Exploit Database

Exploit Description	Date
Splunk 9.0.5 Exploit, admin account take over WEBAPPS Author: Redway Security	2023/10/09
OpenPLC WebServer 3 Exploit, Denial of Service DOS Author: Kai Feng	2023/10/09
Shuttle-Booking-Software v1.0 Exploit, Multiple-SQLi WEBAPPS Author: u11secur1t	2023/10/09
Limo Booking Software v1.0 Exploit, CORS WEBAPPS Author: u11secur1t	2023/10/09
Webedition CMS v2.9.8.8 Exploit, Blind SSRF WEBAPPS Author: Mirabbas Ağalarov	2023/10/09
Atcom 2.7.x.x Exploit, Authenticated Command Injection REMOTE Author: Mohammed Adel	2023/10/09
BoidCMS v2.0.0 Exploit, authenticated file upload vulnerability WEBAPPS Author: 337ki	2023/10/09
Cacti 1.2.24 Exploit, Authenticated command injection when using SNMP options WEBAPPS Author: Antonio Francesco Sardella	2023/10/09
Wordpress Sonaar Music Plugin 4.7 Exploit, Stored XSS WEBAPPS Author: Furkan Karaarslan	2023/10/09
Coppermine Gallery 1.6.25 Exploit, RCE WEBAPPS Author: Mirabbas Ağalarov	2023/10/09
Media Library Assistant Wordpress Plugin Exploit, RCE and LFI WEBAPPS Author: Florent MONTEL	2023/10/09
WEBIGniter v28.7.23 File Upload Exploit, Remote Code Execution WEBAPPS Author: u11secur1t	2023/10/09
Wordpress Plugin Masterstudy LMS Exploit, 3.0.17 Exploit, Unauthenticated Instructor Account Creation WEBAPPS Author: Revan Arifio	2023/10/09
Minio 2022-07-29T19-40-48Z Exploit, Path traversal WEBAPPS Author: Jenson Zhao	2023/10/09
Microsoft Windows 11 Exploit, 'apds.dll' DLL hijacking (Forced) LOCAL Author: Moein Shahabi	2023/10/09
Tinycontrol LAN Controller v3 (LK3) 1.58a Exploit, Remote Admin Password Change REMOTE Author: iquidWor	2023/10/09
Tinycontrol LAN Controller v3 (LK3) 1.58a Exploit, Remote Credentials Extraction REMOTE Author: iquidWor	2023/10/09
Tinycontrol LAN Controller v3 (LK3) 1.58a Exploit, Remote Denial Of Service DOS Author: iquidWor	2023/10/09
Clcknshop 1.0.0 Exploit, SQL Injection WEBAPPS Author: raCkE	2023/10/09
Online ID Generator 1.0 Exploit, Remote Code Execution (RCE) WEBAPPS Author: u11secur1t	2023/10/09
Ruijie Reyee Mesh Router Exploit, MITM Remote Code Execution (RCE) REMOTE Author: Riyan Firmansyah of Seclab	2023/10/09
GLPI GZIP(Py3) 9.4.5 Exploit, RCE WEBAPPS Author: Brian Peters	2023/10/09
SyncBreeze 15.2.24 Exploit, 'login' Denial of Service DOS Author: mohamed youssef	2023/09/08
GOM Player 2.3.90.5360 Exploit, Buffer Overflow (PoC) LOCAL Author: Ahmet Ümit BAYRAM	2023/09/08
Drupal 10.1.2 Exploit, web-cache-poisoning-External-service-interaction WEBAPPS Author: u11secur1t	2023/09/08
Axigen < 10.3.3.47_ 10.2.3.12 Exploit, Reflected XSS WEBAPPS Author: mirZargha	2023/09/08
Techview LA-5570 Wireless Gateway Home Automation Controller Exploit, Multiple Vulnerabilities REMOTE Author: The Security Team [exploitsecurity.io]	2023/09/08
GOM Player 2.3.90.5360 Exploit, Remote Code Execution (RCE) REMOTE Author: M. Akil Gündoğan	2023/09/08
soosyze 2.0.0 Exploit, File Upload WEBAPPS Author: u11secur1t	2023/09/08
Wp2Fac Exploit, OS Command Injection WEBAPPS Author: Ahmet Ümit BAYRAM	2023/09/08
Wordpress Plugin Elementor 3.5.5 Exploit, Iframe Injection WEBAPPS Author: Miguel Santareno	2023/09/08
Jorani v1.0.3-(c)2014-2023 Exploit, XSS Reflected & Information Disclosure WEBAPPS Author: u11secur1t	2023/09/08
SPA-Cart eCommerce CMS 1.9.0.3 Exploit, SQL Injection WEBAPPS Author: raCkE	2023/09/08
SPA-Cart eCommerce CMS 1.9.0.3 Exploit, Reflected XSS WEBAPPS Author: raCkE	2023/09/04
Bus Reservation System 1.1 Exploit, Multiple-SQLi WEBAPPS Author: u11secur1t	2023/09/04
