Netsia SEBA+ 0.16.1 Exploit, Authentication Bypass and Add Root User (Metasploit)
WEBAPPS Author: kku | 2021/01/15 |
E-Learning System 1.0 Exploit, Authentication Bypass & RCE POC
WEBAPPS Author: Himanshu Shukla | 2021/01/15 |
Alumni Management System 1.0 Exploit, _Last Name field in Registration page_ Stored XSS
WEBAPPS Author: Siva Rajendran | 2021/01/15 |
EyesOfNetwork 5.3 Exploit, File Upload Remote Code Execution
WEBAPPS Author: Audencia Business SCHOOL Red Team | 2021/01/15 |
Online Hotel Reservation System 1.0 Exploit, 'person' time-based SQL Injection
WEBAPPS Author: Mesut Cetin | 2021/01/15 |
Online Hotel Reservation System 1.0 Exploit, Cross-site request forgery (CSRF)
WEBAPPS Author: Mesut Cetin | 2021/01/15 |
Online Hotel Reservation System 1.0 Exploit, 'id' Time-based SQL Injection
WEBAPPS Author: Mesut Cetin | 2021/01/15 |
Online Hotel Reservation System 1.0 Exploit, 'description' Stored Cross-site Scripting
WEBAPPS Author: Mesut Cetin | 2021/01/15 |
WordPress Plugin Easy Contact Form 1.1.7 Exploit, 'Name' Stored Cross-Site Scripting (XSS)
WEBAPPS Author: Rahul Ramakant Singh | 2021/01/15 |
PHP-Fusion CMS 9.03.90 Exploit, Cross-Site Request Forgery (Delete admin shoutbox message)
WEBAPPS Author: Mohamed Oosman | 2021/01/15 |
Cisco RV110W 1.2.1.7 Exploit, 'vpn_account' Denial of Service (PoC)
WEBAPPS Author: Shizhi He | 2021/01/14 |
Laravel 8.4.2 debug mode Exploit, Remote code execution
WEBAPPS Author: SunCSR Team | 2021/01/14 |
Online Shopping Cart System 1.0 Exploit, 'id' SQL Injection
WEBAPPS Author: Aydın Baran Ertemir | 2021/01/14 |
Nagios XI 5.7.X Exploit, Remote Code Exection RCE (Authenticated)
WEBAPPS Author: Haboob Team | 2021/01/14 |
Online Movie Streaming 1.0 Exploit, Admin Authentication Bypass
WEBAPPS Author: Richard Jones | 2021/01/14 |
Online Hotel Reservation System 1.0 Exploit, Admin Authentication Bypass
WEBAPPS Author: Richard Jones | 2021/01/13 |
Erlang Cookie Exploit, Remote Code Execution
REMOTE Author: F98 | 2021/01/13 |
SmartAgent 3.1.0 Exploit, Privilege Escalation
WEBAPPS Author: Orion Hridoy | 2021/01/12 |
Cemetry Mapping and Information System 1.0 Exploit, Multiple SQL Injections
WEBAPPS Author: Mesut Cetin | 2021/01/12 |
Gila CMS 2.0.0 Exploit, Remote Code Execution (Unauthenticated)
WEBAPPS Author: nesde | 2021/01/12 |
Prestashop 1.7.7.0 Exploit, 'id_product' Time Based Blind SQL Injection
WEBAPPS Author: Jaimin Gondaliya | 2021/01/11 |
PortableKanban 4.3.6578.38136 Exploit, Encrypted Password Retrieval
LOCAL Author: ootabet | 2021/01/11 |
OpenCart 3.0.36 Exploit, ATO via Cross Site Request Forgery
WEBAPPS Author: Mahendra Purbia | 2021/01/11 |
WordPress Plugin Custom Global Variables 1.0.5 Exploit, 'name' Stored Cross-Site Scripting (XSS)
WEBAPPS Author: Swapnil Subhash Bodekar | 2021/01/11 |
