header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Vulnerability Type
No results found
Information Disclosure (403)
Path disclosure (64)
Remote File Disclosure (45)
Cross-Site Scripting (44)
SQL Injection (35)
File Disclosure (32)
Password Disclosure (30)
Database Disclosure (26)
Full Path Disclosure (23)
Source Code Disclosure (23)
Arbitrary File Disclosure (18)
Local File Disclosure (16)
Remote Database Disclosure (15)
XSS (15)
Cross-Site Scripting (XSS) (14)
User Enumeration (14)
Denial of Service (13)
HTML Injection (13)
Information Leak (13)
Credential Disclosure (12)
Cross-Site Request Forgery (12)
Directory Traversal (12)
Information Leakage (11)
Memory Disclosure (11)
Database Disclosure Vulnerability (10)
Authentication Bypass (9)
Credentials Disclosure (9)
Sensitive information disclosure (8)
Username Enumeration (8)
Arbitrary File Upload (7)
Directory Listing (7)
Information Disclosure Vulnerability (7)
Local File Inclusion (7)
Remote Source Disclosure (7)
Local Password Disclosure (6)
Multiple Vulnerabilities (6)
Security Bypass (6)
Source Disclosure (6)
File Disclosure Vulnerability (5)
Password Disclosure Vulnerability (5)
Buffer Overflow (4)
Denial of Service (DoS) (4)
Information Exposure (4)
Local information disclosure (4)
Remote DNS Change (4)
Sensitive Data Exposure (4)
Unauthenticated Remote DNS Change (4)
Username-Enumeration Weakness (4)
Arbitrary File Download (3)
Cross-Site Scripting and Information Disclosure (3)
200
No results found
89 (8351)
79 (5937)
119 (4722)
78 (2037)
22 (1944)
98 (1882)
N/A (1389)
200 (1304)
400 (1281)
264 (1205)
287 (1099)
352 (1097)
120 (1032)
94 (1031)
20 (1026)
Unknown (897)
434 (850)
269 (267)
416 (254)
284 (219)
121 (196)
134 (187)
190 (149)
399 (138)
611 (120)
426 (115)
476 (110)
Buffer Overflow (110)
120 (Buffer Copy without Checking Size of Input) (104)
362 (95)
125 (92)
601 (87)
428 (86)
843 (86)
502 (85)
787 (84)
798 (79)
122 (77)
427 (73)
Not mentioned (70)
522 (65)
Not provided (59)
80 (55)
259 (54)
918 (44)
113 (40)
285 (40)
613 (39)
614 (37)
None (35)
CPE
No results found
N/A (461)
a:microsoft:internet_explorer (12)
a:microsoft:iis (8)
a:apache:tomcat (6)
a:php:php (5)
Not mentioned (5)
Unknown (5)
a:wordpress:wordpress (4)
None (4)
o:apple:mac_os_x (4)
o:microsoft:windows (3)
a:absolute_news_manager:.net:5.1 (2)
a:apache:http_server (2)
a:caucho:resin (2)
a:cyberark:enterprise_password_vault (2)
a:dredge_school_administration_system:dredge_school_administration_system (2)
a:mambo:mambo_site_server (2)
a:microsoft:internet_explorer:5.0 (2)
a:mozilla:firefox (2)
a:php-nuke:nukecalendar (2)
a:php:advanced_poll (2)
a:phpnuke:php-nuke (2)
a:shenzhen_xingmeng_qihang_media_co._ltd.:qihang_media_web_digital_signage:3.0.9.0 (2)
a:smartwares:home_easy (2)
a:sourcecodester:lot_reservation_management_system:1.0 (2)
a:sugarcrm:sugarcrm_community_edition (2)
a:trend_micro:officescan (2)
