webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2020-12-03 Sony BRAVIA Digital Signage 1.7.8 – Unauthenticated Remote File Inclusion
  • webapps
    		•  LiquidWorm
    2020-12-03 mojoPortal forums 2.7.0.0 – ‘Title’ Persistent Cross-Site Scripting
  • webapps
    		•  Sagar Banwa
    2020-12-03 Online Matrimonial Project 1.0 – Authenticated Remote Code Execution
  • webapps
    		•  Valerio Alessandroni
    2020-12-03 EgavilanMedia Address Book 1.0 Exploit – SQLi Auth Bypass
  • webapps
    		•  Mayur Parmar
    2020-12-02 Simple College Website 1.0 – ‘page’ Local File Inclusion
  • webapps
    		•  Mosaaed
    2020-12-02 PRTG Network Monitor 20.4.63.1412 – ‘maps’ Stored XSS
  • webapps
    		•  Amin Rawah
    2020-12-02 Anuko Time Tracker 1.19.23.5311 – Password Reset leading to Account Takeover
  • webapps
    		•  Mufaddal Masalawala
    2020-12-02 WonderCMS 3.1.3 – Authenticated Remote Code Execution
  • webapps
    		•  zetc0de
    2020-12-02 Anuko Time Tracker 1.19.23.5311 – No rate Limit on Password Reset functionality
  • webapps
    		•  Mufaddal Masalawala
    2020-12-02 WonderCMS 3.1.3 – Authenticated SSRF to Remote Remote Code Execution
  • webapps
    		•  zetc0de
    2020-12-02 ChurchCRM 4.2.1 – Persistent Cross Site Scripting (XSS)
  • webapps
    		•  Mufaddal Masalawala
    2020-12-02 EgavilanMedia User Registration & Login System with Admin Panel 1.0 – Stored Cross Site Scripting
  • webapps
    		•  Soushikta Chowdhury
    2020-12-02 ChurchCRM 4.2.0 – CSV/Formula Injection
  • webapps
    		•  Mufaddal Masalawala
    2020-12-02 Student Result Management System 1.0 – Authentication Bypass SQL Injection
  • webapps
    		•  Ritesh Gohil
    2020-12-02 WebDamn User Registration & Login System with User Panel – SQLi Auth Bypass
  • webapps
    		•  Aakash Madaan
    2020-12-02 EgavilanMedia User Registration & Login System with Admin Panel 1.0 – CSRF
  • webapps
    		•  Hardik Solanki
    2020-12-02 DotCMS 20.11 – Stored Cross-Site Scripting
  • webapps
    		•  Hardik Solanki
    2020-12-02 Under Construction Page with CPanel 1.0 – SQL injection
  • webapps
    		•  Mayur Parmar
    2020-12-02 Artworks Gallery 1.0 – Arbitrary File Upload RCE (Authenticated) via Edit Profile
  • webapps
    		•  Shahrukh Iqbal Mirza
    2020-12-02 Pharmacy Store Management System 1.0 – ‘id’ SQL Injection
  • webapps
    		•  Aydın Baran Ertemir
    2020-12-02 Artworks Gallery 1.0 – Arbitrary File Upload RCE (Authenticated) via Add Artwork
  • webapps
    		•  Shahrukh Iqbal Mirza
    2020-12-02 ILIAS Learning Management System 4.3 – SSRF
  • webapps
    		•  Dot
    2020-12-02 Employee Record Management System 1.1 – Login Bypass SQL Injection
  • webapps
    		•  Anurag Kumar
    2020-12-02 Expense Management System – ‘description’ Stored Cross Site Scripting
  • webapps
    		•  Nikhil Kumar