webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2020-12-21 Flexmonster Pivot Table & Charts 2.7.17 – ‘Remote Report’ Reflected XSS
  • webapps
    		•  Marco Nappi
    2020-12-21 SCO Openserver 5.0.7 – ‘outputform’ Command Injection
  • webapps
    		•  Ramikan
    2020-12-21 SCO Openserver 5.0.7 – ‘section’ Reflected XSS
  • webapps
    		•  Ramikan
    2020-12-21 Spiceworks 7.5 – HTTP Header Injection
  • webapps
    		•  Ramikan
    2020-12-21 Academy-LMS 4.3 – Stored XSS
  • webapps
    		•  Vinicius Alves
    2020-12-21 Spotweb 1.4.9 – ‘search’ SQL Injection
  • webapps
    		•  BouSalman
    2020-12-21 Queue Management System 4.0.0 – “Add User” Stored XSS
  • webapps
    		•  Kislay Kumar
    2020-12-21 Online Marriage Registration System 1.0 – ‘searchdata’ SQL Injection
  • webapps
    		•  Raffaele Sabato
    2020-12-21 Point of Sale System 1.0 – Multiple Stored XSS
  • webapps
    		•  Saeed Bala Ahmed
    2020-12-21 Flexmonster Pivot Table & Charts 2.7.17 – ‘Remote JSON’ Reflected XSS
  • webapps
    		•  Marco Nappi
    2020-12-21 Flexmonster Pivot Table & Charts 2.7.17 – ‘To remote CSV’ Reflected XSS
  • webapps
    		•  Marco Nappi
    2020-12-18 Xeroneit Library Management System 3.1 – “Add Book Category ” Stored XSS
  • webapps
    		•  Kislay Kumar
    2020-12-18 SyncBreeze 10.0.28 – ‘login’ Denial of Service (Poc)
  • webapps
    		•  Ahmed Elkhressy
    2020-12-18 Smart Hospital 3.1 – “Add Patient” Stored XSS
  • webapps
    		•  Kislay Kumar
    2020-12-18 WordPress Plugin Duplicator 1.3.26 – Unauthenticated Arbitrary File Read (Metasploit)
  • webapps
    		•  SunCSR Team
    2020-12-18 Alumni Management System 1.0 – ‘id’ SQL Injection
  • webapps
    		•  Aakash Madaan
    2020-12-18 Alumni Management System 1.0 – “Course Form” Stored XSS
  • webapps
    		•  Aakash Madaan
    2020-12-18 Alumni Management System 1.0 – Unrestricted File Upload To RCE
  • webapps
    		•  Aakash Madaan
    2020-12-18 Point of Sale System 1.0 – Authentication Bypass
  • webapps
    		•  Saeed Bala Ahmed
    2020-12-17 Content Management System 1.0 – ’email’ SQL Injection
  • webapps
    		•  Zhaiyi
    2020-12-17 Content Management System 1.0 – ‘First Name’ Stored XSS
  • webapps
    		•  Zhaiyi
    2020-12-17 Linksys RE6500 1.0.11.001 – Unauthenticated RCE
  • webapps
    		•  RE-Solver
    2020-12-17 Dolibarr ERP-CRM 12.0.3 – Remote Code Execution (Authenticated)
  • webapps
    		•  Yilmaz Degirmenci
    2020-12-17 Victor CMS 1.0 – Multiple SQL Injection (Authenticated)
  • webapps
    		•  Furkan Göksel