php

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2018-03-30 WordPress Plugin Contact Form 7 to Database Extension 2.10.32 – CSV Injection
  • webapps
    		•  Stefan Broeder
    2018-03-30 WordPress Plugin Relevanssi 4.0.4 – Reflected Cross-Site Scripting
  • webapps
    		•  Stefan Broeder
    2018-03-30 MiniCMS 1.10 – Cross-Site Request Forgery
  • webapps
    		•  zixian
    2018-03-30 Vtiger CRM 6.3.0 – (Authenticated) Arbitrary File Upload (Metasploit)
  • webapps
    		•  Touhid M.Shaikh
    2018-03-30 D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router – Authentication Bypass
  • webapps
    		•  Gem George
    2018-03-30 osCommerce 2.3.4.1 – Remote Code Execution
  • webapps
    		•  Simon Scannell
    2018-03-30 WordPress Plugin WP Security Audit Log 3.1.1 – Sensitive Information Disclosure
  • webapps
    		•  Colette Chamberland
    2018-03-29 Joomla! Component Fields – SQLi Remote Code Execution (Metasploit)
  • webapps
    		•  Metasploit
    2018-03-28 Open-AuditIT Professional 2.1 – Cross-Site Scripting
  • webapps
    		•  Nilesh Sapariya
    2018-03-27 ClipBucket – ‘beats_uploader’ Arbitrary File Upload (Metasploit)
  • webapps
    		•  Metasploit
    2018-03-26 Laravel Log Viewer < 0.13.0 - Local File Download
  • webapps
    		•  Haboob Team
    2018-03-23 WordPress Plugin Site Editor 1.1.1 – Local File Inclusion
  • webapps
    		•  Nicolas Buzy-Debat
    2018-03-23 MyBB Plugin Last User’s Threads in Profile Plugin 1.2 – Persistent Cross-Site Scripting
  • webapps
    		•  0xB9
    2018-03-23 XenForo 2 – CSS Loader Denial of Service
  • dos
    		•  LockedByte
    2018-03-20 Vehicle Sales Management System – Multiple Vulnerabilities
  • webapps
    		•  Sing
    2018-03-15 WordPress Plugin Duplicator 1.2.32 – Cross-Site Scripting
  • webapps
    		•  Stefan Broeder
    2018-03-13 Tuleap 9.17.99.189 – Blind SQL Injection
  • webapps
    		•  Cristiano Maruti
    2018-03-12 TextPattern 4.6.2 – ‘qty’ SQL Injection
  • webapps
    		•  Manuel García Cárdenas
    2018-03-09 Bacula-Web < 8.0.0-rc2 - SQL Injection
  • webapps
    		•  Gustavo Sorondo
    2018-03-07 Redaxo CMS Addon MyEvents 2.2.1 – SQL Injection
  • webapps
    		•  h0n1gsp3cht
    2018-03-05 ClipBucket < 4.0.0 - Release 4902 - Command Injection / File Upload / SQL Injection
  • webapps
    		•  SEC Consult
    2018-03-02 TestLink Open Source Test Management < 1.9.16 - Remote Code Execution
  • remote
    		•  Manish Tanwar
    2018-03-02 uWSGI < 2.0.17 - Directory Traversal
  • webapps
    		•  Marios Nicolaides
    2018-02-27 Concrete5 CMS < 8.3.0 - Username / Comments Enumeration
  • webapps
    		•  Chapman Schleiss