header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Vulnerability Type
No results found
SQL Injection (6841)
Buffer Overflow (3830)
Cross-Site Scripting (2498)
Denial of Service (1853)
Remote Code Execution (1494)
Cross-Site Scripting (XSS) (852)
Directory Traversal (841)
Remote File Include (787)
Remote File Inclusion (723)
Privilege Escalation (675)
Authentication Bypass (671)
Local File Inclusion (606)
Information Disclosure (483)
Remote Command Execution (459)
Arbitrary File Upload (427)
Blind SQL Injection (425)
HTML Injection (398)
Cross-Site Request Forgery (384)
Command Injection (349)
Cross-Site Request Forgery (CSRF) (331)
Stack Buffer Overflow (320)
Stack Overflow (304)
Remote SQL Injection (288)
Unquoted Service Path (264)
Memory Corruption (254)
Denial of Service (DoS) (246)
Stored XSS (246)
Local Privilege Escalation (245)
Local File Include (241)
Remote Denial of Service (229)
Use-After-Free (211)
Heap-overflow (201)
Stored Cross-Site Scripting (XSS) (197)
Persistent Cross Site Scripting (187)
Remote Code Execution (RCE) (176)
XSS (169)
Stack-Based Buffer Overflow (165)
Remote Buffer Overflow (146)
Format String Vulnerability (145)
CSRF (142)
Path Traversal (136)
Integer Overflow (135)
Arbitrary Code Execution (134)
Code Execution (134)
Remote File Disclosure (127)
Input Validation (125)
SQL Injection and Cross Site Scripting (123)
Stored Cross Site Scripting (117)
Command Execution (115)
Insecure Cookie Handling (113)
CWE
No results found
89 (8351)
79 (5937)
119 (4722)
78 (2037)
22 (1944)
98 (1882)
N/A (1389)
200 (1304)
400 (1281)
264 (1205)
287 (1099)
352 (1097)
120 (1032)
94 (1031)
20 (1026)
Unknown (897)
434 (850)
269 (267)
416 (254)
284 (219)
121 (196)
134 (187)
190 (149)
399 (138)
611 (120)
426 (115)
476 (110)
Buffer Overflow (110)
120 (Buffer Copy without Checking Size of Input) (104)
362 (95)
125 (92)
601 (87)
428 (86)
843 (86)
502 (85)
787 (84)
798 (79)
122 (77)
427 (73)
Not mentioned (70)
522 (65)
Not provided (59)
80 (55)
259 (54)
918 (44)
113 (40)
285 (40)
613 (39)
614 (37)
None (35)
CPE
No results found
N/A (12110)
Unknown (758)
None (168)
Not mentioned (160)
a:microsoft:internet_explorer (139)
o:microsoft:windows (132)
Not provided (121)
o:linux:linux_kernel (97)
Not Specified (90)
a:joomla:joomla (72)
Not Available (52)
a:wordpress:wordpress (49)
o:apple:mac_os_x (47)
o:freebsd:freebsd (44)
o:microsoft:windows_xp (37)
a:mozilla:firefox (35)
a:php:php (34)
o:microsoft:windows_2000 (34)
a:google:chrome (31)
o:sun:solaris (27)
o:microsoft:windows_2000::sp4 (25)
a:microsoft:iis (23)
a:wireshark:wireshark (23)
a:adobe:flash_player (22)
a:apple:safari (22)
o:microsoft:windows_7 (22)
a:apache:tomcat (21)
o:microsoft:windows_xp::sp2 (18)
a:invision_power_services:invision_power_board (16)
o:microsoft:windows_xp::sp3 (16)
o:sgi:irix (16)
a:apple:quicktime (15)
a:samba:samba (15)
a:mybb:mybb (14)
a:mysql:mysql (14)
