php

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2018-05-02 Cockpit CMS 0.4.4 < 0.5.5 - Server-Side Request Forgery
  • webapps
    		•  Qian Wu, Bo Wang, Jiawang Zhang
    2018-05-02 xdebug < 2.5.5 - OS Command Execution (Metasploit)
  • remote
    		•  Metasploit
    2018-05-01 WordPress Plugin Responsive Cookie Consent 1.7 / 1.6 / 1.5 – (Authenticated) Persistent Cross-Site Scripting
  • webapps
    		•  B0UG
    2018-04-30 Nagios XI 5.2.6 < 5.2.9 / 5.3 / 5.4 - Chained Remote Root
  • webapps
    		•  Jared Arave
    2018-04-30 WordPress Plugin Form Maker 1.12.20 – CSV Injection
  • webapps
    		•  Sairam Jetty
    2018-04-30 Drupal < 7.58 - 'Drupalgeddon3' (Authenticated) Remote Code (Metasploit)
  • webapps
    		•  SixP4ck3r
    2018-04-26 Frog CMS 0.9.5 – Persistent Cross-Site Scripting
  • webapps
    		•  Wenming Jiang
    2018-04-26 GitList 0.6 – Remote Code Execution
  • webapps
    		•  Kacper Szurek
    2018-04-26 MyBB Threads to Link Plugin 1.3 – Cross-Site Scripting
  • webapps
    		•  0xB9
    2018-04-26 October CMS User Plugin 1.4.5 – Persistent Cross-Site Scripting
  • webapps
    		•  0xB9
    2018-04-26 WordPress Plugin WP with Spritz 1.0 – Remote File Inclusion
  • webapps
    		•  Wadeek
    2018-04-25 HRSALE The Ultimate HRM 1.0.2 – Local File Inclusion
  • webapps
    		•  8bitsec
    2018-04-25 HRSALE The Ultimate HRM 1.0.2 – (Authenticated) Cross-Site Scripting
  • webapps
    		•  8bitsec
    2018-04-25 HRSALE The Ultimate HRM 1.0.2 – ‘award_id’ SQL Injection
  • webapps
    		•  8bitsec
    2018-04-25 HRSALE The Ultimate HRM 1.0.2 – CSV Injection
  • webapps
    		•  8bitsec
    2018-04-25 Blog Master Pro 1.0 – CSV Injection
  • webapps
    		•  8bitsec
    2018-04-25 Shopy Point of Sale 1.0 – CSV Injection
  • webapps
    		•  8bitsec
    2018-04-25 Drupal < 7.58 - 'Drupalgeddon3' (Authenticated) Remote Code Execution (PoC)
  • webapps
    		•  Blaklis
    2018-04-24 WordPress Plugin Woo Import Export 1.0 – Arbitrary File Deletion
  • webapps
    		•  Lenon Leite
    2018-04-24 Ericsson-LG iPECS NMS A.1Ac – Cleartext Credential Disclosure
  • webapps
    		•  Berk Cem Göksel
    2018-04-24 Interspire Email Marketer < 6.1.6 - Remote Admin Authentication Bypass
  • webapps
    		•  devcoinfet
    2018-04-24 Monstra CMS 3.0.4 – Arbitrary Folder Deletion
  • webapps
    		•  Wenming Jiang
    2018-04-24 WUZHI CMS 4.1.0 – Cross-Site Request Forgery
  • webapps
    		•  jiguang
    2018-04-24 UK Cookie Consent – Persistent Cross-Site Scripting
  • webapps
    		•  B0UG