Platform php - 体验盒子 - 不再关注网络安全

日期	标题	类别	作者
2014-07-28	CMSimple 4.4.4 – Remote File Inclusion	webapps	Govind Singh
2014-07-28	CMSimple – Default Administrator Credentials	webapps	Govind Singh
2014-07-28	WordPress Plugin WhyDoWork AdSense – ‘options-general.php’ Cross-Site Request Forgery (Option Manipulation)	webapps	Dylan Irzi
2014-07-28	WordPress Plugin Lead Octopus Power – ‘id’ SQL Injection	webapps	Amirh03in
2014-07-28	Oxwall 1.7.0 – Remote Code Execution	remote	LiquidWorm
2014-07-28	Oxwall 1.7.0 – Multiple Cross-Site Request Forgery / HTML Injection Vulnerabilities	webapps	LiquidWorm
2014-07-28	Sphider Search Engine 1.3.6 – Multiple Vulnerabilities	webapps	Mike Manzotti
2014-07-27	DirPHP 1.0 – Local File Inclusion	webapps	black hat
2014-07-27	ZeroCMS 1.0 – Persistent Cross-Site Scripting	webapps	Mayuresh Dani
2014-07-27	Moodle 2.7 – Persistent Cross-Site Scripting	webapps	Osanda Malith Jayathissa
2014-07-25	Pligg CMS 2.0.1 – Multiple Vulnerabilities	webapps	BlackHawk
2014-07-24	WordPress Plugin Video Gallery 2.5 – Multiple Vulnerabilities	webapps	Claudio Viviani
2014-07-24	Omeka 2.2.1 – Remote Code Execution	remote	LiquidWorm
2014-07-23	Ubiquiti Networks UniFi Video Default – ‘crossdomain.xml’ Security Bypass	webapps	Seth Art
2014-07-23	Ilya Birman E2 – ‘/@actions/comment-process’ SQL Injection	webapps	High-Tech Bridge
2014-07-21	IBM GCM16/32 1.20.0.22575 – Multiple Vulnerabilities	remote	Alejandro Alvarez Bravo
2014-07-20	WordPress Plugin WP BackupPlus – Database and Files Backup Download	webapps	pSyCh0_3D
2014-07-18	WordPress Plugin Gallery Objects 0.4 – SQL Injection	webapps	Claudio Viviani
2014-07-17	Fonality trixbox – ‘repo.php’ Directory Traversal	webapps	AtT4CKxT3rR0r1ST
2014-07-17	Fonality trixbox – ‘asterisk_info.php’ Directory Traversal	webapps	AtT4CKxT3rR0r1ST
2014-07-17	Fonality trixbox – ‘index.php’ Directory Traversal	webapps	AtT4CKxT3rR0r1ST
2014-07-17	Fonality trixbox – ‘endpoint_generic.php’ SQL Injection	webapps	AtT4CKxT3rR0r1ST
2014-07-17	OL-Commerce – ‘/OL-Commerce/admin/create_account.php?entry_country_id’ SQL Injection	webapps	AtT4CKxT3rR0r1ST
2014-07-17	OL-Commerce – ‘/OL-Commerce/create_account.php?country’ SQL Injection	webapps	AtT4CKxT3rR0r1ST