header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Vulnerability Type
No results found
SQL Injection (18)
Buffer Overflow (11)
Cross-Site Scripting (XSS) (6)
Remote Code Execution (6)
Cross-Site Scripting (5)
Remote File Inclusion (5)
Command Injection (3)
Credentials Disclosure (3)
Directory Traversal (3)
PowerShell Single Quote Code Execution / Event Log Bypass (3)
Remote Buffer Overflow (3)
Use-After-Free (3)
Input Validation (2)
Local Privilege Escalation (2)
Memory Corruption (2)
Out-of-bounds write (2)
Panic Log Vulnerability (2)
Remote Code Execution (RCE) (2)
Stack Buffer Overflow (2)
Stack Overflow (2)
Windows Defender Detection Mitigation Bypass - TrojanWin32Powessere.G (2)
Arbitrary Code Execution (1)
Arbitrary File Creation/Overwrite (1)
Arbitrary File Overwrite (1)
ArDoc.dll ActiveX Control Remote File Creation / Overwrite (1)
Authentication Bypass (1)
Blind SQL Injection (1)
Bluetooth Low Energy Traffic Replay (1)
Buffer Overrun (1)
Code Injection (1)
Credential Leakage (1)
Cross-Site Request Forgery (CSRF) (1)
Directory Browsing (1)
Dirty Cow (1)
Elevation of Privilege (1)
Heap-based buffer overflow (1)
Heap-overflow (1)
Insecure temporary file-creation (1)
Local File Inclusion (1)
Local information disclosure (1)
Local Root (1)
Memory Disclosure and Denial of Service (1)
Missing Encryption Of Sensitive Information (1)
Multiple Vulnerabilities (1)
Overly Trusted Location Variant Method Cache (1)
Password Reset Vulnerability (1)
Protection Bypass (1)
Race Condition Remote File Execution (1)
Remote Command Execution (1)
Remote File Inclusion Vulnerability (1)
CWE
No results found
89 (19)
119 (17)
79 (13)
Not Specified (13)
78 (8)
200 (6)
22 (5)
20 (4)
264 (4)
94 (4)
416 (3)
98 (3)
120 (2)
284 (2)
287 (2)
362 (2)
Buffer Overflow (2)
122 (1)
123 (1)
312 (1)
319 (1)
352 (1)
377 (1)
385 (1)
522 (1)
548 (1)
787 (1)
Command Injection (78) (1)
Race Condition (1)
Shell Command Injection (78) (1)
CPE
No results found
Not Specified (54)
o:microsoft:windows (7)
h:maxima:max_pro_power_firmware:v1.0_486A (2)
o:microsoft:windows_defender (2)
a:abcm2ps:abcm2ps:3.7.20 (1)
a:active_calendar:active_calendar:1.2.0 (1)
a:andysphp:man_page_lookup (1)
a:apache:tomcat (1)
a:apple:itunes:8.1.x (1)
a:arox:school_erp_pro:1.0 (1)
a:bluecoat_systems:winproxy (1)
a:cfmagic:magic_book_professional:2.0cpe:/a:cfmagic:magic_list_professional:2.5cpe:/a:cfmagic:magic_forum_personal:2.5 (1)
a:comodo:firewall_pro:2.4.18.184 (1)
a:e-xoops:e-xoops (1)
a:foldoc:the_free_online_dictionary_of_computing (1)
a:gfax_project:gfax:0.7.6 (1)
a:hp:openview_radia_management_portal (1)
a:hp:openview_radia_notify_daemon (1)
a:joomla:joomla (1)
a:juniper_networks:srx_firewalls cpe:/a:juniper_networks:ex_switches (1)
a:mailenable:mailenable (1)
a:microsoft:windows_media_encoder (1)
a:microsoft:windows_powershell (1)
a:newspost (1)
a:onecms:onecms:2.6.1 (1)
a:php_blue_dragon:php_blue_dragon_cms (1)
a:phpgurukul:bank_locker_management_system (1)
a:phpsites:phpsites (1)
a:quest:intrust:10.4 (1)
a:razer:chroma_sdk_server:3.16.02 (1)
a:ruslan_communications:body_builder (1)
a:sun:java_virtual_machine (1)
a:tiki_wiki_cms_groupware:tiki_wiki_cms_groupware:7.0 (1)
