webapps

日期	标题	类别	作者
2020-12-14	MiniWeb HTTP Server 0.8.19 – Buffer Overflow (PoC)	webapps	securityforeveryone.com
2020-12-14	LibreNMS 1.46 – MAC Accounting Graph Authenticated SQL Injection	webapps	Hodorsec
2020-12-14	Rukovoditel 2.6.1 – Cross-Site Request Forgery (Change password)	webapps	KeopssGroup0day,Inc
2020-12-14	Jenkins 2.235.3 – ‘X-Forwarded-For’ Stored XSS	webapps	gx1
2020-12-14	GitLab 11.4.7 – Remote Code Execution (Authenticated) (1)	webapps	Fortunato Lodari
2020-12-14	Macally WIFISD2-2A82 2.000.010 – Guest to Root Privilege Escalation	webapps	Maximilian Barz
2020-12-14	Rumble Mail Server 0.51.3135 – ‘username’ Stored XSS	webapps	Mohammed Alshehri
2020-12-11	Courier Management System 1.0 – ‘ref_no’ SQL Injection	webapps	Zhaiyi
2020-12-11	Courier Management System 1.0 – ‘MULTIPART street ((custom) ‘ SQL Injection	webapps	Zhaiyi
2020-12-11	Courier Management System 1.0 – ‘First Name’ Stored XSS	webapps	Zhaiyi
2020-12-11	Dolibarr 12.0.3 – SQLi to RCE	webapps	coiffeur
2020-12-11	Supply Chain Management System – Auth Bypass SQL Injection	webapps	Piyush Malviya
2020-12-11	Rukovoditel 2.6.1 – RCE (1)	webapps	coiffeur
2020-12-11	Jenkins 2.235.3 – ‘Description’ Stored XSS	webapps	gx1
2020-12-11	Medical Center Portal Management System 1.0 – Multiple Stored XSS	webapps	Saeed Bala Ahmed
2020-12-11	Openfire 4.6.0 – ‘sql’ Stored XSS	webapps	j5s
2020-12-11	Openfire 4.6.0 – ‘users’ Stored XSS	webapps	j5s
2020-12-11	Openfire 4.6.0 – ‘groupchatJID’ Stored XSS	webapps	j5s
2020-12-11	Jenkins 2.235.3 – ‘tooltip’ Stored Cross-Site Scripting	webapps	gx1
2020-12-10	Barcodes generator 1.0 – ‘name’ Stored Cross Site Scripting	webapps	Nikhil Kumar
2020-12-10	WordPress Plugin Popup Builder 3.69.6 – Multiple Stored Cross Site Scripting	webapps	Ilca Lucian Florin
2020-12-10	Library Management System 2.0 – Auth Bypass SQL Injection	webapps	Manish Solanki
2020-12-10	Openfire 4.6.0 – ‘path’ Stored XSS	webapps	j5s
2020-12-10	OpenCart 3.0.3.6 – Cross Site Request Forgery	webapps	Mahendra Purbia