Affiliation/Organization: AutoSec Tools


Time to Patch Stats

For vulnerabilities disclosed through this affiliation where we have sufficient data to calculate the time to patch (1 vulns), the following statistics apply:

Min Time To Patch:2 days
Avg Time To Patch:2 days
Max Time To Patch:2 days

Other Affiliations

Creditees Affiliated with AutoSec Tools have also affiliated with:

Unaffiliated (1)
Microsoft Vulnerability Research (1)
Microsoft (1)
johnleitch.net (1)

Website: http://www.autosectools.com/

Creditees currently or formerly associated with AutoSec Tools (3):
(ordered by association date)

Known SinceNameVulns Through Affiliation
2011-01-23AutoSec Tools97
2011-02-20John Leitch29
2011-03-14Katsumi1

Disclosed Vulnerabilities (126):

Discl. DateOSVDB IDCVE IDCrediteesTitle
2011-11-13 77183 2011-4828 AutoSec Tools
 V-CMS includes/inline_image_upload.php File Upload Arbitrary PHP Code Execution
2011-11-13 77180 2011-4827 AutoSec Tools
 V-CMS redirect.php p Parameter XSS
2011-11-13 77181 2011-4827 AutoSec Tools
 V-CMS includes/TrueColorPicker/index.php box Parameter XSS
2011-11-13 77182 2011-4826 AutoSec Tools
 V-CMS process.php user Parameter SQL Injection
2011-06-01 72972 AutoSec Tools
 TeleData Contact Management Server URI Traversal Arbitrary File Access
2011-06-01 72725 AutoSec Tools
 Nakid CMS assets/addons/kcfinder/browse.php CKEditorFuncNum Parameter XSS
2011-05-25 80989 2011-4948 John Leitch
 eGroupware admin/remote.php uid Parameter Traversal Local File Inclusion
2011-05-25 80991 2011-4951 John Leitch
 eGroupware phpgwapi/ntlm/index.php forward Parameter Arbitrary Site Redirect
2011-05-14 72364 AutoSec Tools
 openQRM base/plugins/zfs-storage/zfs-storage-action.php source_tab Parameter XSS
2011-05-14 72390 AutoSec Tools
 Vanilla Forums index.php p Parameter Traversal Local File Inclusion
2011-05-12 72355 AutoSec Tools
 DocMGR history.php f Parameter XSS
2011-05-12 72368 AutoSec Tools
 Jcow index.php p Parameter Traversal Local File Inclusion
2011-05-12 72363 AutoSec Tools
 allocPSA login/login.php sessID Parameter XSS
2011-05-10 72365 AutoSec Tools
 NoticeBoardPro deleteItem3.php userID Parameter SQL Injection
2011-05-10 72366 AutoSec Tools
 NoticeBoardPro editItem1.php File Upload Arbitrary PHP Code Execution
2011-05-07 72231 AutoSec Tools
 Serva HTTP Request Processing DoS
2011-05-05 72228 AutoSec Tools
 Ampache login.php username Parameter XSS
2011-05-04 72229 AutoSec Tools
 GetSimple CMS index.php set Parameter Traversal Arbitrary File Access
2011-05-04 72241 AutoSec Tools
 Exponent CMS content_selector.php controller Parameter Traversal Local File Inclusion
2011-05-04 72242 AutoSec Tools
 Exponent CMS framework/modules/pixidou/download.php file Parameter Traversal Arbitrary File Access
2011-05-01 72223 AutoSec Tools
 TCExam /admin/code/tce_xml_user_results.php Multiple Parameter SQL Injection
2011-05-01 72222 AutoSec Tools
 TCExam /admin/code/tce_xml_user_results.php order_field Parameter SQL Injection
2011-05-01 72108 AutoSec Tools
 Tine library/vcardphp/vbook.php file Parameter XSS
2011-04-28 72098 AutoSec Tools
 LDAP Account Manager templates/login.php selfserviceSaveOk Parameter XSS
