Platform php - 体验盒子 - 不再关注网络安全

日期	标题	类别	作者
2019-04-02	Fiverr Clone Script 1.2.2 – SQL Injection / Cross-Site Scripting	webapps	Mr Winst0n
2019-04-02	CMS Made Simple < 2.2.10 - SQL Injection	webapps	Daniele Scanu
2019-04-02	LimeSurvey < 3.16 - Remote Code Execution	webapps	q3rv0
2019-04-02	WordPress Plugin PayPal Checkout Payment Gateway 1.6.8 – Parameter Tampering	webapps	Vikas Chaudhary
2019-04-02	Inout RealEstate – ‘city’ SQL Injection	webapps	Ahmet Ümit BAYRAM
2019-04-02	Inout EasyRooms – SQL Injection	webapps	Ahmet Ümit BAYRAM
2019-03-28	WordPress Plugin Loco Translate 2.2.1 – Local File Inclusion	webapps	Ali S. Ahmad
2019-03-28	WordPress Plugin Anti-Malware Security and Brute-Force Firewall 4.18.63 – Local File Inclusion (PoC)	webapps	Ali S. Ahmad
2019-03-28	Airbnb Clone Script – Multiple SQL Injection	webapps	Ahmet Ümit BAYRAM
2019-03-28	CMS Made Simple (CMSMS) Showtime2 – File Upload Remote Code Execution (Metasploit)	remote	Metasploit
2019-03-28	Jettweb PHP Hazır Rent A Car Sitesi Scripti V2 – ‘arac_kategori_id’ SQL Injection	webapps	Ahmet Ümit BAYRAM
2019-03-28	BigTree 4.3.4 CMS – Multiple SQL Injection	webapps	Mehmet EMIROGLU
2019-03-28	Job Portal 3.1 – ‘job_submit’ SQL Injection	webapps	Mehmet EMIROGLU
2019-03-28	i-doit 1.12 – ‘qr.php’ Cross-Site Scripting	webapps	BlackFog Team
2019-03-27	Jettweb Hazır Rent A Car Scripti V4 – SQL Injection	webapps	Ahmet Ümit BAYRAM
2019-03-26	SJS Simple Job Script – SQL Injection / Cross-Site Scripting	webapps	Ahmet Ümit BAYRAM
2019-03-26	XooDigital – ‘p’ SQL Injection	webapps	Ahmet Ümit BAYRAM
2019-03-26	XooGallery – Multiple SQL Injection	webapps	Ahmet Ümit BAYRAM
2019-03-26	Rukovoditel ERP & CRM 2.4.1 – ‘path’ Cross-Site Scripting	webapps	Javier Olmedo
2019-03-26	Jettweb Php Hazır İlan Sitesi Scripti V2 – SQL Injection	webapps	Ahmet Ümit BAYRAM
2019-03-25	Zeeways Matrimony CMS – SQL Injection	webapps	Ahmet Ümit BAYRAM
2019-03-25	Zeeways Jobsite CMS – ‘id’ SQL Injection	webapps	Ahmet Ümit BAYRAM
2019-03-25	Jettweb PHP Hazır Haber Sitesi Scripti V3 – SQL Injection	webapps	Ahmet Ümit BAYRAM
2019-03-25	Jettweb PHP Hazır Haber Sitesi Scripti V2 – SQL Injection (Authentication Bypass)	webapps	Ahmet Ümit BAYRAM