webapps

日期	标题	类别	作者
2020-09-21	Mida eFramework 2.9.0 – Back Door Access	webapps	elbae
2020-09-21	Seat Reservation System 1.0 – ‘id’ SQL Injection	webapps	Augkim
2020-09-21	BlackCat CMS 1.3.6 – Cross-Site Request Forgery	webapps	Noth
2020-09-21	Online Shop Project 1.0 – ‘p’ SQL Injection	webapps	Augkim
2020-09-21	B-swiss 3 Digital Signage System 3.6.5 – Remote Code Execution	webapps	LiquidWorm
2020-09-18	Mantis Bug Tracker 2.3.0 – Remote Code Execution (Unauthenticated)	webapps	Nikolas Geiselman
2020-09-18	SpamTitan 7.07 – Remote Code Execution (Authenticated)	webapps	Felipe Molina
2020-09-16	Piwigo 2.10.1 – Cross Site Scripting	webapps	Iridium
2020-09-15	Tailor MS 1.0 – Reflected Cross-Site Scripting	webapps	boku
2020-09-15	ThinkAdmin 6 – Arbitrarily File Read	webapps	Hzllaga
2020-09-14	Joomla! paGO Commerce 2.5.9.0 – SQL Injection (Authenticated)	webapps	Mehmet Kelepçe
2020-09-14	RAD SecFlow-1v SF_0290_2.3.01.26 – Cross-Site Request Forgery (Reboot)	webapps	Jonatan Schor
2020-09-14	RAD SecFlow-1v SF_0290_2.3.01.26 – Persistent Cross-Site Scripting	webapps	Jonatan Schor
2020-09-11	Tea LaTex 1.0 – Remote Code Execution (Unauthenticated)	webapps	nepska
2020-09-11	VTENEXT 19 CE – Remote Code Execution	webapps	Marco Ruela
2020-09-10	ZTE Router F602W – Captcha Bypass	webapps	Hritik Vijay
2020-09-10	CuteNews 2.1.2 – Remote Code Execution	webapps	Musyoka Ian
2020-09-10	Tiandy IPC and NVR 9.12.7 – Credential Disclosure	webapps	zb3
2020-09-09	Scopia XT Desktop 8.3.915.4 – Cross-Site Request Forgery (change admin password)	webapps	V1n1v131r4
2020-09-09	Tailor Management System – ‘id’ SQL Injection	webapps	Mosaaed
2020-09-07	ManageEngine Applications Manager 14700 – Remote Code Execution (Authenticated)	webapps	Hodorsec
2020-09-07	grocy 2.7.1 – Persistent Cross-Site Scripting	webapps	Mufaddal Masalawala
2020-09-07	Cabot 0.11.12 – Persistent Cross-Site Scripting	webapps	Abhiram V
2020-09-03	SiteMagic CMS 4.4.2 – Arbitrary File Upload (Authenticated)	webapps	V1n1v131r4