webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2020-11-13 OpenCart Theme Journal 3.1.0 – Sensitive Data Exposure
  • webapps
    		•  Jinson Varghese Behanan
    2020-11-13 Touchbase.io 1.10 – Stored Cross Site Scripting
  • webapps
    		•  Simran Sankhala
    2020-11-13 Apache Tomcat – AJP ‘Ghostcat’ File Read/Inclusion (Metasploit)
  • webapps
    		•  SunCSR
    2020-11-13 Citrix ADC NetScaler – Local File Inclusion (Metasploit)
  • webapps
    		•  RAMELLA Sebastien
    2020-11-13 Bludit 3.9.2 – Authentication Bruteforce Bypass (Metasploit)
  • webapps
    		•  Aporlorxl23
    2020-11-13 ASUS TM-AC1900 – Arbitrary Command Execution (Metasploit)
  • webapps
    		•  b1ack0wl
    2020-11-12 Water Billing System 1.0 – ‘username’ and ‘password’ parameters SQL Injection
  • webapps
    		•  Sarang Tumne
    2020-11-12 Sony Playstation 4 (PS4) < 6.72 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)
  • webapps
    		•  Synacktiv
    2020-11-12 WordPress Plugin Good LMS 2.1.4 – ‘id’ Unauthenticated SQL Injection
  • webapps
    		•  Abdulazeez Alaseeri
    2020-11-11 CMSUno 1.6.2 – ‘user’ Remote Code Execution (Authenticated)
  • webapps
    		•  Fatih Çelik
    2020-11-11 Customer Support System 1.0 – ‘username’ Authentication Bypass
  • webapps
    		•  Ahmed Abbas
    2020-11-11 Customer Support System 1.0 – Cross-Site Request Forgery
  • webapps
    		•  Ahmed Abbas
    2020-11-11 Customer Support System 1.0 – ‘description’ Stored XSS in The Admin Panel
  • webapps
    		•  Ahmed Abbas
    2020-11-10 Anuko Time Tracker 1.19.23.5325 – CSV/Formula Injection
  • webapps
    		•  Mufaddal Masalawala
    2020-11-10 ShoreTel Conferencing 19.46.1802.0 – Reflected Cross-Site Scripting
  • webapps
    		•  Joe Helle
    2020-11-10 Car Rental Management System 1.0 – SQL injection + Arbitrary File Upload
  • webapps
    		•  Fortunato Lodari
    2020-11-09 Joplin 1.2.6 – ‘link’ Cross Site Scripting
  • webapps
    		•  Philip Holbrook
    2020-11-09 SuiteCRM 7.11.15 – ‘last_name’ Remote Code Execution (Authenticated)
  • webapps
    		•  M. Cory Billington
    2020-11-09 Genexis Platinum-4410 P4410-V2-1.28 – Broken Access Control and CSRF
  • webapps
    		•  Jinson Varghese Behanan
    2020-11-06 Sentrifugo Version 3.2 – ‘announcements’ Remote Code Execution (Authenticated)
  • webapps
    		•  Fatih Çelik
    2020-11-06 Sentrifugo 3.2 – ‘assets’ Remote Code Execution (Authenticated)
  • webapps
    		•  Fatih Çelik
    2020-11-06 CMSUno 1.6.2 – ‘lang’ Remote Code Execution (Authenticated)
  • webapps
    		•  Fatih Çelik
    2020-11-06 SmartBlog 2.0.1 – ‘id_post’ Blind SQL injection
  • webapps
    		•  C0wnuts
    2020-11-06 BlogEngine 3.3.8 – ‘Content’ Stored XSS
  • webapps
    		•  Andrey Stoykov