Email address | john at autosectools.com |
---|---|
Website | www.autosectools.com |
First Active | 2010-04-27 |
Last Active | 2012-04-17 |
A reflected cross site scripting vulnerability in eGroupware version 1.8.001 can be exploited to execute arbitrary JavaScript.
12b599a5bb6bc60e3ec879007d3ad6b455cda895ae66b2b950121333995b3fc8
A SQL injection vulnerability in eGroupware version 1.8 can be exploited to extract arbitrary data. In some environments it may be possible to create a PHP shell.
172bfbdcfad1acd11c2432e343fc10b79bc2c32328f1c7d5cf4a1e219b0e5e46
A SQL injection vulnerability in Graugon Forum version 1.3 can be exploited to extract arbitrary data. In some environments it may be possible to create a PHP shell.
3bcecefc8d0994b2b9a59c8df53e1886cb57d1152b8f0e4a5b5c142041702ea0
A reflected cross site scripting vulnerability in eyeOS version 2.3 can be exploited to execute arbitrary JavaScript.
819bd7630294e169d5d52bacf0e632582fa148a63cfbeb6d1d2c6bfa6153092c
eyeOS version 2.3 suffers from a local file inclusion vulnerability.
0427304632368ff5ec4f1b561216ab1c3e6ed8d58a7d7be7cd857ffdc05b3ce3
A reflected cross site scripting vulnerability in LiveStreet version 0.4.2 can be exploited to execute arbitrary JavaScript.
2d8eda39a7f87966420ac83fa63d45dfaa2f03c6667834fc8389ef3c58fb9045
OpenEMR version 4.0.0 suffers from arbitrary database creation / enumeration.
dddf61c935cdcd4f8df2692ee65b8cc4779be68b09f9c4e9c9b42177fd87abdc
A local file inclusion vulnerability in OpenEMR version 4.0.0 can be exploited to include arbitrary files.
9eba963b52998e9bc872dc06b24f2cd1a37711bd9c90067d57fdfc966c2a6720
A reflected cross site scripting vulnerability in OpenEMR version 4.0.0 can be exploited to execute arbitrary JavaScript.
5e72e282ba9e9103255e1b840f91ce2378bba7b0bfeb70e4d8d3f5b12358c5cb
A reflected cross site scripting vulnerability in WordPress AdWizz version 1.0 can be exploited to execute arbitrary JavaScript.
8a9d9c1ebf2a627cef743834e525f4f080dfc7ac0068d836e37f7d69613ef26b
A reflected cross site scripting vulnerability in WordPress Placester version 0.1.0 can be exploited to execute arbitrary JavaScript.
b194b7882cf1b7ab61647ac4dd7398f0a19250f8237bd99e0f8d2f6ab2339b2d
WordPress WP Custom Pages version 0.5.0.1 suffers from a local file inclusion vulnerability.
4b08042a71b6a53021d6402455a7d0578b34f811383665fc249b416ab55ae72d
Andy's PHP Knowledgebase Project version 0.95.4 suffers from a remote SQL injection vulnerability. In some environments it may be possible to create a PHP shell.
3362f821f69cf7647b8a82382dc84a639aaed20c0562335c522098d52d8a7f39
A persistent cross site scripting vulnerability in Claroline version 1.10 can be exploited to execute arbitrary JavaScript.
90fe6ead030e3c46d84454b0be125a33b560e1c502df04a47f9e57155e7d883e
If the UserID cookie is set all virtual folders become accessible in Easy File Sharing Web Server version 5.8.
21615d4f36d5b7cd45ee4e5f342b744e70077736f0c8d2d3d17689b061ac2454
A directory traversal vulnerability in Easy File Sharing Web Server version 5.8 can be exploited to navigate the local file system and create arbitrary files. A user account is necessary to exploit. If registration is not open, it may be possible to retrieve the credential containing user.sdb file using directory traversal combined with authentication bypass.
ac800ad9948f881dd6a2938280a77e88b9a8160b373a2e7f6101e471a36b3abc
A persistent cross site scripting vulnerability in Easy File Sharing Web Server Version version 5.8 can be exploited to execute arbitrary JavaScript.
ed8b4b92ab766bf1e5557224303153a9fb3dbf3b2868ca81ca1c673f164ed493
A directory traversal vulnerability in jHTTPd version 0.1a can be exploited to read files outside of the web root.
7714d7d0c2b394430f94ade33e5d1ee5451a1d69f42ee28c049bb489a1ee60b5
A local file inclusion vulnerability in osCSS2 version 2.1.0 RC12 can be exploited to include arbitrary files.
ddfabb7fab1601434040280e29cf5bac13c0fe2ac08f6109f11acdc2170ea9d1
A reflected cross site scripting vulnerability in osCSS2 version 2.1.0 RC12 can be exploited to execute arbitrary JavaScript.
f2ece481a0b0c093bc536696d2d1c33801f67b46fd5b6be9344b80d75980e38d
A denial of service vulnerability can be exploited to crash Rumble Mail Server version 0.25.2231.
b0e3c08985a8d72ca7865e9e68c5533e75d35da0fabcf0562d520299c4b27731
A directory traversal vulnerability in wodWebServer.NET version 1.3.3 can be exploited to read files outside of the web root.
808b9c99fe76c207b01940a1506d3a27ab6b89ba66993fc79f2234e50ed86d4c
A reflected cross site scripting vulnerability in Web Edition version 6.1.0.2 can be exploited to execute arbitrary JavaScript.
684bc8f7aa4227ba5958a54efd458df5217d4e69c43832ae947fc3b68d95179e
A local file inclusion vulnerability in Web Edition version 6.1.0.2 can be exploited to include arbitrary files.
22592930540da997abc6dcef41fa3deba2041de82eca9248a0919023dfc136a3
A persistent cross site scripting vulnerability in PyroCMS version 1.1.0 can be exploited to execute arbitrary JavaScript.
93d7260c861238534b00a99f001f285b03bea110189be2a23e57af8dffa3d11c