Cemetry Mapping and Information System 1.0 Exploit, Multiple Stored Cross-Site Scripting
WEBAPPS Author: Mesut Cetin | 2021/01/11 |
EyesOfNetwork 5.3 Exploit, LFI
WEBAPPS Author: Audencia Business SCHOOL Red Team | 2021/01/11 |
Anchor CMS 0.12.7 Exploit, 'markdown' Stored Cross-Site Scripting
WEBAPPS Author: Ramazan Mert GÖKTEN | 2021/01/11 |
EyesOfNetwork 5.3 Exploit, RCE & PrivEsc
WEBAPPS Author: Audencia Business SCHOOL Red Team | 2021/01/11 |
Wordpress Plugin wpDiscuz 7.0.4 Exploit, Unauthenticated Arbitrary File Upload (Metasploit)
WEBAPPS Author: SunCSR Team | 2021/01/08 |
WordPress Plugin Autoptimize 2.7.6 Exploit, Authenticated Arbitrary File Upload (Metasploit)
WEBAPPS Author: SunCSR Team | 2021/01/08 |
Apache Flink 1.11.0 Exploit, Unauthenticated Arbitrary File Read (Metasploit)
WEBAPPS Author: SunCSR Team | 2021/01/08 |
Cockpit Version 234 Exploit, Server-Side Request Forgery (Unauthenticated)
WEBAPPS Author: Metin Yunus Kandemir | 2021/01/08 |
Online Doctor Appointment System 1.0 Exploit, Multiple Stored XSS
WEBAPPS Author: Mohamed habib Smidi | 2021/01/08 |
Life Insurance Management System 1.0 Exploit, Multiple Stored XSS
WEBAPPS Author: Arnav Tripathy | 2021/01/08 |
dnsrecon 0.10.0 Exploit, CSV Injection
LOCAL Author: Dolev Farhi | 2021/01/08 |
CRUD Operation 1.0 Exploit, Multiple Stored XSS
WEBAPPS Author: Arnav Tripathy | 2021/01/07 |
ECSIMAGING PACS 6.21.5 Exploit, SQL injection
WEBAPPS Author: hoxxd | 2021/01/07 |
Curfew e-Pass Management System 1.0 Exploit, Stored XSS
WEBAPPS Author: Arnav Tripathy | 2021/01/07 |
Cockpit CMS 0.6.1 Exploit, Remote Code Execution
WEBAPPS Author: Rafael Resende | 2021/01/07 |
Employee Record System 1.0 Exploit, Unrestricted File Upload to Remote Code Execution
WEBAPPS Author: Saeed Bala Ahmed | 2021/01/07 |
ECSIMAGING PACS 6.21.5 Exploit, Remote code execution
WEBAPPS Author: hoxxd | 2021/01/07 |
iBall-Baton WRA150N Rom-0 Backup Exploit, File Disclosure (Sensitive Information)
WEBAPPS Author: 4cks1 | 2021/01/07 |
Sonatype Nexus 3.21.1 Exploit, Remote Code Execution (Authenticated)
WEBAPPS Author: F98 | 2021/01/06 |
H2 Database 1.4.199 Exploit, JNI Code Execution
LOCAL Author: F98 | 2021/01/06 |
Gitea 1.7.5 Exploit, Remote Code Execution
WEBAPPS Author: F98 | 2021/01/06 |
PaperStream IP (TWAIN) 1.42.0.5685 Exploit, Local Privilege Escalation
LOCAL Author: F98 | 2021/01/06 |
Resumes Management and Job Application Website 1.0 Exploit, Multiple Stored XSS
WEBAPPS Author: Arnav Tripathy | 2021/01/06 |
Resumes Management and Job Application Website 1.0 Exploit, RCE (Unauthenticated)
WEBAPPS Author: Arnav Tripathy | 2021/01/06 |
WinAVR Version 20100110 Exploit, Insecure Folder Permissions
LOCAL Author: Mohammed Alshehri | 2021/01/06 |
Newgen Correspondence Management System (corms) eGov 12.0 Exploit, IDOR
