Platform php - 体验盒子 - 不再关注网络安全

日期	标题	类别	作者
2021-10-25	phpMyAdmin 4.8.1 – Remote Code Execution (RCE)	webapps	samguy
2021-10-25	WordPress 4.9.6 – Arbitrary File Deletion (Authenticated) (2)	webapps	samguy
2021-10-25	WordPress Plugin Ninja Tables 4.1.7 – Stored Cross-Site Scripting (XSS)	webapps	Akash Patil
2021-10-25	WordPress Plugin Media-Tags 3.2.0.2 – Stored Cross-Site Scripting (XSS)	webapps	Akash Patil
2021-10-25	Engineers Online Portal 1.0 – ‘id’ SQL Injection	webapps	Alon Leviev
2021-10-25	Engineers Online Portal 1.0 – ‘multiple’ Authentication Bypass	webapps	Alon Leviev
2021-10-25	Engineers Online Portal 1.0 – ‘multiple’ Stored Cross-Site Scripting (XSS)	webapps	Alon Leviev
2021-10-25	Online Event Booking and Reservation System 1.0 – ‘reason’ Stored Cross-Site Scripting (XSS)	webapps	Alon Leviev
2021-10-25	Balbooa Joomla Forms Builder 2.0.6 – SQL Injection (Unauthenticated)	webapps	blockomat2100
2021-10-25	Engineers Online Portal 1.0 – File Upload Remote Code Execution (RCE)	webapps	SadKris
2021-10-25	WordPress Plugin TaxoPress 3.0.7.1 – Stored Cross-Site Scripting (XSS) (Authenticated)	webapps	Akash Patil
2021-10-22	Online Course Registration 1.0 – Blind Boolean-Based SQL Injection (Authenticated)	webapps	Sam Ferguson
2021-10-22	Clinic Management System 1.0 – SQL injection to Remote Code Execution	webapps	Pablo Santiago
2021-10-21	Small CRM 3.0 – ‘description’ Stored Cross-Site Scripting (XSS)	webapps	Ghuliev
2021-10-20	Dolibarr ERP-CRM 14.0.2 – Stored Cross-Site Scripting (XSS) / Privilege Escalation	webapps	Oscar Gil Gutierrez
2021-10-19	Online Motorcycle (Bike) Rental System 1.0 – Blind Time-Based SQL Injection (Unauthenticated)	webapps	Chase Comardelle
2021-10-19	WordPress Theme Enfold 4.8.3 – Reflected Cross-Site Scripting (XSS)	webapps	David Álvarez Robles
2021-10-18	Company’s Recruitment Management System 1.0 – ‘Add New user’ Cross-Site Request Forgery (CSRF)	webapps	Aniket Deshmane
2021-10-18	Company’s Recruitment Management System 1.0 – ‘description’ Stored Cross-Site Scripting (XSS)	webapps	Aniket Deshmane
2021-10-18	Company’s Recruitment Management System 1.0. – ‘title’ Stored Cross-Site Scripting (XSS)	webapps	Aniket Deshmane
2021-10-18	WordPress Plugin Duplicator 1.3.26 – Unauthenticated Arbitrary File Read	webapps	nam3lum
2021-10-18	Support Board 3.3.4 – ‘Message’ Stored Cross-Site Scripting (XSS)	webapps	John Jefferson Li
2021-10-15	i-Panel Administration System 2.0 – Reflected Cross-site Scripting (XSS)	webapps	Forster Chiu
2021-10-14	TextPattern CMS 4.8.7 – Remote Command Execution (RCE) (Authenticated)	webapps	Mert Daş