php

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2021-09-16 ImpressCMS 1.4.2 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  Halit AKAYDIN
    2021-09-15 AlphaWeb XE – File Upload Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  Ricardo Ruiz
    2021-09-15 Evolution CMS 3.1.6 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  Halit AKAYDIN
    2021-09-15 Support Board 3.3.3 – ‘Multiple’ SQL Injection (Unauthenticated)
  • webapps
    		•  John Jefferson Li
    2021-09-14 Purchase Order Management System 1.0 – Remote File Upload
  • webapps
    		•  Aryan Chehreghani
    2021-09-13 Apartment Visitor Management System (AVMS) 1.0 – ‘username’ SQL Injection
  • webapps
    		•  mari0x00
    2021-09-13 WordPress Plugin Download From Files 1.48 – Arbitrary File Upload
  • webapps
    		•  spacehen
    2021-09-13 Men Salon Management System 1.0 – Multiple Vulnerabilities
  • webapps
    		•  Aryan Chehreghani
    2021-09-09 Bus Pass Management System 1.0 – ‘adminname’ Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Emre Aslan
    2021-09-08 WordPress Plugin TablePress 1.14 – CSV Injection
  • webapps
    		•  Nikhil Kapoor
    2021-09-07 WordPress Plugin Survey & Poll 1.5.7.3 – ‘sss_params’ SQL Injection (2)
  • webapps
    		•  Mohin Paramasivam
    2021-09-07 WordPress Plugin WP Sitemap Page 1.6.4 – Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Nikhil Kapoor
    2021-09-06 FlatCore CMS 2.0.7 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  Mason Soroka-Gill
    2021-09-06 OpenEMR 6.0.0 – ‘noteid’ Insecure Direct Object Reference (IDOR)
  • webapps
    		•  Allen Enosh Upputori
    2021-09-06 Patient Appointment Scheduler System 1.0 – Persistent Cross-Site Scripting
  • webapps
    		•  a-rey
    2021-09-06 Patient Appointment Scheduler System 1.0 – Unauthenticated File Upload
  • webapps
    		•  a-rey
    2021-09-06 Bus Pass Management System 1.0 – ‘viewid’ Insecure direct object references (IDOR)
  • webapps
    		•  sudoninja
    2021-09-03 OpenSIS 8.0 ‘modname’ – Directory Traversal
  • webapps
    		•  Eric Salario
    2021-09-02 WordPress Plugin Duplicate Page 4.4.1 – Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Nikhil Kapoor
    2021-09-02 OpenSIS Community 8.0 – ‘cp_id_miss_attn’ SQL Injection
  • webapps
    		•  Eric Salario
    2021-09-02 Dolibarr ERP 14.0.1 – Privilege Escalation
  • webapps
    		•  Vishwaraj Bhattrai
    2021-09-01 WordPress Plugin Payments Plugin | GetPaid 2.4.6 – HTML Injection
  • webapps
    		•  Niraj Mahajan
    2021-09-01 Traffic Offense Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)
  • webapps
    		•  Tagoletta
    2021-08-31 WordPress Plugin ProfilePress 3.1.3 – Privilege Escalation (Unauthenticated)
  • webapps
    		•  Numan Rajkotiya