WEBAPPS Author: ALI AL SINAN | 2021/01/06 |
WordPress Plugin WP24 Domain Check 1.6.2 Exploit, 'fieldnameDomain' Stored Cross Site Scripting
WEBAPPS Author: Mehmet Kelepçe | 2021/01/06 |
Responsive E-Learning System 1.0 Exploit, Stored Cross Site Scripting
WEBAPPS Author: Kshitiz Raj | 2021/01/06 |
Responsive E-Learning System 1.0 Exploit, Unrestricted File Upload to RCE
WEBAPPS Author: Kshitiz Raj | 2021/01/06 |
WordPress Plugin litespeed cache 3.6 Exploit, 'server_ip' Cross-Site Scripting
WEBAPPS Author: Nhat Ha | 2021/01/06 |
Expense Tracker 1.0 Exploit, 'Expense Name' Stored Cross-Site Scripting
WEBAPPS Author: Shivam Verma | 2021/01/06 |
IPeakCMS 3.5 Exploit, Boolean-based blind SQLi
WEBAPPS Author: oeAlBarbar | 2021/01/06 |
IObit Uninstaller 10 Pro Exploit, Unquoted Service Path
LOCAL Author: Mayur Parmar | 2021/01/06 |
dirsearch 0.4.1 Exploit, CSV Injection
LOCAL Author: Dolev Farhi | 2021/01/06 |
Advanced Webhost Billing System 3.7.0 Exploit, Cross-Site Request Forgery (CSRF)
WEBAPPS Author: Rahul Ramakant Singh | 2021/01/06 |
EgavilanMedia User Registration & Login System with Admin Panel 1.0 Exploit, Multiple Stored Cross-Site Scripting
WEBAPPS Author: Mesut Cetin | 2021/01/05 |
Klog Server 2.4.1 Exploit, Command Injection (Unauthenticated)
WEBAPPS Author: 3KC4 | 2021/01/05 |
Online Learning Management System 1.0 Exploit, RCE (Authenticated)
WEBAPPS Author: Bedri Sertkaya | 2021/01/05 |
CSZ CMS 1.2.9 Exploit, Multiple Cross-Site Scripting
WEBAPPS Author: unCS | 2021/01/05 |
Fluentd TD-agent plugin 4.0.1 Exploit, Insecure Folder Permission
LOCAL Author: Adrian Bondocea | 2021/01/05 |
Cassandra Web 0.5.0 Exploit, Remote File Read
WEBAPPS Author: Jeremy Brown | 2021/01/05 |
HPE Edgeline Infrastructure Manager 1.0 Exploit, Multiple Remote Vulnerabilities
WEBAPPS Author: Jeremy Brown | 2021/01/05 |
Zoom Meeting Connector 4.6.239.20200613 Exploit, Remote Root Exploit (Authenticated)
WEBAPPS Author: Jeremy Brown | 2021/01/05 |
Responsive FileManager 9.13.4 Exploit, 'path' Path Traversal
WEBAPPS Author: Sun* Cyber Security Research Team | 2021/01/05 |
Baby Care System 1.0 Exploit, 'Post title' Stored XSS
WEBAPPS Author: Hardik Solanki | 2021/01/05 |
Responsive ELearning System 1.0 Exploit, 'id' Sql Injection
WEBAPPS Author: Kshitiz Raj | 2021/01/05 |
Online Movie Streaming 1.0 Exploit, Authentication Bypass
WEBAPPS Author: Kshitiz Raj | 2021/01/05 |
WordPress Plugin WP-Paginate 2.1.3 Exploit, 'preset' Stored XSS
WEBAPPS Author: Park Won Seok | 2021/01/05 |
WordPress Plugin Stripe Payments 2.0.39 Exploit, 'AcceptStripePayments-settings[currency_code]' Stored XSS
WEBAPPS Author: Park Won Seok | 2021/01/05 |
Resumes Management and Job Application Website 1.0 Exploit, Authentication Bypass (Sql Injection)
WEBAPPS Author: Kshitiz Raj | 2021/01/05 |
