webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2023-04-05 Answerdev 1.0.3 – Account Takeover
  • webapps
    		•  Eduardo Pérez-Malumbres Cervera
    2023-04-05 ERPNext 12.29 – Cross-Site Scripting (XSS)
  • webapps
    		•  Patrick Dean Ramos / Nathu Nandwani / Junnair Manla
    2023-04-05 BTCPay Server v1.7.4 – HTML Injection
  • webapps
    		•  Manojkumar J
    2023-04-05 itech TrainSmart r1044 – SQL injection
  • webapps
    		•  Adrian Bondocea
    2023-04-05 Responsive FileManager 9.9.5 – Remote Code Execution (RCE)
  • webapps
    		•  Galoget Latorre
    2023-04-05 Control Web Panel 7 (CWP7) v0.9.8.1147 – Remote Code Execution (RCE)
  • webapps
    		•  Mayank Deshmukh
    2023-04-05 Online Eyewear Shop 1.0 – SQL Injection (Unauthenticated)
  • webapps
    		•  Muhammad Navaid Zafar Ansari
    2023-04-05 bgERP v22.31 (Orlovets) – Cookie Session vulnerability & Cross-Site Scripting (XSS)
  • webapps
    		•  nu11secur1ty
    2023-04-05 Liferay Portal 6.2.5 – Insecure Permissions
  • webapps
    		•  Fu2x2000
    2023-04-05 Bus Pass Management System 1.0 – Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Matteo Conti
    2023-04-05 Calendar Event Multi View 1.4.07 – Unauthenticated Arbitrary Event Creation to Cross-Site Scripting (XSS)
  • webapps
    		•  Mostafa Farzaneh
    2023-04-05 zstore 6.6.0 – Cross-Site Scripting (XSS)
  • webapps
    		•  nu11secur1ty
    2023-04-03 Roxy WI v6.1.0.0 – Improper Authentication Control
  • webapps
    		•  Nuri Çilengir
    2023-04-03 pimCore v5.4.18-skeleton – Sensitive Cookie with Improper SameSite Attribute
  • webapps
    		•  nu11secur1ty
    2023-04-03 WP-file-manager v6.9 – Unauthenticated Arbitrary File Upload leading to RCE
  • webapps
    		•  BLY
    2023-04-03 ManageEngin AMP 4.3.0 – File-path-traversal
  • webapps
    		•  nu11secur1ty
    2023-04-03 Active eCommerce CMS 6.5.0 – Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Sajibe Kanti
    2023-04-03 ERPGo SaaS 3.9 – CSV Injection
  • webapps
    		•  Sajibe Kanti
    2023-04-03 AmazCart CMS 3.4 – Cross-Site-Scripting (XSS)
  • webapps
    		•  Sajibe Kanti
    2023-04-03 SQL Monitor 12.1.31.893 – Cross-Site Scripting (XSS)
  • webapps
    		•  geeklinuxman
    2023-04-03 Art Gallery Management System Project v1.0 – SQL Injection (editid) authenticated
  • webapps
    		•  Rahul Patwari
    2023-04-03 Paid Memberships Pro v2.9.8 (WordPress Plugin) – Unauthenticated SQL Injection
  • webapps
    		•  r3nt0n
    2023-04-03 Art Gallery Management System Project v1.0 – SQL Injection (cid) Unauthenticated
  • webapps
    		•  Rahul Patwari
    2023-04-03 GLPI Cartography Plugin v6.0.0 – Unauthenticated Remote Code Execution (RCE)
  • webapps
    		•  Nuri Çilengir