liveSite Version 2019.1 Exploit, Remote Code Execution WEBAPPS Author: mrswr | 2024/03/28 |
WinRAR version 6.22 Exploit, Remote Code Execution via ZIP archive REMOTE Author: E1 Coders | 2024/03/28 |
Dell Security Management Server <1.9.0 Exploit, Local Privilege Escalation LOCAL Author: Amirhossein Bahramizadeh | 2024/03/28 |
Siklu MultiHaul TG series < 2.0.0 Exploit, unauthenticated credential disclosure REMOTE Author: emaja | 2024/03/28 |
RouterOS 6.40.5 Exploit, 6.44 and 6.48.1 Exploit, 6.49.10 Exploit, Denial of Service DOS Author: ce-wz | 2024/03/28 |
Broken Access Control Exploit, on NodeBB v3.6.7 WEBAPPS Author: Vibhor Sharma | 2024/03/28 |
Purei CMS 1.0 Exploit, SQL Injection WEBAPPS Author: Number 7 | 2024/03/28 |
Workout Journal App 1.0 Exploit, Stored XSS WEBAPPS Author: MURAT CAGRI ALIS | 2024/03/28 |
Asterisk AMI Exploit, Partial File Content & Path Disclosure (Authenticated) REMOTE Author: Sean Pesce | 2024/03/28 |
LimeSurvey Community 5.3.32 Exploit, Stored XSS WEBAPPS Author: Subhankar Singh | 2024/03/25 |
Nagios XI Version 2024R1.01 Exploit, SQL Injection WEBAPPS Author: Jarod Jaslow (MAWK) | 2024/03/25 |
Wallos < 1.11.2 Exploit, File Upload RCE WEBAPPS Author: m | 2024/03/25 |
Tourism Management System v2.0 Exploit, Arbitrary File Upload WEBAPPS Author: oSPir | 2024/03/25 |
LBT-T300-mini1 Exploit, Remote Buffer Overflow REMOTE Author: Amirhossein Bahramizadeh | 2024/03/25 |
MobileShop master v1.0 Exploit, SQL Injection Vuln. WEBAPPS Author: HAZIM ARBAŞ | 2024/03/25 |
Insurance Management System PHP and MySQL 1.0 Exploit, Multiple Stored XSS WEBAPPS Author: Hakkı TOKLU | 2024/03/25 |
SPA-CART CMS Exploit, Stored XSS WEBAPPS Author: Eren Sen | 2024/03/25 |
Craft CMS 4.4.14 Exploit, Unauthenticated Remote Code Execution WEBAPPS Author: Olivier Lasne | 2024/03/25 |
minaliC 2.0.0 Exploit, Denied of Service REMOTE Author: Fernando Mengali | 2024/03/22 |
CSZCMS v1.3.0 Exploit, SQL Injection (Authenticated) WEBAPPS Author: Abdulaziz Almetairy | 2024/03/20 |
HNAS SMU 14.8.7825 Exploit, Information Disclosure REMOTE Author: Arslan Masood | 2024/03/20 |
Teacher Subject Allocation Management System 1.0 Exploit, 'searchdata' SQLi WEBAPPS Author: Ersin Erenler | 2024/03/20 |
Simple Task List 1.0 Exploit, 'status' SQLi WEBAPPS Author: Ersin Erenler | 2024/03/20 |
Blood Bank 1.0 Exploit, 'bid' SQLi WEBAPPS Author: Ersin Erenler | 2024/03/20 |
Employee Management System 1.0 Exploit, 'admin_id' SQLi WEBAPPS Author: Shubham Pandey | 2024/03/20 |
Quick.CMS 6.7 Exploit, SQL Injection Login Bypass WEBAPPS Author: 4X.Forensic | 2024/03/18 |
xbtitFM 4.1.18 Exploit, Multiple Vulnerabilities WEBAPPS Author: 5kj23kj32io2k | 2024/03/18 |
TELSAT marKoni FM Transmitter 1.9.5 Exploit, Insecure Access Control Change Password REMOTE Author: iquidWor | 2024/03/18 |
TELSAT marKoni FM Transmitter 1.9.5 Exploit, Backdoor Account Information Disclosure REMOTE Author: iquidWor | 2024/03/18 |
TELSAT marKoni FM Transmitter 1.9.5 Exploit, Root Command Injection REMOTE Author: iquidWor | 2024/03/18 |
Backdrop CMS 1.23.0 Exploit, Stored XSS WEBAPPS Author: Sinem Şahin | 2024/03/18 |
Atlassian Confluence < 8.5.3 Exploit, Remote Code Execution WEBAPPS Author: aanVade | 2024/03/18 |
Gibbon LMS < v26.0.00 Exploit, Authenticated RCE WEBAPPS Author: Ali Maharramli_Fikrat Guliev_Islam Rzayev | 2024/03/18 |
ZoneMinder Snapshots < 1.37.33 Exploit, Unauthenticated RCE WEBAPPS Author: Ravindu Wickramasinghe | 2024/03/18 |
TYPO3 11.5.24 Exploit, Path Traversal (Authenticated) WEBAPPS Author: Saeed reza Zamanian | 2024/03/18 |
