Platform php - 体验盒子 - 不再关注网络安全

日期	标题	类别	作者
2015-12-24	Rips Scanner 0.5 – ‘code.php’ Local File Inclusion	webapps	Ashiyane Digital Security Team
2015-12-24	Beezfud – Remote Code Execution	webapps	Ashiyane Digital Security Team
2015-12-23	PhpSocial 2.0.0304_20222226 – Cross-Site Request Forgery	webapps	Curesec Research Team
2015-12-23	Arastta 1.1.5 – SQL Injection	webapps	Curesec Research Team
2015-12-23	Grawlix 1.0.3 – Cross-Site Request Forgery	webapps	Curesec Research Team
2015-12-23	Bigware Shop 2.3.01 – Multiple Local File Inclusions	webapps	bd0rk
2015-12-21	Ovidentia Widgets 1.0.61 – Remote Command Execution	webapps	bd0rk
2015-12-21	Ovidentia online Module 2.8 – ‘GLOBALS[babAddonPhpPath]’ Remote File Inclusion	webapps	bd0rk
2015-12-18	Joomla! 1.5 < 3.4.6 - Object Injection 'x-forwarded-for' Header Remote Code Execution	webapps	Andrew McNicol
2015-12-18	pfSense 2.2.5 – Directory Traversal	webapps	R-73eN
2015-12-18	Ovidentia maillist Module 4.0 – Remote File Inclusion	webapps	bd0rk
2015-12-17	Zen Cart 1.5.4 – Local File Inclusion	webapps	High-Tech Bridge SA
2015-12-16	Ovidentia NewsLetter Module 2.2 – ‘admin.php’ Remote File Inclusion	webapps	bd0rk
2015-12-15	ArticleSetup Article Script 1.00 – SQL Injection	webapps	Linux Zone Research Team
2015-12-15	Ovidentia bulletindoc Module 2.9 – Multiple Remote File Inclusions	webapps	bd0rk
2015-12-15	Tequila File Hosting 1.5 – Multiple Vulnerabilities	webapps	Ashiyane Digital Security Team
2015-12-15	Ovidentia absences Module 2.64 – Remote File Inclusion	webapps	bd0rk
2015-12-15	Joomla! 1.5 < 3.4.5 - Object Injection Remote Command Execution	webapps	Sec-1
2015-12-14	Bitrix bitrix.xscan Module 1.0.3 – Directory Traversal	webapps	High-Tech Bridge SA
2015-12-14	Bitrix bitrix.mpbuilder Module 1.0.10 – Local File Inclusion	webapps	High-Tech Bridge SA
2015-12-14	WordPress Plugin Admin Management Xtended 2.4.0 – Privilege escalation	webapps	Kacper Szurek
2015-12-14	ECommerceMajor – ‘productdtl.php?prodid’ SQL Injection	webapps	Rahul Pratap Singh
2015-12-12	GoAutoDial CE 3.3 – Multiple SQL Injections / Command Injection	webapps	R-73eN
2015-12-10	Gökhan Balbal Script 2.0 – Cross-Site Request Forgery	webapps	KnocKout