header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Vulnerability Type
No results found
SQL Injection (6841)
Buffer Overflow (3830)
Cross-Site Scripting (2498)
Denial of Service (1853)
Remote Code Execution (1494)
Cross-Site Scripting (XSS) (852)
Directory Traversal (841)
Remote File Include (787)
Remote File Inclusion (723)
Privilege Escalation (675)
Authentication Bypass (671)
Local File Inclusion (606)
Information Disclosure (483)
Remote Command Execution (459)
Arbitrary File Upload (427)
Blind SQL Injection (425)
HTML Injection (398)
Cross-Site Request Forgery (384)
Command Injection (349)
Cross-Site Request Forgery (CSRF) (331)
Stack Buffer Overflow (320)
Stack Overflow (304)
Remote SQL Injection (288)
Unquoted Service Path (264)
Memory Corruption (254)
Denial of Service (DoS) (246)
Stored XSS (246)
Local Privilege Escalation (245)
Local File Include (241)
Remote Denial of Service (229)
Use-After-Free (211)
Heap-overflow (201)
Stored Cross-Site Scripting (XSS) (197)
Persistent Cross Site Scripting (187)
Remote Code Execution (RCE) (176)
XSS (169)
Stack-Based Buffer Overflow (165)
Remote Buffer Overflow (146)
Format String Vulnerability (145)
CSRF (142)
Path Traversal (136)
Integer Overflow (135)
Arbitrary Code Execution (134)
Code Execution (134)
Remote File Disclosure (127)
Input Validation (125)
SQL Injection and Cross Site Scripting (123)
Stored Cross Site Scripting (117)
Command Execution (115)
Insecure Cookie Handling (113)
CWE
No results found
89 (8351)
79 (5937)
119 (4722)
78 (2037)
22 (1944)
98 (1882)
N/A (1389)
200 (1304)
400 (1281)
264 (1205)
287 (1099)
352 (1097)
120 (1032)
94 (1031)
20 (1026)
Unknown (897)
434 (850)
269 (267)
416 (254)
284 (219)
121 (196)
134 (187)
190 (149)
399 (138)
611 (120)
426 (115)
476 (110)
Buffer Overflow (110)
120 (Buffer Copy without Checking Size of Input) (104)
362 (95)
125 (92)
601 (87)
428 (86)
843 (86)
502 (85)
787 (84)
798 (79)
122 (77)
427 (73)
Not mentioned (70)
522 (65)
Not provided (59)
80 (55)
259 (54)
918 (44)
113 (40)
285 (40)
613 (39)
614 (37)
None (35)
CPE
No results found
N/A (12110)
Unknown (758)
None (168)
Not mentioned (160)
a:microsoft:internet_explorer (139)
o:microsoft:windows (132)
Not provided (121)
o:linux:linux_kernel (97)
Not Specified (90)
a:joomla:joomla (72)
Not Available (52)
a:wordpress:wordpress (49)
o:apple:mac_os_x (47)
o:freebsd:freebsd (44)
o:microsoft:windows_xp (37)
a:mozilla:firefox (35)
a:php:php (34)
o:microsoft:windows_2000 (34)
a:google:chrome (31)
o:sun:solaris (27)
o:microsoft:windows_2000::sp4 (25)
a:microsoft:iis (23)
a:wireshark:wireshark (23)
a:adobe:flash_player (22)
a:apple:safari (22)
o:microsoft:windows_7 (22)
a:apache:tomcat (21)
o:microsoft:windows_xp::sp2 (18)
a:invision_power_services:invision_power_board (16)
o:microsoft:windows_xp::sp3 (16)
o:sgi:irix (16)
a:apple:quicktime (15)
a:samba:samba (15)
a:mybb:mybb (14)
a:mysql:mysql (14)
