php

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2021-08-10 Simple Library Management System 1.0 – ‘rollno’ SQL Injection
  • webapps
    		•  Halit AKAYDIN
    2021-08-10 WordPress Plugin Picture Gallery 1.4.2 – ‘Edit Content URL’ Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Aryan Chehreghani
    2021-08-05 CMSuno 1.7 – ‘tgo’ Stored Cross-Site Scripting (XSS) (Authenticated)
  • webapps
    		•  splint3rsec
    2021-08-05 Moodle 3.9 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  lanz
    2021-08-04 Client Management System 1.1 – ‘cname’ Stored Cross-site scripting (XSS)
  • webapps
    		•  Mohammad Koochaki
    2021-08-04 qdPM 9.2 – Password Exposure (Unauthenticated)
  • webapps
    		•  Leon Trappett
    2021-08-04 qdPM 9.1 – Remote Code Execution (Authenticated)
  • webapps
    		•  Leon Trappett
    2021-08-04 WordPress Plugin WP Customize Login 1.1 – ‘Change Logo Title’ Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Aryan Chehreghani
    2021-08-03 Hotel Management System 1.0 – Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)
  • webapps
    		•  Merbin Russel
    2021-08-02 Online Hotel Reservation System 1.0 – ‘Multiple’ Cross-site scripting (XSS)
  • webapps
    		•  Mohammad Koochaki
    2021-08-02 Men Salon Management System 1.0 – SQL Injection Authentication Bypass
  • webapps
    		•  Akshay Khanna
    2021-07-29 Care2x Integrated Hospital Info System 2.7 – ‘Multiple’ SQL Injection
  • webapps
    		•  securityforeveryone.com
    2021-07-28 Event Registration System with QR Code 1.0 – Authentication Bypass
  • webapps
    		•  Javier Olmedo
    2021-07-27 Customer Relationship Management System (CRM) 1.0 – Sql Injection Authentication Bypass
  • webapps
    		•  Shafique_Wasta
    2021-07-27 PHP 7.3.15-3 – ‘PHP_SESSION_UPLOAD_PROGRESS’ Session Data Injection
  • webapps
    		•  S1lv3r
    2021-07-26 XOS Shop 1.0.9 – ‘Multiple’ Arbitrary File Deletion (Authenticated)
  • webapps
    		•  faisalfs10x
    2021-07-23 WordPress Plugin Simple Post 1.1 – ‘Text field’ Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Vikas Srivastava
    2021-07-21 CSZ CMS 1.2.9 – ‘Multiple’ Arbitrary File Deletion
  • webapps
    		•  faisalfs10x
    2021-07-20 WordPress Plugin KN Fix Your Title 1.0.1 – ‘Separator’ Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Aakash Choudhary
    2021-07-19 PEEL Shopping 9.3.0 – ‘id’ Time-based SQL Injection
  • webapps
    		•  faisalfs10x
    2021-07-19 WordPress Plugin Mimetic Books 0.2.13 – ‘Default Publisher ID field’ Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Vikas Srivastava
    2021-07-19 WordPress Plugin LearnPress 3.2.6.8 – Privilege Escalation
  • webapps
    		•  nhattruong
    2021-07-19 WordPress Plugin LearnPress 3.2.6.7 – ‘current_items’ SQL Injection (Authenticated)
  • webapps
    		•  nhattruong
    2021-07-15 WordPress Plugin Popular Posts 5.3.2 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  Simone Cristofaro