WEB

<<共1/239页 1 [2] [3] [4] [5] 下页末页 >>

Date	Description		Plat.	Author
2026-06-08	OpenEMR 7.0.2 - Arbitrary File Read	17	WEB	doany1
2026-06-05	WordPress Contest Gallery 28.1.4 - Unauthenticated Blind SQL Injection	23	WEB	cardosource
2026-06-01	Drupal Core 10.5.5 - Error-Based SQL Injection	30	WEB	cardosource
2026-06-01	WordPress OrderConvo 14 - Path Traversal	26	WEB	Diamorphine
2026-05-30	YAMCS yamcs-core 5.12.7 - No Rate Limiting	26	WEB	Daniel Miranda
2026-05-30	YAMCS yamcs-core 5.12.7 - User Enumeration	22	WEB	Daniel Miranda
2026-05-30	YAMCS yamcs-core 5.12.7 - LDAP Injection	32	WEB	Daniel Miranda
2026-05-29	MikroORM 7.0.13 - SQL Injection	22	WEB	cardosource
2026-05-29	Prodigy Commerce 3.3.0 - Local File Inclusion	23	WEB	Diamorphine
2026-05-29	Langflow 1.3.0 - Remote Code Execution	29	WEB	Diamorphine
2026-05-29	Quick Playground for WordPress 1.3.1 - Unauthenticated Remote Code Execution	20	WEB	cardosource
2026-05-29	MixPHP Framework 2.2.17 - Unsafe Deserialization Remote Code Execution	17	WEB	cardosource
2026-05-29	CubeCart < 6.7.0 - Reflected Cross-Site Scripting (XSS) (Unauthenticated)	21	WEB	Th3-SAx11
2026-05-27	Casdoor 3.54.1 - Arbitrary File Write via Path Traversal	16	WEB	sixpain
2026-05-27	EspoCRM 9.3.3 - SSRF	21	WEB	Max Gabriel
2026-05-27	scramble - Remote Code Execution	18	WEB	joshua
2026-05-27	MeiG Smart FORGE_SLT711 - OS Command Injection	21	WEB	Daniil Gordeev
2026-05-27	OpenCATS 0.9.7.4 - SQL Injection	18	WEB	Gabriel Rodrigues
2026-05-26	Grav CMS 2.0.0-beta.2 - Remote Code Execution	22	WEB	Mustafa Murat Akgül
2026-05-26	Apache HTTP Server 2.4.66 - 'mod_http2' Double-Free Denial of Service	18	WEB	alisunbul
2026-05-26	D-Link DSL2600U - 'rom-0' Admin Password Disclosure	17	WEB	Amir Hossein Jamshidi
2026-05-26	Wordpress Temporary Login Plugin 1.0.0 - 'temp-login-token' Authentication Bypass to Account Takeov	20	WEB	Amir Hossein Jamshidi
2026-05-26	cPanel - CRLF Injection	19	WEB	nu11secur1ty
2026-05-21	Cockpit 359 - RCE	35	WEB	Abdelazim Mohammed
2026-05-21	BookStack 25.12.1 - Denial of Service	19	WEB	Gabriel Rodrigues
2026-05-21	solaredge - (CSRF-OOB-Injection)	22	WEB	nu11secur1ty
2026-05-21	FUXA 1.2.9 - RCE	22	WEB	Anthony Cihan
2026-05-14	WordPress Plugin Supsystic Contact Form 1.7.36 - SSTI	31	WEB	bootstrapbool
2026-05-14	Apache HertzBeat 1.8.0 - Remote Code Execution	21	WEB	Brett Gervasoni
2026-05-14	ePati Antikor NGFW 2.0.1301 - Authentication Bypass	22	WEB	sadik
2026-05-14	PJPROJECT 2.16 - Heap Bufferoverflow	18	WEB	vabismo452
2026-05-13	Ninja Forms Uploads - Unauthenticated PHP File Upload	29	WEB	selim.lanouar
2026-05-13	glances 4.5.2 - command injection	24	WEB	best.sell
2026-05-13	coreruleset 4.21.0 - Firewall Bypass	20	WEB	anonimicerum
2026-05-13	Flowise < 3.0.5 - Missing Authentication for Critical Function	23	WEB	andersoncezar048
2026-05-07	Ghost CMS 6.19.0 - SQLi	40	WEB	Maksim Rogov
2026-05-07	LuaJIT 2.1.1774638290 - Arbitrary Code Execution	19	WEB	Taurus Omar
2026-05-07	Bludit CMS 3.18.4 - RCE	27	WEB	yahia
2026-05-07	ThingsBoard IoT Platform 4.2.0 - Server-Side Request Forgery (SSRF)	22	WEB	9tamilmathi
2026-05-04	Linksys E1200 2.0.04 - Authenticated Stack Buffer Overflow (RCE)	32	WEB	jarrett