2011-04-28 72112 AutoSec Tools
 FrontAccounting (FA) admin/users.php Arbitrary Admin User Creation CSRF
2011-04-27 72107 AutoSec Tools
 Time and Expense Management System lookup.php form Parameter XSS
2011-04-27 72106 AutoSec Tools
 Time and Expense Management System systemadmin/BackupData.php Multiple Parameter Command Injection
2011-04-27 72105 AutoSec Tools
 Time and Expense Management System systemadmin/Edit.php processIncomingFormData() Function Arbitrary File Upload
2011-04-25 71999 John Leitch
 phpMyChat Plus avatar.php pmc_password Parameter XSS
2011-04-25 72006 AutoSec Tools
 OrangeHRM plugins/PluginController.php path Parameter Encoded Traversal Arbitrary File Access
2011-04-25 71998 John Leitch
 phpMyChat Plus lurking.php Multiple Cookie SQL Injection
2011-04-25 72048 John Leitch
 webERP AccountGroups.php CompanyNameField Parameter XSS
2011-04-25 86985 L0n3ly-H34rT
AutoSec Tools
 phpMyChat plus/install/old/install.php Multiple Parameter Traversal Local File Inclusion
2011-04-21 71962 John Leitch
 Todoyu lib/js/jscalendar/php/test.php lang Parameter XSS
2011-04-21 71968 John Leitch
 web2Project calendar.php token Parameter SQL Injection
2011-04-21 72128 John Leitch
 Dolibarr ERP/CRM htdocs/document.php lang Parameter XSS
2011-04-21 72129 John Leitch
 Dolibarr ERP/CRM htdocs/user/passwordforgotten.php theme Parameter Traversal Arbitrary File Access
2011-04-07 80990 2011-4949 John Leitch
 eGroupware phpgwapi/js/dhtmlxtree/samples/with_db/loaddetails.php id Parameter SQL Injection
2011-04-05 71703 John Leitch
 e107 Admin Functions CSRF
2011-04-03 71462 John Leitch
 AdWizz Plugin for WordPress wp-content/plugins/ad-wizz/template.php link Parameter XSS
2011-04-03 71461 John Leitch
 Placester Plugin for WordPress wp-content/plugins/placester/admin/support_ajax.php ajax_action Parameter XSS
2011-04-03 71460 John Leitch
 LiveStreet CMS css_optimiser.php url Parameter XSS
2011-04-03 71718 2011-1714 John Leitch
 eyeOS framework/source/resource/qx/test/jsonp_primitive.php callback Parameter XSS
2011-04-03 71719 2011-1715 John Leitch
 eyeOS framework/source/resource/qx/test/part/delay.php file Parameter Traversal Arbitrary File Access
2011-04-03 71720 2011-1714 John Leitch
 qooxdoo framework/source/resource/qx/test/jsonp_primitive.php callback Parameter XSS
2011-04-03 71721 2011-1715 John Leitch
 qooxdoo framework/source/resource/qx/test/part/delay.php file Parameter Traversal Arbitrary File Access
2011-04-02 71459 2011-5160 John Leitch
 OpenEMR setup.php site Parameter XSS
2011-04-02 71457 John Leitch
 OpenEMR gacl/admin/object_search.php Multiple Parameter XSS
2011-04-02 71458 John Leitch
 OpenEMR index.php site Parameter Traversal Local File Inclusion
2011-03-27 71287 2011-1556 AutoSec Tools
 Andy's PHP Knowledgebase Project plugins/pdfClasses/pdfgen.php pdfa Parameter SQL Injection
2011-03-24 71280 AutoSec Tools
 netjukebox message.php skin Parameter XSS
2011-03-24 71283 AutoSec Tools
 Group-Office Admin User Creation CSRF
2011-03-23 71312 AutoSec Tools
 Claroline auth/inscription.php Multiple Parameter XSS
2011-03-23 71293 AutoSec Tools
