Types webapps - 体验盒子 - 不再关注网络安全

日期	标题	类别	作者
2021-01-04	WordPress Core 5.2.2 – ‘post previews’ XSS	webapps	gx1
2020-12-24	GitLab 11.4.7 – RCE (Authenticated) (2)	webapps	Norbert Hofmann
2020-12-24	WordPress Plugin Adning Advertising 1.5.5 – Arbitrary File Upload	webapps	spacehen
2020-12-24	WordPress Plugin WP-PostRatings 1.86 – ‘postratings_image’ Cross-Site Scripting	webapps	Park Won Seok
2020-12-24	Apartment Visitors Management System 1.0 – Authentication Bypass	webapps	Kshitiz Raj
2020-12-23	Baby Care System 1.0 – ‘roleid’ SQL Injection	webapps	Vijay Sachdeva
2020-12-23	TerraMaster TOS 4.2.06 – Unauthenticated Remote Code Execution (Metasploit)	webapps	AkkuS
2020-12-23	Sales and Inventory System for Grocery Store 1.0 – Multiple Stored XSS	webapps	Vijay Sachdeva
2020-12-23	WordPress Epsilon Framework Multiple Themes – Unauthenticated Function Injection	webapps	gx1
2020-12-23	Online Learning Management System 1.0 – ‘id’ SQL Injection	webapps	Aakash Madaan
2020-12-23	Online Learning Management System 1.0 – Multiple Stored XSS	webapps	Aakash Madaan
2020-12-23	Online Learning Management System 1.0 – Authentication Bypass	webapps	Aakash Madaan
2020-12-23	Class Scheduling System 1.0 – Multiple Stored XSS	webapps	Aakash Madaan
2020-12-22	Webmin 1.962 – ‘Package Updates’ Escape Bypass RCE (Metasploit)	webapps	AkkuS
2020-12-22	WordPress Plugin W3 Total Cache – Unauthenticated Arbitrary File Read (Metasploit)	webapps	SunCSR Team
2020-12-22	Multi Branch School Management System 3.5 – “Create Branch” Stored XSS	webapps	Kislay Kumar
2020-12-22	Library Management System 3.0 – “Add Category” Stored XSS	webapps	Kislay Kumar
2020-12-22	CSE Bookstore 1.0 – Multiple SQL Injection	webapps	Musyoka Ian
2020-12-22	Pandora FMS 7.0 NG 750 – ‘Network Scan’ SQL Injection (Authenticated)	webapps	Matthew Aberegg
2020-12-22	Victor CMS 1.0 – File Upload To RCE	webapps	Mosaaed
2020-12-22	TerraMaster TOS 4.2.06 – RCE (Unauthenticated)	webapps	IHTeam
2020-12-22	Faculty Evaluation System 1.0 – Stored XSS	webapps	Vijay Sachdeva
2020-12-22	Artworks Gallery Management System 1.0 – ‘id’ SQL Injection	webapps	Vijay Sachdeva
2020-12-21	Online Marriage Registration System 1.0 – ‘searchdata’ SQL Injection	webapps	Raffaele Sabato