php

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2014-11-03 PHP < 5.6.2 - 'Shellshock' Safe Mode / disable_functions Bypass / Command Injection
  • webapps
    		•  Ryan King (Starfall)
    2014-11-02 Esotalk CMS 1.0.0g4 – Cross-Site Scripting
  • webapps
    		•  evi1m0
    2014-10-31 Who’s Who Script – Cross-Site Request Forgery (Add Admin)
  • webapps
    		•  ZoRLu Bugrahan
    2014-10-29 MAARCH 1.4 – SQL Injection
  • webapps
    		•  Adrien Thierry
    2014-10-29 MAARCH 1.4 – Arbitrary File Upload
  • webapps
    		•  Adrien Thierry
    2014-10-28 Tapatalk for vBulletin 4.x – Blind SQL Injection
  • webapps
    		•  tintinweb
    2014-10-28 Enalean Tuleap 7.4.99.5 – Remote Command Execution
  • webapps
    		•  Portcullis
    2014-10-28 Enalean Tuleap 7.2 – XML External Entity File Disclosure
  • webapps
    		•  Portcullis
    2014-10-28 Enalean Tuleap 7.4.99.5 – Blind SQL Injection
  • webapps
    		•  Portcullis
    2014-10-27 Incredible PBX 2.0.6.5.0 – Remote Command Execution
  • webapps
    		•  Simo Ben Youssef
    2014-10-27 WordPress Plugin CP Multi View Event Calendar 1.01 – SQL Injection
  • webapps
    		•  Claudio Viviani
    2014-10-25 WordPress Plugin 0.9.7 / Joomla! Component 2.0.0 Creative Contact Form – Arbitrary File Upload
  • webapps
    		•  Claudio Viviani
    2014-10-25 Magento Server MAGMI Plugin 0.7.17a – Remote File Inclusion
  • webapps
    		•  Parvinder Bhasin
    2014-10-23 Axway Secure Transport 5.1 SP2 – Arbitrary File Upload (via Cross-Site Request Forgery)
  • webapps
    		•  Emmanuel Law
    2014-10-23 Feng Office 1.7.4 – Cross-Site Scripting
  • webapps
    		•  AutoSec Tools
    2014-10-23 Feng Office 1.7.4 – Arbitrary File Upload
  • webapps
    		•  AutoSec Tools
    2014-10-21 Joomla! Component Akeeba Kickstart – Unserialize Remote Code Execution (Metasploit)
  • remote
    		•  Metasploit
    2014-10-17 Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Add Admin User)
  • webapps
    		•  Claudio Viviani
    2014-10-17 Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (PoC) (Reset Password) (2)
  • webapps
    		•  Dustin Dörr
    2014-10-16 Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (PoC) (Reset Password) (1)
  • webapps
    		•  stopstene
    2014-10-14 SEO Control Panel 3.6.0 – (Authenticated) SQL Injection
  • webapps
    		•  Tiago Carvalho
    2014-10-14 YourMembers Plugin – Blind SQL Injection
  • webapps
    		•  TranDinhTien
    2014-10-14 Change CMS 3.6.8 – Multiple Cross-Site Request Forgery Vulnerabilities
  • webapps
    		•  Krusty Hack
    2014-10-14 Croogo 2.0.0 – Multiple Persistent Cross-Site Scripting Vulnerabilities
  • webapps
    		•  LiquidWorm