Exploit Database

Numbers of exploit: 49873


<< back <<     >> next >>

ID Exploit name Type Platform Author Date
50331 Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution (File Upload + SQL injection) webapps PHP Christian Vierschilling 2021-03-16
50332 GeoGebra Graphing Calculato‪r‬ 6.0.631.0 - Denial Of Service (PoC) local Windows Brian Rodriguez 2021-03-16
50333 GeoGebra Classic 5.0.631.0-d - Denial of Service (PoC) local Windows Brian Rodriguez 2021-03-16
50334 GeoGebra CAS Calculato‪r‬ 6.0.631.0 - Denial of Service (PoC) local Windows Brian Rodriguez 2021-03-16
50335 GeoGebra 3D Calculator 5.0.511.0 - Denial of Service (PoC) local Android Brian Rodriguez 2021-03-16
50321 Zenario CMS 8.8.53370 - ˙id˙ Blind SQL Injection webapps PHP Balaji Ayyasamy 2021-03-15
50322 MagpieRSS 0.72 - ˙url˙ Command Injection and Server Side Request Forgery webapps PHP bl4ckh4ck5 2021-03-15
50323 rConfig 3.9.6 - ˙path˙ Local File Inclusion (Authenticated) webapps PHP Murat ŞEKER 2021-03-15
50324 QNAP QVR Client 5.0.0.13230 - ˙QVRService˙ Unquoted Service Path local Windows Luis Martínez 2021-03-15
50325 Realtek Wireless LAN Utility 700.1631 - ˙Realtek11nSU˙ Unquoted Service Path local Windows Luis Martínez 2021-03-15
50326 eBeam education suite 2.5.0.9 - ˙eBeam Device Service˙ Unquoted Service Path local Windows Luis Martínez 2021-03-15
50327 Interactive Suite 3.6 - ˙eBeam Stylus Driver˙ Unquoted Service Path local Windows Luis Martínez 2021-03-15
50328 openMAINT openMAINT 2.1-3.3-b - ˙Multiple˙ Persistent Cross-Site Scripting webapps Multiple Hosein Vita 2021-03-15
50329 Sonlogger 4.2.3.3 - SuperAdmin Account Creation / Information Disclosure webapps Multiple Berkan Er 2021-03-15
50330 SonLogger 4.2.3.3 - Unauthenticated Arbitrary File Upload (Metasploit) webapps Multiple Berkan Er 2021-03-15
50342 Microsoft Exchange 2019 - SSRF to Arbitrary File Write (Proxylogon) remote Windows F5 2021-03-14
50318 Monitoring System (Dashboard) 1.0 - ˙uname˙ SQL Injection webapps PHP Richard Jones 2021-03-12
50319 Monitoring System (Dashboard) 1.0 - File Upload RCE (Authenticated) webapps PHP Richard Jones 2021-03-12
50320 Vembu BDR 4.2.0.1 U1 - Multiple Unquoted Service Paths local Windows Mohammed Alshehri 2021-03-12
50313 NuCom 11N Wireless Router 5.07.90 - Remote Privilege Escalation webapps Hardware LiquidWorm 2021-03-11
50314 MyBB OUGC Feedback Plugin 1.8.22 - Cross-Site Scripting webapps PHP 0xB9 2021-03-11
50316 Microsoft Exchange 2019 - SSRF to Arbitrary File Write (Proxylogon) (PoC) webapps Windows testanull 2021-03-11
50317 Nsasoft Hardware Software Inventory 1.6.4.0 - ˙multiple˙ Denial of Service (PoC) dos Windows Enes Özeser 2021-03-11
50312 Atlassian JIRA 8.11.1 - User Enumeration webapps Multiple Dolev Farhi 2021-03-10
50308 Golden FTP Server 4.70 - ˙PASS˙ Buffer Overflow (2) remote Windows 1F98D 2021-03-09
50309 FreeLAN 2.2 - ˙FreeLAN Service˙ Unquoted Service Path local Windows Mohammed Alshehri 2021-03-09