a:phpnuke:php-nuke (14)
a:videolan:vlc_media_player (14)
a:cpanel:cpanel (13)
a:microsoft:windows_media_player (13)
a:openemr:openemr (13)
a:opera_software:opera (13)
Solaris (13)
2.0 (12)
a:freepbx:freepbx (12)
a:oracle:virtualbox (12)
a:php:php:5.0.0 (12)
apple:safari (12)
o:cisco:ios (12)
o:google:android (12)
o:hp:hp-ux (12)
Vendor
No results found
N/A (3323)
Microsoft (1764)
WordPress (672)
Unknown (576)
Joomla! (539)
Apple (448)
Sourcecodester (363)
Oracle (319)
IBM (254)
Adobe (242)
Apache (242)
Linux (228)
Cisco (194)
HP (178)
PHP (170)
Mozilla (164)
Google (163)
Sun (141)
D-Link (140)
Novell (125)
Inc (107)
PHPGurukul (106)
Symantec (100)
PHP-Nuke (92)
ManageEngine (91)
Codecanyon (88)
XOOPS (87)
GNU (84)
Ltd. (84)
MyBB (83)
PHP Script Small (83)
phpBB (79)
SAP (76)
FreeBSD (73)
Sun Microsystems (69)
NETGEAR (68)
Not mentioned (68)
SourceForge (67)
vBulletin (64)
Hewlett Packard (61)
TP-Link (60)
Trend Micro (60)
Wireshark (58)
McAfee (57)
Mambo (56)
IPSwitch (54)
Itechscripts (53)
VMware (52)
VideoLAN (51)
e107 (50)
Product Name
No results found
N/A (695)
Internet Explorer (307)
Windows (303)
Linux Kernel (183)
PHP (172)
Unknown (140)
Firefox (115)
Solaris (113)
Joomla (107)
Mac OS X (96)
Flash Player (90)
Windows XP (88)
WordPress (87)
CMS (71)
Safari (65)
Chrome (62)
FreeBSD (57)
vBulletin (57)
Windows 7 (57)
Wireshark (55)
Kernel (54)
PHP-Nuke (54)
MySQL (52)
phpBB (51)
VLC media player (50)
Windows 2000 (50)
Windows 10 (49)
MyBB (48)
IIS (46)
Winamp (45)
AIX (44)
iOS (43)
macOS (40)
Android (38)
Opera (38)
Oracle Database (38)
Tomcat (38)
Windows Media Player (38)
Invision Power Board (37)
Samba (37)
Irix (35)
PHP-Fusion (35)
Linux (33)
phpMyAdmin (33)
osCommerce (32)
RealPlayer (32)
Apache HTTP Server (31)
ProFTPD (31)
Chromium (30)
OpenEMR (30)
Version
From
No results found
N/A (6626)
Unknown (1792)
1 (961)
1.0 (901)
3.1 (726)
1.1 (323)
2 (285)
All versions (234)
1.2 (223)
2.0 (221)
2.1 (175)
3 (157)
1.5 (150)
1.3 (146)
1.0.0 (142)
2.2 (140)
All (119)
1.0.1 (106)
1.4 (100)
v1.0 (98)
0.1 (95)
3.0 (95)
2.5 (94)
4 (90)
1.0.2 (84)
not specified (82)
2.3 (81)
1.6 (74)
Not mentioned (73)
< 3.2 (70)
2.0.0 (70)
6 (68)
5 (64)
1.0.3 (62)
1.7 (61)
3.3 (59)
2.0.1 (57)
2.4 (57)
Windows 7 (57)
1.8 (53)
3.5 (51)
Windows 2000 (51)
0.2 (50)
3.0.0 (48)
Not provided (48)
2.6 (46)
1.0.4 (45)
2.0.2 (45)
4.0 (45)
4.2 (45)
To
No results found
N/A (7012)
Unknown (2684)
1.0 (858)
1 (796)
3.5-RC7 (386)
1.1 (310)
2 (250)
1.2 (247)
2.0 (229)
All versions (221)
2.1 (153)
Not mentioned (153)
3 (152)
1.5 (142)
1.3 (131)
2.2 (129)
not specified (127)
All (118)
Other versions may also be affected. (114)
1.0.0 (111)
1.0.1 (97)
v1.0 (95)
1.0.2 (92)
2.5 (91)
3.0 (91)
1.4 (89)
3.1 (89)
0.1 (83)
Prior versions (79)
Not provided (78)
4 (77)
2.3 (75)
1.6 (72)
5 (66)
1.7 (63)
3.2 (63)
1.0.3 (61)
6 (59)
3.3 (57)
2.4 (56)
Windows 10 (55)
1.8 (54)
2.0.1 (54)
3.5 (49)
None (48)
2.0.2 (47)
