webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2024-04-02 Blood Bank v1.0 – Stored Cross Site Scripting (XSS)
  • webapps
    		•  Ersin Erenler
    2024-04-02 Daily Habit Tracker 1.0 – Broken Access Control
  • webapps
    		•  Yevhenii Butenko
    2024-04-02 Daily Habit Tracker 1.0 – SQL Injection
  • webapps
    		•  Yevhenii Butenko
    2024-04-02 Daily Habit Tracker 1.0 – Stored Cross-Site Scripting (XSS)
  • webapps
    		•  Yevhenii Butenko
    2024-04-02 Employee Management System 1.0 – `txtusername` and `txtpassword` SQL Injection (Admin Login)
  • webapps
    		•  Yevhenii Butenko
    2024-04-02 Employee Management System 1.0 – `txtfullname` and `txtphone` SQL Injection
  • webapps
    		•  Yevhenii Butenko
    2024-04-02 LeptonCMS 7.0.0 – Remote Code Execution (RCE) (Authenticated)
  • webapps
    		•  tmrswrr
    2024-04-02 FoF Pretty Mail 1.1.2 – Server Side Template Injection (SSTI)
  • webapps
    		•  Chokri Hammedi
    2024-04-02 FoF Pretty Mail 1.1.2 – Local File Inclusion (LFI)
  • webapps
    		•  Chokri Hammedi
    2024-04-02 Axigen < 10.5.7 - Persistent Cross-Site Scripting
  • webapps
    		•  Vincent McRae, Mesut Cetin
    2024-04-02 Hospital Management System v1.0 – Stored Cross Site Scripting (XSS)
  • webapps
    		•  Sandeep Vishwakarma
    2024-04-02 Gibbon LMS v26.0.00 – SSTI vulnerability
  • webapps
    		•  Ali Maharramli,Fikrat Guliev,Islam Rzayev
    2024-04-02 E-INSUARANCE v1.0 – Stored Cross Site Scripting (XSS)
  • webapps
    		•  Sandeep Vishwakarma
    2024-04-02 Casdoor < v1.331.0 - '/api/set-password' CSRF
  • webapps
    		•  Van Lam Nguyen
    2024-04-02 Petrol Pump Management Software v1.0 – Remote Code Execution (RCE)
  • webapps
    		•  Sandeep Vishwakarma
    2024-04-02 WordPress Plugin – Membership For WooCommerce < v2.1.7 - Arbitrary File Upload to Shell (Unauthenticated)
  • webapps
    		•  Milad karimi
    2024-04-02 OpenCart Core 4.0.2.3 – ‘search’ SQLi
  • webapps
    		•  Saud Alenazi
    2024-04-02 Smart School 6.4.1 – SQL Injection
  • webapps
    		•  CraCkEr
    2024-04-02 Online Hotel Booking In PHP 1.0 – Blind SQL Injection (Unauthenticated)
  • webapps
    		•  Gian Paris C. Agsam
    2024-04-02 CE Phoenix v1.0.8.20 – Remote Code Execution
  • webapps
    		•  tmrswrr
    2024-04-02 Simple Backup Plugin Python Exploit 2.7.10 – Path Traversal
  • webapps
    		•  Ven3xy
    2024-04-02 Elementor Website Builder < 3.12.2 - Admin+ SQLi
  • webapps
    		•  E1 Coders
    2024-03-28 liveSite Version 2019.1 – Remote Code Execution
  • webapps
    		•  tmrswrr
    2024-03-28 Broken Access Control – on NodeBB v3.6.7
  • webapps
    		•  Vibhor Sharma