webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2024-03-16 UPS Network Management Card 4 – Path Traversal
  • webapps
    		•  Víctor García
    2024-03-16 Nokia BMC Log Scanner – Remote Code Execution
  • webapps
    		•  Carlos Andres Gonzalez, Matthew Gregory
    2024-03-16 Karaf v4.4.3 Console – RCE
  • webapps
    		•  Andrzej Olchawa, Milenko Starcik
    2024-03-16 Winter CMS 1.2.3 – Server-Side Template Injection (SSTI) (Authenticated)
  • webapps
    		•  tmrswrr
    2024-03-12 SnipeIT 6.2.1 – Stored Cross Site Scripting
  • webapps
    		•  Shahzaib Ali Khan
    2024-03-12 Cisco Firepower Management Center < 6.6.7.1 - Authenticated RCE
  • webapps
    		•  Abdualhadi khalifa
    2024-03-12 Client Details System 1.0 – SQL Injection
  • webapps
    		•  Hamdi Sevben
    2024-03-12 OSGi v3.7.2 (and below) Console – RCE
  • webapps
    		•  Andrzej Olchawa, Milenko Starcik
    2024-03-12 OSGi v3.8-3.18 Console – RCE
  • webapps
    		•  Andrzej Olchawa, Milenko Starcik
    2024-03-12 Human Resource Management System 1.0 – ’employeeid’ SQL Injection
  • webapps
    		•  Srikar
    2024-03-11 Sitecore – Remote Code Execution v8.2
  • webapps
    		•  abhishek morla
    2024-03-11 Adobe ColdFusion versions 2018,15 (and earlier) and 2021,5 and earlier – Arbitrary File Read
  • webapps
    		•  Youssef Muhammad
    2024-03-11 WordPress Plugin Duplicator < 1.5.7.1 - Unauthenticated Sensitive Data Exposure to Account Takeover
  • webapps
    		•  Dmitrii Ignatyev
    2024-03-11 Hitachi NAS (HNAS) System Management Unit (SMU) Backup & Restore < 14.8.7825.01 - IDOR
  • webapps
    		•  Arslan Masood
    2024-03-10 Numbas < v7.3 - Remote Code Execution
  • webapps
    		•  Matheus Alexandre
    2024-03-10 TP-Link TL-WR740N – Buffer Overflow ‘DOS’
  • webapps
    		•  Anish Feroz
    2024-03-10 Hide My WP < 6.2.9 - Unauthenticated SQLi
  • webapps
    		•  Xenofon Vassilakopoulos
    2024-03-10 Akaunting < 3.1.3 - RCE
  • webapps
    		•  u32i
    2024-03-10 Ladder v0.0.21 – Server-side request forgery (SSRF)
  • webapps
    		•  @_chebuya
    2024-03-10 DataCube3 v1.0 – Unrestricted file upload ‘RCE’
  • webapps
    		•  Samy Younsi - NS Labs
    2024-03-06 GLiNet – Router Authentication Bypass
  • webapps
    		•  Daniele Linguaglossa
    2024-03-06 elFinder Web file manager Version – 2.1.53 Remote Command Execution
  • webapps
    		•  tmrswrr
    2024-03-06 CSZ CMS Version 1.3.0 – Authenticated Remote Command Execution
  • webapps
    		•  tmrswrr
    2024-03-06 CVE-2023-50071 – Multiple SQL Injection
  • webapps
    		•  Geraldo Alcantara