webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2016-08-09 Xfinity Gateway (Technicolor DPC3941T) – Cross-Site Request Forgery
  • webapps
    		•  Ayushman Dutta
    2016-08-08 WordPress Plugin Add From Server < 3.3.2 - Cross-Site Request Forgery (Arbitrary File Upload)
  • webapps
    		•  Edwin Molenaar
    2016-08-08 PHPCollab CMS 2.5 – ’emailusers.php’ SQL Injection
  • webapps
    		•  Vulnerability-Lab
    2016-08-08 Navis Webaccess – SQL Injection
  • webapps
    		•  bRpsd
    2016-08-06 NUUO NVRmini 2 3.0.8 – Multiple OS Command Injections
  • webapps
    		•  LiquidWorm
    2016-08-06 NUUO NVRmini 2 3.0.8 – Local File Disclosure
  • webapps
    		•  LiquidWorm
    2016-08-06 NUUO NVRmini 2 3.0.8 – Cross-Site Request Forgery (Add Admin)
  • webapps
    		•  LiquidWorm
    2016-08-06 NUUO NVRmini 2 3.0.8 – Remote Code Execution
  • webapps
    		•  LiquidWorm
    2016-08-06 NUUO NVRmini 2 3.0.8 – ‘strong_user.php’ Backdoor Remote Shell Access
  • webapps
    		•  LiquidWorm
    2016-08-06 NUUO NVRmini 2 3.0.8 – Arbitrary File Deletion
  • webapps
    		•  LiquidWorm
    2016-08-06 NUUO NVRmini 2 3.0.8 – Remote Command Injection (Shellshock)
  • webapps
    		•  LiquidWorm
    2016-08-05 NASdeluxe NDL-2400r 2.01.09 – OS Command Injection
  • webapps
    		•  SySS GmbH
    2016-08-05 WordPress Plugin Count Per Day 3.5.4 – Persistent Cross-Site Scripting
  • webapps
    		•  Julien Rentrop
    2016-08-05 Davolink DV-2051 – Multiple Vulnerabilities
  • webapps
    		•  Eric Flokstra
    2016-08-05 PHP Power Browse 1.2 – Directory Traversal
  • webapps
    		•  Manuel Mancera
    2016-08-05 Subrion CMS 4.0.5 – SQL Injection
  • webapps
    		•  Vulnerability-Lab
    2016-08-04 ntop-ng 2.5.160805 – Username Enumeration
  • webapps
    		•  Dolev Farhi
    2016-08-02 Open Upload 0.4.2 – Cross-Site Request Forgery (Add Admin)
  • webapps
    		•  Vinesh Redkar
    2016-08-01 WordPress Plugin ALO EasyMail NewsLetter 2.9.2 – Cross-Site Request Forgery (Add/Import Arbitrary Subscribers)
  • webapps
    		•  Yorick Koster
    2016-08-01 WordPress Plugin WP Live Chat Support 6.2.03 – Persistent Cross-Site Scripting
  • webapps
    		•  Dennis Kerdijk & Erwin Kievith
    2016-08-01 WordPress Plugin Booking Calendar 6.2 – SQL Injection
  • webapps
    		•  Edwin Molenaar
    2016-07-29 Trend Micro Deep Discovery 3.7/3.8 SP1 (3.81)/3.8 SP2 (3.82) – ‘hotfix_upload.cgi’ Filename Remote Code Execution
  • webapps
    		•  korpritzombie
    2016-07-29 WordPress Plugin Ultimate Product Catalog 3.9.8 – do_shortcode via ajax Blind SQL Injection
  • webapps
    		•  i0akiN SEC-LABORATORY
    2016-07-29 AXIS (Multiple Products) – ‘devtools ‘ (Authenticated) Remote Command Execution
  • webapps
    		•  Orwelllabs