php

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2021-07-05 Church Management System 1.0 – ‘Multiple’ Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Murat DEMİRCİ
    2021-07-05 Church Management System 1.0 – Arbitrary File Upload (Authenticated)
  • webapps
    		•  Murat DEMİRCİ
    2021-07-05 Online Birth Certificate System 1.1 – ‘Multiple’ Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Subhadip Nag
    2021-07-05 Online Voting System 1.0 – SQLi (Authentication Bypass) + Remote Code Execution (RCE)
  • webapps
    		•  Geiseric
    2021-07-05 OpenEMR 5.0.1.7 – ‘fileName’ Path Traversal (Authenticated) (2)
  • webapps
    		•  Alexandre ZANNI
    2021-07-02 Garbage Collection Management System 1.0 – SQL Injection (Unauthenticated)
  • webapps
    		•  ircashem
    2021-07-02 WordPress Plugin Modern Events Calendar 5.16.2 – Event export (Unauthenticated)
  • webapps
    		•  Ron Jost
    2021-07-02 WordPress Plugin Modern Events Calendar 5.16.2 – Remote Code Execution (Authenticated)
  • webapps
    		•  Ron Jost
    2021-07-02 b2evolution 7.2.2 – ‘edit account details’ Cross-Site Request Forgery (CSRF)
  • webapps
    		•  Alperen Ergel
    2021-07-01 WordPress Plugin XCloner 4.2.12 – Remote Code Execution (Authenticated)
  • webapps
    		•  Ron Jost
    2021-07-01 Online Voting System 1.0 – Remote Code Execution (Authenticated)
  • webapps
    		•  Salman Asad
    2021-07-01 Online Voting System 1.0 – Authentication Bypass (SQLi)
  • webapps
    		•  Salman Asad
    2021-06-30 Doctors Patients Management System 1.0 – SQL Injection (Authentication Bypass)
  • webapps
    		•  Murat DEMİRCİ
    2021-06-30 phpAbook 0.9i – SQL Injection
  • webapps
    		•  Alejandro Perez
    2021-06-28 WordPress Plugin YOP Polls 6.2.7 – Stored Cross Site Scripting (XSS)
  • webapps
    		•  Toby Jackson
    2021-06-25 Lightweight facebook-styled blog 1.3 – Remote Code Execution (RCE) (Authenticated) (Metasploit)
  • webapps
    		•  Maide Ilkay Aydogdu
    2021-06-25 Simple Client Management System 1.0 – ‘uemail’ SQL Injection (Unauthenticated)
  • webapps
    		•  Barış Yıldızoğlu
    2021-06-25 Seeddms 5.1.10 – Remote Command Execution (RCE) (Authenticated)
  • webapps
    		•  Bryan Leong
    2021-06-23 Simple CRM 3.0 – ’email’ SQL injection (Authentication Bypass)
  • webapps
    		•  Rinku Kumar
    2021-06-23 Online Library Management System 1.0 – Arbitrary File Upload Remote Code Execution (Unauthenticated)
  • webapps
    		•  Berk Can Geyikci
    2021-06-23 Online Library Management System 1.0 – ‘Search’ SQL Injection
  • webapps
    		•  Berk Can Geyikci
    2021-06-23 WordPress Plugin Poll, Survey, Questionnaire and Voting system 1.5.2 – ‘date_answers’ Blind SQL Injection
  • webapps
    		•  Toby Jackson
    2021-06-23 WordPress Plugin WP Google Maps 8.1.11 – Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Mohammed Adam
    2021-06-22 Phone Shop Sales Managements System 1.0 – Insecure Direct Object Reference (IDOR)
  • webapps
    		•  Pratik Khalane