php

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2024-04-13 Online Fire Reporting System OFRS – SQL Injection Authentication Bypass
  • webapps
    		•  Diyar Saadi
    2024-04-13 Savsoft Quiz v6.0 Enterprise – Stored XSS
  • webapps
    		•  Eren Sen
    2024-04-12 WordPress Plugin WP Video Playlist 1.1.1 – Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Erdemstar
    2024-04-12 WBCE CMS Version 1.6.1 – Remote Command Execution (Authenticated)
  • webapps
    		•  tmrswrr
    2024-04-12 WBCE 1.6.0 – Unauthenticated SQL injection
  • webapps
    		•  young pope
    2024-04-12 Moodle 3.10.1 – Authenticated Blind Time-Based SQL Injection – “sort” parameter
  • webapps
    		•  Julio Ángel Ferrari
    2024-04-12 PopojiCMS Version 2.0.1 – Remote Command Execution
  • webapps
    		•  tmrswrr
    2024-04-12 WordPress Plugin Playlist for Youtube 1.32 – Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Erdemstar
    2024-04-12 HTMLy Version v2.9.6 – Stored XSS
  • webapps
    		•  tmrswrr
    2024-04-12 GUnet OpenEclass E-learning platform 3.15 – ‘certbadge.php’ Unrestricted File Upload
  • webapps
    		•  George Tsimpidas
    2024-04-08 WordPress Theme Travelscape v1.0.3 – Arbitrary File Upload
  • webapps
    		•  Milad karimi
    2024-04-08 Open Source Medicine Ordering System v1.0 – SQLi
  • webapps
    		•  Onur Karasalihoğlu
    2024-04-08 Daily Expense Manager 1.0 – ‘term’ SQLi
  • webapps
    		•  Stefan Hesselman
    2024-04-08 Best Student Result Management System v1.0 – Multiple SQLi
  • webapps
    		•  nu11secur1ty
    2024-04-08 Human Resource Management System v1.0 – Multiple SQLi
  • webapps
    		•  nu11secur1ty
    2024-04-03 WordPress Plugin Alemha Watermarker 1.3.1 – Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Erdemstar
    2024-04-03 Computer Laboratory Management System v1.0 – Multiple-SQLi
  • webapps
    		•  nu11secur1ty
    2024-04-02 Employee Management System 1.0 – `txtfullname` and `txtphone` SQL Injection
  • webapps
    		•  Yevhenii Butenko
    2024-04-02 LeptonCMS 7.0.0 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  tmrswrr
    2024-04-02 FoF Pretty Mail 1.1.2 – Server Side Template Injection (SSTI)
  • webapps
    		•  Chokri Hammedi
    2024-04-02 FoF Pretty Mail 1.1.2 – Local File Inclusion (LFI)
  • webapps
    		•  Chokri Hammedi
    2024-04-02 Hospital Management System v1.0 – Stored Cross Site Scripting (XSS)
  • webapps
    		•  Sandeep Vishwakarma
    2024-04-02 Axigen < 10.5.7 - Persistent Cross-Site Scripting
  • webapps
    		•  Vincent McRae, Mesut Cetin
    2024-04-02 E-INSUARANCE v1.0 – Stored Cross Site Scripting (XSS)
  • webapps
    		•  Sandeep Vishwakarma