2026-05-04	MindsDB 25.9.1.1 - Path Traversal	32	WEB	thewhiteh4t
2026-05-04	Traccar GPS Tracking System 6.11.1 - Cross-Site WebSocket Hijacking (CSWSH)	23	WEB	hazar
2026-04-30	FUXA 1.2.8 - Authentication Bypass + RCE Exploit	40	WEB	joshua
2026-04-30	Python-Multipart 0.0.22 - Path Traversal	28	WEB	jefersoncardoso.dev
2026-04-30	Repetier-Server 1.4.10 - Path Traversal	21	WEB	banyamer
2026-04-30	HUSTOJ Zip-Slip v26.01.24 - RCE	22	WEB	Marshall Whittaker
2026-04-30	BusyBox 1.37.0 - Path Traversal	28	WEB	Calil Khalil
2026-04-30	JUNG Smart Visu Server 1.1.1050 - Dos	21	WEB	banyamer
2026-04-30	SumatraPDF 3.5.2 - Remote Code Execution	30	WEB	banyamer
2026-04-30	NiceGUI 3.6.1 - Path Traversal	16	WEB	banyamer
2026-04-30	Frigate NVR 0.16.3 - Remote Code Execution	11	WEB	jduardo2704
2026-04-30	Js2Py 0.74 - RCE	26	WEB	alisunbul
2026-04-30	Camaleon CMS v2.9.0 - Path Traversal	12	WEB	velampudisakshi
2026-04-30	Cybersecurity AI (CAI) Framework 0.5.10 - Command Injection	13	WEB	banyamer
2026-04-30	Erugo 0.2.14 - Remote Code Execution (RCE)	17	WEB	abdulmoiz
2026-04-30	deephas 1.0.7 - Prototype Pollution	20	WEB	banyamer
2026-04-30	SUSE Manager 4.3.15 - Code Execution	11	WEB	wjmaj98
2026-04-29	HAX CMS 24.x - Stored Cross-Site Scripting (XSS)	13	WEB	banyamer
2026-04-29	Craft CMS 5.6.16 - RCE	23	WEB	banyamer
2026-04-29	phpMyFAQ 4.0.16 - Improper Authorization	23	WEB	contact
2026-04-29	GeographicLib v2.5.1 - stack buffer overflow	22	WEB	rosario
2026-04-29	OpenKM 6.3.12 - Multiple	16	WEB	skumar
2026-04-29	GUnet OpenEclass E-learning platform < 4.2 - Remote Code Execution (RCE)	15	WEB	unico007x
2026-04-29	JuzaWeb CMS 3.4.2 - Authenticated Remote Code Execution	24	WEB	sardordev02
2026-04-29	FacturaScripts 2025.43 - XSS	16	WEB	uvettrivel007
2026-04-29	Xibo CMS 4.3.0 - RCE via SSTI	18	WEB	Cristian Branet
2026-04-29	LangChain Core 1.2.4 - SSTI/RCE	17	WEB	banyamer
2026-04-22	WordPress Plugin 5.2.0 - Broken Access Control	24	WEB	cydev.turing
2026-04-10	D-Link DIR-650IN - Authenticated Command Injection	26	WEB	Sanjay Singh
2026-04-09	React Server 19.2.0 - Remote Code Execution	37	WEB	danieljavanrad
2026-04-09	RomM 4.4.0 - XSS_CSRF Chain	20	WEB	mmohammedheshamm
2026-04-09	Jumbo Website Manager - Remote Code Execution	26	WEB	Mirabbas Ağalarov
2026-04-08	FortiWeb 8.0.2 - Remote Code Execution	49	WEB	Mohammed Idrees Banyamer
2026-04-08	xibocms 3.3.4 - RCE	34	WEB	complexusprada
2026-04-08	Horilla v1.3 - RCE	33	WEB	nakleh
2026-04-06	Fortinet FortiWeb v8.0.1 - Auth Bypass	29	WEB	nu11secur1ty
2026-04-06	ASP.net 8.0.10 - Bypass	30	WEB	Mohammed Idrees Banyamer
2026-04-06	Grafana 11.6.0 - SSRF	29	WEB	Beatriz Fresno Naumova
2026-04-06	Zhiyuan OA - arbitrary file upload leading	30	WEB	Beatriz Fresno Naumova
2026-04-06	WBCE CMS 1.6.4 - Remote Code Execution	16	WEB	red
2026-04-06	RiteCMS 3.1.0 - Authenticated Remote Code Execution	14	WEB	red
2026-04-06	WordPress Madara - Local File Inclusion	20	WEB	Beatriz Fresno Naumova
2026-03-03	WordPress Backup Migration 1.3.7 - Remote Command Execution	89	WEB	dangwenjing
2026-03-03	mailcow 2025-01a - Host Header Password Reset Poisoning	41	WEB	alvarez
