Exploit Database

Numbers of exploit: 49873


<< back <<     >> next >>

ID Exploit name Type Platform Author Date
50233 b2evolution 6.11.6 - ˙redirect_to˙ Open Redirect webapps PHP Nakul Ratti 2021-02-11
50234 b2evolution 6.11.6 - ˙tab3˙ Reflected XSS webapps PHP Nakul Ratti 2021-02-11
50235 Openlitespeed WebServer 1.7.8 - Command Injection (Authenticated) (2) webapps Multiple Metin Yunus Kandemir 2021-02-11
50236 Online Marriage Registration System (OMRS) 1.0 - Remote code execution (3) webapps PHP Ricardo Ruiz 2021-02-11
50230 b2evolution 6.11.6 - ˙plugin name˙ Stored XSS webapps PHP Soham Bakore 2021-02-10
50231 Node.JS - ˙node-serialize˙ Remote Code Execution (2) webapps NodeJS UndeadLarva 2021-02-10
50225 Online Car Rental System 1.0 - Stored Cross Site Scripting webapps PHP Naved Shaikh 2021-02-09
50226 Linux/x64 - execve "cat /etc/shadow" Shellcode (66 bytes) shellcode Linux_x86-64 Felipe Winsnes 2021-02-09
50227 Epson USB Display 1.6.0.0 - ˙EMP_UDSA˙ Unquoted Service Path local Windows Hector Gerbacio 2021-02-09
50228 AnyTXT Searcher 1.2.394 - ˙ATService˙ Unquoted Service Path local Windows Mohammed Alshehri 2021-02-09
50229 Adobe Connect 10 - Username Disclosure webapps Multiple h4shur 2021-02-09
50205 SmartFoxServer 2X 2.17.0 - God Mode Console Remote Code Execution local Multiple LiquidWorm 2021-02-08
50206 SmartFoxServer 2X 2.17.0 - Credentials Disclosure local Multiple LiquidWorm 2021-02-08
50207 SmartFoxServer 2X 2.17.0 - God Mode Console WebSocket XSS webapps Multiple LiquidWorm 2021-02-08
50208 Jenzabar 9.2.2 - ˙query˙ Reflected XSS. webapps Multiple y0ung_dst 2021-02-08
50209 Millewin 13.39.146.1 - Local Privilege Escalation local Windows Andrea Intilangelo 2021-02-08
50210 WordPress Plugin Welcart e-Commerce 2.0.0 - ˙search[order_column][0]˙ SQL injection webapps PHP Erik David Martin 2021-02-08
50211 WordPress Plugin Supsystic Ultimate Maps 1.1.12 - ˙sidx˙ SQL injection webapps PHP Erik David Martin 2021-02-08
50212 WordPress Plugin Supsystic Pricing Table 1.8.7 - Multiple Vulnerabilities webapps PHP Erik David Martin 2021-02-08
50213 YetiShare File Hosting Script 5.1.0 - ˙url˙ Server-Side Request Forgery webapps PHP numan türle 2021-02-08
50214 AMD Fuel Service - ˙Fuel.service˙ Unquote Service Path local Windows Hector Gerbacio 2021-02-08
50215 Alt-N MDaemon webmail 20.0.0 - ˙Contact name˙ Stored Cross Site Scripting (XSS) webapps Windows Kailash Bohara 2021-02-08
50216 Alt-N MDaemon webmail 20.0.0 - ˙file name˙ Stored Cross Site Scripting (XSS) webapps Windows Kailash Bohara 2021-02-08
50218 WordPress Plugin Supsystic Newsletter 1.5.5 - ˙sidx˙ SQL injection webapps PHP Erik David Martin 2021-02-08
50219 WordPress Plugin Supsystic Membership 1.4.7 - ˙sidx˙ SQL injection webapps PHP Erik David Martin 2021-02-08
50220 Microsoft Internet Explorer 11 32-bit - Use-After-Free local Windows Forrest Orr 2021-02-08
50221 WordPress Plugin Supsystic Digital Publications 1.6.9 - Multiple Vulnerabilities webapps PHP Erik David Martin 2021-02-08
