webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2021-01-29 Simple Public Chat Room 1.0 – Authentication Bypass SQLi
  • webapps
    		•  Richard Jones
    2021-01-29 MyBB Hide Thread Content Plugin 1.0 – Information Disclosure
  • webapps
    		•  0xB9
    2021-01-28 WordPress Plugin SuperForms 4.9 – Arbitrary File Upload
  • webapps
    		•  ABDO10
    2021-01-28 Umbraco CMS 7.12.4 – Remote Code Execution (Authenticated)
  • webapps
    		•  Alexandre ZANNI
    2021-01-28 Fuel CMS 1.4.1 – Remote Code Execution (2)
  • webapps
    		•  Alexandre ZANNI
    2021-01-28 OpenEMR 5.0.1 – Remote Code Execution (Authenticated) (2)
  • webapps
    		•  Alexandre ZANNI
    2021-01-28 CMSUno 1.6.2 – ‘lang’ Remote Code Execution (Authenticated)
  • webapps
    		•  Alexandre ZANNI
    2021-01-28 EgavilanMedia PHPCRUD 1.0 – ‘Full Name’ Stored Cross Site Scripting
  • webapps
    		•  Mahendra Purbia
    2021-01-27 Openlitespeed Web Server 1.7.8 – Command Injection (Authenticated) (1)
  • webapps
    		•  SunCSR
    2021-01-27 STVS ProVision 5.9.10 – Cross-Site Request Forgery (Add Admin)
  • webapps
    		•  LiquidWorm
    2021-01-27 STVS ProVision 5.9.10 – File Disclosure (Authenticated)
  • webapps
    		•  LiquidWorm
    2021-01-26 Simple College Website 1.0 – ‘full’ Stored Cross Site Scripting
  • webapps
    		•  Marco Catalano
    2021-01-26 Simple College Website 1.0 – ‘name’ Sql Injection (Authentication Bypass)
  • webapps
    		•  Marco Catalano
    2021-01-26 Cemetry Mapping and Information System 1.0 – ‘user_email’ Sql Injection (Authentication Bypass)
  • webapps
    		•  Marco Catalano
    2021-01-26 Oracle WebLogic Server 12.2.1.0 – RCE (Unauthenticated)
  • webapps
    		•  CHackA0101
    2021-01-26 Tenda AC5 AC1200 Wireless – ‘WiFi Name & Password’ Stored Cross Site Scripting
  • webapps
    		•  Chiragh Arora
    2021-01-25 Klog Server 2.4.1 – Unauthenticated Command Injection (Metasploit)
  • webapps
    		•  Metin Yunus Kandemir
    2021-01-25 Library System 1.0 – ‘category’ SQL Injection
  • webapps
    		•  Aitor Herrero
    2021-01-25 CASAP Automated Enrollment System 1.0 – ‘route’ Stored XSS
  • webapps
    		•  Richard Jones
    2021-01-25 CASAP Automated Enrollment System 1.0 – ‘First Name’ Stored XSS
  • webapps
    		•  Anita Gaud
    2021-01-25 Collabtive 3.1 – ‘address’ Persistent Cross-Site Scripting
  • webapps
    		•  Deha Berkin Bir
    2021-01-25 MyBB Timeline Plugin 1.0 – Persistent Cross-Site Scripting
  • webapps
    		•  0xB9
    2021-01-22 Selea Targa IP OCR-ANPR Camera – ‘addr’ Remote Code Execution (Unauthenticated)
  • webapps
    		•  LiquidWorm
    2021-01-22 Selea Targa 512 IP OCR-ANPR Camera – Stream Disclosure (Unauthenticated)
  • webapps
    		•  LiquidWorm