php

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2020-04-02 PHP-Fusion 9.03.50 – ‘panels.php’ Remote Code Execution
  • webapps
    		•  Unkn0wn
    2020-03-30 Joomla! com_fabrik 3.9.11 – Directory Traversal
  • webapps
    		•  qw3rTyTy
    2020-03-27 rConfig 3.9.4 – ‘searchField’ Unauthenticated Root Remote Code Execution
  • webapps
    		•  vikingfr
    2020-03-27 ECK Hotel 1.0 – Cross-Site Request Forgery (Add Admin)
  • webapps
    		•  Mustafa Emre Gül
    2020-03-26 Centreo 19.10.8 – ‘DisplayServiceStatus’ Remote Code Execution
  • webapps
    		•  Engin Demirbilek
    2020-03-25 LeptonCMS 4.5.0 – Persistent Cross-Site Scripting
  • webapps
    		•  SunCSR
    2020-03-25 Joomla! Component GMapFP 3.30 – Arbitrary File Upload
  • webapps
    		•  ThelastVvV
    2020-03-24 UliCMS 2020.1 – Persistent Cross-Site Scripting
  • webapps
    		•  SunCSR
    2020-03-24 WordPress Plugin WPForms 1.5.8.2 – Persistent Cross-Site Scripting
  • webapps
    		•  Jinson Varghese Behanan
    2020-03-23 Joomla! com_hdwplayer 4.2 – ‘search.php’ SQL Injection
  • webapps
    		•  qw3rTyTy
    2020-03-23 rConfig 3.9.4 – ‘search.crud.php’ Remote Command Injection
  • webapps
    		•  Matthew Aberegg
    2020-03-23 WordPress Plugin PicUploader 1.0 – Remote File Upload
  • webapps
    		•  Milad karimi
    2020-03-20 Exagate Sysguard 6001 – Cross-Site Request Forgery (Add Admin)
  • webapps
    		•  Metin Yunus Kandemir
    2020-03-18 Joomla! Component ACYMAILING 3.9.0 – Unauthenticated Arbitrary File Upload
  • webapps
    		•  qw3rTyTy
    2020-03-17 UADMIN Botnet 1.0 – ‘link’ SQL Injection
  • webapps
    		•  n4pst3r
    2020-03-16 PHPKB Multi-Language 9 – ‘image-upload.php’ Authenticated Remote Code Execution
  • webapps
    		•  Antonio Cannito
    2020-03-16 PHPKB Multi-Language 9 – Authenticated Directory Traversal
  • webapps
    		•  Antonio Cannito
    2020-03-16 PHPKB Multi-Language 9 – Authenticated Remote Code Execution
  • webapps
    		•  Antonio Cannito
    2020-03-16 MiladWorkShop VIP System 1.0 – ‘lang’ SQL Injection
  • webapps
    		•  AYADI Mohamed
    2020-03-13 WordPress Plugin Custom Searchable Data System – Unauthenticated Data M]odification
  • webapps
    		•  Nawaf Alkeraithe
    2020-03-12 rConfig 3.93 – ‘ajaxAddTemplate.php’ Authenticated Remote Code Execution
  • webapps
    		•  Engin Demirbilek
    2020-03-12 HRSALE 1.1.8 – Cross-Site Request Forgery (Add Admin)
  • webapps
    		•  Ismail Akıcı
    2020-03-12 WordPress Plugin Appointment Booking Calendar 1.3.34 – CSV Injection
  • webapps
    		•  Daniel Monzón
    2020-03-12 Joomla! Component com_newsfeeds 1.0 – ‘feedid’ SQL Injection
  • webapps
    		•  Milad karimi