webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2023-04-08 Pentaho BA Server EE 9.3.0.0-428 – Remote Code Execution (RCE) (Unauthenticated)
  • webapps
    		•  dwbzn
    2023-04-08 Adobe Connect 11.4.5 – Local File Disclosure
  • webapps
    		•  h4shur
    2023-04-08 WebsiteBaker v2.13.3 – Cross-Site Scripting (XSS)
  • webapps
    		•  Mirabbas Ağalarov
    2023-04-08 Altenergy Power Control Software C1.2.5 – OS command injection
  • webapps
    		•  Ahmed Alroky
    2023-04-08 ZCBS/ZBBS/ZPBS v4.14k – Reflected Cross-Site Scripting (XSS)
  • webapps
    		•  Abdulaziz Saad
    2023-04-08 X2CRM v6.6/6.9 – Reflected Cross-Site Scripting (XSS) (Authenticated)
  • webapps
    		•  Betul Denizler
    2023-04-08 X2CRM v6.6/6.9 – Stored Cross-Site Scripting (XSS) (Authenticated)
  • webapps
    		•  Betul Denizler
    2023-04-08 Online-Pizza-Ordering -1.0 – Remote Code Execution (RCE)
  • webapps
    		•  nu11secur1ty
    2023-04-07 Snitz Forum v1.0 – Blind SQL Injection
  • webapps
    		•  Emiliano Febbi
    2023-04-07 Rukovoditel 3.3.1 – Remote Code Execution (RCE)
  • webapps
    		•  Mirabbas Ağalarov
    2023-04-07 ChurchCRM 4.5.1 – Authenticated SQL Injection
  • webapps
    		•  Arvandy
    2023-04-07 NotrinosERP 0.7 – Authenticated Blind SQL Injection
  • webapps
    		•  Arvandy
    2023-04-07 MAC 1200R – Directory Traversal
  • webapps
    		•  Chunlei Shang, Jiangsu Public Information Co., Ltd.
    2023-04-06 Music Gallery Site v1.0 – Broken Access Control
  • webapps
    		•  Muhammad Navaid Zafar Ansari
    2023-04-06 Simple Task Managing System v1.0 – SQL Injection (Unauthenticated)
  • webapps
    		•  Hamdi Sevben
    2023-04-06 Music Gallery Site v1.0 – SQL Injection on music_list.php
  • webapps
    		•  Muhammad Navaid Zafar Ansari
    2023-04-06 Art Gallery Management System Project in PHP v 1.0 – SQL injection
  • webapps
    		•  Yogesh Verma
    2023-04-06 Employee Task Management System v1.0 – SQL Injection on edit-task.php
  • webapps
    		•  Muhammad Navaid Zafar Ansari
    2023-04-06 atrocore 1.5.25 User interaction – Unauthenticated File upload – RCE
  • webapps
    		•  nu11secur1ty
    2023-04-06 Employee Task Management System v1.0 – SQL Injection on (task-details.php?task_id=?)
  • webapps
    		•  Muhammad Navaid Zafar Ansari
    2023-04-06 Dompdf 1.2.1 – Remote Code Execution (RCE)
  • webapps
    		•  Ravindu Wickramasinghe
    2023-04-06 Employee Task Management System v1.0 – Broken Authentication
  • webapps
    		•  Muhammad Navaid Zafar Ansari
    2023-04-06 Auto Dealer Management System v1.0 – SQL Injection on manage_user.php
  • webapps
    		•  Muhammad Navaid Zafar Ansari
    2023-04-06 Auto Dealer Management System v1.0 – SQL Injection in sell_vehicle.php
  • webapps
    		•  Muhammad Navaid Zafar Ansari