2026-03-03	Easy File Sharing Web Server v7.2 - Buffer Overflow	38	WEB	diogo
2026-03-03	WeGIA 3.5.0 - SQL Injection	50	WEB	onurdemir
2026-03-03	Boss Mini v1.4.0 - Local File Inclusion (LFI)	31	WEB	andersoncezar048
2026-02-11	motionEye 0.43.1b4 - RCE	64	WEB	prabhat
2026-02-04	OctoPrint 1.11.2 - File Upload	96	WEB	prabhat
2026-02-04	aiohttp 3.9.1 - directory traversal PoC	58	WEB	Beatriz Fresno Naumova
2026-02-04	FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution	54	WEB	Milad Karimi (Ex3ptionaL)
2026-02-02	Piranha CMS 12.0 - Stored XSS in Text Block	57	WEB	terminalvenoms
2026-02-02	RPi-Jukebox-RFID 2.8.0 - Stored Cross-Site Scripting (XSS)	40	WEB	Beatriz Fresno Naumova
2026-02-02	D-Link DIR-825 Rev.B 2.10 - Stack Buffer Overflow (DoS)	38	WEB	Beatriz Fresno Naumova
2026-01-17	RPi-Jukebox-RFID 2.8.0 - Remote Command Execution	65	WEB	Beatriz Fresno Naumova
2026-01-17	Siklu EtherHaul Series EH-8010 - Arbitrary File Upload	50	WEB	semaja2
2026-01-17	Siklu EtherHaul Series EH-8010 - Remote Command Execution	43	WEB	semaja2
2025-12-25	WordPress Quiz Maker 6.7.0.56 - SQL Injection	117	WEB	Rahul Sreenivasan
2025-12-25	Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie	37	WEB	0xsabre
2025-12-25	FreeBSD rtsold 15.x - Remote Code Execution via DNSSL	57	WEB	Lukas Johannes Möller
2025-12-16	Summar Employee Portal 3.98.0 - Authenticated SQL Injection	72	WEB	Peter Gabaldon
2025-12-16	esm-dev 136 - Path Traversal	48	WEB	Byte Reaper
2025-12-08	Pluck 4.7.7-dev2 - PHP Code Execution	79	WEB	CodeSecLab
2025-12-03	phpMyFAQ 2.9.8 - Cross-Site Request Forgery(CSRF)	63	WEB	CodeSecLab
2025-12-03	phpMyFAQ 2.9.8 - Cross-Site Request Forgery (CSRF)	45	WEB	CodeSecLab
2025-12-03	MaNGOSWebV4 4.0.6 - Reflected XSS	45	WEB	CodeSecLab
2025-12-03	Django 5.1.13 - SQL Injection	97	WEB	Wafcontrol Security Team
2025-12-03	phpMyFaq 2.9.8 - Cross Site Request Forgery (CSRF)	47	WEB	CodeSecLab
2025-12-03	MobileDetect 2.8.31 - Cross-Site Scripting (XSS)	31	WEB	CodeSecLab
2025-12-03	phpIPAM 1.4 - SQL-Injection	40	WEB	CodeSecLab
2025-12-03	OpenRepeater 2.1 - OS Command Injection	39	WEB	CodeSecLab
2025-12-03	phpMyAdmin 5.0.0 - SQL Injection	50	WEB	CodeSecLab
2025-12-03	RosarioSIS 6.7.2 - Cross Site Scripting (XSS)	38	WEB	CodeSecLab
2025-12-03	RosarioSIS 6.7.2 - Cross-Site Scripting (XSS)	33	WEB	CodeSecLab
2025-12-03	PluckCMS 4.7.10 - Unrestricted File Upload	49	WEB	CodeSecLab
2025-12-03	openSIS Community Edition 8.0 - SQL Injection	31	WEB	CodeSecLab
2025-12-02	YOURLS 1.8.2 - Cross-Site Request Forgery (CSRF)	25	WEB	CodeSecLab
2025-12-02	phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting (XSS)	45	WEB	CodeSecLab
2025-12-02	phpIPAM 1.5.1 - SQL Injection	37	WEB	CodeSecLab
2025-12-02	Piwigo 13.6.0 - SQL Injection	39	WEB	CodeSecLab
2025-12-02	phpIPAM 1.6 - Reflected-Cross-Site Scripting (XSS)	33	WEB	CodeSecLab
2025-12-02	phpIPAM 1.6 - Reflected Cross-Site Scripting (XSS)	33	WEB	CodeSecLab
2025-10-31	Flowise 3.0.4 - Remote Code Execution (RCE)	123	WEB	nltt0
2025-10-29	Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)	73	WEB	Van Lam Nguyen
2025-09-16	Tourism Management System 2.0 - Arbitrary Shell Upload	164	WEB	Debug Security

<<共1/239页 1 [2] [3] [4] [5] 下页末页 >>