webapps

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2024-02-19 JFrog Artifactory < 7.25.4 - Blind SQL Injection
  • webapps
    		•  ardr
    2024-02-19 Wondercms 4.3.2 – XSS to RCE
  • webapps
    		•  Anas Zakir
    2024-02-19 SureMDM On-premise < 6.31 - CAPTCHA Bypass User Enumeration
  • webapps
    		•  Jonas Benjamin Friedli
    2024-02-19 Employee Management System v1 – ’email’ SQL Injection
  • webapps
    		•  SoSPiro
    2024-02-19 phpFox < 4.8.13 - (redirect) PHP Object Injection Exploit
  • webapps
    		•  Egidio Romano
    2024-02-15 SISQUALWFM 7.1.319.103 – Host Header Injection
  • webapps
    		•  Omer Shaik
    2024-02-15 Metabase 0.46.6 – Pre-Auth Remote Code Execution
  • webapps
    		•  Musyoka Ian
    2024-02-13 Lost and Found Information System v1.0 – ( IDOR ) leads to Account Take over
  • webapps
    		•  Or4nG.M4N
    2024-02-13 ManageEngine ADManager Plus Build < 7183 - Recovery Password Disclosure
  • webapps
    		•  Metin Yunus Kandemir
    2024-02-13 Splunk 9.0.4 – Information Disclosure
  • webapps
    		•  Parsa Rezaie Khiabanloo
    2024-02-09 Online Nurse Hiring System 1.0 – Time-Based SQL Injection
  • webapps
    		•  yozgatalperen1
    2024-02-09 Rail Pass Management System 1.0 – Time-Based SQL Injection
  • webapps
    		•  yozgatalperen1
    2024-02-09 WordPress Seotheme – Remote Code Execution Unauthenticated
  • webapps
    		•  Milad karimi
    2024-02-09 WordPress Augmented-Reality – Remote Code Execution Unauthenticated
  • webapps
    		•  Milad karimi
    2024-02-09 Advanced Page Visit Counter 1.0 – Admin+ Stored Cross-Site Scripting (XSS) (Authenticated)
  • webapps
    		•  Furkan ÖZER
    2024-02-05 WhatsUp Gold 2022 (22.1.0 Build 39) – XSS
  • webapps
    		•  Andreas Finstad
    2024-02-05 MISP 2.4.171 – Stored XSS
  • webapps
    		•  Mücahit Çeri
    2024-02-05 Clinic’s Patient Management System 1.0 – Unauthenticated RCE
  • webapps
    		•  Oğulcan Hami Gül
    2024-02-05 Curfew e-Pass Management System 1.0 – FromDate SQL Injection
  • webapps
    		•  Puja Dey
    2024-02-05 GYM MS – GYM Management System – Cross Site Scripting (Stored)
  • webapps
    		•  yozgatalperen1
    2024-02-02 TP-LINK TL-WR740N – Multiple HTML Injection
  • webapps
    		•  Shujaat Amin (ZEROXINN)
    2024-02-02 TP-Link TL-WR740N – UnAuthenticated Directory Transversal
  • webapps
    		•  Syed Affan Ahmed (ZEROXINN)
    2024-02-02 Juniper-SRX-Firewalls&EX-switches – (PreAuth-RCE) (PoC)
  • webapps
    		•  whiteOwl
    2024-02-02 Electrolink FM/DAB/TV Transmitter – Pre-Auth MPFS Image Remote Code Execution
  • webapps
    		•  LiquidWorm