Exploit Database

Exploit Description	Date
SolarView Compact 6.0 Exploit, OS Command Injection REMOTE Author: Ahmed Alroky	2022/05/15
PyScript Exploit, Read Remote Python Source Code REMOTE Author: Momen Eldawakhly	2022/05/12
SDT-CW3B1 1.1.0 Exploit, OS Command Injection REMOTE Author: Ahmed Alroky	2022/05/12
Survey Sparrow Enterprise Survey Software 2022 Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Pankaj Kumar Thakur	2022/05/11
TLR-2005KSH Exploit, Arbitrary File Delete WEBAPPS Author: Ahmed Alroky	2022/05/11
TLR-2005KSH Exploit, Arbitrary File Upload WEBAPPS Author: Ahmed Alroky	2022/05/11
T-Soft E-Commerce 4 Exploit, 'UrunAdi' Stored Cross-Site Scripting (XSS) WEBAPPS Author: Alperen Ergel	2022/05/10
MyBB 1.8.29 Exploit, MyBB 1.8.29 Exploit, Remote Code Execution (RCE) (Authenticated) WEBAPPS Author: ltelu	2022/05/08
PHProjekt PhpSimplyGest v1.3. Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Andrea Intilangelo	2022/05/05
Google Chrome 78.0.3904.70 Exploit, Remote Code Execution REMOTE Author: Forrest Orr	2022/05/03
Anuko Time Tracker Exploit, SQLi (Authenticated) WEBAPPS Author: ltelu	2022/05/03
e107 CMS v3.2.1 Exploit, Multiple Vulnerabilities WEBAPPS Author: Hubert Wojciechowski	2022/04/30
DLINK DAP-1620 A1 v1.01 Exploit, Directory Traversal REMOTE Author: Momen Eldawakhly	2022/04/27
Akka HTTP 10.1.14 Exploit, Denial of Service REMOTE Author: xosm	2022/04/18
WordPress Plugin Videos sync PDF 1.7.4 Exploit, Stored Cross Site Scripting (XSS) WEBAPPS Author: nD3sc0n0c1d	2022/04/13
Razer Sila Exploit, Command Injection WEBAPPS Author: Kevin Randall	2022/04/12
Razer Sila Exploit, Local File Inclusion (LFI) WEBAPPS Author: Kevin Randall	2022/04/12
GitLab 14.9 Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: reenwol	2022/04/12
Gitlab 14.9 Exploit, Authentication Bypass WEBAPPS Author: reenwol	2022/04/12
Zyxel NWA-1100-NH Exploit, Command Injection REMOTE Author: Ahmed Alroky	2022/04/12
Easy Appointments 1.4.2 Exploit, Information Disclosure WEBAPPS Author: Alexandre ZANNI	2022/04/11
WordPress Plugin Motopress Hotel Booking Lite 4.2.4 Exploit, SQL Injection WEBAPPS Author: Mohsen Dehghani	2022/04/11
Scriptcase 9.7 Exploit, Remote Code Execution (RCE) WEBAPPS Author: uckyt0mat	2022/04/08
ImpressCMS v1.4.4 Exploit, Unrestricted File Upload WEBAPPS Author: Ünsal Furkan Harani	2022/04/07
Telesquare TLR-2855KS6 Exploit, Arbitrary File Deletion WEBAPPS Author: Momen Eldawakhly	2022/04/07
Telesquare TLR-2855KS6 Exploit, Arbitrary File Creation WEBAPPS Author: Momen Eldawakhly	2022/04/07
Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 Exploit, Local File Inclusion (LFI) REMOTE Author: Momen Eldawakhly	2022/04/07
SAM SUNNY TRIPOWER 5.0 Exploit, Insecure Direct Object Reference (IDOR) WEBAPPS Author: Momen Eldawakhly	2022/04/07
MiniTool Partition Wizard Exploit, Unquoted Service Path LOCAL Author: Saud Alenazi	2022/04/07
Sherpa Connector Service v2020.2.20328.2050 Exploit, Unquoted Service Path LOCAL Author: Manthan Chhabra	2022/04/02
KLiK Social Media Website 1.0 Exploit, 'Multiple' SQLi WEBAPPS Author: orps	2022/04/01
Kramer VIAware Exploit, Remote Code Execution (RCE) (Root) REMOTE Author: harkmoo	2022/03/31
ImpressCMS 1.4.2 Exploit, Remote Code Execution (RCE) WEBAPPS Author: Egidio Romano	2022/03/30
ICEHRM 31.0.0.0S Exploit, Cross-site Request Forgery (CSRF) to Account Deletion WEBAPPS Author: Devansh Bordia	2022/03/29
PostgreSQL 9.3-11.7 Exploit, Remote Code Execution (RCE) (Authenticated) REMOTE Author: 4keSn4k	2022/03/29
Kramer VIAware 2.5.0719.1034 Exploit, Remote Code Execution (RCE) REMOTE Author: harkmoo	2022/03/28