a:wordpress:duplicator:1.5.7.1 (2)
h:netgear:wnr2000 (2)
httpdx (2)
Not Specified (2)
o:cisco:ios (2)
o:freebsd:freebsd (2)
o:ibm:aix (2)
o:linux:linux_kernel (2)
o:microsoft:windows:7 (2)
o:sun:solaris (2)
//a:badblue (1)
//a:blazix (1)
//a:cerberusftpserver (1)
//a:hosting_controller:hosting_controller:6.1_hotfix_1.7 (1)
//a:openfiler (1)
//a:personifycorp:personify_corporation:7.5.2 (1)
//a:powerslave:powerslave_portalmanager (1)
//a:sugarcrm:sugarcrm (1)
//a:ultraseek_server:3.0 (1)
//www.example.com//telaen/inc/init.php (1)
192.00000000000168.00115.047 (1)
2.1.3 (1)
2.2 (1)
Vendor
No results found
N/A (107)
Microsoft (84)
WordPress (23)
Apache (22)
IBM (16)
Linux (16)
D-Link (13)
Cisco (12)
NETGEAR (12)
Apple (10)
Sun (10)
PHP (9)
Google (8)
Ltd. (8)
Mozilla (8)
Inc (7)
ManageEngine (7)
PHP-Nuke (7)
Citrix (6)
Joomla! (6)
SourceForge (6)
Sun Microsystems (6)
Unknown (6)
Tenda (5)
Web Wiz (5)
Adobe (4)
Linksys (4)
McAfee (4)
None (4)
Opera (4)
Oracle (4)
phpNuke (4)
Red Hat (4)
SAP (4)
Splunk (4)
Symantec (4)
Uebimiau (4)
ZTE (4)
Absolute News Manager (3)
Check Point (3)
Comersus (3)
DLink (3)
Electrolink s.r.l. (3)
FreeBSD (3)
HP (3)
Huawei (3)
Netscape (3)
Nokia (3)
Opera Software (3)
osCommerce (3)
Product Name
No results found
N/A (20)
Internet Explorer (18)
Windows (18)
IIS (12)
Linux Kernel (9)
Tomcat (9)
PHP (8)
Kernel (5)
Solaris (5)
WebMail (5)
WordPress (5)
Apache HTTP Server (4)
Chrome (4)
IP Camera (4)
PHP-Nuke (4)
Android (3)
Burning Board (3)
CF Image Hosting Script (3)
CuteNews (3)
Electrolink FM/DAB/TV Transmitter (3)
Firefox (3)
FreeBSD (3)
HTTP Server (3)
Internet Information Services (IIS) (3)
iOS (3)
Lot Reservation Management System (3)
macOS (3)
Moodle (3)
NukeCalendar (3)
Opera (3)
Owl's Workshop (3)
PHP-Fusion (3)
Resin (3)
Shopping Cart (3)
Splunk (3)
Typo3 (3)
Unknown (3)
Web Server (3)
Web+ (3)
Windows 10 (3)
Windows XP (3)
ZXV10 W300 (3)
Absolute News Manager .NET (2)
ADManager Plus (2)
Advanced Poll (2)
AIX (2)
APOLLO VX20 (2)
Asterisk (2)
AWStats (2)
Axis Video Server (2)
Version
From
No results found
N/A (290)
Unknown (35)
All versions (22)
3.1 (21)
1 (18)
1.0 (15)
Windows 7 (13)
2.0 (9)
2.2 (9)
2 (8)
1.2 (6)
2.1 (6)
1.1 (5)
3 (5)
All (5)
1.0.0 (4)
1.1.0 (4)
1.5 (4)
1.6 (4)
2.5 (4)
5.1 (4)
Internet Explorer 5.0 (4)
1.0.1 (3)
1.0.3 (3)
1.3 (3)
1.5.7.1 (3)
1.8 (3)
2.0.1 (3)
3.x.x (3)
7 (3)
Microsoft Internet Explorer (3)
not specified (3)
Windows 7 32-bit (3)
< 3.2 (2)
< 9.7 (2)
0.8x (2)
0.9.5 (2)
01.03 (2)
01.07 (2)
01.08 (2)
1.0.2 (2)
1.1.10.0 (2)
1.2.0.8 (2)
1.2.2000 (2)
1.3.2002 (2)
1.32 (2)
1.4.2005 (2)
1.7.2009 (2)
2.2.2000 (2)
2.2.2002 (2)
To
No results found
N/A (308)
Unknown (47)
All versions (24)
1 (14)
1.0 (14)
Windows 10 (12)
3.5-RC7 (10)
2.2 (9)
2.0 (8)
2 (7)
Not mentioned (7)
1.1 (6)
1.2 (6)
3 (6)
3.1 (6)
not specified (6)
1.6 (5)
All (5)
1.0.3 (4)
2.1 (4)
3.0 (4)
Internet Explorer 6.0 (4)
1.0.0 (3)
1.0.1 (3)
1.0.2 (3)
1.1.0 (3)