50310 Sandboxie Plus v0.7.2 - ˙SbieSvc˙ Unquoted Service Path local Windows Mohammed Alshehri 2021-03-09
50311 bVPN 2.5.1 - ˙waselvpnserv˙ Unquoted Service Path local Windows Mohammed Alshehri 2021-03-09
50302 Print Job Accounting 4.4.10 - ˙OkiJaSvc˙ Unquoted Service Path local Windows Brian Rodriguez 2021-03-08
50303 Configuration Tool 1.6.53 - ˙OpLclSrv˙ Unquoted Service Path local Windows Brian Rodriguez 2021-03-08
50304 Hotel and Lodge Management System 1.0 - Remote Code Execution (Unauthenticated) webapps PHP Christian Vierschilling 2021-03-08
50305 Pingzapper 2.3.1 - ˙PingzapperSvc˙ Unquoted Service Path local Windows Brian Rodriguez 2021-03-08
50306 Joomla JCK Editor 6.4.4 - ˙parent˙ SQL Injection (2) webapps PHP Nicholas Ferreira 2021-03-08
50307 GLPI 9.5.3 - ˙fromtype˙ Unsafe Reflection webapps PHP Vadym Soroka 2021-03-08
50300 CatDV 9.2 - RMI Authentication Bypass remote Java Christopher Ellis 2021-03-05
50301 Fluig 1.7.0 - Path Traversal webapps Multiple Lucas Souza 2021-03-05
50293 e107 CMS 2.3.0 - CSRF webapps PHP Tadjmen 2021-03-04
50294 Online Ordering System 1.0 - Arbitrary File Upload to Remote Code Execution webapps PHP Suraj Bhosale 2021-03-04
50295 Textpattern CMS 4.8.4 - ˙Comments˙ Persistent Cross-Site Scripting (XSS) webapps PHP Tushar Vaidya 2021-03-04
50296 Textpattern CMS 4.9.0-dev - ˙Excerpt˙ Persistent Cross-Site Scripting (XSS) webapps PHP Tushar Vaidya 2021-03-04
50297 Online Ordering System 1.0 - Blind SQL Injection (Unauthenticated) webapps PHP Suraj Bhosale 2021-03-04
50298 Web Based Quiz System 1.0 - ˙eid˙ Union Based Sql Injection (Authenticated) webapps PHP Deepak Kumar Bharti 2021-03-04
50299 Textpattern 4.8.3 - Remote code execution (Authenticated) (2) webapps PHP Ricardo Ruiz 2021-03-04
50288 Local Services Search Engine Management System (LSSMES) 1.0 - ˙name˙ Persistent Cross-Site Scripting (XSS) webapps PHP Tushar Vaidya 2021-03-03
50289 Local Services Search Engine Management System (LSSMES) 1.0 - Blind & Error based SQL injection (Authenticated) webapps PHP Tushar Vaidya 2021-03-03
50290 Chrome Browser FileReader (UAF) - Paper papers Windows Akshay Sharma 2021-03-03
50291 SMBGhost (SMBv3 Vulnerability) - Paper papers Windows Sheikhar Gautam 2021-03-03
50292 AnyDesk 5.5.2 - Remote Code Execution remote Linux scryh 2021-03-03
50284 Web Based Quiz System 1.0 - ˙MCQ options˙ Persistent/Stored Cross-Site Scripting webapps PHP Praharsh Kumar Singh 2021-03-02
50285 Tiny Tiny RSS - Remote Code Execution webapps PHP Daniel Neagaru 2021-03-02
50286 Web Based Quiz System 1.0 - ˙name˙ Persistent/Stored Cross-Site Scripting webapps PHP P.Naveen Kumar 2021-03-02
50287 Zen Cart 1.5.7b - Remote Code Execution (Authenticated) webapps PHP Mücahit Saratar 2021-03-02
50279 FortiLogger 4.4.2.2 - Unauthenticated Arbitrary File Upload (Metasploit) webapps Multiple Berkan Er 2021-03-01
50280 WiFi Mouse 1.7.8.5 - Remote Code Execution remote Windows H4rk3nz0 2021-03-01
