Exploit Database

Numbers of exploit: 49873


<< back <<     >> next >>

ID Exploit name Type Platform Author Date
50437 Simple Student Information System 1.0 - SQL Injection (Authentication Bypass) webapps PHP GaluhID 2021-04-13
50438 Blitar Tourism 1.0 - Authentication Bypass SQLi webapps Multiple sigeri94 2021-04-13
50439 ExpressVPN VPN Router 1.0 - Router Login Panel˙s Integer Overflow webapps Multiple Jai Kumar Sharma 2021-04-13
50436 vsftpd 2.3.4 - Backdoor Command Execution remote Unix HerculesRD 2021-04-12
50434 PrestaShop 1.7.6.7 - ˙location˙ Blind Sql Injection webapps PHP Vanshal Gaur 2021-04-09
50430 CMSimple 5.2 - ˙External˙ Stored XSS webapps PHP Quadron Research Lab 2021-04-08
50431 DMA Radius Manager 4.4.0 - Cross-Site Request Forgery (CSRF) webapps Multiple Issac Briones 2021-04-08
50432 Composr 10.0.36 - Remote Code Execution webapps PHP Orion Hridoy 2021-04-08
50433 Linux Kernel 5.4 - ˙BleedingTooth˙ Bluetooth Zero-Click Remote Code Execution remote Linux Google Security Research 2021-04-08
50427 Atlassian Jira Service Desk 4.9.1 - Unrestricted File Upload to XSS webapps Multiple Captain_hook 2021-04-07
50428 Composr CMS 10.0.36 - Cross Site Scripting webapps PHP Orion Hridoy 2021-04-07
50429 Dell OpenManage Server Administrator 9.4.0.0 - Arbitrary File Read webapps Windows Rhino Security Labs 2021-04-07
50424 Google Chrome 86.0.4240 V8 - Remote Code Execution remote Multiple r4j0x00 2021-04-06
50425 Google Chrome 81.0.4044 V8 - Remote Code Execution remote Multiple r4j0x00 2021-04-06
50426 Mini Mouse 9.3.0 - Local File inclusion / Path Traversal webapps iOS gosh 2021-04-06
50418 Rockstar Service - Insecure File Permissions local Windows George Tsimpidas 2021-04-05
50419 Simple Food Website 1.0 - Authentication Bypass webapps PHP Viren Saroha 2021-04-05
50420 Basic Shopping Cart 1.0 - Authentication Bypass webapps PHP Viren Saroha 2021-04-05
50421 OpenEMR 4.1.0 - ˙u˙ SQL Injection webapps PHP Michael Ikua 2021-04-05
50422 Mini Mouse 9.2.0 - Remote Code Execution webapps Windows gosh 2021-04-05
50423 Mini Mouse 9.2.0 - Path Traversal webapps Windows gosh 2021-04-05
50416 ZBL EPON ONU Broadband Router 1.0 - Remote Privilege Escalation webapps Hardware LiquidWorm 2021-04-02
50417 F5 BIG-IP 16.0.x - iControl REST Remote Code Execution (Unauthenticated) webapps Hardware Al1ex 2021-04-02
50412 Latrix 0.6.0 - ˙txtaccesscode˙ SQL Injection webapps Multiple cptsticky 2021-04-01
50413 ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (1) webapps Windows Fellipe Oliveira 2021-04-01
50414 ScadaBR 1.0 - Arbitrary File Upload (Authenticated) (2) webapps Linux Fellipe Oliveira 2021-04-01
50415 phpPgAdmin 7.13.0 - COPY FROM PROGRAM Command Execution (Authenticated) webapps Multiple Valerio Severini 2021-04-01
50408 Zabbix 3.4.7 - Stored XSS webapps PHP Radmil Gazizov 2021-03-31
50409 DD-WRT 45723 - UPNP Buffer Overflow (PoC) dos Hardware Enesdex 2021-03-31
50410 CourseMS 2.1 - ˙name˙ Stored XSS webapps Multiple cptsticky 2021-03-31
50411 Exploitation XXE via File Uploads - Paper papers Multiple Neha Gupta 2021-03-31
50405 GetSimple CMS 3.3.16 - Reflected XSS to RCE webapps PHP boku 2021-03-30
50406 Openlitespeed 1.7.9 - ˙Notes˙ Stored Cross-Site Scripting webapps Multiple cmOs 2021-03-30
50407 GRAPHQL ATTACK - Paper papers Multiple SunCSR 2021-03-30
50397 WordPress Plugin WP Super Cache 1.7.1 - Remote Code Execution (Authenticated) webapps PHP m0ze 2021-03-29
50398 vsftpd 3.0.3 - Remote Denial of Service remote Multiple xynmaps 2021-03-29
50399 TP-Link Devices - ˙setDefaultHostname˙ Stored Cross-site Scripting (Unauthenticated) webapps Hardware Smriti Gaba 2021-03-29
50400 Concrete5 8.5.4 - ˙name˙ Stored XSS webapps PHP Quadron Research Lab 2021-03-29
50401 Equipment Inventory System 1.0 - ˙multiple˙ Stored XSS webapps PHP Jitendra Kumar Tripathi 2021-03-29
