WEB

<<共1/239页 1 [2] [3] [4] [5] 下页末页 >>

Date	Description		Plat.	Author
2026-05-30	YAMCS yamcs-core 5.12.7 - No Rate Limiting	3	WEB	Daniel Miranda
2026-05-30	YAMCS yamcs-core 5.12.7 - User Enumeration	5	WEB	Daniel Miranda
2026-05-30	YAMCS yamcs-core 5.12.7 - LDAP Injection	4	WEB	Daniel Miranda
2026-05-29	MikroORM 7.0.13 - SQL Injection	8	WEB	cardosource
2026-05-29	Prodigy Commerce 3.3.0 - Local File Inclusion	8	WEB	Diamorphine
2026-05-29	Langflow 1.3.0 - Remote Code Execution	9	WEB	Diamorphine
2026-05-29	Quick Playground for WordPress 1.3.1 - Unauthenticated Remote Code Execution	9	WEB	cardosource
2026-05-29	MixPHP Framework 2.2.17 - Unsafe Deserialization Remote Code Execution	10	WEB	cardosource
2026-05-29	CubeCart < 6.7.0 - Reflected Cross-Site Scripting (XSS) (Unauthenticated)	7	WEB	Th3-SAx11
2026-05-27	Casdoor 3.54.1 - Arbitrary File Write via Path Traversal	10	WEB	sixpain
2026-05-27	EspoCRM 9.3.3 - SSRF	10	WEB	Max Gabriel
2026-05-27	scramble - Remote Code Execution	13	WEB	joshua
2026-05-27	MeiG Smart FORGE_SLT711 - OS Command Injection	11	WEB	Daniil Gordeev
2026-05-27	OpenCATS 0.9.7.4 - SQL Injection	10	WEB	Gabriel Rodrigues
2026-05-26	Grav CMS 2.0.0-beta.2 - Remote Code Execution	13	WEB	Mustafa Murat Akgül
2026-05-26	Apache HTTP Server 2.4.66 - 'mod_http2' Double-Free Denial of Service	11	WEB	alisunbul
2026-05-26	D-Link DSL2600U - 'rom-0' Admin Password Disclosure	9	WEB	Amir Hossein Jamshidi
2026-05-26	Wordpress Temporary Login Plugin 1.0.0 - 'temp-login-token' Authentication Bypass to Account Takeov	9	WEB	Amir Hossein Jamshidi
2026-05-26	cPanel - CRLF Injection	10	WEB	nu11secur1ty
2026-05-21	Cockpit 359 - RCE	31	WEB	Abdelazim Mohammed
2026-05-21	BookStack 25.12.1 - Denial of Service	14	WEB	Gabriel Rodrigues
2026-05-21	solaredge - (CSRF-OOB-Injection)	11	WEB	nu11secur1ty
2026-05-21	FUXA 1.2.9 - RCE	14	WEB	Anthony Cihan
2026-05-14	WordPress Plugin Supsystic Contact Form 1.7.36 - SSTI	27	WEB	bootstrapbool
2026-05-14	Apache HertzBeat 1.8.0 - Remote Code Execution	19	WEB	Brett Gervasoni
2026-05-14	ePati Antikor NGFW 2.0.1301 - Authentication Bypass	17	WEB	sadik
2026-05-14	PJPROJECT 2.16 - Heap Bufferoverflow	12	WEB	vabismo452
2026-05-13	Ninja Forms Uploads - Unauthenticated PHP File Upload	21	WEB	selim.lanouar
2026-05-13	glances 4.5.2 - command injection	15	WEB	best.sell
2026-05-13	coreruleset 4.21.0 - Firewall Bypass	16	WEB	anonimicerum
2026-05-13	Flowise < 3.0.5 - Missing Authentication for Critical Function	16	WEB	andersoncezar048
2026-05-07	Ghost CMS 6.19.0 - SQLi	34	WEB	Maksim Rogov
2026-05-07	LuaJIT 2.1.1774638290 - Arbitrary Code Execution	17	WEB	Taurus Omar
2026-05-07	Bludit CMS 3.18.4 - RCE	22	WEB	yahia
2026-05-07	ThingsBoard IoT Platform 4.2.0 - Server-Side Request Forgery (SSRF)	18	WEB	9tamilmathi
2026-05-04	Linksys E1200 2.0.04 - Authenticated Stack Buffer Overflow (RCE)	29	WEB	jarrett
2026-05-04	MindsDB 25.9.1.1 - Path Traversal	30	WEB	thewhiteh4t
2026-05-04	Traccar GPS Tracking System 6.11.1 - Cross-Site WebSocket Hijacking (CSWSH)	20	WEB	hazar
2026-04-30	FUXA 1.2.8 - Authentication Bypass + RCE Exploit	35	WEB	joshua
2026-04-30	Python-Multipart 0.0.22 - Path Traversal	22	WEB	jefersoncardoso.dev
