webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2020-10-20 Apache Struts 2 – DefaultActionMapper Prefixes OGNL Code Execution
  • webapps
    		•  Jonatas Fil
    2020-10-19 Jenkins 2.63 – Sandbox bypass in pipeline: Groovy plug-in
  • webapps
    		•  Daniel Morris
    2020-10-19 HiSilicon Video Encoders – Unauthenticated RTSP buffer overflow (DoS)
  • webapps
    		•  Alexei Kojenov
    2020-10-19 HiSilicon Video Encoders – Full admin access via backdoor password
  • webapps
    		•  Alexei Kojenov
    2020-10-19 HiSilicon video encoders – RCE via unauthenticated upload of malicious firmware
  • webapps
    		•  Alexei Kojenov
    2020-10-19 HiSilicon Video Encoders – RCE via unauthenticated command injection
  • webapps
    		•  Alexei Kojenov
    2020-10-19 HiSilicon Video Encoders – Unauthenticated file disclosure via path traversal
  • webapps
    		•  Alexei Kojenov
    2020-10-19 Online Job Portal 1.0 – Cross Site Scripting (Stored)
  • webapps
    		•  Akıner Kısa
    2020-10-19 Online Discussion Forum Site 1.0 – XSS in Messaging System
  • webapps
    		•  j5oh
    2020-10-19 Online Student’s Management System 1.0 – Remote Code Execution (Authenticated)
  • webapps
    		•  Akıner Kısa
    2020-10-19 Nagios XI 5.7.3 – ‘SNMP Trap Interface’ Authenticated SQL Injection
  • webapps
    		•  Matthew Aberegg
    2020-10-19 Nagios XI 5.7.3 – ‘Manage Users’ Authenticated SQL Injection
  • webapps
    		•  Matthew Aberegg
    2020-10-19 Nagios XI 5.7.3 – ‘Contact Templates’ Persistent Cross-Site Scripting
  • webapps
    		•  Matthew Aberegg
    2020-10-19 Tourism Management System 1.0 – Arbitrary File Upload
  • webapps
    		•  Ankita Pal
    2020-10-19 Textpattern CMS 4.6.2 – Cross-site Request Forgery
  • webapps
    		•  Alperen Ergel
    2020-10-19 Typesetter CMS 5.1 – Arbitrary Code Execution (Authenticated)
  • webapps
    		•  Rodolfo Tavares
    2020-10-19 Hostel Management System 2.1 – Cross Site Scripting (Multiple Fields)
  • webapps
    		•  Kokn3t
    2020-10-16 CS-Cart 1.3.3 – authenticated RCE
  • webapps
    		•  0xmmnbassel
    2020-10-16 CS-Cart 1.3.3 – ‘classes_dir’ LFI
  • webapps
    		•  0xmmnbassel
    2020-10-16 Seat Reservation System 1.0 – Unauthenticated SQL Injection
  • webapps
    		•  Rahul Ramkumar
    2020-10-16 Hotel Management System 1.0 – Remote Code Execution (Authenticated)
  • webapps
    		•  Aporlorxl23
    2020-10-16 Seat Reservation System 1.0 – Remote Code Execution (Unauthenticated)
  • webapps
    		•  Rahul Ramkumar
    2020-10-16 aaPanel 6.6.6 – Privilege Escalation & Remote Code Execution (Authenticated)
  • webapps
    		•  Ünsal Furkan Harani
    2020-10-16 Restaurant Reservation System 1.0 – ‘date’ SQL Injection (Authenticated)
  • webapps
    		•  b1nary