php

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2013-01-02 e107 1.0.2 – SQL Injection (via Cross-Site Request Forgery)
  • webapps
    		•  Joshua Reynolds
    2013-01-02 e107 1.0.1 – Arbitrary JavaScript Execution (via Cross-Site Request Forgery)
  • webapps
    		•  Joshua Reynolds
    2013-01-01 WordPress Plugin Shopping Cart for WordPress – ‘/wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php?reqID’ SQL Injection
  • webapps
    		•  Sammy FORGIT
    2013-01-01 WordPress Plugin Shopping Cart for WordPress – ‘/wp-content/plugins/levelfourstorefront/scripts/administration/backup.php?reqID’ SQL Injection
  • webapps
    		•  Sammy FORGIT
    2013-01-01 WordPress Plugin Shopping Cart for WordPress – ‘/wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php? reqID’ SQL Injection
  • webapps
    		•  Sammy FORGIT
    2012-12-31 WHMCS 5.0 – Insecure Cookie Authentication Bypass
  • webapps
    		•  Agd_Scorp
    2012-12-31 Joomla! Component Spider Calendar – ‘date’ Blind SQL Injection
  • webapps
    		•  Red-D3v1L
    2012-12-31 MyBB 1.6.9 – ‘editpost.php?posthash’ Blind SQL Injection
  • webapps
    		•  Joshua Rogers
    2012-12-30 WordPress Plugin Zingiri Forums – ‘language’ Local File Inclusion
  • webapps
    		•  Amirh03in
    2012-12-27 WHM – ‘filtername’ Cross-Site Scripting
  • webapps
    		•  Rafay Baloch
    2012-12-27 cPanel – ‘detailbw.html’ Multiple Cross-Site Scripting Vulnerabilities
  • webapps
    		•  Christy Philip Mathew
    2012-12-27 cPanel WebHost Manager (WHM) – ‘/webmail/x3/mail/clientconf.html?acct’ Cross-Site Scripting
  • webapps
    		•  Christy Philip Mathew
    2012-12-26 cPanel – ‘dir’ Cross-Site Scripting
  • webapps
    		•  Rafay Baloch
    2012-12-26 Guru Auction 2.0 – Multiple SQL Injections
  • webapps
    		•  v3n0m
    2012-12-25 WordPress Plugin Asset-Manager – Arbitrary ‘.PHP’ File Upload (Metasploit)
  • remote
    		•  Metasploit
    2012-12-25 WordPress Plugin WP-Property – Arbitrary ‘.PHP’ File Upload (Metasploit)
  • remote
    		•  Metasploit
    2012-12-24 cPanel – ‘account’ Cross-Site Scripting
  • webapps
    		•  Rafay Baloch
    2012-12-24 Hero Framework – users/login ‘Username’ Cross-Site Scripting
  • webapps
    		•  Stefan Schurtz
    2012-12-24 Hero Framework – ‘search?q’ Cross-Site Scripting
  • webapps
    		•  Stefan Schurtz
    2012-12-24 MyBB AwayList Plugin – ‘index.php?id’ SQL Injection
  • webapps
    		•  Red_Hat
    2012-12-24 MyBB HM My Country Flags – SQL Injection
  • webapps
    		•  JoinSe7en
    2012-12-24 City Directory Review and Rating Script – ‘search.php’ SQL Injection
  • webapps
    		•  3spi0n
    2012-12-22 City Reviewer – ‘search.php’ Script SQL Injection
  • webapps
    		•  3spi0n
    2012-12-21 Elite Bulletin Board 2.1.21 – Multiple SQL Injections
  • webapps
    		•  High-Tech Bridge SA