webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2023-04-05 Froxlor 2.0.3 Stable – Remote Code Execution (RCE)
  • webapps
    		•  Askar
    2023-04-05 PhotoShow 3.0 – Remote Code Execution
  • webapps
    		•  LSCP Responsible Disclosure Lab
    2023-04-05 CKEditor 5 35.4.0 – Cross-Site Scripting (XSS)
  • webapps
    		•  Manish Pathak
    2023-04-05 Answerdev 1.0.3 – Account Takeover
  • webapps
    		•  Eduardo Pérez-Malumbres Cervera
    2023-04-05 ERPNext 12.29 – Cross-Site Scripting (XSS)
  • webapps
    		•  Patrick Dean Ramos / Nathu Nandwani / Junnair Manla
    2023-04-05 BTCPay Server v1.7.4 – HTML Injection
  • webapps
    		•  Manojkumar J
    2023-04-05 itech TrainSmart r1044 – SQL injection
  • webapps
    		•  Adrian Bondocea
    2023-04-05 Responsive FileManager 9.9.5 – Remote Code Execution (RCE)
  • webapps
    		•  Galoget Latorre
    2023-04-05 Control Web Panel 7 (CWP7) v0.9.8.1147 – Remote Code Execution (RCE)
  • webapps
    		•  Mayank Deshmukh
    2023-04-05 Online Eyewear Shop 1.0 – SQL Injection (Unauthenticated)
  • webapps
    		•  Muhammad Navaid Zafar Ansari
    2023-04-05 bgERP v22.31 (Orlovets) – Cookie Session vulnerability & Cross-Site Scripting (XSS)
  • webapps
    		•  nu11secur1ty
    2023-04-05 Liferay Portal 6.2.5 – Insecure Permissions
  • webapps
    		•  Fu2x2000
    2023-04-03 GLPI 4.0.2 – Unauthenticated Local File Inclusion on Manageentities plugin
  • webapps
    		•  Nuri Çilengir
    2023-04-03 Nacos 2.0.3 – Access Control vulnerability
  • webapps
    		•  Jenson Zhao
    2023-04-03 Roxy WI v6.1.1.0 – Unauthenticated Remote Code Execution (RCE) via ssl_cert Upload
  • webapps
    		•  Nuri Çilengir
    2023-04-03 Metform Elementor Contact Form Builder v3.1.2 – Unauthenticated Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Mohammed Chemouri
    2023-04-03 Roxy WI v6.1.0.0 – Unauthenticated Remote Code Execution (RCE)
  • webapps
    		•  Nuri Çilengir
    2023-04-03 ChiKoi v1.0 – SQL Injection
  • webapps
    		•  nu11secur1ty
    2023-04-03 Roxy WI v6.1.0.0 – Improper Authentication Control
  • webapps
    		•  Nuri Çilengir
    2023-04-03 pimCore v5.4.18-skeleton – Sensitive Cookie with Improper SameSite Attribute
  • webapps
    		•  nu11secur1ty
    2023-04-03 WP-file-manager v6.9 – Unauthenticated Arbitrary File Upload leading to RCE
  • webapps
    		•  BLY
    2023-04-03 ManageEngin AMP 4.3.0 – File-path-traversal
  • webapps
    		•  nu11secur1ty
    2023-04-03 Active eCommerce CMS 6.5.0 – Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Sajibe Kanti
    2023-04-03 ERPGo SaaS 3.9 – CSV Injection
  • webapps
    		•  Sajibe Kanti