 osCSS2 admin/editeur/tiny_mce/plugins/tinybrowser/upload.php feid Parameter XSS
2011-03-23 71294 AutoSec Tools
 osCSS2 admin/index.php page_admin Parameter Traversal Local File Inclusion
2011-03-23 71295 AutoSec Tools
 osCSS2 admin/popup_image.php page_admin Parameter Traversal Local File Inclusion
2011-03-15 71192 AutoSec Tools
 b2evolution blogs/htsrv/comment_post.php p Parameter XSS
2011-03-14 71172 John Leitch
Katsumi
 Nucleus CMS index.php user Parameter XSS
2011-03-13 71311 AutoSec Tools
 wodWebServer.NET URL Traversal Arbitrary File Access
2011-03-11 71474 John Leitch
 Feng Office Community Edition public/assets/javascript/slimey/save.php Multiple Parameter XSS
2011-03-11 71313 AutoSec Tools
 PyroCMS index.php website Parameter XSS
2011-03-11 71286 AutoSec Tools
 OrangeHRM templates/recruitment/jobVacancy.php recruitcode Parameter XSS
2011-03-11 71473 John Leitch
 Feng Office Community Edition public/assets/javascript/ckeditor/ck_upload_handler.php Arbitrary File Upload
2011-03-10 71070 AutoSec Tools
 Xinha plugins/SpellChecker/spell-check-savedicts.php Multiple Parameter XSS
2011-03-10 71723 John Leitch
 openC index.php FORM[profilbild] Parameter XSS
2011-03-10 71722 John Leitch
 openC index.php Multiple Parameter XSS
2011-03-10 72164 John Leitch
 ClanSphere mods/ckeditor/filemanager/connectors/php/upload.php CKEditorFuncNum Parameter XSS
2011-03-10 72163 John Leitch
 ClanSphere mods/ckeditor/filemanager/connectors/php/upload.php Arbitrary File Upload
2011-03-06 71018 AutoSec Tools
 Automne admin/upload-controler.php atm-regen Parameter Arbitrary File Upload
2011-03-04 71010 AutoSec Tools
 InterPhoto Gallery about.php IPLANG Parameter Traversal Arbitrary File Access
2011-03-03 70971 AutoSec Tools
 RhinOS admin/lib/gradient/gradient.php Multiple Parameter Encoded Traversal Arbitrary File Access
2011-03-03 71273 AutoSec Tools
 Support Incident Tracker (SiT!) lib/magpierss/scripts/magpie_debug.php url Parameter XSS
2011-03-03 71274 AutoSec Tools
 Support Incident Tracker (SiT!) lib/magpierss/scripts/magpie_simple.php url Parameter XSS
2011-03-03 71275 AutoSec Tools
 Support Incident Tracker (SiT!) lib/magpierss/scripts/magpie_slashbox.php rss_url Parameter XSS
2011-03-03 71276 AutoSec Tools
 Support Incident Tracker (SiT!) feedback.php ax Parameter XSS
2011-03-02 71263 AutoSec Tools
 phpWebSite javascript/editors/fckeditor/editor/custom.php local Parameter XSS
2011-02-25 71107 AutoSec Tools
 OPS Old Post Spinner Plugin for WordPress wp-content/plugins/old-post-spinner/logview.php ops_file Parameter Traversal Arbitrary File Access
2011-02-25 71166 AutoSec Tools
 jQuery Mega Menu Widget Plugin for WordPress wp-content/plugins/jquery-mega-menu/skin.php skin Parameter Traversal Arbitrary File Access
2011-02-23 71168 AutoSec Tools
 ComicPress Manager Plugin for WordPress wp-content/plugins/comicpress-manager/jscalendar-1.0/test.php lang Parameter XSS
2011-02-23 71167 AutoSec Tools
 IGIT Posts Slider Widget Plugin for WordPress wp-content/plugins/igit-posts-slider-widget/timthumb.php src Parameter XSS
2011-02-23 71190 AutoSec Tools
