jsp

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2018-04-16 Sophos Cyberoam UTM CR25iNG – 10.6.3 MR-5 – Direct Object Reference
  • webapps
    		•  Frogy
    2018-02-22 Trend Micro Email Encryption Gateway 5.5 (Build 1111.00) – Multiple Vulnerabilities
  • webapps
    		•  Core Security
    2018-01-15 Oracle E-Business Suite 12.1.3/12.2.x – Open Redirect
  • webapps
    		•  Andrew Gill
    2018-01-05 Gespage 7.4.8 – SQL Injection
  • webapps
    		•  Sysdream
    2017-10-09 Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution (2)
  • webapps
    		•  intx0x80
    2017-10-02 OpenText Document Sciences xPression 4.5SP1 Patch 13 – ‘documentId’ SQL Injection
  • webapps
    		•  Marcin Woloszyn
    2017-10-02 OpenText Document Sciences xPression 4.5SP1 Patch 13 – ‘jobRunId’ SQL Injection
  • webapps
    		•  Marcin Woloszyn
    2017-09-13 Infinite Automation Mango Automation – Command Injection (Metasploit)
  • remote
    		•  James Fitts
    2017-08-18 Symantec Messaging Gateway 10.6.3-2 – Root Remote Command Execution
  • webapps
    		•  Philip Pettersson
    2017-08-09 DALIM SOFTWARE ES Core 5.0 build 7184.1 – Directory Traversal
  • webapps
    		•  LiquidWorm
    2017-08-09 DALIM SOFTWARE ES Core 5.0 build 7184.1 – Cross-Site Scripting / Cross-Site Request Forgery
  • webapps
    		•  LiquidWorm
    2017-08-09 DALIM SOFTWARE ES Core 5.0 build 7184.1 – User Enumeration
  • webapps
    		•  LiquidWorm
    2017-08-09 DALIM SOFTWARE ES Core 5.0 build 7184.1 – Server-Side Request Forgery
  • webapps
    		•  LiquidWorm
    2017-08-01 Advantech SUSIAccess < 3.0 - 'RecoveryMgmt' File Upload
  • webapps
    		•  James Fitts
    2017-08-01 Advantech SUSIAccess < 3.0 - Directory Traversal / Information Disclosure (Metasploit)
  • webapps
    		•  James Fitts
    2017-07-19 Oracle E-Business Suite 12.x – Server-Side Request Forgery
  • webapps
    		•  Sarath Nair
    2017-05-24 NetGain EM 7.2.647 build 941 – Authentication Bypass / Local File Inclusion
  • webapps
    		•  f3ci
    2017-04-25 Oracle E-Business Suite 12.2.3 – ‘IESFOOTPRINT’ SQL Injection
  • webapps
    		•  ERPScan
    2017-03-27 Nuxeo 6.0/7.1/7.2/7.3 – Remote Code Execution (Metasploit)
  • webapps
    		•  Sysdream
    2017-03-10 Kinsey Infor/Lawson / ESBUS – SQL Injection
  • webapps
    		•  Michael Benich
    2017-02-23 NetGain Enterprise Manager 7.2.562 – ‘Ping’ Command Injection
  • webapps
    		•  MrChaZ
    2017-01-04 Atlassian Confluence < 5.10.6 - Persistent Cross-Site Scripting
  • webapps
    		•  Jodson Santos
    2016-08-31 ZKTeco ZKBioSecurity 3.0 – Hard-Coded Credentials SYSTEM Remote Code Execution
  • webapps
    		•  LiquidWorm
    2016-08-31 ZKTeco ZKAccess Security System 5.3.1 – Persistent Cross-Site Scripting
  • webapps
    		•  LiquidWorm