webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2023-06-04 STARFACE 7.3.0.10 – Authentication with Password Hash Possible
  • webapps
    		•  RedTeam Pentesting GmbH
    2023-06-04 Barebones CMS v2.0.2 – Stored Cross-Site Scripting (XSS) (Authenticated)
  • webapps
    		•  tmrswrr
    2023-06-04 Enrollment System Project v1.0 – SQL Injection Authentication Bypass (SQLI)
  • webapps
    		•  VIVEK CHOUDHARY
    2023-06-04 Total CMS 1.7.4 – Remote Code Execution (RCE)
  • webapps
    		•  tmrswrr
    2023-05-31 Pydio Cells 4.1.2 – Server-Side Request Forgery
  • webapps
    		•  RedTeam Pentesting GmbH
    2023-05-31 Pydio Cells 4.1.2 – Cross-Site Scripting (XSS) via File Download
  • webapps
    		•  RedTeam Pentesting GmbH
    2023-05-31 Pydio Cells 4.1.2 – Unauthorised Role Assignments
  • webapps
    		•  RedTeam Pentesting GmbH
    2023-05-31 Faculty Evaluation System 1.0 – Unauthenticated File Upload
  • webapps
    		•  URGAN
    2023-05-31 Online Security Guards Hiring System 1.0 – Reflected XSS
  • webapps
    		•  AFFAN AHMED
    2023-05-31 unilogies/bumsys v1.0.3 beta – Unrestricted File Upload
  • webapps
    		•  AFFAN AHMED
    2023-05-31 SCRMS 2023-05-27 1.0 – Multiple SQL Injection
  • webapps
    		•  nu11secur1ty
    2023-05-31 Rukovoditel 3.3.1 – CSV injection
  • webapps
    		•  Mirabbas Ağalarov
    2023-05-31 MotoCMS Version 3.4.3 – Server-Side Template Injection (SSTI)
  • webapps
    		•  tmrswrr
    2023-05-26 Camaleon CMS v2.7.0 – Server-Side Template Injection (SSTI)
  • webapps
    		•  PARAG BAGUL
    2023-05-25 SCM Manager 1.60 – Cross-Site Scripting Stored (Authenticated)
  • webapps
    		•  neg0x
    2023-05-25 Ulicms 2023.1 – create admin user via mass assignment
  • webapps
    		•  Mirabbas Ağalarov
    2023-05-25 Zenphoto 1.6 – Multiple stored XSS
  • webapps
    		•  Mirabbas Ağalarov
    2023-05-25 WBCE CMS 1.6.1 – Multiple Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Mirabbas Ağalarov
    2023-05-24 Service Provider Management System v1.0 – SQL Injection
  • webapps
    		•  ASHIK KUNJUMON
    2023-05-23 CiviCRM 5.59.alpha1 – Stored XSS (Cross-Site Scripting)
  • webapps
    		•  Andrea Intilangelo
    2023-05-23 PaperCut NG/MG 22.0.4 – Remote Code Execution (RCE)
  • webapps
    		•  MaanVader
    2023-05-23 ChurchCRM v4.5.4 – Reflected XSS via Image (Authenticated)
  • webapps
    		•  Rahad Chowdhury
    2023-05-23 WBiz Desk 1.2 – SQL Injection
  • webapps
    		•  h4ck3r
    2023-05-23 Bludit CMS v3.14.1 – Stored Cross-Site Scripting (XSS) (Authenticated)
  • webapps
    		•  Rahad Chowdhury