a:web_wiz:web_wiz_forums (1)
a:wimpy:mp3 (1)
a:wordpress:cover_wp_theme (1)
a:wordpress:seotheme (1)
cpe:/a:comodo:personal_firewall:2.3.6.81 (1)
cpe:/a:zonealarm:zonealarm_pro:6.1.744.001 (1)
cpe:/o:apple:iphone_os (for iOS) (1)
cpe:2.3:a:google:v8:*:*:*:*:*:*:* (1)
cpe:2.3:a:microsoft:windows:*:*:*:*:*:*:*:* (1)
cpe:2.3:a:oracle:oracle_database_server:*:*:*:*:*:*:*:* (1)
cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:* (1)
h:beetel:tc1-450 (1)
h:elber:reble610 (1)
h:electrolink:compact_dab_transmitter:01.09 (1)
h:electrolink:fm_dab_tv_transmitter (1)
h:electrolink:fm_transmitter (1)
h:honeywell:pm43_firmware (1)
Vendor
No results found
Not specified (26)
Microsoft (14)
Apple (5)
Electrolink s.r.l. (3)
AAF Digital HD Forum | Atelmo GmbH (2)
HP (2)
Maxima (2)
Oracle (2)
WordPress (2)
2daybiz (1)
abcm2ps (1)
Active Calendar (1)
Andy's PHP (1)
Apache (1)
Arox (1)
Beetel (1)
Blue Coat Systems (1)
CFMagic (1)
CodeIgniter (1)
Comodo (1)
Compaq (1)
Creative Labs (1)
CyberLink (1)
DivX (1)
E-Xoops (1)
Eclipse (1)
ECOA Technologies Corp. (1)
Elber S.r.l. (1)
Electronic Arts (1)
FOLDOC (1)
Geovision Inc. (1)
GFAX Project (1)
Google (1)
Honeywell (1)
Hosting Controller (1)
http://www.mapos-scripts.de (1)
https://github.com/PuneethReddyHC/online-shopping-system-advanced (1)
HughesNet (1)
I-Escorts (1)
Intelbras (1)
Joomla! (1)
Juniper Networks (1)
Kaspersky (1)
LibreNMS (1)
Linux (1)
Livecart (1)
Magneto Software (1)
MailEnable (1)
Mambo CMS (1)
Milesight IoT (1)
Product Name
No results found
Not specified (6)
Windows (4)
Electrolink FM/DAB/TV Transmitter (3)
Windows PowerShell (3)
Atemio AM 520 HD Full HD satellite receiver (2)
Max Pro Power (2)
OS X and iOS (2)
Windows Defender (2)
abcm2ps (1)
abctab2ps (1)
Active Calendar (1)
al3jeb script (1)
AplikaMedia CMS (1)
AppleKeyStore (1)
Bank Locker Management System (1)
Body Builder (1)
Bradabra (1)
Chakra (1)
Chroma SDK Server (1)
CMS Balitbang (1)
CodeIgniter (1)
Comodo Firewall Pro (1)
Comodo Personal Firewall (1)
Cover WP theme (1)
Creative Software AutoUpdate Engine (1)
Dating Script (1)
DivX Player (1)
E-Xoops (1)
Eclipse IDE Help component (1)
Firejail (1)
Flash (1)
GFAX (1)
Hosting Controller (1)
HT2000W Satellite Modem (1)
I-Escorts Agency Script (1)
I-Escorts Directory Script (1)
ICMP ActiveX Control (1)
Intelbras Wireless N 150Mbps (1)
Internet Explorer (1)
InTrust (1)
IP Camera/Video/Access Control (1)
iTunes (1)
Java Virtual Machine (1)
jGallery (1)
Joomla (1)
Juniper EX Switches (1)
Juniper SRX Firewalls (1)
Kisanji (1)
klibc (1)
Kontakt Formular (1)
Version
From
No results found
not specified (76)
01.07 (2)
01.08 (2)
3.1 (2)
Firmware <=2.01 (2)
v1.0 486A (2)
< 10 (1)
< 2.4p3 (1)
0.01 Revision 0 (1)
01.06 for control unit version (1)
01.09 (1)
1.0.1 (1)
1.2.12 (1)
1.2.2000 (1)
1.4 for display version (1)
1.5.2001 (1)
1.6.2003 (1)
2.6.2001 (1)
2016 update (1)
21.1R1 (1)
21.2R3-S7 (1)
21.3R3-S5 (1)
21.4R3-S5 (1)
22.1R3-S4 (1)
22.2R3-S2 (1)
22.3R2-S2/R3-S1 (1)
22.4R2-S1/R3 (1)
23.2R1-S1/R2 (1)
3.7.20 (1)
7 (1)
8.1 (1)
All modern versions of Windows (1)
All prior to May 10th (1)
All supported releases (1)
All versions (1)
All versions up to 01.09 for web version (1)
and 2.1 for firmware version (1)
