php

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2021-03-29 WordPress Plugin WP Super Cache 1.7.1 – Remote Code Execution (Authenticated)
  • webapps
    		•  m0ze
    2021-03-29 Budget Management System 1.0 – ‘Budget title’ Stored XSS
  • webapps
    		•  Jitendra Kumar Tripathi
    2021-03-26 Moodle 3.10.3 – ‘label’ Persistent Cross Site Scripting
  • webapps
    		•  Vincent666
    2021-03-26 Regis Inventory And Monitoring System 1.0 – ‘Item List’ Persistent Cross-Site Scripting
  • webapps
    		•  George Tsimpidas
    2021-03-26 ‘customhs_js_content’ – ‘customhs_js_content’ Cross-Site Request Forgery
  • webapps
    		•  Abhishek Joshi
    2021-03-25 Dolibarr ERP 11.0.4 – File Upload Restrictions Bypass (Authenticated RCE)
  • webapps
    		•  Andrea Gonzalez
    2021-03-25 Ovidentia 6 – ‘id’ SQL injection (Authenticated)
  • webapps
    		•  Felipe Prates Donato
    2021-03-23 Hotel And Lodge Management System 1.0 – ‘Customer Details’ Stored XSS
  • webapps
    		•  Jitendra Kumar Tripathi
    2021-03-23 MyBB 1.8.25 – Poll Vote Count SQL Injection
  • webapps
    		•  SivertPL
    2021-03-22 MyBB 1.8.25 – Chained Remote Command Execution
  • webapps
    		•  SivertPL
    2021-03-22 WordPress Plugin Delightful Downloads Jquery File Tree 1.6.6 – Path Traversal
  • webapps
    		•  Nicholas Ferreira
    2021-03-19 Online News Portal 1.0 – ‘Multiple’ Stored Cross-Site Scripting
  • webapps
    		•  Richard Jones
    2021-03-19 Online News Portal 1.0 – ‘name’ SQL Injection
  • webapps
    		•  Richard Jones
    2021-03-19 CouchCMS 2.2.1 – Server-Side Request Forgery
  • webapps
    		•  xxcdd
    2021-03-19 Profiling System for Human Resource Management 1.0 – Remote Code Execution (Unauthenticated)
  • webapps
    		•  Christian Vierschilling
    2021-03-19 Boonex Dolphin 7.4.2 – ‘width’ Stored XSS
  • webapps
    		•  Piyush Patil
    2021-03-19 LiveZilla Server 8.0.1.0 – ‘Accept-Language’ Reflected XSS
  • webapps
    		•  Clément Cruchet
    2021-03-18 Hestia Control Panel 1.3.2 – Arbitrary File Write
  • webapps
    		•  numan türle
    2021-03-18 SEO Panel 4.8.0 – ‘order_col’ Blind SQL Injection (1)
  • webapps
    		•  Piyush Patil
    2021-03-18 rConfig 3.9.6 – Arbitrary File Upload to Remote Code Execution (Authenticated) (1)
  • webapps
    		•  Murat ŞEKER
    2021-03-17 WoWonder Social Network Platform 3.1 – ‘event_id’ SQL Injection
  • webapps
    		•  securityforeveryone.com
    2021-03-16 Alphaware E-Commerce System 1.0 – Unauthenicated Remote Code Execution (File Upload + SQL injection)
  • webapps
    		•  Christian Vierschilling
    2021-03-15 rConfig 3.9.6 – ‘path’ Local File Inclusion (Authenticated)
  • webapps
    		•  Murat ŞEKER
    2021-03-15 MagpieRSS 0.72 – ‘url’ Command Injection
  • webapps
    		•  bl4ckh4ck5