Exploit Database

Exploit Description	Date
PAN-OS 10.0 Exploit, Remote Code Execution (RCE) (Authenticated) REMOTE Author: nD3sc0n0c1d	2022/08/10
Prestashop blockwishlist module 2.1.0 Exploit, SQLi WEBAPPS Author: Karthik UJ	2022/08/10
ThingsBoard 3.3.1 'description' Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Steffen Langenfeld	2022/08/03
ThingsBoard 3.3.1 'name' Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Steffen Langenfeld	2022/08/03
Feehi CMS 2.1.1 Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Shivam Singh	2022/08/02
WordPress Plugin Visual Slide Box Builder 3.2.9 Exploit, SQLi WEBAPPS Author: u11secur1t	2022/07/27
NanoCMS v0.4 Exploit, Remote Code Execution (RCE) (Authenticated) WEBAPPS Author: 1ckz	2022/07/26
Webmin 1.996 Exploit, Remote Code Execution (RCE) (Authenticated) WEBAPPS Author: Emir Polat	2022/07/25
Omnia MPX 1.5.0+r1 Exploit, Path Traversal REMOTE Author: Momen Eldawakhly	2022/07/24
mPDF 7.0 Exploit, Local File Inclusion WEBAPPS Author: Musyoka Ian	2022/07/23
WordPress Plugin WP-UserOnline 2.87.6 Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Steffin Stanly	2022/07/21
Dingtian-DT-R002 3.1.276A Exploit, Authentication Bypass WEBAPPS Author: Victor Hanna	2022/07/13
rpc.py 0.6.0 Exploit, Remote Code Execution (RCE) REMOTE Author: Elias Hohl	2022/07/12
CodoForum v5.1 Exploit, Remote Code Execution (RCE) WEBAPPS Author: Krish Pandey	2022/07/06
Geonetwork 4.2.0 Exploit, XML External Entity (XXE) WEBAPPS Author: Amel BOUZIANE-LEBLOND	2022/07/01
Nginx 1.20.0 Exploit, Denial of Service (DOS) REMOTE Author: Mohammed Alshehri	2022/06/29
ChurchCRM 4.4.5 Exploit, SQLi WEBAPPS Author: u11secur1t	2022/06/15
Wavlink WN530HG4 Exploit, Password Disclosure WEBAPPS Author: Ahmed Alroky	2022/06/12
Wavlink WN533A8 Exploit, Password Disclosure WEBAPPS Author: Ahmed Alroky	2022/06/12
Old Age Home Management System 1.0 Exploit, SQLi Authentication Bypass WEBAPPS Author: wseptia	2022/06/12
Sourcegraph Gitserver 3.36.3 Exploit, Remote Code Execution (RCE) REMOTE Author: ltelu	2022/06/10
TP-Link Router AX50 firmware 210730 Exploit, Remote Code Execution (RCE) (Authenticated) REMOTE Author: Tomas Melicher	2022/06/08
Algo 8028 Control Panel Exploit, Remote Code Execution (RCE) (Authenticated) REMOTE Author: Filip Carlsson	2022/06/07
HP LaserJet Professional M1210 MFP Series Receive Fax Service Exploit, Unquoted Service Path LOCAL Author: Ali Alipour	2022/06/06
WordPress Plugin Motopress Hotel Booking Lite 4.2.4 Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Sanjay Singh	2022/06/05
Avantune Genialcloud ProJ 10 Exploit, Cross-Site Scripting (XSS) WEBAPPS Author: Andrea Intilangelo	2022/06/01
Marval MSM v14.19.0.12476 Exploit, Cross-Site Request Forgery (CSRF) REMOTE Author: Momen Eldawakhly	2022/05/27
Marval MSM v14.19.0.12476 Exploit, Remote Code Execution (RCE) (Authenticated) REMOTE Author: Momen Eldawakhly	2022/05/27
Telesquare SDT-CW3B1 1.1.0 Exploit, OS Command Injection REMOTE Author: Bryan Leong	2022/05/24
OpenCart v3.x Newsletter Module Exploit, Blind SQLi WEBAPPS Author: Saud Alenazi	2022/05/19
Zyxel USG FLEX 5.21 Exploit, OS Command Injection REMOTE Author: Valentin Lobstein	2022/05/18
SolarView Compact 6.00 Exploit, 'pow' Cross-Site Scripting (XSS) WEBAPPS Author: Ahmed Alroky	2022/05/15
SolarView Compact 6.00 Exploit, 'time_begin' Cross-Site Scripting (XSS) WEBAPPS Author: Ahmed Alroky	2022/05/15
SolarView Compact 6.00 Exploit, Directory Traversal REMOTE Author: Ahmed Alroky	2022/05/15
SolarView Compact 6.0 Exploit, OS Command Injection REMOTE Author: Ahmed Alroky	2022/05/15
