0day.today - La mayor base de datos de exploits en el mundo.
Things you should know about it:
We use one main domain DOMAIN_LINK
If you want to purchase the exploit or pay for service, you need to buy Gold. We don't want you to use our site as a tool for hacking purposes, so any kind of action that could affect illegaly other users or websites that you don't have right to access will be banned and your account including your data will be destroyed.
Administration of this site uses the official contacts. Beware of impostors!
We use one main domain DOMAIN_LINK
If you want to purchase the exploit or pay for service, you need to buy Gold. We don't want you to use our site as a tool for hacking purposes, so any kind of action that could affect illegaly other users or websites that you don't have right to access will be banned and your account including your data will be destroyed.
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Enviar ] rules
- Visit the [ Preguntas frecuentes ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ [email protected] ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
No puedes contactar por:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Search results for exploits by request: PHP
[ remote exploits ]
Remote exploits and vulnerabilities category
A "remote exploit" works over a network and exploits the security vulnerability without any prior access to the vulnerable system.
-::DATE
-::DESCRIPTION
-::TYPE
-::HITS
-::RISK
-::GOLD
-::AUTHOR
ownCloud Phpinfo Reader Exploit
Comentarios:
0
2 794
Security Risk Medium
D
Download
C
CVE-2023-49103
Verified by
gratis
You can open this exploit for free
rrdw
Exploits:
7
BusinessLevel:
10
PHP Library Remote Code Execution Vulnerability
Comentarios:
0
7 784
Security Risk Critical
D
Download
-
Verified by
gratis
You can open this exploit for free
Eldar Marcussen
Exploits:
5
BusinessLevel:
5
PHP 8.1.0-dev Backdoor Remote Command Execution Exploit (2)
Comentarios:
0
9 467
Security Risk Critical
D
Download
-
Verified by
gratis
You can open this exploit for free
Mayank Deshmukh
Exploits:
10
BusinessLevel:
2
PHP 8.1.0-dev Backdoor Remote Command Injection Exploit
Comentarios:
0
9 288
Security Risk Critical
D
Download
-
Verified by
gratis
You can open this exploit for free
Richard Jones
Exploits:
35
BusinessLevel:
3
10 387
Security Risk Critical
D
Download
-
Verified by
gratis
You can open this exploit for free
Paul Dannewitz
Exploits:
1
BusinessLevel:
2
9 018
Security Risk Critical
D
Download
C
CVE-2020-26124
Verified by
gratis
You can open this exploit for free
Anastasios Stasinopoulos
Exploits:
1
BusinessLevel:
2
10 660
Security Risk Critical
D
Download
C
CVE-2020-15920
Verified by
gratis
You can open this exploit for free
metasploit
Exploits:
1625
BusinessLevel:
92
openSIS 7.4 Unauthenticated PHP Code Execution Exploit
Comentarios:
0
10 269
Security Risk Critical
D
Download
C
CVE-2020-13381
CVE-2020-13382
CVE-2020-13383
CVE-2020-13382
CVE-2020-13383
Verified by
gratis
You can open this exploit for free
metasploit
Exploits:
1625
BusinessLevel:
92
10 996
Security Risk Critical
D
Download
-
Verified by
gratis
You can open this exploit for free
metasploit
Exploits:
1625
BusinessLevel:
92
ThinkPHP 5.0.23 Remote Code Execution Exploit
Comentarios:
0
12 733
Security Risk Critical
D
Download
C
CVE-2018-20062
CVE-2019-9082
CVE-2019-9082
Verified by
gratis
You can open this exploit for free
metasploit
Exploits:
1625
BusinessLevel:
92
PHPStudy - Backdoor Remote Code execution Exploit
Comentarios:
0
11 496
Security Risk Critical
D
Download
-
Verified by
gratis
You can open this exploit for free
metasploit
Exploits:
1625
BusinessLevel:
92
PHP-FPM 7.x Remote Code Execution Exploit
Comentarios:
0
11 370
Security Risk Critical
D
Download
C
CVE-2019-11043
Verified by
gratis
You can open this exploit for free
metasploit
Exploits:
1625
BusinessLevel:
92
12 553
Security Risk Critical
D
Download
C
CVE-2019-11409
Verified by
gratis
You can open this exploit for free
metasploit
Exploits:
1625
BusinessLevel:
92
FusionPBX Command (exec.php) Command Execution Exploit
Comentarios:
0
12 268
Security Risk Critical
D
Download
-
Verified by
gratis
You can open this exploit for free
metasploit
Exploits:
1625
BusinessLevel:
92
11 684
Security Risk Critical
D
Download
C
CVE-2017-16894
CVE-2018-15133
CVE-2018-15133
Verified by
gratis
You can open this exploit for free
metasploit
Exploits:
1625
BusinessLevel:
92
10 238
Security Risk Critical
D
Download
C
CVE-2018-15708
CVE-2018-15710
CVE-2018-15710
Verified by
gratis
You can open this exploit for free
metasploit
Exploits:
1625
BusinessLevel:
92
Shopware - createInstanceFromNamedArguments PHP Object Instantiation Remote Code Execute Exploit
Comentarios:
0
8 509
Security Risk Critical
D
Download
C
CVE-2017-18357
Verified by
gratis
You can open this exploit for free
metasploit
Exploits:
1625
BusinessLevel:
92
8 225
Security Risk High
D
Download
C
CVE-2017-18357
Verified by
gratis
You can open this exploit for free
metasploit
Exploits:
1625
BusinessLevel:
92
PHP 7.2 - imagecolormatch() Out of Band Heap Write Exploit
Comentarios:
0
7 466
Security Risk Critical
D
Download
C
CVE-2019-6977
Verified by
gratis
You can open this exploit for free
cfreal
Exploits:
2
BusinessLevel:
3
6 790
Security Risk Critical
D
Download
C
CVE-2018-14933
Verified by
gratis
You can open this exploit for free
metasploit
Exploits:
1625
BusinessLevel:
92
[ local exploits ]
Local exploits and vulnerabilities category
A "local exploit" requires prior access to the vulnerable system and usually increases the privileges of the person running the exploit past those granted by the system administrator. Exploits against client applications also exist, usually consisting of modified servers that send an exploit if accessed with client application.
-::DATE
-::DESCRIPTION
-::TYPE
-::HITS
-::RISK
-::GOLD
-::AUTHOR
PHP filter_var Bypass Patch Vulnerability
Comentarios:
0
8 136
Security Risk High
D
Download
-
Verified by
gratis
You can open this exploit for free
Jordy Zomer
Exploits:
1
BusinessLevel:
1
8 651
Security Risk High
D
Download
-
Verified by
gratis
You can open this exploit for free
mm0r1
Exploits:
3
BusinessLevel:
2
4 235
Security Risk High
D
Download
-
Verified by
gratis
You can open this exploit for free
Anton Lopanitsyn
Exploits:
1
BusinessLevel:
3
PHP 7.1.8 - Heap-Based Buffer Overflow Vulnerability
Comentarios:
0
5 336
Security Risk Medium