a:phpnuke:php-nuke (14)
a:videolan:vlc_media_player (14)
a:cpanel:cpanel (13)
a:microsoft:windows_media_player (13)
a:openemr:openemr (13)
a:opera_software:opera (13)
Solaris (13)
2.0 (12)
a:freepbx:freepbx (12)
a:oracle:virtualbox (12)
a:php:php:5.0.0 (12)
apple:safari (12)
o:cisco:ios (12)
o:google:android (12)
o:hp:hp-ux (12)
Vendor
No results found
N/A (3323)
Microsoft (1764)
WordPress (672)
Unknown (576)
Joomla! (539)
Apple (448)
Sourcecodester (363)
Oracle (319)
IBM (254)
Adobe (242)
Apache (242)
Linux (228)
Cisco (194)
HP (178)
PHP (170)
Mozilla (164)
Google (163)
Sun (141)
D-Link (140)
Novell (125)
Inc (107)
PHPGurukul (106)
Symantec (100)
PHP-Nuke (92)
ManageEngine (91)
Codecanyon (88)
XOOPS (87)
GNU (84)
Ltd. (84)
MyBB (83)
PHP Script Small (83)
phpBB (79)
SAP (76)
FreeBSD (73)
Sun Microsystems (69)
NETGEAR (68)
Not mentioned (68)
SourceForge (67)
vBulletin (64)
Hewlett Packard (61)
TP-Link (60)
Trend Micro (60)
Wireshark (58)
McAfee (57)
Mambo (56)
IPSwitch (54)
Itechscripts (53)
VMware (52)
VideoLAN (51)
e107 (50)
Product Name
No results found
N/A (695)
Internet Explorer (307)
Windows (303)
Linux Kernel (183)
PHP (172)
Unknown (140)
Firefox (115)
Solaris (113)
Joomla (107)
Mac OS X (96)
Flash Player (90)
Windows XP (88)
WordPress (87)
CMS (71)
Safari (65)
Chrome (62)
FreeBSD (57)
vBulletin (57)
Windows 7 (57)
Wireshark (55)
Kernel (54)
PHP-Nuke (54)
MySQL (52)
phpBB (51)
VLC media player (50)
Windows 2000 (50)
Windows 10 (49)
MyBB (48)
IIS (46)
Winamp (45)
AIX (44)
iOS (43)
macOS (40)
Android (38)
Opera (38)
Oracle Database (38)
Tomcat (38)
Windows Media Player (38)
Invision Power Board (37)
Samba (37)
Irix (35)
PHP-Fusion (35)
Linux (33)
phpMyAdmin (33)
osCommerce (32)
RealPlayer (32)
Apache HTTP Server (31)
ProFTPD (31)
Chromium (30)
OpenEMR (30)
Version
From
No results found
N/A (6626)
Unknown (1792)
1 (961)
1.0 (901)
3.1 (726)
1.1 (323)
2 (285)
All versions (234)
1.2 (223)
2.0 (221)
2.1 (175)
3 (157)
1.5 (150)
1.3 (146)
1.0.0 (142)
2.2 (140)
All (119)
1.0.1 (106)
1.4 (100)
v1.0 (98)
0.1 (95)
3.0 (95)
2.5 (94)
4 (90)
1.0.2 (84)
not specified (82)
2.3 (81)
1.6 (74)
Not mentioned (73)
< 3.2 (70)
2.0.0 (70)
6 (68)
5 (64)
1.0.3 (62)
1.7 (61)
3.3 (59)
2.0.1 (57)
2.4 (57)
Windows 7 (57)
1.8 (53)
3.5 (51)
Windows 2000 (51)
0.2 (50)
3.0.0 (48)
Not provided (48)
2.6 (46)
1.0.4 (45)
2.0.2 (45)
4.0 (45)
4.2 (45)
To
No results found
N/A (7012)
Unknown (2684)
1.0 (858)
1 (796)
3.5-RC7 (386)
1.1 (310)
2 (250)
1.2 (247)
2.0 (229)
All versions (221)
2.1 (153)
Not mentioned (153)
3 (152)
1.5 (142)
1.3 (131)
2.2 (129)
not specified (127)
All (118)
Other versions may also be affected. (114)
1.0.0 (111)
1.0.1 (97)
v1.0 (95)
1.0.2 (92)
2.5 (91)
3.0 (91)
1.4 (89)
3.1 (89)
0.1 (83)
Prior versions (79)
Not provided (78)
4 (77)
2.3 (75)
1.6 (72)
5 (66)
1.7 (63)
3.2 (63)
1.0.3 (61)
6 (59)
3.3 (57)
2.4 (56)
Windows 10 (55)
1.8 (54)
2.0.1 (54)
3.5 (49)
None (48)
2.0.2 (47)