 Local Market Explorer Plugin for WordPress wp-content/plugins/local-market-explorer/modules/walk-score-iframe.php api-key Parameter XSS
2011-02-23 71215 AutoSec Tools
 Zotpress Plugin for WordPress wp-content/plugins/zotpress/zotpress.image.php citation Parameter XSS
2011-02-23 71226 AutoSec Tools
 YT-Audio Plugin for WordPress wp-content/plugins/yt-audio-streaming-audio-from-youtube/frame.php v Parameter XSS
2011-02-20 71419 John Leitch
 ProQuiz functions.php Arbitrary File Upload
2011-02-20 71093 AutoSec Tools
 Batavi /admin/templates/pages/templates_boxes/info.php module Parameter Traversal Local File Inclusion
2011-02-20 71092 AutoSec Tools
 Batavi admin/templates/pages/event_manager/edit.php mID Parameter XSS
2011-02-20 71091 AutoSec Tools
 Batavi admin/ext/color_picker/default.php store_root Parameter XSS
2011-02-20 71090 AutoSec Tools
 Batavi ext/xmlrpc/debugger/controller.php altmethodpayload Parameter XSS
2011-02-20 71094 AutoSec Tools
 Batavi /admin/templates/pages/images/main.php module Parameter Traversal Local File Inclusion
2011-02-20 71095 AutoSec Tools
 Batavi /admin/templates/pages/statistics/main.php module Parameter Traversal Local File Inclusion
2011-02-20 71096 AutoSec Tools
 Batavi /admin/templates/pages/templates/batch_delete.php template Parameter Traversal Local File Inclusion
2011-02-20 71097 AutoSec Tools
 Batavi /admin/templates/pages/templates/delete_rule.php template Parameter Traversal Local File Inclusion
2011-02-20 71103 AutoSec Tools
 Batavi /admin/templates/pages/templates/edit.php template Parameter Traversal Local File Inclusion
2011-02-20 71098 AutoSec Tools
 Batavi /admin/templates/pages/templates/edit_rule.php template Parameter Traversal Local File Inclusion
2011-02-20 71099 AutoSec Tools
 Batavi /admin/templates/pages/templates/info.php template Parameter Traversal Local File Inclusion
2011-02-20 71100 AutoSec Tools
 Batavi /admin/templates/pages/templates/uninstall.php template Parameter Traversal Local File Inclusion
2011-02-20 71101 AutoSec Tools
 Batavi /admin/templates/pages/export/download.php file Parameter Traversal Local File Inclusion
2011-02-20 71102 AutoSec Tools
 Batavi /admin/templates/pages/page_layout/main.php filter Parameter Traversal Local File Inclusion
2011-02-19 70880 2012-0873 AutoSec Tools
 Dolphin explanation.php explain Parameter XSS
2011-02-12 70949 AutoSec Tools
 Dokeos main/inc/latex.php code Parameter XSS
2011-02-02 70864 AutoSec Tools
 CiviCRM Component for Joomla! administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_image.php defaultPath Parameter XSS
2011-02-02 70865 AutoSec Tools
 CiviCRM Component for Joomla! administrator/components/com_civicrm/civicrm/packages/PHPgettext/examples/pigs_dropin.php lang Parameter XSS
2011-02-02 70866 AutoSec Tools
 CiviCRM Component for Joomla! administrator/components/com_civicrm/civicrm/packages/PHPgettext/examples/pigs_fallback.php lang Parameter XSS
2011-02-02 70867 AutoSec Tools
 CiviCRM Component for Joomla! administrator/components/com_civicrm/civicrm/packages/amfphp/browser/methodTable.php class Parameter XSS
2011-02-02 70860 AutoSec Tools
 CiviCRM Module for Drupal sites/all/modules/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_image.php defaultPath Parameter XSS
