webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2021-06-24 Adobe ColdFusion 8 – Remote Command Execution (RCE)
  • webapps
    		•  Pergyz
    2021-06-24 VMware vCenter Server 7.0 – Remote Code Execution (RCE) (Unauthenticated)
  • webapps
    		•  CHackA0101
    2021-06-23 Online Library Management System 1.0 – Arbitrary File Upload Remote Code Execution (Unauthenticated)
  • webapps
    		•  Berk Can Geyikci
    2021-06-23 Online Library Management System 1.0 – ‘Search’ SQL Injection
  • webapps
    		•  Berk Can Geyikci
    2021-06-23 WordPress Plugin Poll, Survey, Questionnaire and Voting system 1.5.2 – ‘date_answers’ Blind SQL Injection
  • webapps
    		•  Toby Jackson
    2021-06-23 WordPress Plugin WP Google Maps 8.1.11 – Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Mohammed Adam
    2021-06-23 Simple CRM 3.0 – ’email’ SQL injection (Authentication Bypass)
  • webapps
    		•  Rinku Kumar
    2021-06-22 Phone Shop Sales Managements System 1.0 – Insecure Direct Object Reference (IDOR)
  • webapps
    		•  Pratik Khalane
    2021-06-22 Responsive Tourism Website 3.1 – Remote Code Execution (RCE) (Unauthenticated)
  • webapps
    		•  Tagoletta
    2021-06-21 Customer Relationship Management System (CRM) 1.0 – Remote Code Execution
  • webapps
    		•  Ishan Saha
    2021-06-21 Simple CRM 3.0 – ‘name’ Stored Cross site scripting (XSS)
  • webapps
    		•  Riadh Benlamine
    2021-06-21 Simple CRM 3.0 – ‘Change user information’ Cross-Site Request Forgery (CSRF)
  • webapps
    		•  Riadh Benlamine
    2021-06-21 Websvn 2.6.0 – Remote Code Execution (Unauthenticated)
  • webapps
    		•  g0ldm45k
    2021-06-21 OpenEMR 5.0.1.7 – ‘fileName’ Path Traversal (Authenticated)
  • webapps
    		•  Ron Jost
    2021-06-18 Node.JS – ‘node-serialize’ Remote Code Execution (3)
  • webapps
    		•  Beren Kuday GÖRÜN
    2021-06-18 ICE Hrm 29.0.0.OS – ‘xml upload’ Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Piyush Patil
    2021-06-18 ICE Hrm 29.0.0.OS – ‘Account Takeover’ Cross-Site Request Forgery (CSRF)
  • webapps
    		•  Piyush Patil
    2021-06-17 Online Shopping Portal 3.1 – Remote Code Execution (Unauthenticated)
  • webapps
    		•  Tagoletta
    2021-06-17 Zoho ManageEngine ServiceDesk Plus MSP 9.4 – User Enumeration
  • webapps
    		•  Ricardo Ruiz
    2021-06-17 Unified Office Total Connect Now 1.0 – ‘data’ SQL Injection
  • webapps
    		•  Ajaikumar Nadar
    2021-06-16 OpenEMR 5.0.1.3 – Authentication Bypass
  • webapps
    		•  Ron Jost
    2021-06-16 Cotonti Siena 0.9.19 – ‘maintitle’ Stored Cross-Site Scripting
  • webapps
    		•  Fatih İLGİN
    2021-06-16 CKEditor 3 – Server-Side Request Forgery (SSRF)
  • webapps
    		•  ahmed
    2021-06-16 Teachers Record Management System 1.0 – ’email’ Stored Cross-site Scripting (XSS)
  • webapps
    		•  nhattruong