WP Statistics Plugin 13.1.5 current_page_id Exploit, Time based SQL injection (Unauthenticated) WEBAPPS Author: sychoSherloc	2023/09/04
Member Login Script 3.3 Exploit, Client-side desync WEBAPPS Author: u11secur1t	2023/09/04
DLINK DPH-400SE Exploit, Exposure of Sensitive Information WEBAPPS Author: ahaafaroo	2023/09/04
FileMage Gateway 1.10.9 Exploit, Local File Inclusion WEBAPPS Author: Bryce Raindayzz Harty	2023/09/04
Kingo ROOT 1.5.8 Exploit, Unquoted Service Path LOCAL Author: Anish Feroz	2023/09/04
Freefloat FTP Server 1.0 Exploit, 'PWD' Remote Buffer Overflow LOCAL Author: Waqas Ahmed Faroouqi	2023/09/04
AdminLTE PiHole 5.18 Exploit, Broken Access Control WEBAPPS Author: v1t	2023/09/04
CSZ CMS 1.3.0 Exploit, Stored Cross-Site Scripting (Plugin 'Gallery') WEBAPPS Author: Daniel González	2023/09/04
CSZ CMS 1.3.0 Exploit, Stored Cross-Site Scripting ('Photo URL' and 'YouTube URL' ) WEBAPPS Author: Daniel González	2023/09/04
Academy LMS 6.1 Exploit, Arbitrary File Upload WEBAPPS Author: raCkE	2023/09/04
Credit Lite 1.5.4 Exploit, SQL Injection WEBAPPS Author: raCkE	2023/09/04
NVClient v5.0 Exploit, Stack Buffer Overflow (DoS) LOCAL Author: Ahmet Ümit BAYRAM	2023/09/04
Ivanti Avalanche REMOTE Author: Robel Campbell	2023/09/04
Hyip Rio 2.1 Exploit, Arbitrary File Upload WEBAPPS Author: raCkE	2023/09/04
Blood Donor Management System v1.0 Exploit, Stored XSS WEBAPPS Author: Ehlullah Albayrak	2023/09/04
Uvdesk 1.1.4 Exploit, Stored XSS (Authenticated) WEBAPPS Author: Hubert Wojciechowski	2023/08/24
User Registration & Login and User Management System v3.0 Exploit, SQL Injection (Unauthenticated) WEBAPPS Author: Ashutosh Singh Umath	2023/08/24
User Registration & Login and User Management System v3.0 Exploit, Stored Cross-Site Scripting (XSS) WEBAPPS Author: Ashutosh Singh Umath	2023/08/24
Taskhub CRM Tool 2.8.6 Exploit, SQL Injection WEBAPPS Author: Ahmet Ümit BAYRAM	2023/08/21
OVOO Movie Portal CMS v3.3.3 Exploit, SQL Injection WEBAPPS Author: Ahmet Ümit BAYRAM	2023/08/21
Global Exploit, Multi School Management System Express v1.0- SQL Injection WEBAPPS Author: Ahmet Ümit BAYRAM	2023/08/21
Color Prediction Game v1.0 Exploit, SQL Injection WEBAPPS Author: Ahmet Ümit BAYRAM	2023/08/21
Crypto Currency Tracker (CCT) 9.5 Exploit, Admin Account Creation (Unauthenticated) WEBAPPS Author: xB	2023/08/21
PHPJabbers Business Directory Script v3.2 Exploit, Multiple Vulnerabilities WEBAPPS Author: Kerimcan Ozturk	2023/08/21
EuroTel ETL3100 Exploit, Transmitter Unauthenticated Config/Log Download REMOTE Author: iquidWor	2023/08/21
EuroTel ETL3100 Exploit, Transmitter Authorization Bypass (IDOR) REMOTE Author: iquidWor	2023/08/21
EuroTel ETL3100 Exploit, Transmitter Default Credentials REMOTE Author: iquidWor	2023/08/21
Dolibarr Version 17.0.1 Exploit, Stored XSS WEBAPPS Author: Furkan Karaarslan	2023/08/21
Inosoft VisiWin 7 2022-2.1 Exploit, Insecure Folders Permissions LOCAL Author: hinna	2023/08/21
TSPlus 16.0.0.0 Exploit, Remote Work Insecure Credential storage REMOTE Author: hinna	2023/08/21
TSplus 16.0.0.0 Exploit, Remote Work Insecure Files and Folders REMOTE Author: hinna	2023/08/21
TSplus 16.0.2.14 Exploit, Remote Access Insecure Files and Folders Permissions REMOTE Author: hinna	2023/08/21
OutSystems Service Studio 11.53.30 Exploit, DLL Hijacking LOCAL Author: hinna	2023/08/10
TP-Link Archer AX21 Exploit, Unauthenticated Command Injection REMOTE Author: oyag3	2023/08/10
Maltrail v0.53 Exploit, Unauthenticated Remote Code Execution (RCE) WEBAPPS Author: Iyaad Luqman K	2023/08/10