2.6 (46)
4.0 (45)
4.2 (45)
0.2 (43)
Severity Type
No results found
HIGH (33263)
MEDIUM (4679)
N/A (2324)
CRITICAL (1705)
LOW (287)
Severity Number
No results found
7.5 (16267)
7 (7608)
5 (6608)
8 (3345)
N/A (2741)
9 (2195)
8.8 (1966)
5.5 (1836)
3 (1433)
9.8 (995)
Exploit Author
No results found
SecurityFocus (6696)
Unknown (2432)
Ihsan Sencan (887)
Gjoko 'LiquidWorm' Krstic (361)
Anonymous (353)
Project Zero (308)
milw0rm.com (271)
juan vazquez (245)
rgod (243)
LiquidWorm (222)
MC (202)
ajann (187)
Luigi Auriemma (187)
N/A (187)
Google Security Research (183)
indoushka (182)
shinnai (162)
sinn3r (154)
hdm (138)
John Page (aka hyp3rlinx) (131)
jduck (121)
cr4wl3r (113)
Hussin X (113)
Not mentioned (111)
Vulnerability Laboratory Research Team (108)
ZoRLu (99)
Kacper (a.k.a Rahim) (92)
nu11secur1ty (91)
mr_me (90)
Easy Laster (89)
CWH Underground (88)
S@BUN (84)
SirGod (83)
Ahmet Ümit BAYRAM (80)
High-Tech Bridge Security Research Lab (80)
xoron (80)
Dr_IDE (78)
Sid3^effects aKa haRi (78)
Todor Donev (75)
hyp3rlinx (74)
Stack (73)
Francis Provencher (71)
High-Tech Bridge SA - Ethical Hacking & Penetration Testing (70)
Ismail Tasdelen (70)
AntiSecurity (69)
His0k4 (68)
Kingcope (65)
ThE g0bL!N (65)
Not Specified (64)
Miroslav Stampar (61)
Platforms Tested
No results found
N/A (12658)
Windows (4998)
Linux (3440)
None (1839)
Mac (981)
Unknown (939)
Windows XP SP3 (683)
WiN7_x64/KaLiLinuX_x64 (546)
Windows 10 (529)
unix (487)
Windows 7 (410)
Kali Linux (332)
PHP (305)
Kali linux X64 (296)
Win7 x64 (276)
Windows XP SP2 (267)
Windows XP (233)
WordPress (196)
iOS (151)
All (142)
Not mentioned (132)
macOS (126)
Ubuntu (120)
Microsoft Windows (117)
Not Specified (106)
Solaris (105)
Apache (99)
Windows 7 x64 (98)
Android (96)
Xampp (91)
FreeBSD (90)
Windows 10 Pro x64 es (80)
Mac OS X (78)
Windows 2000 (77)
Windows 10 x64 (73)
Ubuntu 18.04 (72)
Windows 7 SP1 (70)
Windows Vista (70)
Not provided (69)
Windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu) (68)
Windows 7 x86 (67)
Windows XP SP3 EN (62)
Kali Linux 2.0 (59)
Windows 10 Pro (59)
Windows XP Professional SP2 (59)
Debian (55)
Linux & Windows (55)
Windows XP Professional SP2 with Internet Explorer 7 (53)
Java (51)
Microsoft Windows XP Professional SP3 (EN) (50)
Year
Year
No results found
2008 (3443)
2009 (3242)
2020 (2781)
Unknown (2618)
2010 (2541)
2002 (2329)
2006 (2050)
2012 (1810)
2005 (1774)
2018 (1744)
2017 (1739)
2007 (1560)
2011 (1328)
2013 (1295)
2019 (1295)
2016 (1130)
2015 (1109)
2021 (1104)
2014 (995)
2023 (733)
2004 (529)
2022 (474)
2001 (444)
2003 (387)
2000 (238)
N/A (178)
2024 (155)
Not mentioned (138)
1999 (136)
Not provided (89)
Not Specified (89)
1998 (72)
1997 (48)
1996 (16)
Not available (9)
HIGH (6)
None (6)
[date] (4)
2005-2006 (4)
0day (3)
1994 (3)
Discovered in 2020 (3)
Found in 2020 (3)
MEDIUM (3)
TBD (3)
1988 (2)
2003-2004 (2)
2004-2019 (2)
2006-2007 (2)
2009/2010 (2)