WordPress Plugin admin-word-count-column 2.2 Exploit, Local File Read WEBAPPS Author: Hassan Khan Yusufzai	2022/03/27
WordPress Plugin video-synchro-pdf 1.7.4 Exploit, Local File Inclusion WEBAPPS Author: Hassan Khan Yusufzai	2022/03/26
WordPress Plugin cab-fare-calculator 1.0.3 Exploit, Local File Inclusion WEBAPPS Author: Hassan Khan Yusufzai	2022/03/24
WordPress Plugin Curtain 1.0.2 Exploit, Cross-site Request Forgery (CSRF) WEBAPPS Author: Hassan Khan Yusufzai	2022/03/24
WordPress Plugin amministrazione-aperta 3.7.3 Exploit, Local File Read Exploit, Unauthenticated WEBAPPS Author: Hassan Khan Yusufzai	2022/03/23
Drupal avatar_uploader v7.x-1.0-beta8 Exploit, Cross Site Scripting (XSS) WEBAPPS Author: Milad karimi	2022/03/22
Atom CMS 2.0 Exploit, Remote Code Execution (RCE) WEBAPPS Author: Ashish Koli	2022/03/22
ProtonVPN 1.26.0 Exploit, Unquoted Service Path LOCAL Author: emred	2022/03/22
Ivanti Endpoint Manager 4.6 Exploit, Remote Code Execution (RCE) REMOTE Author: 7	2022/03/20
Explore CMS 1.0 Exploit, SQL Injection WEBAPPS Author: Sajibe Kanti	2022/03/19
iRZ Mobile Router Exploit, CSRF to RCE REMOTE Author: John Jackson	2022/03/18
ICEHRM 31.0.0.0S Exploit, Cross-site Request Forgery (CSRF) to Account Takeover WEBAPPS Author: Devansh Bordia	2022/03/18
Apache APISIX 2.12.1 Exploit, Remote Code Execution (RCE) REMOTE Author: en3x	2022/03/16
Tiny File Manager 2.4.6 Exploit, Remote Code Execution (RCE) WEBAPPS Author: FEBIN MON SAJI	2022/03/14
Hikvision IP Camera Exploit, Backdoor REMOTE Author: Sobhan Mahmoodi	2022/03/14
WordPress Plugin Advanced Uploader 4.2 Exploit, Arbitrary File Upload (Authenticated) WEBAPPS Author: Roel van Beurden	2022/03/13
Pluck CMS 4.7.16 Exploit, Remote Code Execution (RCE) (Authenticated) WEBAPPS Author: Ashish Koli	2022/03/13
Fuel CMS 1.5.0 Exploit, Cross-Site Request Forgery (CSRF) WEBAPPS Author: Ali J	2022/03/11
VIVE Runtime Service Exploit, 'ViveAgentService' Unquoted Service Path LOCAL Author: Faisal Alasmari	2022/03/11
Seowon SLR-120 Router Exploit, Remote Code Execution (Unauthenticated) REMOTE Author: Aryan Chehreghani	2022/03/11
Audio Conversion Wizard v2.01 Exploit, Buffer Overflow LOCAL Author: Hejap Zairy Al-Sharif	2022/03/10
Tdarr 2.00.15 Exploit, Command Injection REMOTE Author: Sam Smith	2022/03/10
Siemens S7-1200 Exploit, Unauthenticated Start/Stop Command REMOTE Author: oseSecurit	2022/03/09
Sony playmemories home Exploit, 'PMBDeviceInfoProvider' Unquoted Service Path LOCAL Author: Saud Alenazi	2022/03/09
Zabbix 5.0.17 Exploit, Remote Code Execution (RCE) (Authenticated) WEBAPPS Author: Hussien Misbah	2022/03/09
BattlEye 0.9 Exploit, 'BEService' Unquoted Service Path LOCAL Author: Saud Alenazi	2022/03/09
McAfee(R) Safe Connect VPN Exploit, Unquoted Service Path Elevation Of Privilege LOCAL Author: Saud Alenazi	2022/03/09
Hasura GraphQL 2.2.0 Exploit, Information Disclosure WEBAPPS Author: Dolev Farhi	2022/03/08
part-db 0.5.11 Exploit, Remote Code Execution (RCE) WEBAPPS Author: Chetanya Sharma	2022/03/08
Cobian Backup 0.9 Exploit, Unquoted Service Path LOCAL Author: Hejap Zairy Al-Sharif	2022/03/06
Webmin 1.984 Exploit, Remote Code Execution (Authenticated) WEBAPPS Author: aisalfs10	2022/03/06
Foxit PDF Reader 11.0 Exploit, Unquoted Service Path LOCAL Author: Hejap Zairy Al-Sharif	2022/03/05
Malwarebytes 4.5 Exploit, Unquoted Service Path LOCAL Author: Hejap Zairy Al-Sharif	2022/03/05
Cloudflare WARP 1.4 Exploit, Unquoted Service Path LOCAL Author: Hejap Zairy Al-Sharif	2022/03/05
Private Internet Access 3.3 Exploit, 'pia-service' Unquoted Service Path LOCAL Author: Saud Alenazi	2022/03/04