1.3 (3)
1.4.2005 (3)
1.5 (3)
1.5.7.1 (3)
1.8 (3)
Other versions may also be affected. (3)
Windows 7 32-bit (3)
0.8x (2)
0.9.5 (2)
01.03 (2)
1.2.0.8 (2)
1.2.2000 (2)
1.3.2002 (2)
1.7.2000 (2)
1.7.2009 (2)
10 (2)
2.0.1 (2)
2.2.2000 (2)
2.2.2002 (2)
2.4 (2)
2.6.37-rc1 (2)
2.8 (2)
3.0.9.0 (2)
3.2 (2)
Severity Type
No results found
HIGH (863)
MEDIUM (359)
LOW (49)
CRITICAL (23)
N/A (10)
Severity Number
No results found
7.5 (430)
5 (254)
7 (232)
5.5 (101)
8 (83)
4.3 (80)
3.3 (55)
8.8 (50)
3 (42)
4 (25)
Exploit Author
No results found
SecurityFocus (433)
Unknown (51)
LiquidWorm (20)
Project Zero (20)
Todor Donev (18)
Kozan (16)
Anonymous (11)
Dr_IDE (11)
Gjoko 'LiquidWorm' Krstic (9)
LionTurk (9)
ViRuSMaN (8)
John Page (aka hyp3rlinx) (7)
Not mentioned (7)
bd0rk (6)
cp77fk4r (6)
Dolev Farhi (6)
High-Tech Bridge SA - Ethical Hacking & Penetration Testing (6)
Ihsan Sencan (6)
indoushka (6)
milw0rm.com (6)
ZoRLu (6)
SirGod (5)
AlpHaNiX (4)
ByALBAYX (4)
Cold z3ro (4)
Craig Heffner (4)
Not Specified (4)
Salvatore Fresta aka Drosophila (4)
Stefan Esser (4)
Yakir Wizman (4)
Alexander Korznikov (3)
AmnPardaz Security Research Team (3)
Brendan Coles (3)
Cyber-Zone (ABDELKHALEK) (3)
Cyber.Zer0 (3)
Dmitrii Ignatyev (3)
Elijah Mandila Syoyi (3)
Georgi Guninski (3)
Ghost Hacker (3)
Jon Oberheide (3)
Karn Ganeshen (3)
Meisam Monsef (3)
Metin Yunus Kandemir (3)
Not provided (3)
Pedro Ribeiro (3)
rgod (3)
Septemb0x (3)
Stack (3)
ThE g0bL!N (3)
Wadeek (3)
Platforms Tested
No results found
N/A (554)
Windows (172)
Linux (110)
None (93)
Mac (40)
Microsoft Windows (13)
Windows 7 (13)
PHP (12)
unix (11)
Windows 10 (10)
All (9)
WordPress (9)
Unknown (8)
Kali Linux (6)
Windows XPSP3 (6)
WiN7_x64/KaLiLinuX_x64 (5)
Windows Server 2003 (5)
Android (4)
macOS (4)
Python (4)
Ubuntu (4)
Windows XP Professional SP3 (4)
Windows XP SP2 (4)
ASP.NET 4.0.30319 (3)
Not Specified (3)
Ubuntu Linux (3)
Web (3)
Windows Windows Server 2012 R2 64bit (3)
All OS (2)
Apache (2)
Apache-Coyote/1.1 (2)
Apache/2.4.7 (Win32) (2)
Boa/0.94.13 (2)
Debian squeeze 6.0.6 (2)
GoAhead-Webs (2)
HowFor Web Server/5.6.0.0 (2)
iOS (2)
Kali Linux 2021.1 (2)
Linux Debian 9 (2)
Mac OS X (2)
Microsoft ASP.NET Web QiHang IIS Server (2)
Microsoft Windows 11 Enterprise and XAMPP 3.3.0 (2)
Microsoft Windows Server 2003 Enterprise Edition (2)
Microsoft Windows Server 2012 R2 Datacenter (2)
MySQL 5.6.14 (2)
Not mentioned (2)
PHP/5.5.6 (2)
Solaris (2)
Ubuntu 16.04 (2)
Ubuntu 18.04 (2)
Year
Year
No results found
2002 (224)
2009 (105)
2008 (96)
2005 (74)
2020 (65)
2010 (56)
2013 (56)
2012 (52)
2018 (52)
Unknown (44)
2014 (40)
2017 (40)
2006 (35)
2016 (34)
2023 (31)
2001 (29)
2007 (29)
2019 (29)
2011 (27)
2021 (27)
2015 (24)
2003 (17)
2004 (14)
2022 (12)
2000 (10)
Not Specified (5)
2024 (4)
N/A (4)
Not mentioned (4)
1998 (3)
1997 (1)
1999 (1)
Discovered in 2020 (1)
Found By: Dr_IDE in 2009 (1)
Jan 03 2013 (1)
Not provided (1)
undefined1_ (1)