Explore all Exploits:

Show More

MASA2EL Music City Remote Sql Injection Vulnerability

The MASA2EL Music City software is vulnerable to a remote SQL injection attack. An attacker can exploit this vulnerability by injecting malicious SQL queries into the 'id' parameter of the index.php file. This can lead to unauthorized access to the database and retrieval of sensitive information, such as usernames and passwords.

9
CVSS
CRITICAL
SQL Injection
89
CWE
Product Name
MASA2EL Music City
Platforms Tested
Affected Version
From:
1
To:
1
Show More

Shout! (content.php) Blind Sql Injection Vulnerability

This vulnerability allows an attacker to perform Blind Sql Injection on the Shout! Script. By modifying the 'id' parameter in the content.php URL, the attacker can execute arbitrary SQL queries and retrieve sensitive information from the database. The exploit examples provided demonstrate how to determine the version of the database server by leveraging the boolean-based blind SQL injection technique.

5.5
CVSS
MEDIUM
Blind Sql Injection
89
CWE
Product Name
Shout! Script
Platforms Tested
Affected Version
From:
To:
Show More

CA BrightStor ARCserve Backup Agent for SQL – dbasqlr.exe

The CA BrightStor ARCserve Backup Agent for SQL (dbasqlr.exe) is vulnerable to a buffer overflow. An attacker could exploit this vulnerability to execute arbitrary code with the privileges of the user running the affected application.

9.8
CVSS
CRITICAL
Buffer Overflow
119
CWE
Product Name
CA BrightStor ARCserve Backup Agent for SQL
Platforms Tested
Affected Version
From:
To:
Show More

South River Technologies WebDrive Service Bad Security Descriptor Local Privilege Escalation

This module exploits a privilege escalation vulnerability in South River Technologies WebDrive. Due to an empty security descriptor, a local attacker can gain elevated privileges. Tested on South River Technologies WebDrive 9.02 build 2232 on Microsoft Windows XP SP3. Vulnerability mitigation featured.

7.5
CVSS
HIGH
Privilege Escalation
Unknown
CWE
Product Name
WebDrive
Platforms Tested
Microsoft Windows XP SP3
Affected Version
From:
Unknown
To:
Unknown
Unknown

Recent Exploits:

openSIS 9.1 – SQL Injection (Authenticated)

author
Devrim Dıragumandan (d0ub1edd)
vendor
OS4Ed
severity
6.1
HIGH

dizqueTV 1.5.3 – Remote Code Execution (RCE)

author
Ahmed Said Saud Al-Busaidi
vendor
Vexorian
severity
8.1
CRITICAL

reNgine 2.2.0 – Command Injection (Authenticated)

author
Caner Tercan
vendor
reNgine
severity
7.1
HIGH

Stored Cross-Site Scripting (XSS) in NoteMark

author
Alessio Romano (sfoffo)
vendor
Enchanted Code
severity
6.1
HIGH

Windows IPv6 CVE-2024-38063 Denial-Of-Service Vulnerability

author
Photubias
vendor
Microsoft
severity
6.1
HIGH

Invesalius 3.1 – Remote Code Execution (RCE)

author
Alessio Romano (sfoffo), Riccardo Degli Esposti (partywave)
vendor
Invesalius
severity
6.1
HIGH

Stored XSS in Gitea

author
Catalin Iovita & Alexandru Postolache
vendor
Gitea
severity
6.1
HIGH

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Configuration Vulnerability

author
Gjoko 'LiquidWorm' Krstic
vendor
Elber S.r.l.
severity
6.1
HIGH

Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass

author
Gjoko 'LiquidWorm'
vendor
Elber S.r.l.
severity
6.1
HIGH

Elber Wayber Analog/Digital Audio STL 4.00 Device Configuration Vulnerability

author
Gjoko 'LiquidWorm' Krstic
vendor
Elber S.r.l.
severity
6.1
HIGH

Navigation

Suggest Exploit

Services By CQR

cqrsecured