2011-02-02 70861 AutoSec Tools
 CiviCRM Module for Drupal sites/all/modules/civicrm/packages/amfphp/browser/details.php class Parameter XSS
2011-02-02 70862 AutoSec Tools
 CiviCRM Module for Drupal sites/all/modules/civicrm/packages/amfphp/browser/methodTable.php class Parameter XSS
2011-02-02 70863 AutoSec Tools
 CiviCRM Module for Drupal sites/all/modules/civicrm/packages/amfphp/browser/code.php class Parameter XSS
2011-01-31 70736 AutoSec Tools
 Simple Web Content Management System /admin/item_delete.php id Parameter SQL Injection
2011-01-31 70750 AutoSec Tools
 TCExam /public/code/tce_user_registration.php user_password Parameter XSS
2011-01-30 70737 AutoSec Tools
 TagNinja Plugin for WordPress wp-content/plugins/tagninja/fb_get_profile.php id Parameter XSS
2011-01-27 70735 2011-4280 AutoSec Tools
 Moodle lib/spikephpcoverage/src/phpcoverage.remote.top.inc.php PHPCOVERAGE_HOME Parameter XSS
2011-01-24 70643 AutoSec Tools
 BezahlCode-Generator Plugin for WordPress wp-content/plugins/bezahlcode-generator/der_generator.php gen_name Parameter XSS
2011-01-24 70646 AutoSec Tools
 WP Publication Archive Plugin for WordPress wp-content/plugins/wp-publication-archive/includes/openfile.php file Parameter Arbitrary File Access
2011-01-24 70647 AutoSec Tools
 Videox7 UGC Plugin for WordPress wordpress/wp-content/plugins/x7host-videox7-ugc-plugin/x7listplayer.php listid Parameter XSS
2011-01-24 70649 AutoSec Tools
 Uploader Plugin for WordPress wp-content/plugins/uploader/views/notify.php num Parameter XSS
2011-01-24 70648 AutoSec Tools
 Uploader Plugin for WordPress wp-content/plugins/uploader/uploadify/uploadify.php Arbitrary File Upload
2011-01-24 70747 2011-5210 AutoSec Tools
 Limny admin/preview.php theme Parameter Traversal Local File Inclusion
2011-01-24 70664 AutoSec Tools
 Recip.ly Plugin for WordPress wp-content/plugins/reciply/uploadImage.php Arbitrary File Upload
2011-01-24 70662 AutoSec Tools
 Conduit Banner Plugin for WordPress wp-content/plugins/conduit-banner-selector/conduit-banner-selector-banners.php banner-index-field-id Parameter XSS
2011-01-24 70663 AutoSec Tools
 Featured Content Plugin for WordPress wp-content/plugins/featured-content/js/modalbox/tests/functional/_ajax_method_get.php param Parameter XSS
2011-01-23 70640 AutoSec Tools
 Audio Plugin for WordPress wp-content/plugins/audio/getid3/demos/demo.browse.php showfile Parameter XSS
2011-01-23 70644 2011-0740 AutoSec Tools
 RSS Feed Reader for WordPress Plugin wp-content/plugins/rss-feed-reader/magpie/scripts/magpie_slashbox.php rss_url Parameter XSS
2011-01-23 70645 AutoSec Tools
 FCChat Widget Plugin for WordPress wp-content/plugins/fcchat/js/import.config.php path Parameter XSS
2011-01-23 70672 2011-0773 AutoSec Tools
 PivotX pivotx/modules/module_image.php image Parameter XSS
2011-01-23 70679 AutoSec Tools
 WP Featured Post with Thumbnail Plugin for WordPress wp-content/plugins/wp-featured-post-with-thumbnail/scripts/timthumb.php src Parameter XSS

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2013 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use