aspx

日期	标题	类别	作者
2024-03-11	Sitecore – Remote Code Execution v8.2	webapps	abhishek morla
2023-06-22	Smart Office Web 20.28 – Remote Information Disclosure (Unauthenticated)	webapps	Tejas Pingulkar
2023-04-01	ELSI Smart Floor V3.3.3 – Stored Cross-Site Scripting (XSS)	webapps	Rob, CTRL Group
2023-03-28	ReQlogic v11.3 – Reflected Cross-Site Scripting (XSS)	webapps	Okan Kurtulus
2022-01-18	Nyron 1.0 – SQLi (Unauthenticated)	webapps	Miguel Santareno
2021-10-29	Umbraco v8.14.1 – ‘baseUrl’ SSRF	webapps	NgoAnhDuc
2021-09-24	SmarterTools SmarterTrack 7922 – ‘Multiple’ Information Disclosure	webapps	Andrei Manole
2021-08-31	Umbraco CMS 8.9.1 – Directory Traversal	webapps	BitTheByte
2021-07-29	IntelliChoice eFORCE Software Suite 2.5.9 – Username Enumeration	webapps	LiquidWorm
2021-07-23	Microsoft SharePoint Server 2019 – Remote Code Execution (2)	webapps	Podalirius
2021-02-01	H8 SSRMS – ‘id’ IDOR	webapps	Mohammed Farhan
2021-01-28	Umbraco CMS 7.12.4 – Remote Code Execution (Authenticated)	webapps	Alexandre ZANNI
2020-11-06	BlogEngine 3.3.8 – ‘Content’ Stored XSS	webapps	Andrey Stoykov
2020-08-17	Microsoft SharePoint Server 2019 – Remote Code Execution	webapps	West Shepherd
2020-05-12	Orchard Core RC1 – Persistent Cross-Site Scripting	webapps	SunCSR
2020-05-11	Kartris 1.6 – Arbitrary File Upload	webapps	Nhat Ha
2020-02-24	DotNetNuke 9.5 – File Upload Restrictions Bypass	webapps	Sajjad Pourali
2020-02-24	DotNetNuke 9.5 – Persistent Cross-Site Scripting	webapps	Sajjad Pourali
2019-12-18	Telerik UI – Remote Code Execution via Insecure Deserialization	webapps	Bishop Fox
2019-12-17	NopCommerce 4.2.0 – Privilege Escalation	webapps	Alessandro Magnosi
2019-12-16	Roxy Fileman 1.4.5 – Directory Traversal	webapps	Patrik Lantz
2019-11-12	Adrenalin Core HCM 5.4.0 – ‘ReportID’ Reflected Cross-Site Scripting	webapps	Cy83rl0gger
2019-11-12	Adrenalin Core HCM 5.4.0 – ‘prntDDLCntrlName’ Reflected Cross-Site Scripting	webapps	Cy83rl0gger
2019-11-12	Adrenalin Core HCM 5.4.0 – ‘strAction’ Reflected Cross-Site Scripting	webapps	Cy83rl0gger