PyScript Exploit, Read Remote Python Source Code REMOTE Author: Momen Eldawakhly	2022/05/12
SDT-CW3B1 1.1.0 Exploit, OS Command Injection REMOTE Author: Ahmed Alroky	2022/05/12
Survey Sparrow Enterprise Survey Software 2022 Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Pankaj Kumar Thakur	2022/05/11
TLR-2005KSH Exploit, Arbitrary File Delete WEBAPPS Author: Ahmed Alroky	2022/05/11
TLR-2005KSH Exploit, Arbitrary File Upload WEBAPPS Author: Ahmed Alroky	2022/05/11
T-Soft E-Commerce 4 Exploit, 'UrunAdi' Stored Cross-Site Scripting (XSS) WEBAPPS Author: Alperen Ergel	2022/05/10
Microweber CMS 1.2.15 Exploit, Account Takeover WEBAPPS Author: Manojkumar J	2022/05/09
Magnolia CMS 6.2.19 Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Giulio Garzia Ozozuz	2022/05/08
MyBB 1.8.29 Exploit, MyBB 1.8.29 Exploit, Remote Code Execution (RCE) (Authenticated) WEBAPPS Author: ltelu	2022/05/08
PHProjekt PhpSimplyGest v1.3. Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Andrea Intilangelo	2022/05/05
Google Chrome 78.0.3904.70 Exploit, Remote Code Execution REMOTE Author: Forrest Orr	2022/05/03
Anuko Time Tracker Exploit, SQLi (Authenticated) WEBAPPS Author: ltelu	2022/05/03
e107 CMS v3.2.1 Exploit, Multiple Vulnerabilities WEBAPPS Author: Hubert Wojciechowski	2022/04/30
DLINK DAP-1620 A1 v1.01 Exploit, Directory Traversal REMOTE Author: Momen Eldawakhly	2022/04/27
WSO2 Management Console (Multiple Products) Exploit, Unauthenticated Reflected Cross-Site Scripting (XSS) WEBAPPS Author: xosm	2022/04/21
Akka HTTP 10.1.14 Exploit, Denial of Service REMOTE Author: xosm	2022/04/18
WordPress Plugin Videos sync PDF 1.7.4 Exploit, Stored Cross Site Scripting (XSS) WEBAPPS Author: nD3sc0n0c1d	2022/04/13
Razer Sila Exploit, Command Injection WEBAPPS Author: Kevin Randall	2022/04/12
Razer Sila Exploit, Local File Inclusion (LFI) WEBAPPS Author: Kevin Randall	2022/04/12
GitLab 14.9 Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: reenwol	2022/04/12
Gitlab 14.9 Exploit, Authentication Bypass WEBAPPS Author: reenwol	2022/04/12
Zyxel NWA-1100-NH Exploit, Command Injection REMOTE Author: Ahmed Alroky	2022/04/12
Easy Appointments 1.4.2 Exploit, Information Disclosure WEBAPPS Author: Alexandre ZANNI	2022/04/11
WordPress Plugin Motopress Hotel Booking Lite 4.2.4 Exploit, SQL Injection WEBAPPS Author: Mohsen Dehghani	2022/04/11
phpIPAM 1.4.5 Exploit, Remote Code Execution (RCE) (Authenticated) WEBAPPS Author: Guilherme Alves	2022/04/10
Scriptcase 9.7 Exploit, Remote Code Execution (RCE) WEBAPPS Author: uckyt0mat	2022/04/08
ImpressCMS v1.4.4 Exploit, Unrestricted File Upload WEBAPPS Author: Ünsal Furkan Harani	2022/04/07
Telesquare TLR-2855KS6 Exploit, Arbitrary File Deletion WEBAPPS Author: Momen Eldawakhly	2022/04/07
Telesquare TLR-2855KS6 Exploit, Arbitrary File Creation WEBAPPS Author: Momen Eldawakhly	2022/04/07
Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 Exploit, Local File Inclusion (LFI) REMOTE Author: Momen Eldawakhly	2022/04/07
SAM SUNNY TRIPOWER 5.0 Exploit, Insecure Direct Object Reference (IDOR) WEBAPPS Author: Momen Eldawakhly	2022/04/07
MiniTool Partition Wizard Exploit, Unquoted Service Path LOCAL Author: Saud Alenazi	2022/04/07
Sherpa Connector Service v2020.2.20328.2050 Exploit, Unquoted Service Path LOCAL Author: Manthan Chhabra	2022/04/02
KLiK Social Media Website 1.0 Exploit, 'Multiple' SQLi WEBAPPS Author: orps	2022/04/01
Kramer VIAware Exploit, Remote Code Execution (RCE) (Root) REMOTE Author: harkmoo	2022/03/31
ImpressCMS 1.4.2 Exploit, Remote Code Execution (RCE) WEBAPPS Author: Egidio Romano	2022/03/30