D
Download
C
CVE-2017-16642
Verified by
gratis
You can open this exploit for free
Wei Lei
Exploits:
2
BusinessLevel:
3
PHPMailer 5.2.21 Local File Disclosure Exploit
Comentarios:
0
4 599
Security Risk High
D
Download
C
CVE-2017-5223
Verified by
gratis
You can open this exploit for free
Yongxiang Li
Exploits:
1
BusinessLevel:
3
4 736
Security Risk Medium
D
Download
-
Verified by
gratis
You can open this exploit for free
anonymous
Exploits:
25
BusinessLevel:
8
EasyPHP Devserver 16.1.1 - Insecure File Permissions Privilege Escalation Vulnerability
Comentarios:
0
4 993
Security Risk High
D
Download
-
Verified by
gratis
You can open this exploit for free
Ashiyane
Exploits:
56
BusinessLevel:
10
PHP 5.0.0 - 'tidy_parse_file()' Buffer Overflow
Comentarios:
0
4 434
Security Risk High
D
Download
-
Verified by
gratis
You can open this exploit for free
Yakir Wizman
Exploits:
78
BusinessLevel:
12
4 655
Security Risk High
D
Download
-
Verified by
gratis
You can open this exploit for free
hugh
Exploits:
1
BusinessLevel:
4
4 698
Security Risk High
D
Download
-
Verified by
gratis
You can open this exploit for free
emmanuel
Exploits:
1
BusinessLevel:
4
PHP 5.3.4 com_event_sink 0-Day
Comentarios:
0
8 142
Security Risk Critical
D
Download
-
Verified by
gratis
You can open this exploit for free
FB1H2S
Exploits:
12
BusinessLevel:
8
PHP 5.3.8 open_basedi() Bypasser
Comentarios:
0
7 298
Security Risk Unsored
D
Download
-
Not verified yet
gratis
You can open this exploit for free
CrosS
Exploits:
6
BusinessLevel:
7
PHP 5.3.6 Buffer Overflow PoC (ROP) CVE-2011-1938
Comentarios:
0
6 644
Security Risk Unsored
D
Download
-
Not verified yet
gratis
You can open this exploit for free
Jonathan Salwan
Exploits:
63
BusinessLevel:
11
PHP <= 5.3.5 socket_connect() Buffer Overflow Vulnerability
Comentarios:
0
6 901
Security Risk Unsored
D
Download
-
Not verified yet
gratis
You can open this exploit for free
Marek Kroemeke
Exploits:
3
BusinessLevel:
7
6 200
Security Risk Unsored
D
Download
-
Not verified yet
gratis
You can open this exploit for free
KedAns-Dz
Exploits:
292
BusinessLevel:
24
5 613
Security Risk Unsored
D
Download
-
Not verified yet
gratis
You can open this exploit for free
Matteo Memelli
Exploits:
16
BusinessLevel:
9
PHP 5.2.12/5.3.1 symlink() open_basedir bypass
Comentarios:
0
unsorted
7 604
Security Risk Unsored
D
Download
-
Not verified yet
gratis
You can open this exploit for free
Maksymilian
Exploits:
15
BusinessLevel:
8
PHP 5.3.0 pdflib Arbitrary File Write
Comentarios:
0
unsorted
4 839
Security Risk Unsored
D
Download
-
Not verified yet
gratis
You can open this exploit for free
Sina Yazdanmehr
Exploits:
2
BusinessLevel:
7
PHP <= 5.2.9 Local Safemod Bypass Exploit (win32)
Comentarios:
0
unsorted
5 944
Security Risk Unsored
D
Download
-
Not verified yet
gratis
You can open this exploit for free
Abysssec
Exploits:
66
BusinessLevel:
11
unsorted
5 056
Security Risk Unsored
D
Download
-
Not verified yet
gratis
You can open this exploit for free
Zigma
Exploits:
6
BusinessLevel:
8
[ web applications ]
Webapplication (webapps) exploits and vulnerabilities category
This category is full with vulnerabilities, which was found in web projects and web applications.
