Affiliation/Organization: attrition.org


Time to Patch Stats

For vulnerabilities disclosed through this affiliation where we have sufficient data to calculate the time to patch (4 vulns), the following statistics apply:

Min Time To Patch:140 days
Avg Time To Patch:140 days
Max Time To Patch:140 days

Other Affiliations

Creditees Affiliated with attrition.org have also affiliated with:

Website: http://attrition.org/

Creditees currently or formerly associated with attrition.org (2):
(ordered by association date)

Known SinceNameVulns Through Affiliation
2002-02-24security curmudgeon45
2009-11-20Lyger1

Disclosed Vulnerabilities (46):

Discl. DateOSVDB IDCVE IDCrediteesTitle
2014-01-19 102266 security curmudgeon
Mr. Number for Android Screenlock Bypass Weakness
2009-11-20 60367 security curmudgeon
Bes-mcmf Search Field XSS
2009-11-20 60364 security curmudgeon
Blahz-DNS listing/login.php Primary Name field XSS
2009-11-20 60377 Lyger
McAfee SecurityCenter Product Registration Local Cleartext Credential Disclosure
2008-12-01 50321 2008-3057 security curmudgeon
Oempro HTTPS Session Cookie Secure Flag Weakness
2008-12-01 50322 2008-3058 security curmudgeon
Oempro index.php FormValue_Email Parameter SQL Injection Authentication Bypass
2008-12-01 50324 2008-3059 security curmudgeon
Oempro /member/settings_account.php Cleartext Password Disclosure
2008-12-01 50323 2008-3058 security curmudgeon
Oempro /client/campaign_track.php FormValue_SearchKeywords Parameter SQL Injection
2008-04-03 90794 security curmudgeon
TotalCalendar validcode.php inc_dir Parameter Remote File Inclusion
2008-04-03 90795 security curmudgeon
Claroline tracking/userLog.php rootSys Parameter Remote File Inclusion
2008-04-03 90796 security curmudgeon
Contenido CMS /frontend/news.php cfg[path][includes] Parameter Remote File Inclusion
2007-04-26 34154 2007-2353 security curmudgeon
Apache Axis Nonexistent Java Web Service Path Disclosure
2006-03-29 24236 2006-1436 security curmudgeon
@1 Event Publisher eventpublisher_usersubmit.htm Multiple Parameter XSS
2006-03-29 24237 2006-1437 security curmudgeon
@1 Event Publisher eventpublisher.txt Direct Request Private Comment Disclosure
2006-03-29 24238 2006-1795 security curmudgeon
@1 Table Publisher tablepublisher.cgi Title of Table Field XSS
2006-03-28 24255 2006-1435 security curmudgeon
ARIA (Accounting Receiving and Inventory Administration) genmessage.php Message Field XSS
2006-03-28 24302 2006-1433 security curmudgeon
Annuaire (Directory) /include/lang-en.php Direct Request Path Disclosure
2006-03-28 24303 2006-1434 security curmudgeon
Annuaire (Directory) inscription.php Comment Field XSS
2006-03-27 24149 2006-1479 security curmudgeon
gtd-php newProject.php Multiple Field XSS
2006-03-27 24150 2006-1479 security curmudgeon
gtd-php newList.php Multiple Field XSS
2006-03-27 24151 2006-1479 security curmudgeon
gtd-php newWaitingOn.php Multiple Field XSS
2006-03-27 24152 2006-1479 security curmudgeon
gtd-php newChecklist.php Title Field XSS
2006-03-27 24153 2006-1479 security curmudgeon
gtd-php newContext.php Title Field XSS
2006-03-27 24154 2006-1479 security curmudgeon
gtd-php newCategory.php Category Name Field XSS
2006-03-27 24155 2006-1479 security curmudgeon
gtd-php newGoal.php Title Field XSS
2006-03-27 24156 2006-1479 security curmudgeon
gtd-php listReport.php listTitle Parameter XSS
2006-03-27 24157 2006-1479 security curmudgeon
gtd-php projectReport.php projectName Parameter XSS
2006-03-27 24158 2006-1479 security curmudgeon
gtd-php checklistReport.php checklistTitle Parameter XSS
2006-03-27 24235 2006-1436 security curmudgeon
@1 Event Publisher eventpublisher_admin.htm Multiple Parameter XSS
2006-03-27 24310 2006-1438 security curmudgeon
Andy's PHP Knowledgebase (aphpkb) index.php keyword_list Parameter XSS
2006-03-27 24311 2006-1438 security curmudgeon
Andy's PHP Knowledgebase (aphpkb) submit_article.php Multiple Parameter XSS
2006-03-19 23958 2006-1976 security curmudgeon
Prayer Request Board (PRB) addRequest.php Request Field XSS
2006-03-02 32388 security curmudgeon
Valdersoft Shopping Cart common.php Direct Request Path Disclosure
2005-11-16 20878 security curmudgeon
Barracuda Spam Firewall User Interface Multiple Field XSS
2005-11-16 20879 security curmudgeon
Barracuda Spam Firewall Hashed Password Disclosure
2005-10-13 20033 2005-4703 security curmudgeon
Apache Tomcat MS-DOS Device Request Error Message Path Disclosure
2005-08-04 18533 security curmudgeon
Whois.Cart admin/domain_add.php Domain Name XSS
2005-08-04 18534 security curmudgeon
Whois.Cart admin/hosts_add.php Multiple Field XSS
2005-08-04 18535 security curmudgeon
Whois.Cart admin/hosting.php Add Line Field XSS
2005-08-04 18536 security curmudgeon
Whois.Cart admin/info.php Information Disclosure
2005-04-24 15754 2005-1309 security curmudgeon
bBlog Blog Entry Title XSS
2005-04-24 15755 2005-1309 security curmudgeon
bBlog Blog/Comment Body XSS
2005-04-24 15756 2005-1310 security curmudgeon
bBlog index.php postid Parameter SQL Injection
2004-11-27 12143 security curmudgeon
SecretSanta SecretSanta.php Malformed Input Remote Path Disclosure
2004-08-05 8323 security curmudgeon
TBP Mozilla Extension Cross-tab URL HREF Remote Information Disclosure
2002-02-24 4081 2002-0324 security curmudgeon
Greymatter Remote Admin Account Compromise

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2014 Open Sourced Vulnerability Database (OSVDB), All Rights Reserved.
License - Privacy Statement - Terms of Use