webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2020-08-20 PNPSCADA 2.200816204020 – ‘interf’ SQL Injection (Authenticated)
  • webapps
    		•  İsmail ERKEK
    2020-08-20 ElkarBackup 1.3.3 – Persistent Cross-Site Scripting
  • webapps
    		•  Enes Özeser
    2020-08-19 Ruijie Networks Switch eWeb S29_RGOS 11.4 – Directory Traversal
  • webapps
    		•  Tuygun
    2020-08-18 Savsoft Quiz 5 – Stored Cross-Site Scripting
  • webapps
    		•  Mayur Parmar
    2020-08-18 Pharmacy Medical Store and Sale Point 1.0 – ‘catid’ SQL Injection
  • webapps
    		•  Moaaz Taha
    2020-08-17 QiHang Media Web Digital Signage 3.0.9 – Unauthenticated Arbitrary File Deletion
  • webapps
    		•  LiquidWorm
    2020-08-17 QiHang Media Web Digital Signage 3.0.9 – Cleartext Credential Disclosure
  • webapps
    		•  LiquidWorm
    2020-08-17 Microsoft SharePoint Server 2019 – Remote Code Execution
  • webapps
    		•  West Shepherd
    2020-08-17 Bludit 3.9.2 – Authentication Bruteforce Mitigation Bypass
  • webapps
    		•  Alexandre ZANNI
    2020-08-17 QiHang Media Web Digital Signage 3.0.9 – Remote Code Execution (Unauthenticated)
  • webapps
    		•  LiquidWorm
    2020-08-17 QiHang Media Web Digital Signage 3.0.9 – Unauthenticated Arbitrary File Disclosure
  • webapps
    		•  LiquidWorm
    2020-08-13 GetSimple CMS Plugin Multi User 1.8.2 – Cross-Site Request Forgery (Add Admin)
  • webapps
    		•  boku
    2020-08-13 Artica Proxy 4.3.0 – Authentication Bypass
  • webapps
    		•  Dan Duffy
    2020-08-12 vBulletin 5.6.2 – ‘widget_tabbedContainer_tab_panel’ Remote Code Execution
  • webapps
    		•  zenofex
    2020-08-12 CMS Made Simple 2.2.14 – Authenticated Arbitrary File Upload
  • webapps
    		•  Roel van Beurden
    2020-08-11 Fuel CMS 1.4.7 – ‘col’ SQL Injection (Authenticated)
  • webapps
    		•  Roel van Beurden
    2020-08-10 ManageEngine ADSelfService Build prior to 6003 – Remote Code Execution (Unauthenticated)
  • webapps
    		•  Bhadresh Patel
    2020-08-10 Warehouse Inventory System 1.0 – Cross-Site Request Forgery (Change Admin Password)
  • webapps
    		•  boku
    2020-08-07 Daily Expenses Management System 1.0 – ‘item’ SQL Injection
  • webapps
    		•  screetsec
    2020-08-07 All-Dynamics Digital Signage System 2.0.2 – Cross-Site Request Forgery (Add Admin)
  • webapps
    		•  LiquidWorm
    2020-08-06 Victor CMS 1.0 – ‘Search’ SQL Injection
  • webapps
    		•  screetsec
    2020-08-05 Stock Management System 1.0 – Authentication Bypass
  • webapps
    		•  Adeeb Shah
    2020-08-04 Daily Expenses Management System 1.0 – ‘username’ SQL Injection
  • webapps
    		•  Daniel Ortiz
    2020-08-04 Pi-hole 4.3.2 – Remote Code Execution (Authenticated)
  • webapps
    		•  Luis Vacacas