-::DATE
-::DESCRIPTION
-::TYPE
-::HITS
-::RISK
-::GOLD
-::AUTHOR
800
Security Risk Critical
D
Download
C
CVE-2024-24725
Verified by
gratis
You can open this exploit for free
h00die-gr3y
Exploits:
5
BusinessLevel:
1
534
Security Risk High
D
Download
-
Verified by
gratis
You can open this exploit for free
Gian Paris
Exploits:
1
BusinessLevel:
0
Artica Proxy Unauthenticated PHP Deserialization Exploit
Comentarios:
0
1 366
Security Risk Critical
D
Download
C
CVE-2024-2054
Verified by
gratis
You can open this exploit for free
metasploit
Exploits:
1625
BusinessLevel:
92
1 351
Security Risk High
D
Download
-
Verified by
gratis
You can open this exploit for free
Hakkı TOKLU
Exploits:
1
BusinessLevel:
0
1 956
Security Risk High
D
Download
C
CVE-2024-2054
Verified by
gratis
You can open this exploit for free
Jim Becher
Exploits:
20
BusinessLevel:
3
phpFox < 4.8.13 - (redirect) PHP Object Injection Exploit
Comentarios:
0
960
Security Risk High
D
Download
-
Verified by
gratis
You can open this exploit for free
Egidio Romano
Exploits:
14
BusinessLevel:
5
1 488
Security Risk Critical
D
Download
C
CVE-2023-49084
CVE-2023-49085
CVE-2023-49085
Verified by
gratis
You can open this exploit for free
metasploit
Exploits:
1625
BusinessLevel:
92
XenForo 2.2.13 ArchiveImport.php Zip Slip Vulnerability
Comentarios:
0
1 428
Security Risk High
D
Download
-
Verified by
gratis
You can open this exploit for free
EgiX
Exploits:
128
BusinessLevel:
15
Vinchin Backup And Recovery 7.2 SystemHandler.class.php Command Injection Vulnerability
Comentarios:
0
1 474
Security Risk High
D
Download
C
CVE-2024-22903
Verified by
gratis
You can open this exploit for free
Valentin Lobstein
Exploits:
7
BusinessLevel:
2
ISPConfig 3.2.11 PHP Code Injection Exploit
Comentarios:
0
2 303
Security Risk Critical
D
Download
C
CVE-2023-46818
Verified by
gratis
You can open this exploit for free
EgiX
Exploits:
128
BusinessLevel:
15
2 132
Security Risk Medium
D
Download
C
CVE-2023-48207
Verified by
gratis
You can open this exploit for free
Rahad Chowdhury
Exploits:
12
BusinessLevel:
2
2 121
Security Risk Medium
D
Download
C
CVE-2023-48208
Verified by
gratis
You can open this exploit for free
Orpon
Exploits:
1
BusinessLevel:
0
2 331
Security Risk High
D
Download
-
Verified by
gratis
You can open this exploit for free
nu11secur1ty
Exploits:
215
BusinessLevel:
13
phpFox 4.8.13 PHP Object Injection Exploit
Comentarios:
0
2 761
Security Risk High
D
Download
C
CVE-2023-46817
Verified by
gratis
You can open this exploit for free
EgiX
Exploits:
128
BusinessLevel:
15
WordPress Essential Blocks 4.2.0 / Essential Blocks Pro 1.1.0 PHP Object Injection Vulnerability
Comentarios:
0
2 858
Security Risk High
D
Download
C
CVE-2023-4386
CVE-2023-4402
CVE-2023-4402
Verified by
gratis
You can open this exploit for free
Marco Wotschka
Exploits:
6
BusinessLevel:
1
PHP Shopping Cart 4.2 SQL Injection Vulnerability
Comentarios:
0
2 976
Security Risk High
D
Download
-
Verified by
gratis
You can open this exploit for free
nu11secur1ty
Exploits:
215
BusinessLevel:
13
SugarCRM 12.2.0 PHP Object Injection Vulnerability
Comentarios:
0
2 780
Security Risk High
D
Download
C
CVE-2023-35810
Verified by
gratis
You can open this exploit for free
EgiX
Exploits:
128
BusinessLevel:
15
2 884
Security Risk Medium
D
Download
-
Verified by
gratis
You can open this exploit for free
Kerimcan Ozturk
Exploits:
1
BusinessLevel:
0
PHPJabbers Vacation Rental Script 4.0 - CSRF Vulnerability
Comentarios:
0
2 952
Security Risk Low
D
Download
-
Verified by
gratis
You can open this exploit for free
Hasan Ali YILDIR
Exploits:
1
BusinessLevel:
0
2 758
Security Risk Medium
D
Download
C
CVE-2023-4117
Verified by
gratis
You can open this exploit for free
CraCkEr
Exploits:
92
BusinessLevel:
13
[ dos / poc ]
DOS exploits and vulnerabilities category
PoC DoS (denial of service exploit) it exploits remote steps to check the resistance on the affected server or software denial of service vulnerability. The purpose of these attacks is to check the server or the software for resistance.
