php

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2021-06-22 Responsive Tourism Website 3.1 – Remote Code Execution (RCE) (Unauthenticated)
  • webapps
    		•  Tagoletta
    2021-06-21 Customer Relationship Management System (CRM) 1.0 – Remote Code Execution
  • webapps
    		•  Ishan Saha
    2021-06-21 Simple CRM 3.0 – ‘name’ Stored Cross site scripting (XSS)
  • webapps
    		•  Riadh Benlamine
    2021-06-21 Simple CRM 3.0 – ‘Change user information’ Cross-Site Request Forgery (CSRF)
  • webapps
    		•  Riadh Benlamine
    2021-06-21 Websvn 2.6.0 – Remote Code Execution (Unauthenticated)
  • webapps
    		•  g0ldm45k
    2021-06-21 OpenEMR 5.0.1.7 – ‘fileName’ Path Traversal (Authenticated)
  • webapps
    		•  Ron Jost
    2021-06-18 ICE Hrm 29.0.0.OS – ‘xml upload’ Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Piyush Patil
    2021-06-18 ICE Hrm 29.0.0.OS – ‘Account Takeover’ Cross-Site Request Forgery (CSRF)
  • webapps
    		•  Piyush Patil
    2021-06-17 Online Shopping Portal 3.1 – Remote Code Execution (Unauthenticated)
  • webapps
    		•  Tagoletta
    2021-06-17 Unified Office Total Connect Now 1.0 – ‘data’ SQL Injection
  • webapps
    		•  Ajaikumar Nadar
    2021-06-16 Cotonti Siena 0.9.19 – ‘maintitle’ Stored Cross-Site Scripting
  • webapps
    		•  Fatih İLGİN
    2021-06-16 CKEditor 3 – Server-Side Request Forgery (SSRF)
  • webapps
    		•  ahmed
    2021-06-16 Teachers Record Management System 1.0 – ’email’ Stored Cross-site Scripting (XSS)
  • webapps
    		•  nhattruong
    2021-06-16 Teachers Record Management System 1.0 – ‘Multiple’ SQL Injection (Authenticated)
  • webapps
    		•  nhattruong
    2021-06-16 OpenEMR 5.0.1.3 – Authentication Bypass
  • webapps
    		•  Ron Jost
    2021-06-15 Client Management System 1.1 – ‘username’ Stored Cross-Site Scripting (XSS)
  • webapps
    		•  BHAVESH KAUL
    2021-06-14 OpenEMR 5.0.1.3 – ‘manage_site_files’ Remote Code Execution (Authenticated)
  • webapps
    		•  Ron Jost
    2021-06-14 TextPattern CMS 4.8.7 – Remote Command Execution (Authenticated)
  • webapps
    		•  Mert Daş
    2021-06-14 Small CRM 3.0 – ‘Authentication Bypass’ SQL Injection
  • webapps
    		•  BHAVESH KAUL
    2021-06-14 Stock Management System 1.0 – ‘user_id’ Blind SQL injection (Authenticated)
  • webapps
    		•  Riadh Benlamine
    2021-06-14 COVID19 Testing Management System 1.0 – ‘State’ Stored Cross-Site-Scripting (XSS)
  • webapps
    		•  BHAVESH KAUL
    2021-06-14 GLPI 9.4.5 – Remote Code Execution (RCE)
  • webapps
    		•  Brian Peters
    2021-06-11 WoWonder Social Network Platform 3.1 – Authentication Bypass
  • webapps
    		•  securityforeveryone.com
    2021-06-11 Zenario CMS 8.8.52729 – ‘cID’ SQL injection (Authenticated)
  • webapps
    		•  Avinash R