OSVDB: Open Sourced Vulnerability Database

Affiliation/Organization: Inj3ct0r 1337Team

Other Affiliations

Creditees Affiliated with Inj3ct0r 1337Team have also affiliated with:

Inj3ct0r 1337 Team (2)

OpenSysCom (1)

Inj3ct0r Team (1)

Website: http://1337day.com/

Creditees currently or formerly associated with Inj3ct0r 1337Team (11):
(ordered by association date)

Known Since	Name	Vulns Through Affiliation
2011-04-24	KedAns-Dz	53
2011-05-06	KnocKout	2
2011-05-10	Sid3^effects	1
2011-08-17	L0rd CrusAd3r	2
2012-03-23	the_cyber_nuxbie	59
2012-04-05	DoSs-Dz	2
2012-06-05	Sammy FORGIT	9
2012-06-15	Taurus Omar	3
2012-08-31	Dark-Puzzle (Souhail Hammou)	6
2013-01-02	Akastep	9
2013-01-07	The Black Devils	1

Disclosed Vulnerabilities (147):

Discl. Date	OSVDB ID	CVE ID	Creditees	Title
2013-04-18	92635		KedAns-Dz	SWFUpload swfupload.swf buttonImageURL Parameter Image Content Spoofing
2013-04-06	92235		KedAns-Dz	EasyPHP /home/codetester.php Remote Code Execution
2013-04-06	92234		KedAns-Dz	EasyPHP /home/index.php to Parameter Admin Panel Authentication Bypass
2013-04-06	92233		KedAns-Dz	EasyPHP /home/phpinfo.php Direct Request Information Disclosure
2013-03-11	91209		KedAns-Dz	PHPBoost /phpboost/news/management.php File Upload Arbitrary Code Execution
2013-03-11	91208		KedAns-Dz	PHPBoost /phpboost/user/ url Parameter Malformed Input Information Disclosure
2013-01-21	89603		KedAns-Dz	Gary's Cookbook Component for Joomla! index.php File Upload Arbitrary Code Execution
2013-01-16	89334		Akastep	php-Charts wizard/url.php eval() Call Remote PHP Code Execution
2013-01-15	89434		KedAns-Dz	phpLiteAdmin /phpliteadmin.php table Parameter SQL Injection
2013-01-15	89433		KedAns-Dz	phpLiteAdmin Default Admin Password
2013-01-15	89432		KedAns-Dz	phpLiteAdmin /phpliteadmin.php Crafted File Importing Path Disclosure
2013-01-14	89557		KedAns-Dz	Nibbleblog /admin/ajax/uploader.php Direct Request Path Disclosure
2013-01-14	89412		KedAns-Dz	Nibbleblog /admin.php File Upload Arbitrary Code Execution
2013-01-08	89056		Akastep	MotoCMS admin/data/users.xml Access Restriction Weakness Information Disclosure
2013-01-08	89411		Akastep	XML Sitemap Generator Plugin for WordPress XML File Overwrite Arbitrary Code Execution
2013-01-07	89163		The Black Devils	Reactive Apps UploadiFive uploadify.php folder Parameter File Upload Arbitrary Code Execution
2013-01-06	88955		Akastep	Spam Free Plugin for WordPress IP Blocklist Restriction Bypass
2013-01-06	88954		Akastep	Spam Free Plugin for WordPress Multiple Script Direct Request Path Disclosure
2013-01-02	88951		Akastep	osTicket l.php url Parameter Arbitrary Site Redirect
2013-01-02	88949		Akastep	osTicket Multiple Script Path Disclosure
2013-01-02	88952		KedAns-Dz	Drupal getimagesize() Function Uploaded Image Handling Information Disclosure
2013-01-02	88935		Akastep	osTicket l.php url Parameter XSS
2013-01-02	88934		Akastep	osTicket directory.php q Parameter XSS
2012-10-15	92071		Taurus Omar	UvumiTools Crop Admin Page File Upload Arbitrary Code Execution
