AutoSec Tools

108 exploits Active since Feb 2011
CVE-2011-0773 EXPLOITDB text WRITEUP
Pivotx < 2.2.2 - XSS
Cross-site scripting (XSS) vulnerability in pivotx/modules/module_image.php in PivotX before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the image parameter.
EIP-2026-111266 EXPLOITDB text WORKING POC
phreebooks r30rc4 - Multiple Vulnerabilities
EIP-2026-111248 EXPLOITDB text WRITEUP
phpWebSite 1.7.1 - 'local' Cross-Site Scripting
EIP-2026-111152 EXPLOITDB text WORKING POC
phpmychat plus 1.93 - Multiple Vulnerabilities
EIP-2026-110026 EXPLOITDB text WORKING POC
omegabill 1.0 build 6 - Multiple Vulnerabilities
EIP-2026-110392 EXPLOITDB text WORKING POC
oscss2 2.1.0 rc12 - Multiple Vulnerabilities
EIP-2026-110391 EXPLOITDB text WORKING POC
osCSS 2.1 - Multiple Cross-Site Scripting / Local File Inclusions
EIP-2026-110337 EXPLOITDB text WORKING POC
OrangeHRM 2.6.3 - 'PluginController.php' Local File Inclusion
EIP-2026-110336 EXPLOITDB text WORKING POC
OrangeHRM 2.6.2 - 'jobVacancy.php' Cross-Site Scripting
EIP-2026-110315 EXPLOITDB text WORKING POC
openQRM 4.8 - 'source_tab' Cross-Site Scripting
CVE-2011-5160 EXPLOITDB text WORKING POC
Open-emr Openemr - XSS
Cross-site scripting (XSS) vulnerability in setup.php in OpenEMR 4 allows remote attackers to inject arbitrary web script or HTML via the site parameter.
EIP-2026-109784 EXPLOITDB text WRITEUP
mySeatXT 0.164 - 'lang' Local File Inclusion
EIP-2026-109959 EXPLOITDB text WORKING POC
NoticeBoardPro 1.0 - Multiple Vulnerabilities
EIP-2026-109882 EXPLOITDB text WORKING POC
netjukebox 4.01B/5.25 - 'skin' Cross-Site Scripting
EIP-2026-109832 EXPLOITDB text WORKING POC
Nakid CMS 1.0.2 - 'CKEditorFuncNum' Cross-Site Scripting
EIP-2026-109785 EXPLOITDB text WORKING POC
mySeatXT 0.1781 - SQL Injection
CVE-2011-4280 EXPLOITDB text WRITEUP
Spike PHPCoverage <2.0.2 - XSS
Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka spikephpcoverage) library, as used in Moodle 2.0.x before 2.0.2 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
EIP-2026-109083 EXPLOITDB text WRITEUP
LDAP Account Manager 3.4.0 - 'selfserviceSaveOk' Cross-Site Scripting
EIP-2026-109131 EXPLOITDB python WORKING POC
LightNEasy 3.2.3 - 'userhandle' Cookie SQL Injection
EIP-2026-109044 EXPLOITDB text WORKING POC
Kryn.cms 0.9 - '_kurl' Cross-Site Scripting
EIP-2026-107882 EXPLOITDB text WORKING POC
Interleave 5.5.0.2 - 'basicstats.php' Multiple Cross-Site Scripting Vulnerabilities
EIP-2026-108073 EXPLOITDB text WORKING POC
Jcow 4.2.1 - Local File Inclusion
EIP-2026-107692 EXPLOITDB text WORKING POC
i-doIT 0.9.9-4 - Local File Inclusion
EIP-2026-107376 EXPLOITDB text WRITEUP
Gelsheet 1.02 - 'index.php' Cross-Site Scripting
EIP-2026-107481 EXPLOITDB html WORKING POC
Graugon Forum 1.3 - SQL Injection