OSVDB: Open Sourced Vulnerability Database

Creditee: Gjoko Krstic

Known Contact Information:

(as of 2006-11-29)
(as of 2010-01-31)
(as of 2012-09-17)

Known Affiliations:

Zero Science Lab (as of 2006-11-29)

Disclosed Vulnerabilities (302):

Disc. Date	OSVDB ID	CVEID	Title
2013-05-14	93421		Newsletter Plugin for WordPress /wp-content/plugins/newsletter/subscription/page.php alert Parameter XSS
2013-05-11	93259		Securimage-WP Plugin for WordPress siwp_test.php URI XSS
2013-05-10	93439		Securimage example_form.php URI XSS
2013-04-14	92320	2013-3535	CMSLogik /application/controllers/support.php upload_file_ajax() Function Multiple File Extension Upload Arbitrary Code Execution
2013-04-14	92321		CMSLogik /main/unique_username_ajax User Parameter Username Enumeration
2013-04-14	92322	2013-3535	CMSLogik /cmslogik/admin/setting Multiple Parameter XSS
2013-04-14	92323	2013-3535	CMSLogik /cmslogik/admin/captcha_settings Multiple Parameter XSS
2013-04-14	92324	2013-3535	CMSLogik /cmslogik/admin/social_settings Multiple Parameter XSS
2013-04-14	92325	2013-3535	CMSLogik /cmslogik/admin/gallery/save_item_settings slug Parameter XSS
2013-04-14	92326	2013-3535	CMSLogik /cmslogik/admin/edit_menu_item_ajax item_link Parameter XSS
2013-03-21	91581		TP-LINK WR740N Wireless N Router Crafted HTTP Request Handling Remote DoS
2013-03-06	90981		Qool CMS /Qoolrc2/admin/addmenu title Parameter XSS
2013-03-06	90980		Qool CMS /Qoolrc2/admin/addusergroup title Parameter XSS
2013-03-06	90979		Qool CMS /Qoolrc2/admin/addnewuserfield name Parameter XSS
2013-03-06	90978		Qool CMS /Qoolrc2/admin/adduser Multiple Parameter XSS
2013-03-06	90977		Qool CMS /Qoolrc2/admin/addgeneraldata Multiple Parameter XSS
2013-03-06	90976		Qool CMS /Qoolrc2/admin/addcontentitem title Parameter XSS
2013-03-06	90975		Qool CMS /Qoolrc2/admin/addnewtype title Parameter XSS
2013-03-06	90974		Qool CMS /Qoolrc2/admin/addnewdatafield name Parameter XSS
2013-03-06	90973		Qool CMS Root User Creation CSRF
2013-02-25	90642		MTP Guestbook /mtp_guestbook/ajax_cat_ins.php name Parameter XSS
2013-02-25	90641		MTP Poll /poll_script/ajax_cat_ins.php name Parameter XSS
2013-02-25	90640		MTP Image Gallery edit_photos.php title Parameter XSS
2013-02-25	90639		MTP Guestbook /mtp_guestbook/blocked.php simbol Parameter XSS
2013-02-25	90638		MTP Guestbook /mtp_guestbook/insert_user.php Multiple Parameter XSS
2013-02-25	90637		MTP Poll /poll_script/poll_add.php Multiple Parameter XSS
2013-02-25	90636		MTP Poll /poll_script/insert_user.php Multiple Parameter XSS
2013-02-21	90549		OpenEMR globals.php site Parameter XSS
2013-02-19	90416		Squirrelcart PHP Shopping Cart index.php table Parameter XSS
2013-02-18	90357	2013-1469	Piwigo install.php dl Parameter Traversal Arbitrary File Access
2013-02-13	90225		AbanteCart index.php Multiple Parameter XSS
2013-02-13	90222		OpenEMR /library/openflashchart/php-ofc-library/ofc_upload_image.php name Parameter File Upload Arbitrary Code Execution
2013-01-20	89454		Aloaha PDF Saver AloahaCredentialProviderService.exe Default Permission Weakness Local Privilege Escalation
2013-01-13	89169		phlyMail Lite frontend/derefer.php go Parameter Arbitrary Site Redirect
2013-01-13	89167		phlyMail Lite frontend/derefer.php go Parameter Malformed Input Path Disclosure
2013-01-13	89168		phlyMail Lite config.php Multiple Parameter XSS
2013-01-08	89108		Incapsula Component for Joomla! /administrator/components/com_incapsula/assets/tips/en/Performance.php token Parameter XSS
2012-12-20	88630		Sony PC Companion PluginManager.dll Admin_RemoveDirectory() Function Path Parameter Stack Overflow