2012-09-25	85738		the_cyber_nuxbie	Token Manager Plugin for WordPress wp-admin/admin.php tid Parameter XSS
2012-09-22	85730		the_cyber_nuxbie	Sexy Add Template Plugin for WordPress PHP Code Execution CSRF
2012-09-21	85729		the_cyber_nuxbie	Notices Ticker Plugin for WordPress Notice Addition CSRF
2012-09-14	86053		Dark-Puzzle (Souhail Hammou)	Internet Download Manager Dial Up / VPN Username Field Local Overflow
2012-08-31	85147		Dark-Puzzle (Souhail Hammou)	iCagenda Component for Joomla! index.php Multiple Parameter Malformed Input Path Disclosure
2012-08-31	85889		Dark-Puzzle (Souhail Hammou)	Internet Download Manager EF2 File Handling Memory Corruption
2012-08-31	85148		Dark-Puzzle (Souhail Hammou)	iCagenda Component for Joomla! index.php id Parameter SQL Injection
2012-08-31	86400		Dark-Puzzle (Souhail Hammou)	BBPress Plugin for WordPress wp-content/plugins/bbpress/forum.php page Parameter SQL Injection
2012-08-31	86399		Dark-Puzzle (Souhail Hammou)	BBPress Plugin for WordPress Multiple Script Malformed Input Path Disclosure
2012-07-02	83526		the_cyber_nuxbie	MBB CMS Admin Addition CSRF
2012-07-02	83525		the_cyber_nuxbie	MBB CMS index.php q Parameter XSS
2012-07-02	83524		the_cyber_nuxbie	MBB CMS index.php q Parameter SQL Injection
2012-06-27	83236		the_cyber_nuxbie	Monstra CMS Arbitrary PHP Code Execution CSRF
2012-06-22	83081		the_cyber_nuxbie	Lokomedia CMS hubungi-aksi.html Multiple Parameter XSS
2012-06-22	83079		the_cyber_nuxbie	Lokomedia CMS Admin Addition CSRF
2012-06-22	83080		the_cyber_nuxbie	Lokomedia CMS adminweb/media.php halaman Parameter XSS
2012-06-20	83149		Taurus Omar	PD Multiple Product page.php Multiple Parameter SQL Injection
2012-06-19	83106		the_cyber_nuxbie	Balitbang CMS admin/admin.php nip Parameter XSS
2012-06-19	83107		the_cyber_nuxbie	Balitbang CMS member/user.php kd Parameter XSS
2012-06-19	83108		the_cyber_nuxbie	Balitbang CMS Admin Addition CSRF
2012-06-19	83109		the_cyber_nuxbie	Balitbang CMS Multiple Module XSS
2012-06-15	83290		Taurus Omar	JCal Pro Calendar Component for Joomla! index.php Itemid Parameter SQL Injection
2012-06-14	83030		KedAns-Dz	Katalyst Timthumb Plugin for WordPress wp-content/plugins/katalyst-timthumb/timthumb.php File Upload PHP Code Execution
2012-06-12	82988		KedAns-Dz	Zimplit zimplit.php File Upload PHP Code Execution
2012-06-11	82912		KedAns-Dz	Bearleague (JoomSport) Component for Joomla! includes/func.php query Parameter SQL Injection
2012-06-11	82911		KedAns-Dz	Bearleague (JoomSport) Component for Joomla! includes/imgres.php File Upload PHP Code Execution
2012-06-10	82909		KedAns-Dz	fileManager Module for Xoops Cube xupload.php File Upload PHP Code Execution
2012-06-10	82917		Sammy FORGIT	Auctions Plugin for WordPress uploadify/upload.php folder Parameter File Upload PHP Code Execution
2012-06-09	82918		Sammy FORGIT	jFancy Module for Joomla! /mod_jfancy/script.php Multiple File Extension Upload Arbitrary Code Execution
2012-06-09	82921		Sammy FORGIT	Art Uploader Component for Joomla! mod_artuploader/upload.php File Upload PHP Code Execution
