webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2021-03-19 CouchCMS 2.2.1 – Server-Side Request Forgery
  • webapps
    		•  xxcdd
    2021-03-19 VestaCP 0.9.8 – ‘v_sftp_licence’ Command Injection
  • webapps
    		•  numan türle
    2021-03-19 Profiling System for Human Resource Management 1.0 – Remote Code Execution (Unauthenticated)
  • webapps
    		•  Christian Vierschilling
    2021-03-19 Boonex Dolphin 7.4.2 – ‘width’ Stored XSS
  • webapps
    		•  Piyush Patil
    2021-03-19 LiveZilla Server 8.0.1.0 – ‘Accept-Language’ Reflected XSS
  • webapps
    		•  Clément Cruchet
    2021-03-19 Plone CMS 5.2.3 – ‘Title’ Stored XSS
  • webapps
    		•  Piyush Patil
    2021-03-19 Online News Portal 1.0 – ‘Multiple’ Stored Cross-Site Scripting
  • webapps
    		•  Richard Jones
    2021-03-19 Online News Portal 1.0 – ‘name’ SQL Injection
  • webapps
    		•  Richard Jones
    2021-03-19 KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Config Download (Unauthenticated)
  • webapps
    		•  LiquidWorm
    2021-03-19 KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Factory Reset (Unauthenticated)
  • webapps
    		•  LiquidWorm
    2021-03-18 Hestia Control Panel 1.3.2 – Arbitrary File Write
  • webapps
    		•  numan türle
    2021-03-18 SEO Panel 4.8.0 – ‘order_col’ Blind SQL Injection (1)
  • webapps
    		•  Piyush Patil
    2021-03-18 rConfig 3.9.6 – Arbitrary File Upload to Remote Code Execution (Authenticated) (1)
  • webapps
    		•  Murat ŞEKER
    2021-03-18 VestaCP 0.9.8 – ‘v_interface’ Add IP Stored XSS
  • webapps
    		•  numan türle
    2021-03-17 VestaCP 0.9.8 – File Upload CSRF
  • webapps
    		•  Fady Mohammed Osman
    2021-03-17 WoWonder Social Network Platform 3.1 – ‘event_id’ SQL Injection
  • webapps
    		•  securityforeveryone.com
    2021-03-16 Alphaware E-Commerce System 1.0 – Unauthenicated Remote Code Execution (File Upload + SQL injection)
  • webapps
    		•  Christian Vierschilling
    2021-03-15 Sonlogger 4.2.3.3 – SuperAdmin Account Creation / Information Disclosure
  • webapps
    		•  Berkan Er
    2021-03-15 openMAINT openMAINT 2.1-3.3-b – ‘Multiple’ Persistent Cross-Site Scripting
  • webapps
    		•  Hosein Vita
    2021-03-15 rConfig 3.9.6 – ‘path’ Local File Inclusion (Authenticated)
  • webapps
    		•  Murat ŞEKER
    2021-03-15 MagpieRSS 0.72 – ‘url’ Command Injection
  • webapps
    		•  bl4ckh4ck5
    2021-03-15 Zenario CMS 8.8.53370 – ‘id’ Blind SQL Injection
  • webapps
    		•  Balaji Ayyasamy
    2021-03-15 SonLogger 4.2.3.3 – Unauthenticated Arbitrary File Upload (Metasploit)
  • webapps
    		•  Berkan Er
    2021-03-12 Monitoring System (Dashboard) 1.0 – File Upload RCE (Authenticated)
  • webapps
    		•  Richard Jones