2.6 (46)
4.0 (45)
4.2 (45)
0.2 (43)
Severity Type
No results found
HIGH (33263)
MEDIUM (4679)
N/A (2324)
CRITICAL (1705)
LOW (287)
Severity Number
No results found
7.5 (16267)
7 (7608)
5 (6608)
8 (3345)
N/A (2741)
9 (2195)
8.8 (1966)
5.5 (1836)
3 (1433)
9.8 (995)
Exploit Author
No results found
SecurityFocus (6696)
Unknown (2432)
Ihsan Sencan (887)
Gjoko 'LiquidWorm' Krstic (361)
Anonymous (353)
Project Zero (308)
milw0rm.com (271)
juan vazquez (245)
rgod (243)
LiquidWorm (222)
MC (202)
ajann (187)
Luigi Auriemma (187)
N/A (187)
Google Security Research (183)
indoushka (182)
shinnai (162)
sinn3r (154)
hdm (138)
John Page (aka hyp3rlinx) (131)
jduck (121)
cr4wl3r (113)
Hussin X (113)
Not mentioned (111)
Vulnerability Laboratory Research Team (108)
ZoRLu (99)
Kacper (a.k.a Rahim) (92)
nu11secur1ty (91)
mr_me (90)
Easy Laster (89)
CWH Underground (88)
S@BUN (84)
SirGod (83)
Ahmet Ümit BAYRAM (80)
High-Tech Bridge Security Research Lab (80)
xoron (80)
Dr_IDE (78)
Sid3^effects aKa haRi (78)
Todor Donev (75)
hyp3rlinx (74)
Stack (73)
Francis Provencher (71)
High-Tech Bridge SA - Ethical Hacking & Penetration Testing (70)
Ismail Tasdelen (70)
AntiSecurity (69)
His0k4 (68)
Kingcope (65)
ThE g0bL!N (65)
Not Specified (64)
Miroslav Stampar (61)
Platforms Tested
No results found
N/A (12658)
Windows (4998)
Linux (3440)
None (1839)
Mac (981)
Unknown (939)
Windows XP SP3 (683)
WiN7_x64/KaLiLinuX_x64 (546)
Windows 10 (529)
unix (487)
Windows 7 (410)
Kali Linux (332)
PHP (305)
Kali linux X64 (296)
Win7 x64 (276)
Windows XP SP2 (267)
Windows XP (233)
WordPress (196)
iOS (151)
All (142)
Not mentioned (132)
macOS (126)
Ubuntu (120)
Microsoft Windows (117)
Not Specified (106)
Solaris (105)
Apache (99)
Windows 7 x64 (98)
Android (96)
Xampp (91)
FreeBSD (90)
Windows 10 Pro x64 es (80)
Mac OS X (78)
Windows 2000 (77)
Windows 10 x64 (73)
Ubuntu 18.04 (72)
Windows 7 SP1 (70)
Windows Vista (70)
Not provided (69)
Windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu) (68)
Windows 7 x86 (67)
Windows XP SP3 EN (62)
Kali Linux 2.0 (59)
Windows 10 Pro (59)
Windows XP Professional SP2 (59)
Debian (55)
Linux & Windows (55)
Windows XP Professional SP2 with Internet Explorer 7 (53)
Java (51)
Microsoft Windows XP Professional SP3 (EN) (50)
Year
Year
No results found
2008 (3443)
2009 (3242)
2020 (2781)
Unknown (2618)
2010 (2541)
2002 (2329)
2006 (2050)
2012 (1810)
2005 (1774)
2018 (1744)
2017 (1739)
2007 (1560)
2011 (1328)
2013 (1295)
2019 (1295)
2016 (1130)
2015 (1109)
2021 (1104)
2014 (995)
2023 (733)
2004 (529)
2022 (474)
2001 (444)
2003 (387)
2000 (238)
N/A (178)
2024 (155)
Not mentioned (138)
1999 (136)
Not provided (89)
Not Specified (89)
1998 (72)
1997 (48)
1996 (16)
Not available (9)
HIGH (6)
None (6)
[date] (4)
2005-2006 (4)
0day (3)
1994 (3)
Discovered in 2020 (3)
Found in 2020 (3)
MEDIUM (3)
TBD (3)
1988 (2)
2003-2004 (2)
2004-2019 (2)
2006-2007 (2)
2009/2010 (2)