50222 WordPress Plugin Supsystic Data Tables Generator 1.9.96 - Multiple Vulnerabilities webapps PHP Erik David Martin 2021-02-08
50223 WordPress Plugin Supsystic Contact Form 1.7.5 - Multiple Vulnerabilities webapps PHP Erik David Martin 2021-02-08
50224 WordPress Plugin Supsystic Backup 2.3.9 - Local File Inclusion webapps PHP Erik David Martin 2021-02-08
50202 LiteSpeed Web Server Enterprise 5.4.11 - Command Injection (Authenticated) webapps PHP SunCSR 2021-02-05
50203 PhreeBooks 5.2.3 ERP - Remote Code Execution (2) webapps PHP Kr0ff 2021-02-05
50204 SEO Panel 4.6.0 - Remote Code Execution (2) webapps PHP Kr0ff 2021-02-05
50198 Pixelimity 1.0 - ˙password˙ Cross-Site Request Forgery webapps Multiple Noth 2021-02-03
50199 Car Rental Project 2.0 - Arbitrary File Upload to Remote Code Execution webapps PHP Jannick Tiger 2021-02-03
50200 Sudo 1.9.5p1 - ˙Baron Samedit ˙ Heap-Based Buffer Overflow Privilege Escalation (1) local Multiple West Shepherd 2021-02-03
50201 Sudo 1.9.5p1 - ˙Baron Samedit ˙ Heap-Based Buffer Overflow Privilege Escalation (2) local Multiple nu11secur1ty 2021-02-03
50192 Student Record System 4.0 - ˙cid˙ SQL Injection webapps PHP Jannick Tiger 2021-02-02
50193 Solaris 10 1/13 (Intel) - ˙dtprintinfo˙ Local Privilege Escalation (2) local Solaris Marco Ivaldi 2021-02-02
50194 Solaris 10 1/13 (Intel) - ˙dtprintinfo˙ Local Privilege Escalation (3) local Solaris Marco Ivaldi 2021-02-02
50195 Solaris 10 1/13 (SPARC) - ˙dtprintinfo˙ Local Privilege Escalation (1) local Solaris Marco Ivaldi 2021-02-02
50196 Solaris 10 1/13 (SPARC) - ˙dtprintinfo˙ Local Privilege Escalation (2) local Solaris Marco Ivaldi 2021-02-02
50197 Solaris 10 1/13 (SPARC) - ˙dtprintinfo˙ Local Privilege Escalation (3) local Solaris Marco Ivaldi 2021-02-02
50179 MyBB Delete Account Plugin 1.4 - Cross-Site Scripting webapps PHP 0xB9 2021-02-01
50180 Zoo Management System 1.0 - ˙anid˙ SQL Injection webapps PHP Zeyad Azima 2021-02-01
50181 User Management System 1.0 - ˙uid˙ SQL Injection webapps PHP Zeyad Azima 2021-02-01
50182 Park Ticketing Management System 1.0 - ˙viewid˙ SQL Injection webapps PHP Zeyad Azima 2021-02-01
50183 MyBB Trending Widget Plugin 1.2 - Cross-Site Scripting webapps PHP 0xB9 2021-02-01
50184 MyBB Thread Redirect Plugin 0.2.1 - Cross-Site Scripting webapps PHP 0xB9 2021-02-01
50185 Malware Hunting 101 - Paper (Vietnamese) papers Windows SunCSR 2021-02-01
50186 bloofoxCMS 0.5.2.1 - CSRF (Add user) webapps PHP LiPeiYi 2021-02-01
50187 H8 SSRMS - ˙id˙ IDOR webapps ASPX Mohammed Farhan 2021-02-01
50188 Vehicle Parking Tracker System 1.0 - ˙Owner Name˙ Stored Cross-Site Scripting webapps PHP Anmol K Sachan 2021-02-01
50189 Roundcube Webmail 1.2 - File Disclosure webapps PHP stonepresto 2021-02-01
50190 Klog Server 2.4.1 - Command Injection (Authenticated) webapps PHP Metin Yunus Kandemir 2021-02-01