50281 VMware vCenter Server 7.0 - Unauthenticated File Upload webapps Multiple Photubias 2021-03-01
50282 Online Catering Reservation System 1.0 - Remote Code Execution (Unauthenticated) webapps PHP Christian Vierschilling 2021-03-01
50283 Covid-19 Contact Tracing System 1.0 - Remote Code Execution (Unauthenticated) webapps PHP Christian Vierschilling 2021-03-01
50275 Simple Employee Records System 1.0 - File Upload RCE (Unauthenticated) webapps PHP sml 2021-02-26
50276 Triconsole 3.75 - Reflected XSS webapps PHP Akash Chathoth 2021-02-26
50277 LightCMS 1.3.4 - ˙exclusive˙ Stored XSS webapps Multiple Peithon 2021-02-26
50278 Remote Desktop Web Access - Authentication Timing Attack (Metasploit Module) remote Windows Matthew Dunn 2021-02-26
50273 ASUS Remote Link 1.1.2.13 - Remote Code Execution remote Windows H4rk3nz0 2021-02-25
50274 Vehicle Parking Management System 1.0 - ˙catename˙ Persistent Cross-Site Scripting (XSS) webapps PHP Tushar Vaidya 2021-02-25
50264 python jsonpickle 2.0.0 - Remote Code Execution remote Multiple Adi Malyanker 2021-02-24
50265 LogonExpert 8.1 - ˙LogonExpertSvc˙ Unquoted Service Path local Windows Victor Mondragón 2021-02-24
50266 Unified Remote 3.9.0.2463 - Remote Code Execution remote Windows H4rk3nz0 2021-02-24
50267 Softros LAN Messenger 9.6.4 - ˙SoftrosSpellChecker˙ Unquoted Service Path local Windows Victor Mondragón 2021-02-24
50268 SpotAuditor 5.3.5 - ˙multiple˙ Denial Of Service (PoC) dos Windows Sinem Şahin 2021-02-24
50269 Product Key Explorer 4.2.7 - ˙multiple˙ Denial of Service (PoC) dos Windows Sinem Şahin 2021-02-24
50270 Active Directory Penetration Testing - Paper (Turkish) papers Windows Hasan Ekin Dumanoğulları 2021-02-24
50271 Windows/x86 - Add User Alfred to Administrators/Remote Desktop Users Group Shellcode (240 bytes) shellcode Windows_x86 Armando Huesca Prida 2021-02-24
50272 LayerBB 1.1.4 - ˙search_query˙ SQL Injection webapps PHP Görkem Haşin 2021-02-24
50261 Monica 2.19.1 - ˙last_name˙ Stored XSS webapps Multiple BouSalman 2021-02-23
50262 Batflat CMS 1.3.6 - ˙multiple˙ Stored XSS webapps PHP Tadjmen 2021-02-23
50263 HFS (HTTP File Server) 2.3.x - Remote Command Execution (3) remote Windows Pergyz 2021-02-23
50253 PEEL Shopping 9.3.0 - ˙Comments/Special Instructions˙ Stored Cross-Site Scripting webapps PHP Anmol K Sachan 2021-02-19
50254 Comment System 1.0 - ˙multiple˙ Stored Cross-Site Scripting webapps PHP Pintu Solanki 2021-02-19
50255 Online Exam System With Timer 1.0 - ˙email˙ SQL injection Auth Bypass webapps PHP Suresh Kumar 2021-02-19
50256 dataSIMS Avionics ARINC 664-1 - Local Buffer Overflow (PoC) local Windows Kağan Çapar 2021-02-19
50257 OpenText Content Server 20.3 - ˙multiple˙ Stored Cross-Site Scripting webapps Multiple Kamil Breński 2021-02-19
50258 Persistent XSS on NEO LMS and MATRIX LMS - Paper papers Multiple Mauro M. 2021-02-19
50259 Beauty Parlour Management System 1.0 - ˙sername˙ SQL Injection webapps PHP Thinkland Security Team 2021-02-19