Explore all Exploits:

HughesNet HT2000W Satellite Modem Password Reset

The exploit allows an attacker to reset the administrator password for HughesNet HT2000W Satellite Modem by taking advantage of CVE-2021-20090, a path traversal vulnerability in the HTTP daemon. The exploit also exploits other vulnerabilities like improper use of httokens for authentication and leaking the MD5 hash of the password.

Cluster Manager Exploitation

The script aims to exploit a vulnerability in a cluster manager by searching for a specific 'Alias' parameter in the href attribute of HTML links. If the parameter is found, the script proceeds with the exploitation process. It utilizes BeautifulSoup for parsing HTML content and requests library for making HTTP requests. The vulnerability can potentially lead to information disclosure.

Elber Signum DVB-S/S2 IRD Unauthenticated Configuration Disclosure

Elber Signum DVB-S/S2 IRD devices with affected versions 1.999, 1.317, 1.220, 1.217, 1.214, 1.193, 1.175, and 1.166 are prone to unauthenticated device configuration and client-side hidden functionality disclosure. An attacker can exploit this vulnerability to manipulate device configurations and reveal hidden functionalities without authentication.

Hitachi NAS (HNAS) System Management Unit (SMU) 14.8.7825 – Information Disclosure

The Hitachi NAS (HNAS) System Management Unit (SMU) version 14.8.7825 and below is prone to an information disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information. This vulnerability has been assigned CVE-2023-6538.

Asterisk AMI – Partial File Content & Path Disclosure (Authenticated)

The exploit targets CVE-2023-49294 in Asterisk AMI, enabling authenticated users to enumerate filesystems, discover existing file paths, and disclose partial file contents. The disclosed files need to comply with the Asterisk configuration format, similar to INI configuration. The vulnerability can be utilized for unauthorized access to sensitive information.

OpenClinic GA 5.247.01 – Information Disclosure

An Information Disclosure vulnerability in OpenClinic GA 5.247.01 allows an attacker to infer the existence of specific appointments by manipulating the input to the printAppointmentPdf.jsp component. By observing error messages, an unauthorized user can determine the presence of appointments without direct access to the data, potentially revealing sensitive information about appointments at private clinics, surgeries, and doctors' practices. This vulnerability is identified as CVE-2023-40278.

djangorestframework-simplejwt 5.3.1 – Information Disclosure

A vulnerability in djangorestframework-simplejwt version <= 5.3.1 allows for various security issues such as Business Object Level Authorization (BOLA), Business Function Level Authorization (BFLA), and Information Disclosure. This vulnerability permits users to access web application resources even after their account has been deactivated due to inadequate user validation checks.

Ricoh Printer Directory and File Exposure

The exploit allows an attacker to connect to a Ricoh printer over FTP using default credentials and access directories such as Help, Info (Printer Information), Prnlog (Print Log), Stat (Statistics), and Syslog (System Log). The attacker can list files and directories, read files, and potentially extract sensitive information.

Lot Reservation Management System Unauthenticated File Disclosure Vulnerability

The Lot Reservation Management System is a PHP/MySQLi project designed to assist in managing property reservations. The system allows clients to view property information and make reservations. However, it is vulnerable to an unauthenticated file disclosure issue.

Recent Exploits:

cqrsecured