php

日期	标题	类别	作者
2024-03-20	CSZCMS v1.3.0 – SQL Injection (Authenticated)	webapps	Abdulaziz Almetairy
2024-03-20	Teacher Subject Allocation Management System 1.0 – ‘searchdata’ SQLi	webapps	Ersin Erenler
2024-03-20	Simple Task List 1.0 – ‘status’ SQLi	webapps	Ersin Erenler
2024-03-20	Blood Bank 1.0 – ‘bid’ SQLi	webapps	Ersin Erenler
2024-03-20	Employee Management System 1.0 – ‘admin_id’ SQLi	webapps	Shubham Pandey
2024-03-18	ZoneMinder Snapshots < 1.37.33 - Unauthenticated RCE	webapps	Ravindu Wickramasinghe
2024-03-18	TYPO3 11.5.24 – Path Traversal (Authenticated)	webapps	Saeed reza Zamanian
2024-03-18	WEBIGniter v28.7.23 – Stored XSS	webapps	Mesut Cetin
2024-03-18	WordPress File Upload Plugin < 4.23.3 - Stored XSS	webapps	Faiyaz Ahmad
2024-03-18	Quick.CMS 6.7 – SQL Injection Login Bypass	webapps	H4X.Forensics
2024-03-18	xbtitFM 4.1.18 – Multiple Vulnerabilities	webapps	h5kj23kj32io2kj
2024-03-18	Backdrop CMS 1.23.0 – Stored XSS	webapps	Sinem Şahin
2024-03-18	Gibbon LMS < v26.0.00 - Authenticated RCE	webapps	Ali Maharramli,Fikrat Guliev,Islam Rzayev
2024-03-16	UPS Network Management Card 4 – Path Traversal	webapps	Víctor García
2024-03-16	Winter CMS 1.2.3 – Server-Side Template Injection (SSTI) (Authenticated)	webapps	tmrswrr
2024-03-12	Client Details System 1.0 – SQL Injection	webapps	Hamdi Sevben
2024-03-12	Human Resource Management System 1.0 – ’employeeid’ SQL Injection	webapps	Srikar
2024-03-11	WordPress Plugin Duplicator < 1.5.7.1 - Unauthenticated Sensitive Data Exposure to Account Takeover	webapps	Dmitrii Ignatyev
2024-03-10	Hide My WP < 6.2.9 - Unauthenticated SQLi	webapps	Xenofon Vassilakopoulos
2024-03-10	Akaunting < 3.1.3 - RCE	webapps	u32i
2024-03-10	DataCube3 v1.0 – Unrestricted file upload ‘RCE’	webapps	Samy Younsi - NS Labs
2024-03-06	CSZ CMS Version 1.3.0 – Authenticated Remote Command Execution	webapps	tmrswrr
2024-03-06	CVE-2023-50071 – Multiple SQL Injection	webapps	Geraldo Alcantara
2024-03-06	Lot Reservation Management System – Unauthenticated File Disclosure	webapps	Elijah Mandila Syoyi