2026-04-30	Repetier-Server 1.4.10 - Path Traversal	15	WEB	banyamer
2026-04-30	HUSTOJ Zip-Slip v26.01.24 - RCE	18	WEB	Marshall Whittaker
2026-04-30	BusyBox 1.37.0 - Path Traversal	26	WEB	Calil Khalil
2026-04-30	JUNG Smart Visu Server 1.1.1050 - Dos	18	WEB	banyamer
2026-04-30	SumatraPDF 3.5.2 - Remote Code Execution	24	WEB	banyamer
2026-04-30	NiceGUI 3.6.1 - Path Traversal	13	WEB	banyamer
2026-04-30	Frigate NVR 0.16.3 - Remote Code Execution	9	WEB	jduardo2704
2026-04-30	Js2Py 0.74 - RCE	22	WEB	alisunbul
2026-04-30	Camaleon CMS v2.9.0 - Path Traversal	9	WEB	velampudisakshi
2026-04-30	Cybersecurity AI (CAI) Framework 0.5.10 - Command Injection	11	WEB	banyamer
2026-04-30	Erugo 0.2.14 - Remote Code Execution (RCE)	10	WEB	abdulmoiz
2026-04-30	deephas 1.0.7 - Prototype Pollution	16	WEB	banyamer
2026-04-30	SUSE Manager 4.3.15 - Code Execution	9	WEB	wjmaj98
2026-04-29	HAX CMS 24.x - Stored Cross-Site Scripting (XSS)	10	WEB	banyamer
2026-04-29	Craft CMS 5.6.16 - RCE	17	WEB	banyamer
2026-04-29	phpMyFAQ 4.0.16 - Improper Authorization	18	WEB	contact
2026-04-29	GeographicLib v2.5.1 - stack buffer overflow	17	WEB	rosario
2026-04-29	OpenKM 6.3.12 - Multiple	12	WEB	skumar
2026-04-29	GUnet OpenEclass E-learning platform < 4.2 - Remote Code Execution (RCE)	12	WEB	unico007x
2026-04-29	JuzaWeb CMS 3.4.2 - Authenticated Remote Code Execution	20	WEB	sardordev02
2026-04-29	FacturaScripts 2025.43 - XSS	11	WEB	uvettrivel007
2026-04-29	Xibo CMS 4.3.0 - RCE via SSTI	13	WEB	Cristian Branet
2026-04-29	LangChain Core 1.2.4 - SSTI/RCE	13	WEB	banyamer
2026-04-22	WordPress Plugin 5.2.0 - Broken Access Control	20	WEB	cydev.turing
2026-04-10	D-Link DIR-650IN - Authenticated Command Injection	24	WEB	Sanjay Singh
2026-04-09	React Server 19.2.0 - Remote Code Execution	36	WEB	danieljavanrad
2026-04-09	RomM 4.4.0 - XSS_CSRF Chain	20	WEB	mmohammedheshamm
2026-04-09	Jumbo Website Manager - Remote Code Execution	25	WEB	Mirabbas Ağalarov
2026-04-08	FortiWeb 8.0.2 - Remote Code Execution	49	WEB	Mohammed Idrees Banyamer
2026-04-08	xibocms 3.3.4 - RCE	34	WEB	complexusprada
2026-04-08	Horilla v1.3 - RCE	31	WEB	nakleh
2026-04-06	Fortinet FortiWeb v8.0.1 - Auth Bypass	29	WEB	nu11secur1ty
2026-04-06	ASP.net 8.0.10 - Bypass	28	WEB	Mohammed Idrees Banyamer
2026-04-06	Grafana 11.6.0 - SSRF	29	WEB	Beatriz Fresno Naumova
2026-04-06	Zhiyuan OA - arbitrary file upload leading	28	WEB	Beatriz Fresno Naumova
2026-04-06	WBCE CMS 1.6.4 - Remote Code Execution	15	WEB	red
2026-04-06	RiteCMS 3.1.0 - Authenticated Remote Code Execution	14	WEB	red
2026-04-06	WordPress Madara - Local File Inclusion	20	WEB	Beatriz Fresno Naumova
2026-03-03	WordPress Backup Migration 1.3.7 - Remote Command Execution	87	WEB	dangwenjing
2026-03-03	mailcow 2025-01a - Host Header Password Reset Poisoning	37	WEB	alvarez
2026-03-03	Easy File Sharing Web Server v7.2 - Buffer Overflow	36	WEB	diogo
2026-03-03	WeGIA 3.5.0 - SQL Injection	48	WEB	onurdemir
2026-03-03	Boss Mini v1.4.0 - Local File Inclusion (LFI)	29	WEB	andersoncezar048
2026-02-11	motionEye 0.43.1b4 - RCE	61	WEB	prabhat
2026-02-04	OctoPrint 1.11.2 - File Upload	89	WEB	prabhat
2026-02-04	aiohttp 3.9.1 - directory traversal PoC	56	WEB	Beatriz Fresno Naumova