Explore all Exploits:

Show More

Woltlab Burning Board Cross-Site Scripting Vulnerability

Woltlab Burning Board is prone to a cross-site scripting vulnerability. This issue is due to a lack of proper sanitization of user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. These may facilitate the theft of cookie-based authentication credentials as well as other attacks.

4.3
CVSS
MEDIUM
Cross-Site Scripting
79
CWE
Product Name
Burning Board
Platforms Tested
N/A
Affected Version
From:
N/A
To:
N/A
2006
Show More

Invision Power Board Multiple Cross-Site Scripting Vulnerabilities

Invision Power Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.

3.3
CVSS
MEDIUM
Cross-Site Scripting
79
CWE
Product Name
Invision Power Board
Platforms Tested
N/A
Affected Version
From:
1.3
To:
1.3.2001
2005
Show More

phpMyAdmin Cross-Site Scripting Vulnerability

phpMyAdmin is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.

4.3
CVSS
MEDIUM
Cross-Site Scripting
79
CWE
Product Name
phpMyAdmin
Platforms Tested
N/A
Affected Version
From:
N/A
To:
N/A
2005
Show More

Oxynews SQL-injection Vulnerability

Oxynews is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

7.5
CVSS
HIGH
SQL-injection
89
CWE
Product Name
Oxynews
Platforms Tested
N/A
Affected Version
From:
N/A
To:
N/A
2005
Show More

Microsoft Internet Explorer Remote Buffer-Overflow Vulnerability

Microsoft Internet Explorer is susceptible to a remote buffer-overflow vulnerability in 'MSHTML.DLL'. The application fails to properly bounds-check user-supplied input data before copying it into an insufficiently sized memory buffer. Remote attackers may exploit this issue to crash affected web browsers. Remote code execution may also be possible, but this has not been confirmed.

7.5
CVSS
HIGH
Buffer-Overflow
120
CWE
Product Name
Internet Explorer
Platforms Tested
Windows
Affected Version
From:
Internet Explorer 6
To:
Other versions may also be affected.
2005
Show More

Contrexx CMS Cross-Site Scripting Vulnerability

Contrexx CMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.

3.3
CVSS
MEDIUM
Cross-Site Scripting
79
CWE
Product Name
CMS
Platforms Tested
N/A
Affected Version
From:
N/A
To:
N/A
2006
Show More

DSDownload Multiple SQL Injection Vulnerabilities

DSDownload is prone to multiple SQL-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in SQL queries. This will allow an attacker to inject arbitrary SQL logic into the vulnerable parameters and scripts. As a result, the attacker may be able to access or modify sensitive information, compromise the application, or even compromise the underlying database. Other attacks are possible.

7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name
DSDownload
Platforms Tested
N/A
Affected Version
From:
N/A
To:
N/A
2005
Show More

DSCounter SQL Injection Vulnerability

DSCounter is prone to an SQL-injection vulnerability due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name
DSCounter
Platforms Tested
N/A
Affected Version
From:
N/A
To:
N/A
2005
Show More

CyBoards PHP Lite SQL Injection Vulnerability

CyBoards PHP Lite is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name
PHP Lite
Platforms Tested
N/A
Affected Version
From:
N/A
To:
N/A
2005
Show More

GGZ Gaming Zone Multiple Remote Denial-of-Service Vulnerabilities

GGZ Gaming Zone is prone to multiple remote denial-of-service vulnerabilities. These issues are due to improper input sanitization. An attacker may cause the victim's connection to the server to terminate, causing a denial of service to legitimate users.

8.8
CVSS
HIGH
Multiple Remote Denial-of-Service Vulnerabilities
20
CWE
Product Name
GGZ Gaming Zone
Platforms Tested
Linux, Windows
Affected Version
From:
0.0.14
To:
0.0.14
2006

Recent Exploits:

openSIS 9.1 – SQL Injection (Authenticated)

author
Devrim Dıragumandan (d0ub1edd)
vendor
OS4Ed
severity
6.1
HIGH

dizqueTV 1.5.3 – Remote Code Execution (RCE)

author
Ahmed Said Saud Al-Busaidi
vendor
Vexorian
severity
8.1
CRITICAL

reNgine 2.2.0 – Command Injection (Authenticated)

author
Caner Tercan
vendor
reNgine
severity
7.1
HIGH

Stored Cross-Site Scripting (XSS) in NoteMark

author
Alessio Romano (sfoffo)
vendor
Enchanted Code
severity
6.1
HIGH

Windows IPv6 CVE-2024-38063 Denial-Of-Service Vulnerability

author
Photubias
vendor
Microsoft
severity
6.1
HIGH

Invesalius 3.1 – Remote Code Execution (RCE)

author
Alessio Romano (sfoffo), Riccardo Degli Esposti (partywave)
vendor
Invesalius
severity
6.1
HIGH

Stored XSS in Gitea

author
Catalin Iovita & Alexandru Postolache
vendor
Gitea
severity
6.1
HIGH

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Configuration Vulnerability

author
Gjoko 'LiquidWorm' Krstic
vendor
Elber S.r.l.
severity
6.1
HIGH

Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass

author
Gjoko 'LiquidWorm'
vendor
Elber S.r.l.
severity
6.1
HIGH

Elber Wayber Analog/Digital Audio STL 4.00 Device Configuration Vulnerability

author
Gjoko 'LiquidWorm' Krstic
vendor
Elber S.r.l.
severity
6.1
HIGH

Navigation

Suggest Exploit

Services By CQR

cqrsecured