50191 WordPress 5.0.0 - Image Remote Code Execution webapps PHP OUSSAMA RAHALI 2021-02-01
50171 BloofoxCMS 0.5.2.1 - ˙text˙ Stored Cross Site Scripting webapps PHP LiPeiYi 2021-01-29
50172 Online Grading System 1.0 - ˙uname˙ SQL Injection webapps PHP Ruchi Tiwari 2021-01-29
50173 Quick.CMS 6.7 - Remote Code Execution (Authenticated) webapps PHP mari0x00 2021-01-29
50174 Home Assistant Community Store (HACS) 1.10.0 - Path Traversal to Account Takeover webapps Python Lyghtnox 2021-01-29
50175 MyBB Hide Thread Content Plugin 1.0 - Information Disclosure webapps PHP 0xB9 2021-01-29
50176 Simple Public Chat Room 1.0 - Authentication Bypass SQLi webapps PHP Richard Jones 2021-01-29
50177 Simple Public Chat Room 1.0 - ˙msg˙ Stored Cross-Site Scripting webapps PHP Richard Jones 2021-01-29
50178 SonicWall SSL-VPN 8.0.0.0 - ˙shellshock/visualdoor˙ Remote Code Execution (Unauthenticated) webapps Hardware Darren Martyn 2021-01-29
50163 EgavilanMedia PHPCRUD 1.0 - ˙Full Name˙ Stored Cross Site Scripting webapps PHP Mahendra Purbia 2021-01-28
50164 CMSUno 1.6.2 - ˙lang/user˙ Remote Code Execution (Authenticated) webapps PHP Alexandre ZANNI 2021-01-28
50165 OpenEMR 5.0.1 - Remote Code Execution (Authenticated) (2) webapps PHP Alexandre ZANNI 2021-01-28
50166 Fuel CMS 1.4.1 - Remote Code Execution (2) webapps PHP Alexandre ZANNI 2021-01-28
50167 Umbraco CMS 7.12.4 - Remote Code Execution (Authenticated) webapps ASPX Alexandre ZANNI 2021-01-28
50168 jQuery UI 1.12.1 - Denial of Service (DoS) dos Multiple Rafael Cintra Lopes 2021-01-28
50169 WordPress Plugin SuperForms 4.9 - Arbitrary File Upload to Remote Code Execution webapps PHP ABDO10 2021-01-28
50170 Metasploit Framework 6.0.11 - msfvenom APK template command injection local Multiple Justin Steven 2021-01-28
50160 STVS ProVision 5.9.10 - File Disclosure (Authenticated) webapps Ruby LiquidWorm 2021-01-27
50161 STVS ProVision 5.9.10 - Cross-Site Request Forgery (Add Admin) webapps Ruby LiquidWorm 2021-01-27
50162 Openlitespeed Web Server 1.7.8 - Command Injection (Authenticated) (1) webapps Multiple SunCSR 2021-01-27
50154 Cemetry Mapping and Information System 1.0 - ˙user_email˙ Sql Injection (Authentication Bypass) webapps PHP Marco Catalano 2021-01-26
50155 Simple College Website 1.0 - ˙name˙ Sql Injection (Authentication Bypass) webapps PHP Marco Catalano 2021-01-26
50156 Simple College Website 1.0 - ˙full˙ Stored Cross Site Scripting webapps PHP Marco Catalano 2021-01-26
50157 Tenda AC5 AC1200 Wireless - ˙WiFi Name & Password˙ Stored Cross Site Scripting webapps Hardware Chiragh Arora 2021-01-26
50158 Oracle WebLogic Server 12.2.1.0 - RCE (Unauthenticated) webapps Java CHackA0101 2021-01-26
50159 Android Application Vulnerabilities - Paper (Vietnamese) papers Android SunCSR Team 2021-01-26
50146 MyBB Timeline Plugin 1.0 - Cross-Site Scripting / CSRF webapps PHP 0xB9 2021-01-25
50147 Collabtive 3.1 - ˙address˙ Persistent Cross-Site Scripting webapps PHP Deha Berkin Bir 2021-01-25
