webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2022-01-05 WordPress Plugin The True Ranker 2.2.2 – Arbitrary File Read (Unauthenticated)
  • webapps
    		•  Liad Levy
    2022-01-05 Online Admission System 1.0 – Remote Code Execution (RCE) (Unauthenticated)
  • webapps
    		•  Jeremiasz Pluta
    2022-01-05 Movie Rating System 1.0 – SQLi to RCE (Unauthenticated)
  • webapps
    		•  Tagoletta
    2022-01-05 WordPress Plugin AAWP 3.16 – ‘tab’ Reflected Cross Site Scripting (XSS) (Authenticated)
  • webapps
    		•  Andrea Bocchetti
    2022-01-05 Movie Rating System 1.0 – Broken Access Control (Admin Account Creation) (Unauthenticated)
  • webapps
    		•  Tagoletta
    2022-01-05 Projeqtor v9.3.1 – Stored Cross Site Scripting (XSS)
  • webapps
    		•  Oscar Gil Gutierrez
    2022-01-05 WordPress Plugin WP Visitor Statistics 4.7 – SQL Injection
  • webapps
    		•  Ron Jost
    2022-01-05 openSIS Student Information System 8.0 – ‘multiple’ SQL Injection
  • webapps
    		•  securityforeveryone.com
    2022-01-05 WordPress Plugin Contact Form Entries 1.1.6 – Cross Site Scripting (XSS) (Unauthenticated)
  • webapps
    		•  Gaetano Perrone
    2021-12-20 Exponent CMS 2.6 – Multiple Vulnerabilities
  • webapps
    		•  heinjame
    2021-12-20 phpKF CMS 3.00 Beta y6 – Remote Code Execution (RCE) (Unauthenticated)
  • webapps
    		•  Halit AKAYDIN
    2021-12-20 WBCE CMS 1.5.1 – Admin Password Reset
  • webapps
    		•  citril
    2021-12-16 Arunna 1.0.0 – ‘Multiple’ Cross-Site Request Forgery (CSRF)
  • webapps
    		•  =(L_L)=
    2021-12-16 Croogo 3.0.2 – ‘Multiple’ Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Enes Özeser
    2021-12-16 Croogo 3.0.2 – Unrestricted File Upload
  • webapps
    		•  Enes Özeser
    2021-12-16 Cibele Thinfinity VirtualUI 2.5.41.0 – User Enumeration
  • webapps
    		•  Daniel Morales
    2021-12-14 Online Thesis Archiving System 1.0 – SQLi Authentication Bypass
  • webapps
    		•  Yehia Elghaly
    2021-12-14 meterN v1.2.3 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  LiquidWorm
    2021-12-14 Zucchetti Axess CLOKI Access Control 1.64 – Cross Site Request Forgery (CSRF)
  • webapps
    		•  LiquidWorm
    2021-12-14 Booked Scheduler 2.7.5 – Remote Command Execution (RCE) (Authenticated)
  • webapps
    		•  0sunday
    2021-12-14 WordPress Plugin Typebot 1.4.3 – Stored Cross Site Scripting (XSS) (Authenticated)
  • webapps
    		•  Mansi Singh
    2021-12-13 WebHMI 4.0 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  Jeremiasz Pluta
    2021-12-10 Free School Management Software 1.0 – Remote Code Execution (RCE)
  • webapps
    		•  fuzzyap1
    2021-12-10 Free School Management Software 1.0 – ‘multiple’ Stored Cross-Site Scripting (XSS)
  • webapps
    		•  fuzzyap1