webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2021-09-23 WordPress Plugin Fitness Calculators 1.9.5 – Cross-Site Request Forgery (CSRF)
  • webapps
    		•  0xB9
    2021-09-23 WordPress Plugin Advanced Order Export For WooCommerce 3.1.7 – Reflected Cross-Site Scripting (XSS)
  • webapps
    		•  0xB9
    2021-09-23 Backdrop CMS 1.20.0 – ‘Multiple’ Cross-Site Request Forgery (CSRF)
  • webapps
    		•  V1n1v131r4
    2021-09-23 WordPress Plugin 3DPrint Lite 1.9.1.4 – Arbitrary File Upload
  • webapps
    		•  spacehen
    2021-09-23 Gurock Testrail 7.2.0.3014 – ‘files.md5’ Improper Access Control
  • webapps
    		•  Sick Codes
    2021-09-22 Online Reviewer System 1.0 – Remote Code Execution (RCE) (Unauthenticated)
  • webapps
    		•  Abdullah Khawaja
    2021-09-22 Sentry 8.2.0 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  Mohin Paramasivam
    2021-09-22 Cloudron 6.2 – ‘returnTo ‘ Cross Site Scripting (Reflected)
  • webapps
    		•  Akıner Kısa
    2021-09-22 OpenCats 0.9.4-2 – ‘docx ‘ XML External Entity Injection (XXE)
  • webapps
    		•  Jake Ruston
    2021-09-22 e107 CMS 2.3.0 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  Halit AKAYDIN
    2021-09-22 Filerun 2021.03.26 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  syntegris information solutions GmbH
    2021-09-22 Simple Attendance System 1.0 – Unauthenticated Blind SQLi
  • webapps
    		•  ()t/\\/\\1
    2021-09-21 WebsiteBaker 2.13.0 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  Halit AKAYDIN
    2021-09-21 Budget and Expense Tracker System 1.0 – Remote Code Execution (RCE) (Unauthenticated)
  • webapps
    		•  Abdullah Khawaja
    2021-09-20 Budget and Expense Tracker System 1.0 – Authenticated Bypass
  • webapps
    		•  Prunier Charles-Yves
    2021-09-20 Church Management System 1.0 – Remote Code Execution (RCE) (Unauthenticated)
  • webapps
    		•  Abdullah Khawaja
    2021-09-20 Online Food Ordering System 2.0 – Remote Code Execution (RCE) (Unauthenticated)
  • webapps
    		•  Abdullah Khawaja
    2021-09-20 WordPress 5.7 – ‘Media Library’ XML External Entity Injection (XXE) (Authenticated)
  • webapps
    		•  David Utón
    2021-09-20 Church Management System 1.0 – ‘search’ SQL Injection (Unauthenticated)
  • webapps
    		•  Erwin Krazek
    2021-09-20 T-Soft E-Commerce 4 – change ‘admin credentials’ Cross-Site Request Forgery (CSRF)
  • webapps
    		•  Alperen Ergel
    2021-09-17 Simple Attendance System 1.0 – Authenticated bypass
  • webapps
    		•  Abdullah Khawaja
    2021-09-17 Library Management System 1.0 – Blind Time-Based SQL Injection (Unauthenticated)
  • webapps
    		•  boku
    2021-09-17 WordPress Plugin WooCommerce Booster Plugin 5.4.3 – Authentication Bypass
  • webapps
    		•  0xB455
    2021-09-16 ImpressCMS 1.4.2 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  Halit AKAYDIN