php

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2020-03-12 rConfig 3.9 – ‘searchColumn’ SQL Injection
  • webapps
    		•  vikingfr
    2020-03-11 Horde Groupware Webmail Edition 5.2.22 – PHAR Loading
  • webapps
    		•  Andrea Cardaci
    2020-03-11 Horde Groupware Webmail Edition 5.2.22 – PHP File Inclusion
  • webapps
    		•  Andrea Cardaci
    2020-03-11 TeamCity Agent XML-RPC 10.0 – Remote Code Execution
  • webapps
    		•  1F98D
    2020-03-11 Wing FTP Server – Authenticated CSRF (Delete Admin)
  • webapps
    		•  Dhiraj Mishra
    2020-03-11 PlaySMS 1.4.3 – Template Injection / Remote Code Execution
  • webapps
    		•  Touhid M.Shaikh
    2020-03-11 Joomla! 3.9.0 < 3.9.7 - CSV Injection
  • webapps
    		•  i4bdullah
    2020-03-11 WordPress Plugin Search Meter 2.13.2 – CSV injection
  • webapps
    		•  Daniel Monzón
    2020-03-10 Horde Groupware Webmail Edition 5.2.22 – Remote Code Execution
  • webapps
    		•  Andrea Cardaci
    2020-03-10 PHPStudy – Backdoor Remote Code execution (Metasploit)
  • remote
    		•  Metasploit
    2020-03-10 Persian VIP Download Script 1.0 – ‘active’ SQL Injection
  • webapps
    		•  Amir Hossein Vafifar
    2020-03-10 YzmCMS 5.5 – ‘url’ Persistent Cross-Site Scripting
  • webapps
    		•  En_dust
    2020-03-09 PHP-FPM – Underflow Remote Code Execution (Metasploit)
  • remote
    		•  Metasploit
    2020-03-09 Sentrifugo HRMS 3.2 – ‘id’ SQL Injection
  • webapps
    		•  minhnb
    2020-03-09 60CycleCMS – ‘news.php’ SQL Injection
  • webapps
    		•  Unkn0wn
    2020-03-04 UniSharp Laravel File Manager 2.0.0 – Arbitrary File Read
  • webapps
    		•  NgoAnhDuc
    2020-03-03 GUnet OpenEclass 1.7.3 E-learning platform – ‘month’ SQL Injection
  • webapps
    		•  emaragkos
    2020-03-03 Alfresco 5.2.4 – Persistent Cross-Site Scripting
  • webapps
    		•  Alexandre ZANNI
    2020-03-02 Cacti v1.2.8 – Unauthenticated Remote Code Execution (Metasploit)
  • webapps
    		•  Lucas Amorim
    2020-03-02 WordPress Plugin Tutor LMS 1.5.3 – Cross-Site Request Forgery (Add User)
  • webapps
    		•  Jinson Varghese Behanan
    2020-02-27 Business Live Chat Software 1.0 – Cross-Site Request Forgery (Add Admin)
  • webapps
    		•  Meisam Monsef
    2020-02-26 PhpIX 2012 Professional – ‘id’ SQL Injection
  • webapps
    		•  indoushka
    2020-02-25 Magento WooCommerce CardGate Payment Gateway 2.0.30 – Payment Process Bypass
  • webapps
    		•  GeekHack
    2020-02-25 WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 – Payment Process Bypass
  • webapps
    		•  GeekHack