php

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2023-04-05 bgERP v22.31 (Orlovets) – Cookie Session vulnerability & Cross-Site Scripting (XSS)
  • webapps
    		•  nu11secur1ty
    2023-04-05 Bus Pass Management System 1.0 – Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Matteo Conti
    2023-04-05 Calendar Event Multi View 1.4.07 – Unauthenticated Arbitrary Event Creation to Cross-Site Scripting (XSS)
  • webapps
    		•  Mostafa Farzaneh
    2023-04-05 zstore 6.6.0 – Cross-Site Scripting (XSS)
  • webapps
    		•  nu11secur1ty
    2023-04-05 projectSend r1605 – Remote Code Exectution RCE
  • webapps
    		•  Mirabbas Ağalarov
    2023-04-05 PhotoShow 3.0 – Remote Code Execution
  • webapps
    		•  LSCP Responsible Disclosure Lab
    2023-04-03 Paid Memberships Pro v2.9.8 (WordPress Plugin) – Unauthenticated SQL Injection
  • webapps
    		•  r3nt0n
    2023-04-03 ChiKoi v1.0 – SQL Injection
  • webapps
    		•  nu11secur1ty
    2023-04-03 GLPI Cartography Plugin v6.0.0 – Unauthenticated Remote Code Execution (RCE)
  • webapps
    		•  Nuri Çilengir
    2023-04-03 pimCore v5.4.18-skeleton – Sensitive Cookie with Improper SameSite Attribute
  • webapps
    		•  nu11secur1ty
    2023-04-03 GLPI v10.0.2 – SQL Injection (Authentication Depends on Configuration)
  • webapps
    		•  Nuri Çilengir
    2023-04-03 GLPI Activity v3.1.0 – Authenticated Local File Inclusion on Activity plugin
  • webapps
    		•  Nuri Çilengir
    2023-04-03 GLPI Glpiinventory v1.0.1 – Unauthenticated Local File Inclusion
  • webapps
    		•  Nuri Çilengir
    2023-04-03 GLPI 4.0.2 – Unauthenticated Local File Inclusion on Manageentities plugin
  • webapps
    		•  Nuri Çilengir
    2023-04-03 WP-file-manager v6.9 – Unauthenticated Arbitrary File Upload leading to RCE
  • webapps
    		•  BLY
    2023-04-03 ERPGo SaaS 3.9 – CSV Injection
  • webapps
    		•  Sajibe Kanti
    2023-04-03 AmazCart CMS 3.4 – Cross-Site-Scripting (XSS)
  • webapps
    		•  Sajibe Kanti
    2023-04-03 Art Gallery Management System Project v1.0 – SQL Injection (editid) authenticated
  • webapps
    		•  Rahul Patwari
    2023-04-03 Art Gallery Management System Project v1.0 – SQL Injection (cid) Unauthenticated
  • webapps
    		•  Rahul Patwari
    2023-04-03 Art Gallery Management System Project v1.0 – Reflected Cross-Site Scripting (XSS)
  • webapps
    		•  Rahul Patwari
    2023-04-03 MyBB 1.8.32 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  lUc1f3r11
    2023-04-03 SLIMSV 9.5.2 – Cross-Site Scripting (XSS)
  • webapps
    		•  nu11secur1ty
    2023-04-03 Zstore 6.5.4 – Reflected Cross-Site Scripting (XSS)
  • webapps
    		•  nu11secur1ty
    2023-04-03 Metform Elementor Contact Form Builder v3.1.2 – Unauthenticated Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Mohammed Chemouri