Affiliation/Organization: attrition.org


Time to Patch Stats

For vulnerabilities disclosed through this affiliation where we have sufficient data to calculate the time to patch (4 vulns), the following statistics apply:

Min Time To Patch:140 days
Avg Time To Patch:140 days
Max Time To Patch:140 days

Other Affiliations

Creditees Affiliated with attrition.org have also affiliated with:

Website: http://attrition.org/

Creditees currently or formerly associated with attrition.org (2):
(ordered by association date)

Known SinceNameVulns Through Affiliation
2002-02-24security curmudgeon44
2009-11-20Lyger1

Disclosed Vulnerabilities (45):

Discl. DateOSVDB IDCVE IDCrediteesTitle
2009-11-20 60367 security curmudgeon
 Bes-mcmf Search Field XSS
2009-11-20 60364 security curmudgeon
 Blahz-DNS listing/login.php Primary Name field XSS
2009-11-20 60377 Lyger
 McAfee SecurityCenter Product Registration Local Cleartext Credential Disclosure
2008-12-01 50321 2008-3057 security curmudgeon
 Oempro HTTPS Session Cookie Secure Flag Weakness
2008-12-01 50322 2008-3058 security curmudgeon
 Oempro index.php FormValue_Email Parameter SQL Injection Authentication Bypass
2008-12-01 50324 2008-3059 security curmudgeon
 Oempro /member/settings_account.php Cleartext Password Disclosure
2008-12-01 50323 2008-3058 security curmudgeon
 Oempro /client/campaign_track.php FormValue_SearchKeywords Parameter SQL Injection
2008-04-03 90794 security curmudgeon
 TotalCalendar validcode.php inc_dir Parameter Remote File Inclusion
2008-04-03 90795 security curmudgeon
 Claroline tracking/userLog.php rootSys Parameter Remote File Inclusion
2008-04-03 90796 security curmudgeon
 Contenido CMS /frontend/news.php cfg[path][includes] Parameter Remote File Inclusion
2007-04-26 34154 2007-2353 security curmudgeon
 Apache Axis Nonexistent Java Web Service Path Disclosure
2006-03-29 24236 2006-1436 security curmudgeon
 @1 Event Publisher eventpublisher_usersubmit.htm Multiple Parameter XSS
2006-03-29 24237 2006-1437 security curmudgeon
 @1 Event Publisher eventpublisher.txt Direct Request Private Comment Disclosure
2006-03-29 24238 2006-1795 security curmudgeon
 @1 Table Publisher tablepublisher.cgi Title of Table Field XSS
2006-03-28 24255 2006-1435 security curmudgeon
 ARIA (Accounting Receiving and Inventory Administration) genmessage.php Message Field XSS
2006-03-28 24302 2006-1433 security curmudgeon
 Annuaire (Directory) /include/lang-en.php Direct Request Path Disclosure
2006-03-28 24303 2006-1434 security curmudgeon
 Annuaire (Directory) inscription.php Comment Field XSS
2006-03-27 24149 2006-1479 security curmudgeon
 gtd-php newProject.php Multiple Field XSS
2006-03-27 24150 2006-1479 security curmudgeon
 gtd-php newList.php Multiple Field XSS
2006-03-27 24151 2006-1479 security curmudgeon
 gtd-php newWaitingOn.php Multiple Field XSS
2006-03-27 24152 2006-1479 security curmudgeon
 gtd-php newChecklist.php Title Field XSS
2006-03-27 24153 2006-1479 security curmudgeon
 gtd-php newContext.php Title Field XSS
2006-03-27 24154 2006-1479 security curmudgeon
 gtd-php newCategory.php Category Name Field XSS
2006-03-27 24155 2006-1479 security curmudgeon
 gtd-php newGoal.php Title Field XSS
2006-03-27 24156 2006-1479 security curmudgeon
 gtd-php listReport.php listTitle Parameter XSS
2006-03-27 24157 2006-1479 security curmudgeon
 gtd-php projectReport.php projectName Parameter XSS
2006-03-27 24158 2006-1479 security curmudgeon
 gtd-php checklistReport.php checklistTitle Parameter XSS
2006-03-27 24235 2006-1436 security curmudgeon
 @1 Event Publisher eventpublisher_admin.htm Multiple Parameter XSS
2006-03-27 24310 2006-1438 security curmudgeon
 Andy's PHP Knowledgebase (aphpkb) index.php keyword_list Parameter XSS
2006-03-27 24311 2006-1438 security curmudgeon
 Andy's PHP Knowledgebase (aphpkb) submit_article.php Multiple Parameter XSS
2006-03-19 23958 2006-1976 security curmudgeon
 Prayer Request Board (PRB) addRequest.php Request Field XSS
2006-03-02 32388 security curmudgeon
 Valdersoft Shopping Cart common.php Direct Request Path Disclosure
2005-11-16 20878 security curmudgeon
 Barracuda Spam Firewall User Interface Multiple Field XSS
2005-11-16 20879 security curmudgeon
 Barracuda Spam Firewall Hashed Password Disclosure
2005-10-13 20033 2005-4703 security curmudgeon
 Apache Tomcat MS-DOS Device Request Error Message Path Disclosure
2005-08-04 18533 security curmudgeon
 Whois.Cart admin/domain_add.php Domain Name XSS
2005-08-04 18534 security curmudgeon
 Whois.Cart admin/hosts_add.php Multiple Field XSS
2005-08-04 18535 security curmudgeon
 Whois.Cart admin/hosting.php Add Line Field XSS
2005-08-04 18536 security curmudgeon
 Whois.Cart admin/info.php Information Disclosure
2005-04-24 15754 2005-1309 security curmudgeon
 bBlog Blog Entry Title XSS
2005-04-24 15755 2005-1309 security curmudgeon
 bBlog Blog/Comment Body XSS
2005-04-24 15756 2005-1310 security curmudgeon
 bBlog index.php postid Parameter SQL Injection
2004-11-27 12143 security curmudgeon
 SecretSanta SecretSanta.php Malformed Input Remote Path Disclosure
2004-08-05 8323 security curmudgeon
 TBP Mozilla Extension Cross-tab URL HREF Remote Information Disclosure
2002-02-24 4081 2002-0324 security curmudgeon
 Greymatter Remote Admin Account Compromise

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2013 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use