Exploits found on the INTERNET

This is live excerpt from our database. Available also using API

Edit Date Name Status
2017-08-22PHP Coupon Script 6.0 SQL InjectionPublished
2017-08-22IBM OpenAdmin Tool SOAP welcomeServer PHP Code ExecutionPublished
2017-08-05PhpBB 3.2.0 Server Side Request ForgeryPublished
2017-08-02Joomla Component PHP-Bridge 1.2.3 - SQL InjectionPublished
2017-07-06PHP < 5.6.28 parse_url bypass HOST to return fake hostPublished
2017-06-25PHPMailer < 5.2.23 - Cross-Site ScriptingPublished
2017-06-22PHPMailer < 5.2.20 with Exim MTA Remote Code ExecutionPublished
2017-06-20PHP auto dealer bypass admin login and shell upload vulnerabilityPublished
2017-05-30PhpBB Minerva Mod 2.0.21 build 238a - SQL InjectionPublished
2017-05-17WordPress PHPMailer Host Header Command InjectionPublished
2017-04-23PhpStorm 2017.1.2 x64 Opening Files from Command Line Buffer OverflowPublished
2017-03-28PHP Real Estate Property Script SQL InjectionPublished
2017-03-28DzSoft PHP Editor v4.2.7 File EnumerationPublished
2017-03-13PHP Forum Script 3.0 SQL InjectionPublished
2017-03-06PHP Classifieds Rental Script 3.6.0 SQL InjectionPublished
2017-03-03PHP Classified OLX Clone Script SQL InjectionPublished
2017-03-03WordPress Simple Ads Manager PHP Object InjectionPublished
2017-02-22EasyCom PHP API Stack Buffer OverflowPublished
2017-02-20PHPShell v2.4 Cross Site ScriptingPublished
2017-02-14PHP Marketplace Script SQL InjectionPublished
2017-02-12WordPress 4.7.0/4.7.1 Plugin Insert PHP - PHP Code InjectionPublished
2017-02-10Takas Classified Cogeigniter PHP Classified Ad Script 1.1 SQL InjectionPublished
2017-02-10Zigaform PHP Form Builder Contact And Survey 2.9.1 SQL InjectionPublished
2017-02-06PEAR HTML_AJAX < = 0.5.7 PHP Serializer PHP Object Injection VulnerabilityPublished
2017-01-27WordPress InfiniteWP Client / 1.6.0 PHP Object InjectionPublished
2017-01-27KB Messages PHP Script 1.0 SQL InjectionPublished
2017-01-27KB Affiliate Referral PHP Script 1.0 SQL InjectionPublished
2017-01-27PHPback Cross Site Scripting / SQL InjectionPublished
2017-01-26CMS Commander Client WordPress Plugin unauthenticated PHP Object injection vulnerabilityPublished
2017-01-26Google Forms WordPress Plugin unauthenticated PHP Object injection vulnerabilityPublished
2017-01-23PHP 5.6.x / MyBB 1.8.3 Remote Code ExecutionPublished
2017-01-21PHP 7.1.0/5.6.29 missing null byte checks for paths in exif_imagetypePublished
2017-01-21PHP 7.1.0/5.6.29 missing null byte checks for paths in ZipArchive::extractToPublished
2017-01-21PHP 7.1.0/5.6.29 missing null byte checks for paths in curl_file_createPublished
2017-01-17PHP LibGD Heap Buffer OverflowPublished

Copyright © 2017 Exploitalert v1 BETA.
About us & Partners This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.