and Magic Forum Personal versions 2.5 and prior (1)
and more (1)
Apple iTunes 8.1.x (1)
Arcadyan httpd 1.0 (1)
Before November/December 2017 (1)
CodeIgniter 1.0 (1)
Comodo Firewall Pro 2.4.18.184 (1)
Comodo Personal Firewall 2.3.6.81 (1)
ECOA ECS Router Controller - ECS (FLASH) (1)
ECOA Graphic Control Software (1)
ECOA RiskBuster System - RB 3.0.0 (1)
ECOA RiskBuster System - TRANE 1.0 (1)
ECOA RiskBuster Terminator - E6L45 (1)
not specified
No results found
not specified (127)
Severity Type
No results found
HIGH (97)
MEDIUM (17)
CRITICAL (9)
N/A (4)
Severity Number
No results found
7.5 (65)
6.1 (16)
5.5 (11)
N/A (7)
7 (4)
8.1 (4)
8.8 (4)
9 (4)
5 (3)
3.1 (2)
Exploit Author
No results found
Not Specified (40)
SecurityFocus (9)
Unknown (7)
John Page (aka hyp3rlinx) (4)
Alok Kumar (2)
MC (2)
Not provided (2)
(/) Mouse (1)
0in (1)
41.w4r10r (1)
Andrea "bunker" Purificato (1)
Anonymous (1)
Author name not provided (1)
bashis (1)
bd0rk (1)
Behrad Taher (1)
Besim ALTINOK (1)
Bindecy (1)
Bipin Jitiya (1)
BitKrush (1)
ByteHunter (1)
cr4wl3r (1)
cybertronic (1)
Darkfire and IR4DEX GROUP (1)
David Maciejak (1)
Dillon Beresford (1)
Dj7xpl / Dj7xpl@Yahoo.com (1)
Easy Laster (1)
Eduardo Braun Prado (1)
Elber Tavares (1)
Eldar Marcussen (1)
Gamoscu (1)
Gjoko 'LiquidWorm' Krstic (1)
GolD_M = [Mahmood_ali] (1)
Google Project Zero (1)
Google Security Research (1)
Hashim Jawad (1)
Hossein Lotfi (1)
ianbeer (1)
Inj3cti0n P4ck3t (1)
InTeL (1)
Ismail Tasdelen (1)
John Page (hyp3rlinx) (1)
Juan Sacco (1)
k`sOSe (1)
Loke Hui Yi (1)
Majid kalantari (1)
Milad Karimi (Ex3ptionaL) (1)
milw0rm.com (1)
Neurogenesia (1)
Platforms Tested
No results found
Not Specified (59)
Windows (16)
Linux (5)
unix (4)
Windows 10 (3)
8.1 (2)
Atemio 7600 HD STB (2)
ATEMIO M46506 revision 990 (2)
GNU/Linux 3.14-1.17 (armv7l) (2)
GNU/Linux 3.14.2 (mips) (2)
10 (1)
2 (1)
2008 (1)
7 (1)
8 (1)
and Microsoft platforms (1)
Apache (Unix) (1)
embOS/IP (1)
FireFox (1)
FreeBSD 8.1 (Not tested on Linux) (1)
GNU/Linux 2.6.32.71 (1)
GNU/Linux 2.6.32.71 (STMicroelectronics) (1)
JUNOS SM804122pri 15.1X49-D170.4 (1)
Kali i686 GNU/Linux (1)
Kali Linux (1)
macOS (1)
Maxima Max Pro Power (1)
Maxima Max Pro Power smartwatch (1)
N/A (1)
NBFM Controller (1)
OS X 10.11.3 El Capitan 15D21 on MacBookAir5 (1)
Siemens Simatic S7-300 PLC (1)
Ubuntu 20.04.6 LTS with Python 3.8.10 (1)
Ubuntu 3.11.0-15-generic (1)
Windows 10 1903/1809 (1)
Windows 10 64 bit Wampserver (1)
Windows 2000 PRO SP4 English (1)
Windows 2000 SP4 (1)
Windows 2000 SP4 with Internet Explorer 6 (1)
Windows 2003 R2 SP2 (1)
Windows 7 (1)
Windows Vista (1)
Windows XP (Version 5.1 Service Pack 3) (1)
Windows XP Pro Sp2 (1)
Windows XP Professional SP2 with Internet Explorer 7 (1)
Windows XP Professional SP3 (1)
Windows XP Service Pack 1 (1)
Windows XP SP/SP3 French (1)
Windows XP SP2 FULL PATCHED (Korean Language) (1)
Windows XP SP2 with Internet Explorer 6.0 SP2 (1)
Year
Year
No results found
Not Specified (53)
2007 (11)
2023 (6)
2005 (5)
Unknown (5)
2002 (4)
2004 (4)
2010 (4)
2006 (3)
2009 (3)
2016 (3)
2017 (3)
2020 (3)
2024 (3)
2008 (2)
2018 (2)
2019 (2)
1996 (1)
2001 (1)
2003 (1)
2011 (1)
2012 (1)
2013 (1)
2014 (1)
2021 (1)
2022 (1)