2012-06-09	82922		Sammy FORGIT	HD FLV Player Plugin for WordPress contus-hd-flv-player/uploadVideo.php Multiple File Extension Upload Arbitrary Code Execution
2012-06-08	82828		KedAns-Dz	SS-Downloads Plugin for WordPress wp-config.php Disclosure CSRF
2012-06-08	82919		Sammy FORGIT	IDoEditor Component for Joomla! themes/advanced/php/image.php File Upload PHP Code Execution
2012-06-08	82829		KedAns-Dz	ImageDrop Plugin for WordPress ImageDrop.php Multiple Parameter SQL Injection
2012-06-08	82915		Sammy FORGIT	Easy Flash Uploader Component for Joomla! content/efup_files/helper.php File Upload PHP Code Execution
2012-06-08	82920		Sammy FORGIT	DentroVideo Component for Joomla! /externals/phpupload/upload.php Multiple File Extension Upload Arbitrary Code Execution
2012-06-08	82837		KedAns-Dz	WP Easy Gallery Plugin for WordPress admin/add-gallery.php File Upload PHP Code Execution
2012-06-08	82916		Sammy FORGIT	VideoWhisper Video Conference Plugin for WordPress videowhisper-video-conference-integration/vc/vw_upload.php File Upload PHP Code Execution
2012-06-05	82923		Sammy FORGIT	Simple SWFUpload Component for Joomla! /com_simpleswfupload/uploadhandler.php Multiple File Extension Upload Arbitrary Code Execution
2012-06-04	82635		KedAns-Dz	Zoph Multiple Function CSRF
2012-06-04	82625		KedAns-Dz	Zoph photo.php photo_id Parameter SQL Injection
2012-06-04	82634		KedAns-Dz	Zoph download.php _filename Parameter Arbitrary File Access
2012-06-03	82616		KedAns-Dz	AdaptCMS TinyURL Plugin index.php id Parameter SQL Injection
2012-06-03	82615		KedAns-Dz	TYPO3 File Upload CSRF
2012-06-03	82617		KedAns-Dz	AdaptCMS TinyURL Plugin admin.php Multiple Parameter SQL Injection
2012-06-03	82638		KedAns-Dz	TinyCMS admin/admin.php do Parameter Traversal Local File Inclusion
2012-06-03	82648		KedAns-Dz	TinyCMS index.php page Parameter Traversal Local File Inclusion
2012-06-03	82649		KedAns-Dz	TinyCMS File Upload CSRF
2012-05-29	82398		KedAns-Dz	VamCart tinybrowser.php File Upload CSRF
2012-05-25	82518		KedAns-Dz	DynPage Multiple File Upload CSRF
2012-05-25	82407		KedAns-Dz	DornCMS add_page.php File Upload PHP Code Execution
2012-05-21	82440		KedAns-Dz	concrete5 concrete/js/tiny_mce/plugins/spellchecker/rpc.php Remote DoS
2012-05-20	82442		KedAns-Dz	concrete5 FlashUploader Arbitrary SWF File Upload
2012-05-20	82486		KedAns-Dz	Ajaxmint Gallery Admin Password Manipulation CSRF
2012-04-24	81540		the_cyber_nuxbie	Hispanic Digital Network CMS posts.php topic_id Parameter XSS
2012-04-24	81541		the_cyber_nuxbie	Hispanic Digital Network CMS posts.php topic_id Parameter SQL Injection
2012-04-24	81542		the_cyber_nuxbie	Hispanic Digital Network CMS clasificados.php cat Parameter XSS
2012-04-24	81543		the_cyber_nuxbie	Hispanic Digital Network CMS clasificados.php cat Parameter SQL Injection
2012-04-22	81299		the_cyber_nuxbie	The Dogma Soft CMS news.php Multiple Parameter SQL Injection
2012-04-22	81300		the_cyber_nuxbie	Cox Web shop.php Multiple Parameter SQL Injection