Request-Baskets v1.2.1 Exploit, Server-side request forgery (SSRF) WEBAPPS Author: Iyaad Luqman K	2023/08/10
systemd 246 Exploit, Local Privilege Escalation LOCAL Author: Iyaad Luqman K	2023/08/10
Emagic Data Center Management Suite v6.0 Exploit, OS Command Injection WEBAPPS Author: hewhiteh4	2023/08/08
PHPJabbers Vacation Rental Script 4.0 Exploit, CSRF WEBAPPS Author: Hasan Ali YILDIR	2023/08/08
Social-Commerce 3.1.6 Exploit, Reflected XSS WEBAPPS Author: raCkE	2023/08/08
mooSocial 3.1.8 Exploit, Reflected XSS WEBAPPS Author: raCkE	2023/08/08
Pyro CMS 3.9 Exploit, Server-Side Template Injection (SSTI) (Authenticated) WEBAPPS Author: Daniel Barros	2023/08/08
Lucee 5.4.2.17 Exploit, Authenticated Reflected XSS WEBAPPS Author: Yehia Elghaly	2023/08/08
Adlisting Classified Ads 2.14.0 Exploit, WebPage Content Information Disclosure WEBAPPS Author: raCkE	2023/08/08
Xlight FTP Server 3.9.3.6 Exploit, 'Stack Buffer Overflow' (DOS) DOS Author: Yehia Elghaly	2023/08/04
WordPress Plugin Forminator 1.24.6 Exploit, Unauthenticated Remote Command Execution WEBAPPS Author: Mehmet Kelepçe	2023/08/04
WordPress adivaha Travel Plugin 2.3 Exploit, Reflected XSS WEBAPPS Author: raCkE	2023/08/04
Webedition CMS v2.9.8.8 Exploit, Stored XSS WEBAPPS Author: Mirabbas Ağalarov	2023/08/04
Webedition CMS v2.9.8.8 Exploit, Remote Code Execution (RCE) WEBAPPS Author: Mirabbas Ağalarov	2023/08/04
Webutler v3.2 Exploit, Remote Code Execution (RCE) WEBAPPS Author: Mirabbas Ağalarov	2023/08/04
Wordpress Plugin EventON Calendar 4.4 Exploit, Unauthenticated Post Access via IDOR WEBAPPS Author: Miguel Santareno	2023/08/04
Wordpress Plugin EventON Calendar 4.4 Exploit, Unauthenticated Event Access WEBAPPS Author: Miguel Santareno	2023/08/04
Shelly PRO 4PM v0.11.0 Exploit, Authentication Bypass REMOTE Author: The Security Team [exploitsecurity.io]	2023/08/04
Campcodes Online Matrimonial Website System v3.3 Exploit, Code Execution via malicious SVG file upload WEBAPPS Author: Rajdip Dey Sarkar	2023/08/04
WordPress adivaha Travel Plugin 2.3 Exploit, SQL Injection WEBAPPS Author: raCkE	2023/08/04
Academy LMS 6.0 Exploit, Reflected XSS WEBAPPS Author: raCkE	2023/08/04
PHPJabbers Rental Property Booking 2.0 Exploit, Reflected XSS WEBAPPS Author: raCkE	2023/08/04
PHPJabbers Taxi Booking 2.0 Exploit, Reflected XSS WEBAPPS Author: raCkE	2023/08/04
PHPJabbers Cleaning Business 1.0 Exploit, Reflected XSS WEBAPPS Author: raCkE	2023/08/04
PHPJabbers Night Club Booking 1.0 Exploit, Reflected XSS WEBAPPS Author: raCkE	2023/08/04
PHPJabbers Service Booking Script 1.0 Exploit, Reflected XSS WEBAPPS Author: raCkE	2023/08/04
PHPJabbers Shuttle Booking Software 1.0 Exploit, Reflected XSS WEBAPPS Author: raCkE	2023/08/04
JLex GuestBook 1.6.4 Exploit, Reflected XSS WEBAPPS Author: raCkE	2023/08/04
Ozeki SMS Gateway 10.3.208 Exploit, Arbitrary File Read (Unauthenticated) WEBAPPS Author: Ahmet Ümit BAYRAM	2023/08/04
Joomla JLex Review 6.0.1 Exploit, Reflected XSS WEBAPPS Author: raCkE	2023/08/04

Splunk 9.0.5 Exploit, admin account take over
WEBAPPS Author: Redway Security

2023/10/09

OpenPLC WebServer 3 Exploit, Denial of Service
DOS Author: Kai Feng

2023/10/09

Shuttle-Booking-Software v1.0 Exploit, Multiple-SQLi
WEBAPPS Author: u11secur1t

2023/10/09

Limo Booking Software v1.0 Exploit, CORS
WEBAPPS Author: u11secur1t

2023/10/09

Webedition CMS v2.9.8.8 Exploit, Blind SSRF
WEBAPPS Author: Mirabbas Ağalarov

2023/10/09

Atcom 2.7.x.x Exploit, Authenticated Command Injection
REMOTE Author: Mohammed Adel

2023/10/09