2026-02-04	FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution	53	WEB	Milad Karimi (Ex3ptionaL)
2026-02-02	Piranha CMS 12.0 - Stored XSS in Text Block	55	WEB	terminalvenoms
2026-02-02	RPi-Jukebox-RFID 2.8.0 - Stored Cross-Site Scripting (XSS)	39	WEB	Beatriz Fresno Naumova
2026-02-02	D-Link DIR-825 Rev.B 2.10 - Stack Buffer Overflow (DoS)	37	WEB	Beatriz Fresno Naumova
2026-01-17	RPi-Jukebox-RFID 2.8.0 - Remote Command Execution	64	WEB	Beatriz Fresno Naumova
2026-01-17	Siklu EtherHaul Series EH-8010 - Arbitrary File Upload	49	WEB	semaja2
2026-01-17	Siklu EtherHaul Series EH-8010 - Remote Command Execution	42	WEB	semaja2
2025-12-25	WordPress Quiz Maker 6.7.0.56 - SQL Injection	116	WEB	Rahul Sreenivasan
2025-12-25	Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie	36	WEB	0xsabre
2025-12-25	FreeBSD rtsold 15.x - Remote Code Execution via DNSSL	56	WEB	Lukas Johannes Möller
2025-12-16	Summar Employee Portal 3.98.0 - Authenticated SQL Injection	71	WEB	Peter Gabaldon
2025-12-16	esm-dev 136 - Path Traversal	47	WEB	Byte Reaper
2025-12-08	Pluck 4.7.7-dev2 - PHP Code Execution	78	WEB	CodeSecLab
2025-12-03	phpMyFAQ 2.9.8 - Cross-Site Request Forgery(CSRF)	60	WEB	CodeSecLab
2025-12-03	phpMyFAQ 2.9.8 - Cross-Site Request Forgery (CSRF)	44	WEB	CodeSecLab
2025-12-03	MaNGOSWebV4 4.0.6 - Reflected XSS	43	WEB	CodeSecLab
2025-12-03	Django 5.1.13 - SQL Injection	96	WEB	Wafcontrol Security Team
2025-12-03	phpMyFaq 2.9.8 - Cross Site Request Forgery (CSRF)	46	WEB	CodeSecLab
2025-12-03	MobileDetect 2.8.31 - Cross-Site Scripting (XSS)	30	WEB	CodeSecLab
2025-12-03	phpIPAM 1.4 - SQL-Injection	39	WEB	CodeSecLab
2025-12-03	OpenRepeater 2.1 - OS Command Injection	37	WEB	CodeSecLab
2025-12-03	phpMyAdmin 5.0.0 - SQL Injection	49	WEB	CodeSecLab
2025-12-03	RosarioSIS 6.7.2 - Cross Site Scripting (XSS)	37	WEB	CodeSecLab
2025-12-03	RosarioSIS 6.7.2 - Cross-Site Scripting (XSS)	32	WEB	CodeSecLab
2025-12-03	PluckCMS 4.7.10 - Unrestricted File Upload	48	WEB	CodeSecLab
2025-12-03	openSIS Community Edition 8.0 - SQL Injection	30	WEB	CodeSecLab
2025-12-02	YOURLS 1.8.2 - Cross-Site Request Forgery (CSRF)	24	WEB	CodeSecLab
2025-12-02	phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting (XSS)	43	WEB	CodeSecLab
2025-12-02	phpIPAM 1.5.1 - SQL Injection	36	WEB	CodeSecLab
2025-12-02	Piwigo 13.6.0 - SQL Injection	38	WEB	CodeSecLab
2025-12-02	phpIPAM 1.6 - Reflected-Cross-Site Scripting (XSS)	31	WEB	CodeSecLab
2025-12-02	phpIPAM 1.6 - Reflected Cross-Site Scripting (XSS)	32	WEB	CodeSecLab
2025-10-31	Flowise 3.0.4 - Remote Code Execution (RCE)	122	WEB	nltt0
2025-10-29	Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)	71	WEB	Van Lam Nguyen
2025-09-16	Tourism Management System 2.0 - Arbitrary Shell Upload	164	WEB	Debug Security
2025-09-16	Casdoor 2.55.0 - Cross-Site Request Forgery (CSRF)	84	WEB	Van Lam Nguyen
2025-09-16	dotCMS 25.07.02-1 - Authenticated Blind SQL Injection	83	WEB	Matan Sandori (OSCP_ OSEP_ OSWE)
2025-09-16	ELEX WooCommerce WordPress Plugin 1.4.3 - SQL Injection	78	WEB	Byte Reaper
2025-09-16	XWiki Platform 15.10.10 - Metasploit Module for Remote Code Execution (RCE)	78	WEB	Maksim Rogov

<<共1/239页 1 [2] [3] [4] [5] 下页末页 >>