Attendance and Payroll System v1.0 Exploit, SQLi Authentication Bypass WEBAPPS Author: r0	2022/03/04
Attendance and Payroll System v1.0 Exploit, Remote Code Execution (RCE) WEBAPPS Author: r0	2022/03/04
Prowise Reflect v1.0.9 Exploit, Remote Keystroke Injection REMOTE Author: Rik Lutz	2022/03/03
WordPress Plugin Popup Maker 1.16.5 Exploit, Stored Cross-Site Scripting (Authenticated) WEBAPPS Author: Roel van Beurden	2022/03/03
Spring Cloud Gateway 3.1.0 Exploit, Remote Code Execution (RCE) WEBAPPS Author: Carlos E. Vieira	2022/03/03
Moodle 3.11.5 Exploit, SQLi (Authenticated) WEBAPPS Author: Chris Anastasio	2022/03/02
Zyxel ZyWALL 2 Plus Internet Security Appliance Exploit, Cross-Site Scripting (XSS) WEBAPPS Author: Momen Eldawakhly	2022/03/01
Cipi Control Panel 3.1.15 Exploit, Stored Cross-Site Scripting (XSS) (Authenticated) WEBAPPS Author: hulie	2022/02/24
Microweber CMS 1.2.10 Exploit, Local File Inclusion (Authenticated) (Metasploit) WEBAPPS Author: Talha Karakumru	2022/02/22
Student Record System 1.0 Exploit, 'cid' SQLi (Authenticated) WEBAPPS Author: Mohd. Anees	2022/02/22
aaPanel 6.8.21 Exploit, Directory Traversal (Authenticated) WEBAPPS Author: hulie	2022/02/22
Simple Real Estate Portal System 1.0 Exploit, 'id' SQLi WEBAPPS Author: osaae	2022/02/22
Dbltek GoIP Exploit, Local File Inclusion WEBAPPS Author: Valtteri Lehtinen	2022/02/20
FileCloud 21.2 Exploit, Cross-Site Request Forgery (CSRF) WEBAPPS Author: Masashi Fujiwara	2022/02/20
T-Soft E-Commerce 4 Exploit, SQLi (Authenticated) WEBAPPS Author: Alperen Ergel	2022/02/18
Cab Management System 1.0 Exploit, Remote Code Execution (RCE) (Authenticated) WEBAPPS Author: Alperen Ergel	2022/02/18
Cab Management System 1.0 Exploit, 'id' SQLi (Authenticated) WEBAPPS Author: Alperen Ergel	2022/02/18
HMA VPN 5.3 Exploit, Unquoted Service Path LOCAL Author: Saud Alenazi	2022/02/18
WordPress Plugin dzs-zoomsounds 6.60 Exploit, Remote Code Execution (RCE) (Unauthenticated) WEBAPPS Author: verthinker187	2022/02/16
WordPress Plugin MasterStudy LMS 2.7.5 Exploit, Unauthenticated Admin Account Creation WEBAPPS Author: numan tÃ¼rle	2022/02/16
TeamSpeak 3.5.6 Exploit, Insecure File Permissions LOCAL Author: Aryan Chehreghani	2022/02/15
ServiceNow Exploit, Username Enumeration WEBAPPS Author: Victor Hanna	2022/02/12
Hospital Management Startup 1.0 Exploit, 'Multiple' SQLi WEBAPPS Author: u11secur1t	2022/02/11
Simple Student Quarterly Result/Grade System 1.0 Exploit, SQLi Authentication Bypass WEBAPPS Author: Saud Alenazi	2022/02/11
Multi-Vendor Online Groceries Management System 1.0 Exploit, 'id' Blind SQL Injection WEBAPPS Author: Saud Alenazi	2022/02/11
Exam Reviewer Management System 1.0 Exploit, â€˜idâ€™ SQL Injection WEBAPPS Author: Juli Agarwal	2022/02/10
Wing FTP Server 4.3.8 Exploit, Remote Code Execution (RCE) (Authenticated) REMOTE Author: otco	2022/02/09
Hospital Management System 4.0 Exploit, 'multiple' SQL Injection WEBAPPS Author: u11secur1t	2022/02/09
Cyclades Serial Console Server 3.3.0 Exploit, Local Privilege Escalation LOCAL Author: bb	2022/02/09

SolarView Compact 6.0 Exploit, OS Command Injection
REMOTE Author: Ahmed Alroky

2022/05/15

PyScript Exploit, Read Remote Python Source Code
REMOTE Author: Momen Eldawakhly

2022/05/12

SDT-CW3B1 1.1.0 Exploit, OS Command Injection
REMOTE Author: Ahmed Alroky

2022/05/12

Survey Sparrow Enterprise Survey Software 2022 Exploit, Stored Cross-Site Scripting (XSS)
WEBAPPS Author: Pankaj Kumar Thakur

2022/05/11

TLR-2005KSH Exploit, Arbitrary File Delete
WEBAPPS Author: Ahmed Alroky

2022/05/11

TLR-2005KSH Exploit, Arbitrary File Upload
WEBAPPS Author: Ahmed Alroky

2022/05/11