Explore all Exploits:

HughesNet HT2000W Satellite Modem Password Reset

The exploit allows an attacker to reset the administrator password for HughesNet HT2000W Satellite Modem by taking advantage of CVE-2021-20090, a path traversal vulnerability in the HTTP daemon. The exploit also exploits other vulnerabilities like improper use of httokens for authentication and leaking the MD5 hash of the password.

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Authentication Bypass

The Elber Reble610 device is vulnerable to an authentication bypass issue that allows attackers to gain unauthorized and administrative access to protected areas of the application. This vulnerability occurs due to a flaw in the password management functionality, specifically in the set_pwd endpoint, which can be manipulated by attackers to overwrite the password of any user within the system.

Honeywell PM43 Command Injection Remote Code Execution (RCE)

The exploit allows an attacker to remotely execute arbitrary code on Honeywell PM43 printers with firmware versions prior to P10.19.050004. By sending a crafted payload to the 'loadfile.lp?pageid=Configure' endpoint, an attacker can inject malicious commands. This vulnerability is identified as CVE-2023-3710.

Credential Leakage Through Unprotected System Logs and Weak Password Encryption

The vulnerability allows an attacker to access sensitive credentials due to unprotected system logs and weak password encryption. By decrypting the passwords stored in the system logs, an attacker can obtain user credentials. This vulnerability has been assigned the CVE identifier CVE-2023-43261.

Microsoft Windows PowerShell Single Quote Code Execution and Event Log Bypass Vulnerability

The vulnerability in Microsoft Windows PowerShell allows for code execution by bypassing single quote restrictions. By using a combination of semicolon and ampersand characters, a specially crafted filename can trigger arbitrary code execution and evade PS event logging. This can lead to unauthorized file execution and potential security breaches.

Maxima Max Pro Power BLE Traffic Replay Vulnerability

An attacker can send crafted HEX values to a specific GATT Charactristic handle on the Maxima Max Pro Power smartwatch to perform unauthorized actions like changing Time display format, updating Time, and notifications. Due to lack of integrity checks, an attacker can sniff values on one smartwatch and replay them on another, leading to unauthorized actions.

Electrolink FM/DAB/TV Transmitter Credentials Disclosure

Electrolink FM/DAB/TV Transmitter devices are prone to a credentials disclosure vulnerability. Attackers can exploit this issue to gain unauthorized access to sensitive information such as login credentials. This vulnerability affects various versions of Electrolink transmitters including Compact DAB Transmitter, Medium DAB Transmitter, High Power DAB Transmitter, Compact FM Transmitter, Modular FM Transmitter, Digital FM Transmitter, VHF TV Transmitter, and UHF TV Transmitter.

Windows Defender Trojan.Win32Powessere.G Mitigation Bypass

Windows Defender usually prevents the execution of TrojanWin32Powessere.G by leveraging rundll32.exe. However, by using multiple commas in the execution command, the mitigation can be bypassed, allowing successful execution of the trojan.

TitanNit Web Control 2.01 / Atemio 7600 Root Remote Code Execution

The vulnerability in TitanNit Web Control 2.01 / Atemio 7600 allows an unauthorized attacker to execute system commands with elevated privileges by utilizing the 'getcommand' query in the application, resulting in root access.

Microsoft Windows PowerShell Single Quote Code Execution and Event Log Bypass

The vulnerability in Microsoft Windows PowerShell allows for code execution bypassing single quotes using the semicolon ';' and ampersand '&' characters in filenames. By exploiting this flaw, arbitrary code execution can be triggered, and the PowerShell event log can be truncated.

Recent Exploits:

cqrsecured