2012-04-22	81301		the_cyber_nuxbie	Net-Shops index.php Multiple Parameter XSS
2012-04-20	81279		the_cyber_nuxbie	Waylu CMS WebApps/products_xx.php id Parameter XSS
2012-04-20	81280		the_cyber_nuxbie	Waylu CMS WebApps/products_xx.php id Parameter SQL Injection
2012-04-20	81281		the_cyber_nuxbie	Trend Joinery subcats.php catkey Parameter SQL Injection
2012-04-20	81282		the_cyber_nuxbie	JA-Programacao CMS lerNoticia.php id Parameter SQL Injection
2012-04-20	81283		the_cyber_nuxbie	JA-Programacao CMS lerNoticia.php id Parameter XSS
2012-04-20	81284		the_cyber_nuxbie	JA-Programacao CMS produtos/ divisao Parameter SQL Injection
2012-04-20	81285		the_cyber_nuxbie	JA-Programacao CMS produtos/ divisao Parameter XSS
2012-04-20	81286		the_cyber_nuxbie	JA-Programacao CMS txtProcurar.php txtProcurar Parameter XSS
2012-04-20	81287		the_cyber_nuxbie	Script-KS CMS index.php Multiple Parameter XSS
2012-04-20	81288		the_cyber_nuxbie	Script-KS CMS index.php Multiple Parameter SQL Injection
2012-04-20	81289		the_cyber_nuxbie	MiPagina CMS validar_buscador_v2.php buscar Parameter XSS
2012-04-19	81264		KedAns-Dz	PG-MailingList cgi-bin/pg-mailinglist.pl optout Parameter Script Code Insertion CSRF
2012-04-09	81087		the_cyber_nuxbie	Tresdepicas noticias_int.php id Parameter SQL Injection
2012-04-09	81088		the_cyber_nuxbie	Tresdepicas noticias_int.php id Parameter XSS
2012-04-09	81089		the_cyber_nuxbie	Tresdepicas testimonios_int.php id Parameter SQL Injection
2012-04-09	81090		the_cyber_nuxbie	Tresdepicas testimonios_int.php id Parameter XSS
2012-04-05	80948	2012-4324	DoSs-Dz	Vacation Rental Listing index.php Arbitrary Admin User Creation CSRF
2012-04-05	80949		DoSs-Dz	Ticket Support Script admin.php Arbitrary Admin User Creation CSRF
2012-04-04	80921		the_cyber_nuxbie	ActivaDigital produtos.php id_categoria Parameter XSS
2012-04-04	80922		the_cyber_nuxbie	ActivaDigital servicos.php Multiple Parameter XSS
2012-04-04	80923		the_cyber_nuxbie	ActivaDigital empresas.php id_empresa Parameter XSS
2012-04-04	80924		the_cyber_nuxbie	CATSHOP Cart viewSector.php id Parameter XSS
2012-04-04	80925		the_cyber_nuxbie	FastWeb2 cat_prod.php category_id Parameter XSS
2012-04-04	80926		the_cyber_nuxbie	FastWeb2 fw2_landpage.php category_id Parameter XSS
2012-04-04	80927		the_cyber_nuxbie	MediaSolusi products/category/ id Parameter XSS
2012-04-04	80928		the_cyber_nuxbie	MediaSolusi products/detail/ id Parameter XSS
2012-04-04	80929		the_cyber_nuxbie	MTDCMS _produits.php id_cat Parameter XSS
2012-04-04	80930		the_cyber_nuxbie	Nor-Rec kategori.php gruppe_id Parameter XSS
2012-04-04	80931		the_cyber_nuxbie	OpenShop gongji_view.php fg_id Parameter XSS
2012-04-04	80933		the_cyber_nuxbie	SriSMS searchviewdetails.php id Parameter XSS
2012-04-04	80934		the_cyber_nuxbie	TopBusinessAdv products2.php pd_id Parameter XSS
2012-04-04	80938		the_cyber_nuxbie	Jogjacamp index.php product_id Parameter XSS
2012-04-04	80932		the_cyber_nuxbie	SolGens matter.php id Parameter XSS
2012-03-31	80914		the_cyber_nuxbie	World Graphics blog-detail.php id_post Parameter SQL Injection