WEBIGniter v28.7.23 Exploit, Stored XSS WEBAPPS Author: Mesut Cetin | 2024/03/18 |
WordPress File Upload Plugin < 4.23.3 Exploit, Stored XSS WEBAPPS Author: Faiyaz Ahmad | 2024/03/18 |
vm2 Exploit, sandbox escape LOCAL Author: Calil Khalil | 2024/03/16 |
UPS Network Management Card 4 Exploit, Path Traversal WEBAPPS Author: Víctor García | 2024/03/16 |
Nokia BMC Log Scanner Exploit, Remote Code Execution WEBAPPS Author: Carlos Andres Gonzalez_ Matthew Gregory | 2024/03/16 |
Karaf v4.4.3 Console Exploit, RCE WEBAPPS Author: Andrzej Olchawa_ Milenko Starcik | 2024/03/16 |
LaborOfficeFree 19.10 Exploit, MySQL Root Password Calculator LOCAL Author: Peter Gabaldon | 2024/03/16 |
Winter CMS 1.2.3 Exploit, Server-Side Template Injection (SSTI) (Authenticated) WEBAPPS Author: mrswr | 2024/03/16 |
KiTTY 0.76.1.13 Exploit, Command Injection LOCAL Author: EFCESC | 2024/03/14 |
KiTTY 0.76.1.13 Exploit, 'Start Duplicated Session Username' Buffer Overflow LOCAL Author: EFCESC | 2024/03/14 |
KiTTY 0.76.1.13 Exploit, 'Start Duplicated Session Hostname' Buffer Overflow LOCAL Author: EFCESC | 2024/03/14 |
GitLab CE/EE < 16.7.2 Exploit, Password Reset REMOTE Author: xB45 | 2024/03/14 |
Ruijie Switch PSG-5124 26293 Exploit, Remote Code Execution (RCE) REMOTE Author: yteHunte | 2024/03/14 |
Viessmann Vitogate 300 2.1.3.0 Exploit, Remote Code Execution (RCE) REMOTE Author: yteHunte | 2024/03/14 |
SolarView Compact 6.00 Exploit, Command Injection REMOTE Author: yteHunte | 2024/03/14 |
Honeywell PM43 < P10.19.050004 Exploit, Remote Code Execution (RCE) REMOTE Author: yteHunte | 2024/03/14 |
JetBrains TeamCity 2023.05.3 Exploit, Remote Code Execution (RCE) REMOTE Author: yteHunte | 2024/03/14 |
SnipeIT 6.2.1 Exploit, Stored Cross Site Scripting WEBAPPS Author: Shahzaib Ali Khan | 2024/03/12 |
VMware Cloud Director 10.5 Exploit, Bypass identity verification REMOTE Author: Abdualhadi khalifa | 2024/03/12 |
Cisco Firepower Management Center < 6.6.7.1 Exploit, Authenticated RCE WEBAPPS Author: Abdualhadi khalifa | 2024/03/12 |
Client Details System 1.0 Exploit, SQL Injection WEBAPPS Author: Hamdi Sevben | 2024/03/12 |
OSGi v3.7.2 (and below) Console Exploit, RCE WEBAPPS Author: Andrzej Olchawa_ Milenko Starcik | 2024/03/12 |
OSGi v3.8-3.18 Console Exploit, RCE WEBAPPS Author: Andrzej Olchawa_ Milenko Starcik | 2024/03/12 |
Human Resource Management System 1.0 Exploit, 'employeeid' SQL Injection WEBAPPS Author: rika | 2024/03/12 |
Sitecore Exploit, Remote Code Execution v8.2 WEBAPPS Author: abhishek morla | 2024/03/11 |
Adobe ColdFusion versions 2018_15 (and earlier) and 2021_5 and earlier Exploit, Arbitrary File Read WEBAPPS Author: Youssef Muhammad | 2024/03/11 |
WordPress Plugin Duplicator < 1.5.7.1 Exploit, Unauthenticated Sensitive Data Exposure to Account Takeover WEBAPPS Author: Dmitrii Ignatyev | 2024/03/11 |
Microsoft Windows Defender / Trojan.Win32/Powessere.G Exploit, Detection Mitigation Bypass LOCAL Author: yp3rlin | 2024/03/11 |
Hitachi NAS (HNAS) System Management Unit (SMU) Backup & Restore < 14.8.7825.01 Exploit, IDOR WEBAPPS Author: Arslan Masood | 2024/03/11 |
Hide My WP < 6.2.9 Exploit, Unauthenticated SQLi WEBAPPS Author: Xenofon Vassilakopoulos | 2024/03/10 |
Akaunting < 3.1.3 Exploit, RCE WEBAPPS Author: 32 | 2024/03/10 |
Ladder v0.0.21 Exploit, Server-side request forgery (SSRF) WEBAPPS Author: _chebuy | 2024/03/10 |
DataCube3 v1.0 Exploit, Unrestricted file upload 'RCE' WEBAPPS Author: Samy Younsi - NS Labs | 2024/03/10 |
Numbas < v7.3 Exploit, Remote Code Execution WEBAPPS Author: Matheus Alexandre | 2024/03/10 |
