webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2018-05-06 WordPress Plugin User Role Editor < 4.25 - Privilege Escalation
  • webapps
    		•  Tomislav Paskalev
    2018-05-06 CSP MySQL User Manager 2.3.1 – Authentication Bypass
  • webapps
    		•  Youssef Mami
    2018-05-04 IceWarp Mail Server < 11.1.1 - Directory Traversal
  • webapps
    		•  Trustwave's SpiderLabs
    2018-05-04 WordPress Plugin WF Cookie Consent 1.1.3 – Cross-Site Scripting
  • webapps
    		•  B0UG
    2018-05-03 JasperReports – (Authenticated) File Read
  • webapps
    		•  Hector Monsegur
    2018-05-02 Cockpit CMS 0.4.4 < 0.5.5 - Server-Side Request Forgery
  • webapps
    		•  Qian Wu, Bo Wang, Jiawang Zhang
    2018-05-01 WordPress Plugin Responsive Cookie Consent 1.7 / 1.6 / 1.5 – (Authenticated) Persistent Cross-Site Scripting
  • webapps
    		•  B0UG
    2018-04-30 Nagios XI 5.2.6 < 5.2.9 / 5.3 / 5.4 - Chained Remote Root
  • webapps
    		•  Jared Arave
    2018-04-30 WordPress Plugin Form Maker 1.12.20 – CSV Injection
  • webapps
    		•  Sairam Jetty
    2018-04-30 Drupal < 7.58 - 'Drupalgeddon3' (Authenticated) Remote Code (Metasploit)
  • webapps
    		•  SixP4ck3r
    2018-04-26 Frog CMS 0.9.5 – Persistent Cross-Site Scripting
  • webapps
    		•  Wenming Jiang
    2018-04-26 TP-Link Technologies TL-WA850RE Wi-Fi Range Extender – Remote Reboot
  • webapps
    		•  Wadeek
    2018-04-26 GitList 0.6 – Remote Code Execution
  • webapps
    		•  Kacper Szurek
    2018-04-26 MyBB Threads to Link Plugin 1.3 – Cross-Site Scripting
  • webapps
    		•  0xB9
    2018-04-26 October CMS User Plugin 1.4.5 – Persistent Cross-Site Scripting
  • webapps
    		•  0xB9
    2018-04-26 SickRage < v2018.03.09 - Clear-Text Credentials HTTP Response
  • webapps
    		•  Sven Fassbender
    2018-04-26 WordPress Plugin WP with Spritz 1.0 – Remote File Inclusion
  • webapps
    		•  Wadeek
    2018-04-26 Jfrog Artifactory < 4.16 - Arbitrary File Upload / Remote Command Execution
  • webapps
    		•  Alessio Sergi
    2018-04-25 HRSALE The Ultimate HRM 1.0.2 – ‘award_id’ SQL Injection
  • webapps
    		•  8bitsec
    2018-04-25 HRSALE The Ultimate HRM 1.0.2 – CSV Injection
  • webapps
    		•  8bitsec
    2018-04-25 Blog Master Pro 1.0 – CSV Injection
  • webapps
    		•  8bitsec
    2018-04-25 Shopy Point of Sale 1.0 – CSV Injection
  • webapps
    		•  8bitsec
    2018-04-25 Drupal < 7.58 - 'Drupalgeddon3' (Authenticated) Remote Code Execution (PoC)
  • webapps
    		•  Blaklis
    2018-04-25 HRSALE The Ultimate HRM 1.0.2 – Local File Inclusion
  • webapps
    		•  8bitsec