HauntIT

10 exploits Active since Mar 2014
EIP-2026-115656 EXPLOITDB text WRITEUP
Microsoft Excel 2010 - Crash (PoC) (2)
EIP-2026-113273 EXPLOITDB text WORKING POC
webERP 4.11.3 - 'SalesInquiry.php?SortBy' SQL Injection
EIP-2026-112738 EXPLOITDB text WORKING POC
TomatoCart - 'example_form.ajax.php' Cross-Site Scripting
EIP-2026-112251 EXPLOITDB php WORKING POC
SMF - '/index.php' HTML Injection / Multiple PHP Code Injection Vulnerabilities
EIP-2026-111463 EXPLOITDB text WRITEUP
PragmaMX 1.2.10 - Persistent Cross-Site Scripting
EIP-2026-110940 EXPLOITDB text WORKING POC
phpBB - Multiple SQL Injections
EIP-2026-110799 EXPLOITDB text WORKING POC
PHP-CMDB 0.7.3 - Multiple Vulnerabilities
EIP-2026-110769 EXPLOITDB text WORKING POC
PHP Ticket System Beta 1 - 'get_all_created_by_user.php?id' SQL Injection
CVE-2014-2090 EXPLOITDB text WORKING POC
ILIAS 4.4.1 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in ilias.php in ILIAS 4.4.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) tar, (2) tar_val, or (3) title parameter.
CVE-2014-2091 EXPLOITDB text WORKING POC
ATutor 2.1.1 - XSS
Cross-site scripting (XSS) vulnerability in mods/_standard/forums/admin/forum_add.php in ATutor 2.1.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the title parameter in an add_forum action. NOTE: the original disclosure also reported issues that may not cross privilege boundaries.