TP-Link TL-WR740N Exploit, Buffer Overflow 'DOS' WEBAPPS Author: Anish Feroz | 2024/03/10 |
GLiNet Exploit, Router Authentication Bypass WEBAPPS Author: Daniele Linguaglossa | 2024/03/06 |
elFinder Web file manager Version Exploit, 2.1.53 Remote Command Execution WEBAPPS Author: mrswr | 2024/03/06 |
CSZ CMS Version 1.3.0 Exploit, Authenticated Remote Command Execution WEBAPPS Author: mrswr | 2024/03/06 |
CVE-2023-50071 Exploit, Multiple SQL Injection WEBAPPS Author: Geraldo Alcantara | 2024/03/06 |
Lot Reservation Management System Exploit, Unauthenticated File Disclosure WEBAPPS Author: Elijah Mandila Syoyi | 2024/03/06 |
Lot Reservation Management System Exploit, Unauthenticated File Upload and Remote Code Execution WEBAPPS Author: Elijah Mandila Syoyi | 2024/03/06 |
kk Star Ratings < 5.4.6 Exploit, Rating Tampering via Race Condition WEBAPPS Author: Mohammad Reza Omrani | 2024/03/05 |
Neontext Wordpress Plugin Exploit, Stored XSS WEBAPPS Author: Eren Car | 2024/03/05 |
Solar-Log 200 PM+ 3.6.0 Build 99 Exploit, 15.10.2019 Exploit, Stored XSS WEBAPPS Author: Vincent McRae_ Mesut Cetin | 2024/03/05 |
Easywall 0.3.1 Exploit, Authenticated Remote Command Execution WEBAPPS Author: Melvin Mejia | 2024/03/03 |
R Radio Network FM Transmitter 1.07 system.cgi Exploit, Password Disclosure REMOTE Author: iquidWor | 2024/03/03 |
GL.iNet AR300M v3.216 Remote Code Execution Exploit, CVE-2023-46456 Exploit REMOTE Author: yberaz0 | 2024/03/03 |
TitanNit Web Control 2.01 / Atemio 7600 Exploit, Root Remote Code Execution REMOTE Author: iquidWor | 2024/03/03 |
GL.iNet AR300M v4.3.7 Remote Code Execution Exploit, CVE-2023-46454 Exploit REMOTE Author: yberaz0 | 2024/03/03 |
GL.iNet AR300M v4.3.7 Arbitrary File Read Exploit, CVE-2023-46455 Exploit REMOTE Author: yberaz0 | 2024/03/03 |
Maxima Max Pro Power Exploit, BLE Traffic Replay (Unauthenticated) REMOTE Author: Alok kumar | 2024/03/03 |
A-PDF All to MP3 Converter 2.0.0 Exploit, DEP Bypass via HeapCreate + HeapAlloc LOCAL Author: George Washington | 2024/03/03 |
Boss Mini 1.4.0 Exploit, local file inclusion WEBAPPS Author: ltt | 2024/03/03 |
Magento ver. 2.4.6 Exploit, XSLT Server Side Injection WEBAPPS Author: mrswr | 2024/03/03 |
TPC-110W Exploit, Missing Authentication for Critical Function REMOTE Author: Amirhossein Bahramizadeh | 2024/03/03 |
Enrollment System v1.0 Exploit, SQL Injection REMOTE Author: Gnanaraj Mauviel | 2024/03/03 |
AC Repair and Services System v1.0 Exploit, Multiple SQL Injection REMOTE Author: Gnanaraj Mauviel | 2024/03/03 |
Windows PowerShell Exploit, Event Log Bypass Single Quote Code Execution LOCAL Author: yp3rlin | 2024/03/03 |
Simple Student Attendance System v1.0 Exploit, 'classid' Time Based Blind & Union Based SQL Injection REMOTE Author: Gnanaraj Mauviel | 2024/03/03 |
Simple Student Attendance System v1.0 Exploit, Time Based Blind SQL Injection REMOTE Author: Gnanaraj Mauviel | 2024/03/03 |
Real Estate Management System v1.0 Exploit, Remote Code Execution via File Upload REMOTE Author: Diyar Saadi | 2024/03/03 |
Petrol Pump Management Software v1.0 Exploit, Remote Code Execution via File Upload REMOTE Author: Shubham Pandey | 2024/03/03 |
Petrol Pump Management Software v.1.0 Exploit, SQL Injection REMOTE Author: Shubham Pandey | 2024/03/03 |
Petrol Pump Management Software v.1.0 Exploit, Stored Cross Site Scripting via SVG file REMOTE Author: Shubham Pandey | 2024/03/03 |
Petrol Pump Management Software v1.0 Exploit, 'Address' Stored Cross Site Scripting REMOTE Author: Shubham Pandey | 2024/03/03 |