webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2021-03-01 Online Catering Reservation System 1.0 – Remote Code Execution (Unauthenticated)
  • webapps
    		•  Christian Vierschilling
    2021-03-01 VMware vCenter Server 7.0 – Unauthenticated File Upload
  • webapps
    		•  Photubias
    2021-03-01 FortiLogger 4.4.2.2 – Unauthenticated Arbitrary File Upload (Metasploit)
  • webapps
    		•  Berkan Er
    2021-02-26 LightCMS 1.3.4 – ‘exclusive’ Stored XSS
  • webapps
    		•  Peithon
    2021-02-26 Triconsole 3.75 – Reflected XSS
  • webapps
    		•  Akash Chathoth
    2021-02-26 Simple Employee Records System 1.0 – File Upload RCE (Unauthenticated)
  • webapps
    		•  sml
    2021-02-25 Vehicle Parking Management System 1.0 – ‘catename’ Persistent Cross-Site Scripting (XSS)
  • webapps
    		•  Tushar Vaidya
    2021-02-24 LayerBB 1.1.4 – ‘search_query’ SQL Injection
  • webapps
    		•  Görkem Haşin
    2021-02-23 Batflat CMS 1.3.6 – ‘multiple’ Stored XSS
  • webapps
    		•  Tadjmen
    2021-02-23 Monica 2.19.1 – ‘last_name’ Stored XSS
  • webapps
    		•  BouSalman
    2021-02-19 Online Exam System With Timer 1.0 – ’email’ SQL injection Auth Bypass
  • webapps
    		•  Suresh Kumar
    2021-02-19 Comment System 1.0 – ‘multiple’ Stored Cross-Site Scripting
  • webapps
    		•  Pintu Solanki
    2021-02-19 PEEL Shopping 9.3.0 – ‘Comments’ Persistent Cross-Site Scripting
  • webapps
    		•  Anmol K Sachan
    2021-02-19 Beauty Parlour Management System 1.0 – ‘sername’ SQL Injection
  • webapps
    		•  Thinkland Security Team
    2021-02-19 OpenText Content Server 20.3 – ‘multiple’ Stored Cross-Site Scripting
  • webapps
    		•  Kamil Breński
    2021-02-18 Batflat CMS 1.3.6 – Remote Code Execution (Authenticated)
  • webapps
    		•  mari0x00
    2021-02-18 Gitea 1.12.5 – Remote Code Execution (Authenticated)
  • webapps
    		•  Podalirius
    2021-02-17 Billing Management System 2.0 – ’email’ SQL injection Auth Bypass
  • webapps
    		•  Pintu Solanki
    2021-02-17 Faulty Evaluation System 1.0 – ‘multiple’ Stored Cross-Site Scripting
  • webapps
    		•  Suresh Kumar
    2021-02-16 BlackCat CMS 1.3.6 – ‘Display name’ Cross Site Scripting (XSS)
  • webapps
    		•  Kamaljeet Kumar
    2021-02-16 Online Internship Management System 1.0 – ’email’ SQL injection Auth Bypass
  • webapps
    		•  Christian Vierschilling
    2021-02-15 Teachers Record Management System 1.0 – ‘searchteacher’ SQL Injection
  • webapps
    		•  Soham Bakore
    2021-02-15 TestLink 1.9.20 – Unrestricted File Upload (Authenticated)
  • webapps
    		•  snovvcrash
    2021-02-12 School Event Attendance Monitoring System 1.0 – ‘Item Name’ Stored Cross-Site Scripting
  • webapps
    		•  Suresh Kumar