Platform php - 体验盒子 - 不再关注网络安全

日期	标题	类别	作者
2023-07-03	Rukovoditel 3.4.1 – Multiple Stored XSS	webapps	Mirabbas Ağalarov
2023-07-03	WBCE CMS 1.6.1 – Open Redirect & CSRF	webapps	Mirabbas Ağalarov
2023-07-03	PodcastGenerator 3.2.9 – Blind SSRF via XML Injection	webapps	Mirabbas Ağalarov
2023-07-03	Prestashop 8.0.4 – Cross-Site Scripting (XSS)	webapps	Mirabbas Ağalarov
2023-07-03	Vacation Rental 1.8 – Stored Cross-Site Scripting (XSS)	webapps	CraCkEr
2023-07-03	WP AutoComplete 1.0.4 – Unauthenticated SQLi	webapps	matitanium
2023-07-03	GZ Forum Script 1.8 – Stored Cross-Site Scripting (XSS)	webapps	CraCkEr
2023-07-03	Time Slot Booking Calendar 1.8 – Stored Cross-Site Scripting (XSS)	webapps	CraCkEr
2023-07-03	spip v4.1.10 – Spoofing Admin account	webapps	nu11secur1ty
2023-07-03	WebsiteBaker v2.13.3 – Directory Traversal	webapps	Mirabbas Ağalarov
2023-07-03	WebsiteBaker v2.13.3 – Stored XSS	webapps	Mirabbas Ağalarov
2023-07-03	POS Codekop v2.0 – Authenticated Remote Code Execution (RCE)	webapps	yuyudhn
2023-07-03	Sales of Cashier Goods v1.0 – Cross Site Scripting (XSS)	webapps	Amirhossein Bahramizadeh
2023-06-26	Xenforo Version 2.2.13 – Authenticated Stored XSS	webapps	Furkan Karaarslan
2023-06-26	PrestaShop Winbiz Payment module – Improper Limitation of a Pathname to a Restricted Directory	webapps	Amirhossein Bahramizadeh
2023-06-23	Bludit < 3.13.1 Backup Plugin - Arbitrary File Download (Authenticated)	webapps	Antonio Cuomo
2023-06-20	WP Sticky Social 1.0.1 – Cross-Site Request Forgery to Stored Cross-Site Scripting (XSS)	webapps	Amirhossein Bahramizadeh
2023-06-20	SPIP v4.2.0 – Remote Code Execution (Unauthenticated)	webapps	nuts7
2023-06-20	Super Socializer 7.13.52 – Reflected XSS	webapps	Amirhossein Bahramizadeh
2023-06-19	WordPress Theme Medic v1.0.0 – Weak Password Recovery Mechanism for Forgotten Password	webapps	Amirhossein Bahramizadeh
2023-06-19	Diafan CMS 6.0 – Reflected Cross-Site Scripting (XSS)	webapps	tmrswrr
2023-06-19	Student Study Center Management System v1.0 – Stored Cross-Site Scripting (XSS)	webapps	VIVEK CHOUDHARY
2023-06-19	Jobpilot v2.61 – SQL Injection	webapps	Ahmet Ümit BAYRAM
2023-06-19	Groomify v1.0 – SQL Injection	webapps	Ahmet Ümit BAYRAM