50402 Budget Management System 1.0 - ˙Budget title˙ Stored XSS webapps PHP Jitendra Kumar Tripathi 2021-03-29
50403 Novel Boutique House-plus 3.5.1 - Arbitrary File Download webapps Java tuyiqiang 2021-03-29
50404 SyncBreeze 10.1.16 - XML Parsing Stack-based Buffer Overflow webapps Windows Filipe Oliveira 2021-03-29
50391 GetSimple CMS Custom JS Plugin 0.1 - CSRF to Persistent XSS webapps PHP Abhishek Joshi 2021-03-26
50392 Regis Inventory And Monitoring System 1.0 - ˙Item List˙ Stored XSS webapps PHP George Tsimpidas 2021-03-26
50393 Moodle 3.10.3 - ˙label˙ Persistent Cross Site Scripting webapps PHP Vincent666 2021-03-26
50394 Hacking JWT tokens for fun and Profit - Paper papers Multiple Neha Gupta 2021-03-26
50395 Apache Ghostcat CVE 2020-1938 - Paper papers Multiple NAYAN DAS 2021-03-26
50396 Exploiting XXE to SSRF - Paper papers Multiple NAYAN DAS 2021-03-26
50386 Ovidentia 6 - ˙id˙ SQL injection (Authenticated) webapps PHP Felipe Prates Donato 2021-03-25
50387 Linksys EA7500 2.0.8.194281 - Cross-Site Scripting webapps Hardware MiningOmerta 2021-03-25
50388 Genexis Platinum-4410 P4410-V2-1.31A - ˙start_addr˙ Persistent Cross-Site Scripting webapps Hardware Jithin KS 2021-03-25
50390 Dolibarr ERP/CRM 11.0.4 - File Upload Restrictions Bypass (Authenticated RCE) webapps PHP Andrea Gonzalez 2021-03-25
50385 Ext2Fsd v0.68 - ˙Ext2Srv˙ Unquoted Service Path local Windows Mohammed Alshehri 2021-03-24
50378 MyBB 1.8.25 - Poll Vote Count SQL Injection webapps PHP SivertPL 2021-03-23
50379 Hotel And Lodge Management System 1.0 - ˙Customer Details˙ Stored XSS webapps PHP Jitendra Kumar Tripathi 2021-03-23
50380 Hi-Rez Studios 5.1.6.3 - ˙HiPatchService˙ Unquoted Service Path local Windows Ekrem Can Kök 2021-03-23
50381 ELAN Touchpad 15.2.13.1_X64_WHQL - ˙ETDService˙ Unquoted Service Path local Windows SamAlucard 2021-03-23
50382 ActivIdentity 8.2 - ˙ac.sharedstore˙ Unquoted Service Path local Windows SamAlucard 2021-03-23
50383 Elodea Event Collector 4.9.3 - ˙ElodeaEventCollectorService˙ Unquoted Service Path local Windows Alan Mondragon 2021-03-23
50384 Codiad 2.8.4 - Remote Code Execution (Authenticated) webapps Multiple WangYihang 2021-03-23
50368 SAPSetup Automatic Workstation Update Service 750 - ˙NWSAPAutoWorkstationUpdateSvc˙ Unquoted Service Path local Windows Alan Mondragon 2021-03-22
50369 Winpakpro 4.8 - ˙GuardTourService˙ Unquoted Service Path local Windows Alan Mondragon 2021-03-22
50370 Winpakpro 4.8 - ˙ScheduleService˙ Unquoted Service Path local Windows Alan Mondragon 2021-03-22
50371 Winpakpro 4.8 - ˙WPCommandFileService˙ Unquoted Service Path local Windows Alan Mondragon 2021-03-22
50372 WordPress Plugin Delightful Downloads Jquery File Tree 1.6.6 - Path Traversal webapps PHP Nicholas Ferreira 2021-03-22
50373 MacPaw Encrypto 1.0.1 - ˙Encrypto Service˙ Unquoted Service Path local Windows Ismael Nava 2021-03-22
50374 KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Weak Default WiFi Password Algorithm remote Hardware LiquidWorm 2021-03-22
50375 MyBB 1.8.25 - Chained Remote Command Execution webapps PHP SivertPL 2021-03-22
50376 ProFTPD 1.3.7a - Remote Denial of Service dos Multiple xynmaps 2021-03-22
50377 OSAS Traverse Extension 11 - ˙travextensionhostsvc˙ Unquoted Service Path local Windows Johnny Tech 2021-03-22
50347 Plone CMS 5.2.3 - ˙Title˙ Stored XSS webapps Multiple Piyush Patil 2021-03-19
50348 LiveZilla Server 8.0.1.0 - ˙Accept-Language˙ Reflected XSS webapps PHP Clément Cruchet 2021-03-19
50349 Boonex Dolphin 7.4.2 - ˙width˙ Stored XSS webapps PHP Piyush Patil 2021-03-19
50350 BRAdmin Professional 3.75 - ˙BRA_Scheduler˙ Unquoted Service Path local Windows Metin Yunus Kandemir 2021-03-19
50351 Profiling System for Human Resource Management 1.0 - Remote Code Execution (Unauthenticated) webapps PHP Christian Vierschilling 2021-03-19
