Platform php - 体验盒子 - 不再关注网络安全

日期	标题	类别	作者
2014-12-19	MiniBB 3.1 – Blind SQL Injection	webapps	Kacper Szurek
2014-12-19	Cacti Superlinks Plugin 1.4-2 – SQL Injection / Local File Inclusion	webapps	Wireghoul
2014-12-16	CMS Papoo 6.0.0 Rev. 4701 – Persistent Cross-Site Scripting	webapps	Steffen Rösemann
2014-12-15	Tuleap – PHP Unserialize Code Execution (Metasploit)	remote	Metasploit
2014-12-15	WordPress Plugin WP Symposium 14.11 – Arbitrary File Upload	webapps	Claudio Viviani
2014-12-15	ResourceSpace 6.4.5976 – Cross-Site Scripting / SQL Injection / Insecure Cookie Handling	webapps	Adler Freiheit
2014-12-15	phpMyAdmin 4.0.x/4.1.x/4.2.x – Denial of Service	dos	Javer Nieto & Andres Rojas
2014-12-15	PHPads 213607 – Authentication Bypass / Password Change	webapps	Shaker msallm
2014-12-15	WordPress Plugin Download Manager 2.7.4 – Remote Code Execution	webapps	Claudio Viviani
2014-12-15	GLPI 0.85 – Blind SQL Injection	webapps	Kacper Szurek
2014-12-10	OpenEMR 4.1.2(7) – Multiple SQL Injections	webapps	Portcullis
2014-12-10	Humhub 0.10.0-rc.1 – Multiple Persistent Cross-Site Scripting Vulnerabilities	webapps	Jos Wetzels, Emiel Florijn
2014-12-10	Humhub 0.10.0-rc.1 – SQL Injection	webapps	Jos Wetzels, Emiel Florijn
2014-12-09	Flat Calendar 1.1 – HTML Injection	webapps	ZoRLu Bugrahan
2014-12-09	WordPress Plugin Symposium 14.10 – SQL Injection	webapps	Kacper Szurek
2014-12-08	WordPress Plugin Ajax Store Locator 1.2 – Arbitrary File Download	webapps	Claudio Viviani
2014-12-08	Free Article Submissions 1.0 – SQL Injection	webapps	BarrabravaZ
2014-12-08	PBBoard CMS – Persistent Cross-Site Scripting	webapps	Manish Tanwar
2014-12-08	IceHrm 7.1 – Multiple Vulnerabilities	webapps	LiquidWorm
2014-12-05	PBBoard CMS 3.0.1 – SQL Injection	webapps	Tran Dinh Tien
2014-12-03	WordPress Plugin CodeArt Google MP3 Player – File Disclosure Download	webapps	QK14 Team
2014-12-03	WordPress Plugin Cart66 Lite eCommerce 1.5.1.17 – Blind SQL Injection	webapps	Kacper Szurek
2014-12-03	WordPress Plugin Google Document Embedder 2.5.16 – ‘mysql_real_escpae_string’ Bypass SQL Injection	webapps	Securely (Yoo Hee man)
2014-12-02	TYPO3 Extension ke DomPDF – Remote Code Execution	webapps	RedTeam Pentesting