2012-03-31	80916		the_cyber_nuxbie	Anden sal page.php id Parameter SQL Injection
2012-03-30	80768	2012-5893	KedAns-Dz	Havalite CMS hava_upload.php Arbitrary File Upload
2012-03-30	80769	2012-5894	KedAns-Dz	Havalite CMS hava_post.php postId Parameter SQL Injection
2012-03-30	80770	2012-5892	KedAns-Dz	Havalite CMS data/havalite.db3 CONFIG Database Information Disclosure
2012-03-30	80772		KedAns-Dz	GetSimple CMS backups/pages/ Backup Information Disclosure
2012-03-30	80791		the_cyber_nuxbie	WebMatter CMS subcategoria.asp id_subcat Parameter SQL Injection
2012-03-30	80792		the_cyber_nuxbie	WebMatter CMS lista_productos.asp id_cat Parameter SQL Injection
2012-03-30	80771		KedAns-Dz	GetSimple CMS admin/filebrowser.php Arbitrary File Upload
2012-03-28	80625		the_cyber_nuxbie	Vitalogy Web CMS company.php id_cat Parameter SQL Injection
2012-03-24	82315		the_cyber_nuxbie	MediaSolusi Detail Module id Parameter SQL Injection
2012-03-24	82314		the_cyber_nuxbie	MediaSolusi Category Module id Parameter SQL Injection
2012-03-23	82316		the_cyber_nuxbie	LT-Net Solucoes detalha_imovel.php id_imovel Parameter SQL Injection
2012-02-29	79741		KedAns-Dz	BrewBlogger includes/upload_image.inc.php Arbitrary File Upload
2012-02-29	79742		KedAns-Dz	BrewBlogger index.php Admin Password Manipulation CSRF
2012-02-12	79218	2012-1216	KedAns-Dz	PBBoard admin.php Admin Password Manipulation CSRF
2012-01-15	91171		KedAns-Dz	KindEditor kindeditor/examples/uploadbutton.html File Upload Arbitrary Code Execution
2011-08-17	74580		L0rd CrusAd3r	Multiple Question - Multiple Choice Online Questionaire (ASP) index.asp Multiple Parameter SQL Injection
2011-08-17	74706		L0rd CrusAd3r	CodeWidgets.com Pop-Over Login Form (ASP) login.asp Multiple Parameter SQL Injection
2011-06-01	72981		KnocKout	Pika CMS gabime/showSource.php file Parameter Traversal Arbitrary File Access
2011-05-23	73265		KedAns-Dz	MidiCMS Website Builder Page Deletion CSRF
2011-05-23	73266		KedAns-Dz	MidiCMS Website Builder admin/jscripts/tiny_mce/plugins/ezfilemanager/index.php Arbitrary File Upload
2011-05-22	73276		KedAns-Dz	chillyCMS Database Backup Insecure Permissions Information Disclosure
2011-05-11	72367		KedAns-Dz	GuppY Admin Email Address Manipulation CSRF
2011-05-10	72738		Sid3^effects	jomEstate PRO Component for Joomla! Search Form district Parameter SQL Injection
2011-05-09	72237		KedAns-Dz	ZAPms zap/index.php nick Parameter SQL Injection
2011-05-08	72224		KedAns-Dz	FestOS admin/includes/tiny_mce/plugins/tinybrowser/upload.php File Upload Arbitrary PHP Code Execution
2011-05-06	72221		KnocKout	DORG Arbitrary Admin User Creation CSRF
2011-04-24	72015		KedAns-Dz	EasyPHP DLL File Permissions Weakness Local Privilege Escalation

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Creditees currently or formerly associated with Inj3ct0r 1337Team (11):(ordered by association date)

Disclosed Vulnerabilities (147):

Creditees currently or formerly associated with Inj3ct0r 1337Team (11):
(ordered by association date)