PoC (Proof Of Concept exploit) An attack against a computer or network that is performed only to prove that it can be done. It generally does not cause any harm, but shows how a hacker can take advantage of a vulnerability in the software or possibly the hardware.
-::DATE
-::DESCRIPTION
-::TYPE
-::HITS
-::RISK
-::GOLD
-::AUTHOR
PHPRunner 10.1 - Denial of Service Exploit
Comentarios:
0
11 407
Security Risk Medium
D
Download
-
Verified by
gratis
You can open this exploit for free
Victor Mondragón
Exploits:
50
BusinessLevel:
5
phpBB 3.2.5 Denial Of Service Vulnerability
Comentarios:
0
11 749
Security Risk Medium
D
Download
C
CVE-2019-9826
Verified by
gratis
You can open this exploit for free
Colin Snover
Exploits:
1
BusinessLevel:
3
3 998
Security Risk High
D
Download
C
CVE-2018-7584
Verified by
gratis
You can open this exploit for free
Wei Lei
Exploits:
2
BusinessLevel:
3
WordPress Core - load-scripts.php Denial of Service Exploit
Comentarios:
0
6 207
Security Risk High
D
Download
C
CVE-2018-6389
Verified by
gratis
You can open this exploit for free
Barak Tawily
Exploits:
2
BusinessLevel:
5
4 187
Security Risk Medium
D
Download
-
Verified by
gratis
You can open this exploit for free
Stefan Esser
Exploits:
31
BusinessLevel:
11
EasyCom AS400 PHP API Buffer Overflow Exploit
Comentarios:
0
12 855
Security Risk Medium
D
Download
C
CVE-2017-5358
Verified by
gratis
You can open this exploit for free
hyp3rlinx
Exploits:
253
BusinessLevel:
17
EasyCom For PHP 4.0.0 - Buffer Overflow (PoC) Exploit
Comentarios:
0
11 367
Security Risk Medium
D
Download
C
CVE-2017-5358
Verified by
gratis
You can open this exploit for free
hyp3rlinx
Exploits:
253
BusinessLevel:
17
EasyCom For PHP 4.0.0 - Denial of Service Exploit
Comentarios:
0
11 245
Security Risk Medium
D
Download
C
CVE-2017-5359
Verified by
gratis
You can open this exploit for free
hyp3rlinx
Exploits:
253
BusinessLevel:
17
PHP 7.1.0 / 5.6.29 missing null byte checks for paths in ZipArchive::extractTo Vulnerability
Comentarios:
0
5 215
Security Risk Low
D
Download
-
Verified by
gratis
You can open this exploit for free
Maksymilian
Exploits:
15
BusinessLevel:
8
PHP 7.1.0 / 5.6.29 missing null byte checks for paths in curl_file_create() Vulnerability
Comentarios:
0
5 048
Security Risk Low
D
Download
-
Verified by
gratis
You can open this exploit for free
Maksymilian
Exploits:
15
BusinessLevel:
8
PHP 7.1.0 / 5.6.29 missing null byte checks for paths in exif_imagetype Vulnerability
Comentarios:
0
5 030
Security Risk Low
D
Download
-
Verified by
gratis
You can open this exploit for free
Maksymilian
Exploits:
15
BusinessLevel:
8
PHP 7.0.13 Use After Free unserialize() PoC Exploit
Comentarios:
0
4 940
Security Risk Medium
D
Download
C
CVE-2016-9936
Verified by
gratis
You can open this exploit for free
taoguangchen
Exploits:
2
BusinessLevel:
4
PHP 5.0.0 - 'snmpwalkoid()' Local Denial of Service
Comentarios:
0
3 809
Security Risk Medium
D
Download
-
Verified by
gratis
You can open this exploit for free
Yakir Wizman
Exploits:
78
BusinessLevel:
12
PHP 5.0.0 - 'fbird_[p]connect()' Local Denial of Service
Comentarios:
0
3 902
Security Risk Medium
D
Download
-
Verified by
gratis
You can open this exploit for free
Yakir Wizman
Exploits:
78
BusinessLevel:
12
PHP 5.0.0 - 'snmpwalk()' Local Denial of Service
Comentarios:
0
3 675
Security Risk Medium
D
Download
-
Verified by
gratis
You can open this exploit for free
Yakir Wizman
Exploits:
78
BusinessLevel:
12
PHP 5.0.0 - 'snmprealwalk()' Local Denial of Service
