Platform php - 体验盒子 - 不再关注网络安全

日期	标题	类别	作者
2017-01-11	iTechscripts Freelancer Script 5.11 – ‘sk’ SQL Injection	webapps	v3n0m
2017-01-11	Dating Script 3.25 – SQL Injection	webapps	Dawid Morawski
2017-01-11	Itech Movie Portal Script 7.35 – SQL Injection	webapps	Ihsan Sencan
2017-01-10	FMyLife Clone Script (Pro Edition) 1.1 – Cross-Site Request Forgery (Add Admin)	webapps	Ihsan Sencan
2017-01-10	WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 – Privilege Escalation	webapps	Kacper Szurek
2017-01-10	Starting Page 1.3 – ‘linkid’ SQL Injection	webapps	JaMbA
2017-01-09	Friends in War Make or Break 1.7 – ‘imgid’ SQL Injection	webapps	v3n0m
2017-01-09	My PHP Dating 2.0 – ‘id’ SQL Injection	webapps	Sniper Pex
2017-01-09	My PHP Dating 2.0 – ‘path’ SQL Injection	webapps	Ihsan Sencan
2017-01-08	DirectAdmin 1.50.1 – Denial of Service	dos	IeDb ir
2017-01-07	Splunk 6.1.1 – ‘Referer’ Header Cross-Site Scripting	webapps	justpentest
2017-01-07	My Link Trader 1.1 – Authentication Bypass	webapps	Ihsan Sencan
2017-01-03	My Click Counter 1.0 – Authentication Bypass	webapps	Adam
2017-01-02	PHPMailer < 5.2.20 / SwiftMailer < 5.4.5-DEV / Zend Framework / zend-mail < 2.4.11 - 'AIO' 'PwnScriptum' Remote Code Execution	webapps	Dawid Golunski
2016-12-30	Zend Framework / zend-mail < 2.4.11 - Remote Code Execution	webapps	Dawid Golunski
2016-12-29	b2evolution 6.8.2 – Arbitrary File Upload	webapps	Li Fei
2016-12-29	WordPress Plugin Slider Templatic Tevolution < 2.3.6 - Arbitrary File Upload	webapps	r3m1ck
2016-12-29	PHPMailer < 5.2.18 - Remote Code Execution	webapps	anarc0der
2016-12-28	Joomla! Component aWeb Cart Watching System for Virtuemart 2.6.0 – SQL Injection	webapps	qemm
2016-12-28	SwiftMailer < 5.4.5-DEV - Remote Code Execution	webapps	Dawid Golunski
2016-12-28	WordPress Plugin Simply Poll 1.4.1 – SQL Injection	webapps	TAD GROUP
2016-12-27	PHPMailer < 5.2.20 - Remote Code Execution	webapps	Dawid Golunski
2016-12-26	PHPMailer < 5.2.18 - Remote Code Execution	webapps	Dawid Golunski
2016-12-26	Joomla! Component Blog Calendar – SQL Injection	webapps	X-Cisadane