50352 Eclipse Mosquitto MQTT broker 2.0.9 - ˙mosquitto˙ Unquoted Service Path local Windows Riadh Bouchahoua 2021-03-19
50353 VestaCP 0.9.8 - ˙v_sftp_licence˙ Command Injection webapps Multiple numan türle 2021-03-19
50355 SOYAL Biometric Access Control System 5.0 - Master Code Disclosure webapps Hardware LiquidWorm 2021-03-19
50356 SOYAL Biometric Access Control System 5.0 - ˙Change Admin Password˙ CSRF webapps Hardware LiquidWorm 2021-03-19
50357 SOYAL 701 Server 9.0.1 - Insecure Permissions local Windows LiquidWorm 2021-03-19
50358 SOYAL 701 Client 9.0.1 - Insecure Permissions local Windows LiquidWorm 2021-03-19
50359 KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Command Injection (Authenticated) webapps Hardware LiquidWorm 2021-03-19
50360 KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Authentication Bypass webapps Hardware LiquidWorm 2021-03-19
50361 KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Hard coded Credentials Shell Access remote Hardware LiquidWorm 2021-03-19
50362 KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Remote Code Execution webapps Hardware LiquidWorm 2021-03-19
50363 KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Factory Reset (Unauthenticated) webapps Hardware LiquidWorm 2021-03-19
50364 KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Device Reboot (Unauthenticated) dos Hardware LiquidWorm 2021-03-19
50365 KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Config Download (Unauthenticated) webapps Hardware LiquidWorm 2021-03-19
50366 Online News Portal 1.0 - ˙name˙ SQL Injection webapps PHP Richard Jones 2021-03-19
50367 Online News Portal 1.0 - ˙Multiple˙ Stored Cross-Site Scripting webapps PHP Richard Jones 2021-03-19
50340 VFS for Git 1.0.21014.1 - ˙GVFS.Service˙ Unquoted Service Path local Windows Mohammed Alshehri 2021-03-18
50341 VestaCP 0.9.8 - ˙v_interface˙ Add IP Stored XSS webapps Multiple numan türle 2021-03-18
50344 rConfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) webapps PHP Murat ŞEKER 2021-03-18
50345 SEO Panel 4.8.0 - ˙order_col˙ Blind SQL Injection webapps PHP Piyush Patil 2021-03-18
50346 Hestia Control Panel 1.3.2 - Arbitrary File Write webapps PHP numan türle 2021-03-18
50336 WoWonder Social Network Platform 3.1 - ˙event_id˙ SQL Injection webapps PHP securityforeveryone.com 2021-03-17
50337 Breaking the Business Logic - Paper papers Multiple Manas Harsh 2021-03-17
50338 VestaCP 0.9.8 - File Upload CSRF webapps Multiple Fady Mohammed Osman 2021-03-17
50339 FastStone Image Viewer 7.5 - .cur BITMAPINFOHEADER ˙BitCount˙ Stack Based Buffer Overflow (ASLR & DEP Bypass) local Windows Paolo Stagno 2021-03-17
50343 Sony Playstation 4 (PS4) < 7.55 - ˙Jailbreak˙ Webkit / Kernel Loader ˙SOCK_RAW˙ ˙IP6_EXTHDR_CHECK˙ papers Hardware sleirsgoevy 2021-03-17

<< back <<     >> next >>

Andrew Gecse

Ethical Hacker - Founder


Andrew is one of the most well-known hackers in Europe, often a one-man army as himself alone completed more security assessments than several IT companies combined. He also has been a presenter of conferences, tutor for universities, and Security Expert of several Fortune 100 companies. His recent projects include banks and government sites in Kuwait.
Andrew is a Certified Ethical Hacker and has been chosen Hacker Hall of Fame.


Dávid Balázsi

Data Scientist - Founder


David is a multiple time awarded programmer known for his creativity and inventions,- one of his invention was the gesture directed mouse 5 years before it did hit the market. Awards:
2012 Invitel Innoapps special award
2011 Invitel Innoapps special award
2011 Southern Transdanubia Regional Innovation Agency special award
2011 Enterprise Europe Network special award
2005 International Programmers Neumann competition 1st place
2004 International Programmers Neumann competition 2nd place


János Hülber

Marketing Director



Phone


+36 (20) 612-5000