Comentarios:
0
3 672
Security Risk Medium
D
Download
-
Verified by
gratis
You can open this exploit for free
Yakir Wizman
Exploits:
78
BusinessLevel:
12
PHP 5.0.0 - 'snmpset()' Local Denial of Service
Comentarios:
0
3 653
Security Risk Medium
D
Download
-
Verified by
gratis
You can open this exploit for free
Yakir Wizman
Exploits:
78
BusinessLevel:
12
PHP 7.0 - 'AppendIterator::append' Local Denial of Service
Comentarios:
0
3 655
Security Risk Medium
D
Download
-
Verified by
gratis
You can open this exploit for free
Yakir Wizman
Exploits:
78
BusinessLevel:
12
3 571
Security Risk Medium
D
Download
-
Verified by
gratis
You can open this exploit for free
Yakir Wizman
Exploits:
78
BusinessLevel:
12
PHP 5.0.0 - 'imap_mail()' Local Denial of Service
Comentarios:
0
3 731
Security Risk Medium
D
Download
-
Verified by
gratis
You can open this exploit for free
Yakir Wizman
Exploits:
78
BusinessLevel:
12
[ shellcode ]
Shellcode category
In computer security, a shellcode is a small piece of code used as the payload in the exploitation of a software vulnerability. It is called "shellcode" because it typically starts a command shell from which the attacker can control the compromised machine, but any piece of code that performs a similar task can be called shellcode. Because the function of a payload is not limited to merely spawning a shell, some have suggested that the name shellcode is insufficient. Shellcode is commonly written in machine code.
Classification:
There are several methods of classifying exploits. The most common is by how the exploit contacts the vulnerable software. A remote exploit works over a network and exploits the security vulnerability without any prior access to the vulnerable system. A local exploit requires prior access to the vulnerable system and usually increases the privileges of the person running the exploit past those granted by the system administrator. Exploits against client applications also exist, usually consisting of modified servers that send an exploit if accessed with a client application. Exploits against client applications may also require some interaction with the user and thus may be used in combination with the social engineering method. Another classification is by the action against the vulnerable system; unauthorized data access, arbitrary code execution, and denial of service are examples. Many exploits are designed to provide superuser-level access to a computer system. However, it is also possible to use several exploits, first to gain low-level access, then to escalate privileges repeatedly until one reaches root. Normally a single exploit can only take advantage of a specific software vulnerability. Often, when an exploit is published, the vulnerability is fixed through a patch and the exploit becomes obsolete until newer versions of the software become available Shellcodes any types.
-::DATE
-::DESCRIPTION
-::TYPE
-::HITS
-::RISK
-::GOLD
-::AUTHOR
linux/x86 Search (*.php) and Inject PHP_BACKD00R
Comentarios:
0
13 656
Security Risk Unsored
D
Download
-
Not verified yet
gratis
You can open this exploit for free
KedAns-Dz
Exploits:
292
BusinessLevel:
24
13 376
Security Risk Unsored
D
Download
-
Not verified yet
gratis
You can open this exploit for free
rigan
Exploits:
8
BusinessLevel:
7
linux/x86 writes a php connectback shell to the fs 508 bytes
Comentarios:
0
5 740
Security Risk Unsored
D
Download
-
Not verified yet
gratis
You can open this exploit for free
GS2008
Exploits:
1
BusinessLevel:
8