50260 Mobile Security and Penetration Testing - Paper (Turkish) papers Android Furkan Enes Polatoğlu 2021-02-19
50250 Gitea 1.12.5 - Remote Code Execution (Authenticated) webapps Multiple Podalirius 2021-02-18
50251 Apport 2.20 - Local Privilege Escalation local Linux Gr33nh4t 2021-02-18
50252 Batflat CMS 1.3.6 - Remote Code Execution (Authenticated) webapps PHP mari0x00 2021-02-18
50248 Faulty Evaluation System 1.0 - ˙multiple˙ Stored Cross-Site Scripting webapps PHP Suresh Kumar 2021-02-17
50249 Billing Management System 2.0 - ˙email˙ SQL injection Auth Bypass webapps PHP Pintu Solanki 2021-02-17
50243 Online Internship Management System 1.0 - ˙email˙ SQL injection Auth Bypass webapps PHP Christian Vierschilling 2021-02-16
50244 BlackCat CMS 1.3.6 - ˙Display name˙ Cross Site Scripting (XSS) webapps PHP Kamaljeet Kumar 2021-02-16
50245 Managed Switch Port Mapping Tool 2.85.2 - Denial of Service (PoC) dos Windows Ismael Nava 2021-02-16
50246 AgataSoft PingMaster Pro 2.1 - Denial of Service (PoC) dos Windows Ismael Nava 2021-02-16
50247 Nsauditor 3.2.2.0 - ˙Event Description˙ Denial of Service (PoC) dos Windows Ismael Nava 2021-02-16
50240 TestLink 1.9.20 - Unrestricted File Upload (Authenticated) webapps PHP snovvcrash 2021-02-15
50241 Teachers Record Management System 1.0 - ˙searchteacher˙ SQL Injection webapps PHP Soham Bakore 2021-02-15
50242 Tasks 9.7.3 - Insecure Permissions local Android Lyhin's Lab 2021-02-15
50237 PDFCOMPLETE Corporate Edition 4.1.45 - ˙pdfcDispatcher˙ Unquoted Service Path local Windows Ismael Nava 2021-02-12
50238 School File Management System 1.0 - ˙multiple˙ Stored Cross-Site Scripting webapps PHP Pintu Solanki 2021-02-12
50239 School Event Attendance Monitoring System 1.0 - ˙Item Name˙ Stored Cross-Site Scripting webapps PHP Suresh Kumar 2021-02-12
50232 PEEL Shopping 9.3.0 - ˙address˙ Stored Cross-Site Scripting webapps PHP Anmol K Sachan 2021-02-11

<< back <<     >> next >>

Dávid Balázsi

Data Scientist - Founder


David is a multiple time awarded programmer known for his creativity and inventions,- one of his invention was the gesture directed mouse 5 years before it did hit the market. Awards:
2012 Invitel Innoapps special award
2011 Invitel Innoapps special award
2011 Southern Transdanubia Regional Innovation Agency special award
2011 Enterprise Europe Network special award
2005 International Programmers Neumann competition 1st place
2004 International Programmers Neumann competition 2nd place

Andrew Gecse

Ethical Hacker - Founder


Andrew is one of the most well-known hackers in Europe, often a one-man army as himself alone completed more security assessments than several IT companies combined. He also has been a presenter of conferences, tutor for universities, and Security Expert of several Fortune 100 companies. His recent projects include banks and government sites in Kuwait.
Andrew is a Certified Ethical Hacker and has been chosen Hacker Hall of Fame.



János Hülber

Marketing Director



Phone


+36 (20) 612-5000