2012-12-20	88629		Sony PC Companion WebServices.dll DownloadURLToFile() Function bstrFile Parameter Stack Overflow
2012-12-20	88628		Sony PC Companion PimData.dll Multiple Function Multiple Parameter Stack Overflow
2012-12-06	88181		NVIDIA Install Application NVI2.dll AddPackages() Function pDirectory Value Handling Overflow
2012-11-30	88115		Axis admin/core/site/batch-save data Parameter XSS
2012-11-30	88114		Axis admin/poll/save Multiple Parameter XSS
2012-11-28	88053		Oracle OpenSSO cmp_generate_tmp_pw.tiles Multiple Parameter XSS
2012-11-28	88052		Oracle OpenSSO UI/Login ResetPassword Module Multiple Parameter XSS
2012-11-26	87874		PRADO tests/test_tools/functional_tests.php sr Parameter Traversal Arbitrary File Access
2012-11-26	87873		PRADO demos/time-tracker/tests/functional.php sr Parameter Traversal Arbitrary File Access
2012-09-26	85747		ViArt Shop /payments/sips_response.php DATA Parameter Request Parsing Remote Shell Command Execution
2012-09-25	85746		ViArt Shop /admin/admin_saved_type.php type_name Parameter XSS
2012-09-25	85744		ViArt Shop /admin/admin_item_type.php item_type_name Parameter XSS
2012-09-25	85743		ViArt Shop /admin/admin_supplier.php supplier_name Parameter XSS
2012-09-25	85745		ViArt Shop /admin/admin_forum_topic.php Multiple Parameter XSS
2012-09-17	86086		Spiceworks /agreements Multiple Parameter XSS
2012-09-17	86085		Spiceworks /xbb/knowledge_base article[new_references][][url] Parameter XSS
2012-09-17	86084		Spiceworks /asset Multiple Parameter XSS
2012-09-17	86091		Spiceworks /settings/categories category[name] Parameter XSS
2012-09-17	86090		Spiceworks /settings/advanced/save_international_settings Multiple Parameter XSS
2012-09-17	86089		Spiceworks /my_tools navigation[name] Parameter XSS
2012-09-17	86088		Spiceworks /purchases Multiple Parameter XSS
2012-09-17	86087		Spiceworks /reports/create report[description] Parameter XSS
2012-09-11	85996	2012-4771 2012-5452	Subrion CMS advsearch/ Multiple Parameter XSS
2012-09-11	85998	2011-5211 2012-5452	Subrion CMS admin/manage/fields/group/add/ Multiple Parameter XSS
2012-09-11	85999	2012-4773	Subrion CMS Admin User Creation CSRF
2012-09-11	85988	2011-5211 2012-5452	Subrion CMS admin/manage/plans/add/ Multiple Parameter XSS
2012-09-11	85997	2012-5452	Subrion CMS admin/manage/blocks/add/ multi_title Parameter XSS
2012-09-06	85950		Cannonbolt Portfolio Manager /admin/del.php cdel Parameter SQL Injection
2012-09-06	85949		Cannonbolt Portfolio Manager /admin/add-category.php cname Parameter XSS
2012-09-06	85948		Cannonbolt Portfolio Manager /admin/add-category.php cname Parameter SQL Injection
2012-08-28	84966		Express Burn EBP File Handling Overflow
2012-08-23	84864		SiNG CMS password.php email Parameter XSS
2012-08-23	84860		xt:Commerce xtAdmin/adminHandler.php products_name_de Parameter XSS
2012-08-23	85962		web@all /webatall/sys/action.php Multiple Parameter XSS
2012-08-23	85963		web@all /webatall/sys/index.php _order Parameter SQL Injection
2012-08-23	84839		Monstra CMS admin/index.php page_title Parameter XSS
2012-08-07	85133		Zoho BugTracker bugdetails.do comment Parameter XSS
2012-08-07	85132		Zoho BugTracker addmystatus.do mystatus Parameter XSS
2012-06-15	83179	2012-2172	IBM System Storage Multiple Product SoftwareRegistration.do updateRegn Parameter XSS
2012-06-15	83177	2012-2171	IBM System Storage Multiple Product ModuleServlet.do selectedModuleOnly Parameter SQL Injection
2012-06-12	82897	2012-0677	Apple iTunes M3U File Handling Overflow
2012-06-03	82636		PyroCMS index.php redirect_to Parameter HTTP Response Splitting
2012-06-03	82626		PyroCMS index.php title Parameter XSS
