php

日期	标题	类别	作者
2019-10-07	Zabbix 4.2 – Authentication Bypass	webapps	Milad Khoshdel
2019-10-07	Joomla! 3.4.6 – ‘configuration.php’ Remote Code Execution	webapps	Alessandro Groppo
2019-10-07	vBulletin 5.0 < 5.5.4 - 'updateAvatar' Authenticated Remote Code Execution	webapps	EgiX
2019-10-07	Subrion 4.2.1 – ‘Email’ Persistant Cross-Site Scripting	webapps	Creatigon
2019-10-04	LabCollector 5.423 – SQL Injection	webapps	Carlos Avila
2019-10-03	PHP 7.0 < 7.3 (Unix) - 'gc' disable_functions Bypass	webapps	mm0r1
2019-10-02	Detrix EDMS 1.2.3.1505 – SQL Injection	webapps	Burov Konstantin
2019-09-30	WordPress Plugin ARforms 3.7.1 – Arbitrary File Deletion	webapps	Ahmad Almorabea
2019-09-30	phpIPAM 1.4 – SQL Injection	webapps	Kevin Kirsche
2019-09-30	vBulletin 5.x – Remote Command Execution (Metasploit)	webapps	r00tpgp
2019-09-27	WordPress Theme Zoner Real Estate – 4.1.1 Persistent Cross-Site Scripting	webapps	m0ze
2019-09-27	thesystem App 1.0 – ‘username’ SQL Injection	webapps	Anıl Baran Yelken
2019-09-27	thesystem App 1.0 – Persistent Cross-Site Scripting	webapps	İsmail Güngör
2019-09-27	thesystem App 1.0 – ‘server_name’ SQL Injection	webapps	Sadik Cetin
2019-09-27	InoERP 0.7.2 – Persistent Cross-Site Scripting	webapps	strider
2019-09-26	all-in-one-seo-pack 3.2.7 – Persistent Cross-Site Scripting	webapps	Unk9vvN
2019-09-26	Duplicate-Post 3.2.3 – Persistent Cross-Site Scripting	webapps	Unk9vvN
2019-09-26	Chamillo LMS 1.11.8 – Arbitrary File Upload	webapps	Sohel Yousef
2019-09-26	citecodecrashers Pic-A-Point 1.1 – ‘Consignment’ SQL Injection	webapps	cakes
2019-09-26	inoERP 4.15 – ‘download’ SQL Injection	webapps	Semen Alexandrovich Lyhin
2019-09-25	YzmCMS 5.3 – ‘Host’ Header Injection	webapps	Debashis Pal
2019-09-25	WP Server Log Viewer 1.0 – ‘logfile’ Persistent Cross-Site Scripting	webapps	strider
2019-09-24	Pfsense 2.3.4 / 2.4.4-p3 – Remote Code Injection	webapps	Nassim Asrir
2019-09-23	vBulletin 5.0 < 5.5.4 - 'widget_php ' Unauthenticated Remote Code Execution	webapps	anonymous