webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2020-10-28 Nagios XI 5.7.3 – ‘mibs.php’ Remote Command Injection (Authenticated)
  • webapps
    		•  Matthew Aberegg
    2020-10-27 Sphider Search Engine 1.3.6 – ‘word_upper_bound’ RCE (Authenticated)
  • webapps
    		•  Gurkirat Singh
    2020-10-27 Client Management System 1.0 – ‘searchdata’ SQL injection
  • webapps
    		•  Serkan Sancar
    2020-10-27 Sentrifugo 3.2 – File Upload Restriction Bypass (Authenticated)
  • webapps
    		•  Gurkirat Singh
    2020-10-26 ReQuest Serious Play F3 Media Server 7.0.3 – Remote Code Execution (Unauthenticated)
  • webapps
    		•  LiquidWorm
    2020-10-26 ReQuest Serious Play F3 Media Server 7.0.3 – Remote Denial of Service
  • webapps
    		•  LiquidWorm
    2020-10-26 ReQuest Serious Play F3 Media Server 7.0.3 – Debug Log Disclosure
  • webapps
    		•  LiquidWorm
    2020-10-26 ReQuest Serious Play Media Player 3.0 – Directory Traversal File Disclosure
  • webapps
    		•  LiquidWorm
    2020-10-26 Genexis Platinum-4410 – ‘SSID’ Persistent XSS
  • webapps
    		•  Amal Mohandas
    2020-10-26 PDW File Browser 1.3 – ‘new_filename’ Cross-Site Scripting (XSS)
  • webapps
    		•  David Bimmel
    2020-10-26 InoERP 0.7.2 – Remote Code Execution (Unauthenticated)
  • webapps
    		•  Lyhin\'s Lab
    2020-10-26 Online Health Care System 1.0 – Multiple Cross Site Scripting (Stored)
  • webapps
    		•  Akıner Kısa
    2020-10-26 CMS Made Simple 2.1.6 – ‘cntnt01detailtemplate’ Server-Side Template Injection
  • webapps
    		•  Gurkirat Singh
    2020-10-23 Car Rental Management System 1.0 – Arbitrary File Upload
  • webapps
    		•  Jyotsna Adhana
    2020-10-23 Stock Management System 1.0 – ‘brandId and categoriesId’ SQL Injection
  • webapps
    		•  Ihsan Sencan
    2020-10-23 Ajenti 2.1.36 – Remote Code Execution (Authenticated)
  • webapps
    		•  Ahmet Ümit BAYRAM
    2020-10-23 Online Library Management System 1.0 – Arbitrary File Upload
  • webapps
    		•  Jyotsna Adhana
    2020-10-23 TextPattern CMS 4.8.3 – Remote Code Execution (Authenticated)
  • webapps
    		•  0blio_
    2020-10-23 Bludit 3.9.2 – Auth Bruteforce Bypass
  • webapps
    		•  Mayank Deshmukh
    2020-10-23 Gym Management System 1.0 – Stored Cross Site Scripting
  • webapps
    		•  Jyotsna Adhana
    2020-10-23 Gym Management System 1.0 – Authentication Bypass
  • webapps
    		•  Jyotsna Adhana
    2020-10-23 School Faculty Scheduling System 1.0 – ‘username’ SQL Injection
  • webapps
    		•  Jyotsna Adhana
    2020-10-23 School Faculty Scheduling System 1.0 – ‘id’ SQL Injection
  • webapps
    		•  Jyotsna Adhana
    2020-10-23 Point of Sales 1.0 – ‘username’ SQL Injection
  • webapps
    		•  Jyotsna Adhana