOTE Author: Yerodin Richards

2022/11/11

CVAT 2.0 Exploit, SSRF (Server Side Request Forgery)
WEBAPPS Author: Emir Polat

2022/11/11

IOTransfer V4 Exploit, Unquoted Service Path
LOCAL Author: BLAY ABU SAFIAN

2022/11/11

AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 Exploit, Path Traversal
REMOTE Author: Jens Regel

2022/11/11

MSNSwitch Firmware MNT.2408 Exploit, Remote Code Exectuion (RCE)
REMOTE Author: Eli Fulkerson

2022/11/11

Open Web Analytics 1.7.3 Exploit, Remote Code Execution (RCE)
WEBAPPS Author: Jacob Ebben

2022/11/11