50148 CASAP Automated Enrollment System 1.0 - ˙First Name˙ Stored XSS webapps PHP Anita Gaud 2021-01-25
50149 CASAP Automated Enrollment System 1.0 - ˙route˙ Stored XSS webapps PHP Richard Jones 2021-01-25
50150 Library System 1.0 - ˙category˙ SQL Injection webapps PHP Aitor Herrero 2021-01-25
50151 Linux/x64 - Bind_tcp (0.0.0.0:4444) + Password (12345678) + Shell (/bin/sh) Shellcode (142 bytes) shellcode Linux Guillem Alminyana 2021-01-25
50152 The art of XSS Escalation - Paper (Arabic) papers Multiple u0pattern 2021-01-25
50153 Klog Server 2.4.1 - Unauthenticated Command Injection (Metasploit) webapps PHP Metin Yunus Kandemir 2021-01-25
50131 Selea CarPlateServer (CPS) 4.0.1.6 - Remote Program Execution webapps Multiple LiquidWorm 2021-01-22
50132 Selea CarPlateServer (CPS) 4.0.1.6 - Local Privilege Escalation local Windows LiquidWorm 2021-01-22
50133 Selea Targa IP OCR-ANPR Camera - ˙files_list˙ Remote Stored XSS webapps Hardware LiquidWorm 2021-01-22
50134 Selea Targa IP OCR-ANPR Camera - Developer Backdoor Config Overwrite webapps Hardware LiquidWorm 2021-01-22
50135 Selea Targa IP OCR-ANPR Camera - Directory Traversal File Disclosure (Unauthenticated) webapps Hardware LiquidWorm 2021-01-22
50136 Selea Targa IP OCR-ANPR Camera - Multiple SSRF (Unauthenticated) webapps Hardware LiquidWorm 2021-01-22
50137 Selea Targa IP OCR-ANPR Camera - CSRF Add Admin webapps Hardware LiquidWorm 2021-01-22
50138 Selea Targa IP OCR-ANPR Camera - RTP/RTSP/M-JPEG Stream Disclosure (Unauthenticated) webapps Hardware LiquidWorm 2021-01-22
50139 Selea Targa IP OCR-ANPR Camera - ˙addr˙ Remote Code Execution (Unauthenticated) webapps Hardware LiquidWorm 2021-01-22
50140 Oracle WebLogic Server 14.1.1.0 - RCE (Authenticated) webapps Java Photubias 2021-01-22
50141 Library System 1.0 - Authentication Bypass Via SQL Injection webapps PHP Himanshu Shukla 2021-01-22

<< back <<     >> next >>

Andrew Gecse

Ethical Hacker - Founder

Andrew is one of the most well-known hackers in Europe, often a one-man army as himself alone completed more security assessments than several IT companies combined. He also has been a presenter of conferences, tutor for universities, and Security Expert of several Fortune 100 companies. His recent projects include banks and government sites in Kuwait.
Andrew is a Certified Ethical Hacker and has been chosen Hacker Hall of Fame.

Dávid Balázsi

Data Scientist - Founder

David is a multiple time awarded programmer known for his creativity and inventions,- one of his invention was the gesture directed mouse 5 years before it did hit the market. Awards:
2012 Invitel Innoapps special award
2011 Invitel Innoapps special award
2011 Southern Transdanubia Regional Innovation Agency special award
2011 Enterprise Europe Network special award
2005 International Programmers Neumann competition 1st place
2004 International Programmers Neumann competition 2nd place

Email

info@blackanalytica.com

Phone

+48 (459) 356-190