House Rental and Property Listing 1.0 Exploit, Multiple Stored XSS
WEBAPPS Author: Mohamed habib Smidi | 2021/01/05 |
IncomCMS 2.0 Exploit, Insecure File Upload
WEBAPPS Author: oeAlBarbar | 2021/01/05 |
Intel(R) Matrix Storage Event Monitor x86 8.0.0.1039 Exploit, 'IAANTMON' Unquoted Service Path
LOCAL Author: Geovanni Ruiz | 2021/01/05 |
Arteco Web Client DVR/NVR Exploit, 'SessionId' Brute Force
WEBAPPS Author: iquidWor | 2021/01/04 |
Click2Magic 1.1.5 Exploit, Stored Cross-Site Scripting
WEBAPPS Author: Shivam Verma | 2021/01/04 |
Subrion CMS 4.2.1 Exploit, 'avatar[path]' XSS
WEBAPPS Author: ceka | 2021/01/04 |
CMS Made Simple 2.2.15 Exploit, RCE (Authenticated)
WEBAPPS Author: Andrey Stoykov | 2021/01/04 |
sar2html 3.2.1 Exploit, 'plot' Remote Code Execution
WEBAPPS Author: Musyoka Ian | 2021/01/04 |
Advanced Comment System 1.0 Exploit, 'ACS_path' Path Traversal
WEBAPPS Author: Francisco Javier Santiago Vázquez | 2021/01/04 |
Knockpy 4.1.1 Exploit, CSV Injection
LOCAL Author: Dolev Farhi | 2021/01/04 |
Mantis Bug Tracker 2.24.3 Exploit, 'access' SQL Injection
WEBAPPS Author: thicalHCO | 2021/01/04 |
4images v1.7.11 Exploit, 'Profile Image' Stored Cross-Site Scripting
WEBAPPS Author: Ritesh Gohil | 2021/01/04 |
Wordpress Core 5.2.2 Exploit, 'post previews' XSS
WEBAPPS Author: x | 2021/01/04 |
Easy CD & DVD Cover Creator 4.13 Exploit, Denial of Service (PoC)
DOS Author: tresse | 2021/01/04 |
MiniTool ShadowMaker 3.2 Exploit, 'MTAgentService' Unquoted Service Path
LOCAL Author: Thalia Nieto | 2021/01/04 |
Apartment Visitors Management System 1.0 Exploit, Authentication Bypass
WEBAPPS Author: Kshitiz Raj | 2020/12/24 |
GitLab 11.4.7 Exploit, RCE (Authenticated)
WEBAPPS Author: Sam Redmond | 2020/12/24 |
WordPress Plugin WP-PostRatings 1.86 Exploit, 'postratings_image' Cross-Site Scripting
WEBAPPS Author: Park Won Seok | 2020/12/24 |
WordPress Plugin Adning Advertising 1.5.5 Exploit, Arbitrary File Upload
WEBAPPS Author: pacehe | 2020/12/24 |
Baby Care System 1.0 Exploit, 'roleid' SQL Injection
WEBAPPS Author: Vijay Sachdeva | 2020/12/23 |
TerraMaster TOS 4.2.06 Exploit, Unauthenticated Remote Code Execution (Metasploit)
WEBAPPS Author: kku | 2020/12/23 |
Sales and Inventory System for Grocery Store 1.0 Exploit, Multiple Stored XSS
WEBAPPS Author: Vijay Sachdeva | 2020/12/23 |
Wordpress Epsilon Framework Multiple Themes Exploit, Unauthenticated Function Injection
WEBAPPS Author: x | 2020/12/23 |
Online Learning Management System 1.0 Exploit, 'id' SQL Injection
WEBAPPS Author: Aakash Madaan | 2020/12/23 |
Online Learning Management System 1.0 Exploit, Multiple Stored XSS
WEBAPPS Author: Aakash Madaan | 2020/12/23 |
Online Learning Management System 1.0 Exploit, Authentication Bypass
WEBAPPS Author: Aakash Madaan | 2020/12/23 |
