php

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2025-07-22 LiveHelperChat 4.61 – Stored Cross Site Scripting (XSS) via Department Assignment Alias Nick Field
  • webapps
    		•  Manojkumar J
    2025-07-22 LiveHelperChat 4.61 – Stored Cross Site Scripting (XSS) via the Chat Transfer Function
  • webapps
    		•  Manojkumar J
    2025-07-22 LiveHelperChat 4.61 – Stored Cross Site Scripting (XSS) via Personal Canned Messages
  • webapps
    		•  Manojkumar J
    2025-07-22 LiveHelperChat 4.61 – Stored Cross Site Scripting (XSS) via Facebook Integration Page Name Field
  • webapps
    		•  Manojkumar J
    2025-07-22 LiveHelperChat 4.61 – Stored Cross Site Scripting (XSS) via Operator Surname
  • webapps
    		•  Manojkumar J
    2025-07-22 LiveHelperChat 4.61 – Stored Cross Site Scripting (XSS) via Telegram Bot Username
  • webapps
    		•  Manojkumar J
    2025-07-22 Joomla JS Jobs plugin 1.4.2 – SQL injection
  • webapps
    		•  Adam Wallwork
    2025-06-15 PHP CGI Module 8.3.4 – Remote Code Execution (RCE)
  • webapps
    		•  İbrahimsql
    2025-06-15 Litespeed Cache WordPress Plugin 6.3.0.1 – Privilege Escalation
  • webapps
    		•  Milad karimi
    2025-06-15 Anchor CMS 0.12.7 – Stored Cross Site Scripting (XSS)
  • webapps
    		•  /bin/neko
    2025-06-09 Laravel Pulse 1.3.1 – Arbitrary Code Injection
  • webapps
    		•  Mohammed Idrees Banyamer
    2025-06-05 CloudClassroom PHP Project 1.0 – SQL Injection
  • webapps
    		•  Sanjay Singh
    2025-05-06 Grokability Snipe-IT 8.0.4 – Insecure Direct Object Reference (IDOR)
  • webapps
    		•  Sn1p3r-H4ck3r
    2025-04-22 WordPress Core 6.2 – Directory Traversal
  • webapps
    		•  Milad karimi
    2025-04-22 WonderCMS 3.4.2 – Remote Code Execution (RCE)
  • remote
    		•  Milad karimi
    2025-04-22 code-projects Online Exam Mastering System 1.0 – Reflected Cross-Site Scripting (XSS)
  • remote
    		•  Pruthu Raut
    2025-04-19 Drupal 11.x-dev – Full Path Disclosure
  • webapps
    		•  Milad karimi
    2025-04-18 KiviCare Clinic & Patient Management System (EHR) 3.6.4 – Unauthenticated SQL Injection
  • webapps
    		•  samogod
    2025-04-18 Inventio Lite 4 – SQL Injection
  • webapps
    		•  pointedsec
    2025-04-18 Tatsu 3.3.11 – Unauthenticated RCE
  • webapps
    		•  Milad karimi
    2025-04-17 ABB Cylon Aspect 3.08.02 (ethernetUpdate.php) – Authenticated Path Traversal
  • hardware
    		•  LiquidWorm
    2025-04-17 ABB Cylon Aspect 3.08.02 (deployStart.php) – Unauthenticated Command Execution
  • hardware
    		•  LiquidWorm
    2025-04-16 Smart Manager 8.27.0 – Post-Authenticated SQL Injection
  • webapps
    		•  Ivan Spiridonov
    2025-04-16 KodExplorer 4.52 – Open Redirect
  • webapps
    		•  Rahad Chowdhury