ICEHRM 31.0.0.0S Exploit, Cross-site Request Forgery (CSRF) to Account Deletion WEBAPPS Author: Devansh Bordia	2022/03/29
PostgreSQL 9.3-11.7 Exploit, Remote Code Execution (RCE) (Authenticated) REMOTE Author: 4keSn4k	2022/03/29
Kramer VIAware 2.5.0719.1034 Exploit, Remote Code Execution (RCE) REMOTE Author: harkmoo	2022/03/28
WordPress Plugin admin-word-count-column 2.2 Exploit, Local File Read WEBAPPS Author: Hassan Khan Yusufzai	2022/03/27
WordPress Plugin video-synchro-pdf 1.7.4 Exploit, Local File Inclusion WEBAPPS Author: Hassan Khan Yusufzai	2022/03/26
WordPress Plugin cab-fare-calculator 1.0.3 Exploit, Local File Inclusion WEBAPPS Author: Hassan Khan Yusufzai	2022/03/24
WordPress Plugin Curtain 1.0.2 Exploit, Cross-site Request Forgery (CSRF) WEBAPPS Author: Hassan Khan Yusufzai	2022/03/24
WordPress Plugin amministrazione-aperta 3.7.3 Exploit, Local File Read Exploit, Unauthenticated WEBAPPS Author: Hassan Khan Yusufzai	2022/03/23
Drupal avatar_uploader v7.x-1.0-beta8 Exploit, Cross Site Scripting (XSS) WEBAPPS Author: Milad karimi	2022/03/22
Atom CMS 2.0 Exploit, Remote Code Execution (RCE) WEBAPPS Author: Ashish Koli	2022/03/22
ProtonVPN 1.26.0 Exploit, Unquoted Service Path LOCAL Author: emred	2022/03/22
Ivanti Endpoint Manager 4.6 Exploit, Remote Code Execution (RCE) REMOTE Author: 7	2022/03/20
Explore CMS 1.0 Exploit, SQL Injection WEBAPPS Author: Sajibe Kanti	2022/03/19
iRZ Mobile Router Exploit, CSRF to RCE REMOTE Author: John Jackson	2022/03/18
ICEHRM 31.0.0.0S Exploit, Cross-site Request Forgery (CSRF) to Account Takeover WEBAPPS Author: Devansh Bordia	2022/03/18
Apache APISIX 2.12.1 Exploit, Remote Code Execution (RCE) REMOTE Author: en3x	2022/03/16
Tiny File Manager 2.4.6 Exploit, Remote Code Execution (RCE) WEBAPPS Author: FEBIN MON SAJI	2022/03/14
Hikvision IP Camera Exploit, Backdoor REMOTE Author: Sobhan Mahmoodi	2022/03/14
WordPress Plugin Advanced Uploader 4.2 Exploit, Arbitrary File Upload (Authenticated) WEBAPPS Author: Roel van Beurden	2022/03/13
Pluck CMS 4.7.16 Exploit, Remote Code Execution (RCE) (Authenticated) WEBAPPS Author: Ashish Koli	2022/03/13
Fuel CMS 1.5.0 Exploit, Cross-Site Request Forgery (CSRF) WEBAPPS Author: Ali J	2022/03/11
VIVE Runtime Service Exploit, 'ViveAgentService' Unquoted Service Path LOCAL Author: Faisal Alasmari	2022/03/11
Seowon SLR-120 Router Exploit, Remote Code Execution (Unauthenticated) REMOTE Author: Aryan Chehreghani	2022/03/11
Audio Conversion Wizard v2.01 Exploit, Buffer Overflow LOCAL Author: Hejap Zairy Al-Sharif	2022/03/10
Tdarr 2.00.15 Exploit, Command Injection REMOTE Author: Sam Smith	2022/03/10
Siemens S7-1200 Exploit, Unauthenticated Start/Stop Command REMOTE Author: oseSecurit	2022/03/09
Sony playmemories home Exploit, 'PMBDeviceInfoProvider' Unquoted Service Path LOCAL Author: Saud Alenazi	2022/03/09
Zabbix 5.0.17 Exploit, Remote Code Execution (RCE) (Authenticated) WEBAPPS Author: Hussien Misbah	2022/03/09
BattlEye 0.9 Exploit, 'BEService' Unquoted Service Path LOCAL Author: Saud Alenazi	2022/03/09

PAN-OS 10.0 Exploit, Remote Code Execution (RCE) (Authenticated)
REMOTE Author: nD3sc0n0c1d

2022/08/10

Prestashop blockwishlist module 2.1.0 Exploit, SQLi
WEBAPPS Author: Karthik UJ

2022/08/10

ThingsBoard 3.3.1 'description' Exploit, Stored Cross-Site Scripting (XSS)
WEBAPPS Author: Steffen Langenfeld

2022/08/03

ThingsBoard 3.3.1 'name' Exploit, Stored Cross-Site Scripting (XSS)
WEBAPPS Author: Steffen Langenfeld

2022/08/03

Feehi CMS 2.1.1 Exploit, Stored Cross-Site Scripting (XSS)
WEBAPPS Author: Shivam Singh

2022/08/02

WordPress Plugin Visual Slide Box Builder 3.2.9 Exploit, SQLi
WEBAPPS Author: u11secur1t

2022/07/27