webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2021-03-29 WordPress Plugin WP Super Cache 1.7.1 – Remote Code Execution (Authenticated)
  • webapps
    		•  m0ze
    2021-03-29 SyncBreeze 10.1.16 – XML Parsing Stack-based Buffer Overflow
  • webapps
    		•  Filipe Oliveira
    2021-03-29 Novel Boutique House-plus 3.5.1 – Arbitrary File Download
  • webapps
    		•  tuyiqiang
    2021-03-29 Budget Management System 1.0 – ‘Budget title’ Stored XSS
  • webapps
    		•  Jitendra Kumar Tripathi
    2021-03-29 Equipment Inventory System 1.0 – ‘multiple’ Stored XSS
  • webapps
    		•  Jitendra Kumar Tripathi
    2021-03-29 Concrete5 8.5.4 – ‘name’ Stored XSS
  • webapps
    		•  Quadron Research Lab
    2021-03-29 TP-Link Devices – ‘setDefaultHostname’ Stored Cross-site Scripting (Unauthenticated)
  • webapps
    		•  Smriti Gaba
    2021-03-26 Moodle 3.10.3 – ‘label’ Persistent Cross Site Scripting
  • webapps
    		•  Vincent666
    2021-03-26 Regis Inventory And Monitoring System 1.0 – ‘Item List’ Persistent Cross-Site Scripting
  • webapps
    		•  George Tsimpidas
    2021-03-26 ‘customhs_js_content’ – ‘customhs_js_content’ Cross-Site Request Forgery
  • webapps
    		•  Abhishek Joshi
    2021-03-25 Dolibarr ERP 11.0.4 – File Upload Restrictions Bypass (Authenticated RCE)
  • webapps
    		•  Andrea Gonzalez
    2021-03-25 Genexis Platinum-4410 P4410-V2-1.31A – ‘start_addr’ Persistent Cross-Site Scripting
  • webapps
    		•  Jithin KS
    2021-03-25 Linksys EA7500 2.0.8.194281 – Cross-Site Scripting
  • webapps
    		•  MiningOmerta
    2021-03-25 Ovidentia 6 – ‘id’ SQL injection (Authenticated)
  • webapps
    		•  Felipe Prates Donato
    2021-03-23 Codiad 2.8.4 – Remote Code Execution (Authenticated)
  • webapps
    		•  WangYihang
    2021-03-23 Hotel And Lodge Management System 1.0 – ‘Customer Details’ Stored XSS
  • webapps
    		•  Jitendra Kumar Tripathi
    2021-03-23 MyBB 1.8.25 – Poll Vote Count SQL Injection
  • webapps
    		•  SivertPL
    2021-03-22 MyBB 1.8.25 – Chained Remote Command Execution
  • webapps
    		•  SivertPL
    2021-03-22 WordPress Plugin Delightful Downloads Jquery File Tree 1.6.6 – Path Traversal
  • webapps
    		•  Nicholas Ferreira
    2021-03-19 Online News Portal 1.0 – ‘name’ SQL Injection
  • webapps
    		•  Richard Jones
    2021-03-19 KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Config Download (Unauthenticated)
  • webapps
    		•  LiquidWorm
    2021-03-19 KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Factory Reset (Unauthenticated)
  • webapps
    		•  LiquidWorm
    2021-03-19 KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Remote Code Execution
  • webapps
    		•  LiquidWorm
    2021-03-19 KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Authentication Bypass
  • webapps
    		•  LiquidWorm