php

日期	标题	类别	作者
2017-05-01	Tuleap Project Wiki 8.3 < 9.6.99.86 - Command Injection	webapps	Ben Nott
2017-04-28	Admidio 3.2.8 – Cross-Site Request Forgery	webapps	Faiz Ahmed Zaidi
2017-04-27	Easy File Uploader – Arbitrary File Upload	webapps	Daniel Godoy
2017-04-27	Simple File Uploader – Arbitrary File Download	webapps	Daniel Godoy
2017-04-27	TYPO3 Extension News – SQL Injection	webapps	Charles Fol
2017-04-26	Revive Ad Server 4.0.1 – Cross-Site Scripting / Cross-Site Request Forgery	webapps	Cyril Vallicari
2017-04-25	October CMS 1.0.412 – Multiple Vulnerabilities	webapps	Anti Räis
2017-04-25	WordPress Plugin Wow Forms 2.1 – SQL Injection	webapps	TAD GROUP
2017-04-25	WordPress Plugin Wow Viral Signups 2.1 – SQL Injection	webapps	TAD GROUP
2017-04-25	WordPress Plugin Car Rental System 2.5 – SQL Injection	webapps	TAD GROUP
2017-04-25	WordPress Plugin KittyCatfish 2.2 – SQL Injection	webapps	TAD GROUP
2017-04-25	FlySpray 1.0-rc4 – Cross-Site Scripting / Cross-Site Request Forgery	webapps	Cyril Vallicari
2017-04-24	Joomla! Component Myportfolio 3.0.2 – ‘pid’ SQL Injection	webapps	Persian Hack Team
2017-04-16	Mantis Bug Tracker 1.3.0/2.3.0 – Password Reset	webapps	hyp3rlinx
2017-04-14	Concrete5 CMS 8.1.0 – ‘Host’ Header Injection	webapps	hyp3rlinx
2017-04-13	Alienvault OSSIM/USM 5.3.4/5.3.5 – Remote Command Execution (Metasploit)	webapps	Peter Lapp
2017-04-11	MyClassifiedScript 5.1 – SQL Injection	webapps	Ihsan Sencan
2017-04-11	Horde Groupware Webmail 3/4/5 – Multiple Remote Code Executions	webapps	SecuriTeam
2017-04-11	MyBB smilie Module < 1.8.11 - 'pathfolder' Directory Traversal	webapps	Zhiyang Zeng
2017-04-11	MyBB < 1.8.11 - 'email' MyCode Cross-Site Scripting	webapps	Zhiyang Zeng
2017-04-11	FAQ Script 3.1.3 – ‘category_id’ SQL Injection	webapps	Ihsan Sencan
2017-04-11	Social Directory Script 2.0 – SQL Injection	webapps	Ihsan Sencan
2017-04-11	WordPress Plugin Spider Event Calendar 1.5.51 – Blind SQL Injection	webapps	Manuel García Cárdenas
2017-04-08	Jobscript4Web 4.5 – Authentication Bypass	webapps	TurkCyberArmy