webapps

日期	标题	类别	作者
2018-08-24	Vox TG790 ADSL Router – Cross-Site Request Forgery (Add Admin)	webapps	cakes
2018-08-23	PCViewer vt1000 – Directory Traversal	webapps	Berk Dusunur
2018-08-23	Twitter-Clone 1 – ‘code’ SQL Injection	webapps	L0RD
2018-08-22	Geutebrueck re_porter 16 – Cross-Site Scripting	webapps	Kamil Suska
2018-08-22	Geutebrueck re_porter 7.8.974.20 – Credential Disclosure	webapps	Kamil Suska
2018-08-22	KingMedia 4.1 – File Upload	webapps	Efrén Díaz
2018-08-22	ZyXEL VMG3312-B10B – Cross-Site Scripting	webapps	Samet ŞAHİN
2018-08-21	WordPress Plugin Ninja Forms 3.3.13 – CSV Injection	webapps	Mostafa Gharzi
2018-08-21	Twitter-Clone 1 – Cross-Site Request Forgery (Delete Post)	webapps	L0RD
2018-08-21	Hikvision IP Camera 5.4.0 – User Enumeration (Metasploit)	webapps	Alfie
2018-08-21	Twitter-Clone 1 – ‘userid’ SQL Injection	webapps	L0RD
2018-08-20	WordPress Plugin Tagregator 0.6 – Cross-Site Scripting	webapps	ManhNho
2018-08-20	MyBB Moderator Log Notes Plugin 1.1 – Cross-Site Request Forgery	webapps	0xB9
2018-08-20	WordPress Plugin Chained Quiz 1.0.8 – ‘answer’ SQL Injection	webapps	Çlirim Emini
2018-08-20	Countly – Cross-Site Scripting	webapps	Sleepy
2018-08-17	ADM 3.1.2RHG1 – Remote Code Execution	webapps	Matthew Fulton
2018-08-17	Mikrotik WinBox 6.42 – Credential Disclosure (golang)	webapps	Maxim Yefimenko
2018-08-16	Pimcore 5.2.3 – SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery	webapps	SEC Consult
2018-08-16	WordPress Plugin Export Users to CSV 1.1.1 – CSV Injection	webapps	Javier Olmedo
2018-08-16	OpenEMR 5.0.1.3 – (Authenticated) Arbitrary File Actions	webapps	Joshua Fam
2018-08-15	ASUS-DSL N10 1.1.2.2_17 – Authentication Bypass	webapps	AmnBAN
2018-08-15	ASUSTOR ADM 3.1.0.RFQ3 – Remote Command Execution / SQL Injection	webapps	Kyle Lovett
2018-08-14	Oracle Glassfish OSE 4.1 – Path Traversal (Metasploit)	webapps	Dhiraj Mishra
2018-08-14	Oracle GlassFish Server Open Source Edition 4.1 – Path Traversal (Metasploit)	webapps	Metasploit