2012-05-17	82297	2012-2911	SiliSoftware backupDB() backupDB.php onlyDB Parameter XSS
2012-05-16	82295	2012-2910	SiliSoftware phpThumb() demo/phpThumb.demo.showpic.php title Parameter XSS
2012-05-16	81990	2012-2906	Artiphp artpublic/recommendation/index.php Multiple Parameter XSS
2012-05-16	81991	2012-2905	Artiphp Predictable File Name Database Backup Information Disclosure
2012-05-16	82296	2012-2910	SiliSoftware phpThumb() demo/phpThumb.demo.random.php dir Parameter XSS
2012-05-02	81672	2012-3836	Baby Gekko admin/index.php URI XSS
2012-05-02	81673	2012-3837	Baby Gekko users/action/register Multiple Parameter XSS
2012-05-02	83616	2012-3838	Baby Gekko Multiple Script Direct Request Path Disclosure
2012-04-20	81293		Anchor CMS /admin/users/login user Parameter XSS
2012-04-20	81294		Anchor CMS /admin/users/amnesia email Parameter XSS
2012-04-20	81295		Anchor CMS /admin/posts/add Multiple Parameter XSS
2012-04-20	81296		Anchor CMS /admin/pages/add Multiple Parameter XSS
2012-04-20	81297		Anchor CMS /admin/users/add Multiple Parameter XSS
2012-04-20	81298		Anchor CMS /admin/metadata Multiple Parameter XSS
2012-04-11	81115		BGS CMS index.php Multiple Parameter XSS
2012-04-03	80935		Zend Optimizer ZendExtensionManager.dll Everyone Group F Flag Permission Local Privilege Escalation
2012-03-21	80283	2012-2741	phpList admin/index.php num Parameter XSS
2012-03-21	80284	2012-2740	phpList admin/index.php sortby Parameter SQL Injection
2012-03-20	80550	2012-4864	WinLicense XML File Handling Memory Corruption
2012-03-20	80551	2012-4865	Themida TMD File Handling Overflow
2012-03-10	80614		Zend Server Data Cache Multiple Parameter XSS
2012-03-10	80615		Zend Server Job Queue ruleName Parameter XSS
2012-03-10	80616		Zend Server Java Bridge directives[zend_jbridge.encoding] Parameter XSS
2012-03-10	80617		Zend Server Debugger Multiple Parameter XSS
2012-03-10	80612		Zend Server Optimizer+ directives[zend_optimizerplus.blacklist_filename] Parameter XSS
2012-03-10	80613		Zend Server Code Tracing Multiple Parameter XSS
2012-03-07	80560		WebPAM ent_i.jsp Multiple Parameter SQL Injection
2012-03-07	80561		WebPAM ent_i.jsp Multiple Parameter XSS
2012-03-07	80562		WebPAM usr_ent.jsp userID Parameter HTTP Response Splitting
2012-03-07	80563		WebPAM usr_t.jsp userID Parameter HTTP Response Splitting
2012-03-06	80060		Fork CMS private/en/authentication form_token Parameter XSS
2012-03-06	80059		Fork CMS private/en/locale/edit Multiple Parameter XSS
2012-03-06	80061		Fork CMS private/en/extensions/edit_theme_template Multiple Parameter XSS
2012-03-06	80062		Fork CMS private/en/form_builder/edit success_message Parameter XSS
2012-03-06	80063		Fork CMS private/en/settings/index Multiple Parameter XSS
2012-03-06	80064		Fork CMS private/en/settings/email smtp_password Parameter XSS
2012-02-17	79343		SQL Buddy login.php Multiple Parameter XSS
2012-02-17	79344		SQL Buddy dboverview.php db Parameter XSS
2012-02-08	78986	2012-4755	SciTools Understand Path Subversion Arbitrary DLL Injection Code Execution
2012-02-08	78902	2012-1049	ManageEngine ADManager Plus DomainConfig.do operation Parameter XSS
2012-02-08	78901	2012-1049	ManageEngine ADManager Plus jsp/AddDC.jsp domainName Parameter XSS
2012-01-31	78725	2012-4754	MindManager Path Subversion Arbitrary DLL Injection Code Execution
2012-01-31	82322		EdrawSoft Office Viewer Component ActiveX (officeviewermme.ocx) FtpUploadFile() Function Overflow
2012-01-29	82326	2012-5324	Tracker Software pdfSaver ActiveX (pdfxctrl.dll) StoreInRegistry Function Overflow
2012-01-04	78093	2012-5343	Limny admin/login.php URI XSS
2011-12-21	78294	2011-5039	Infoproject Biznis Heroj login.php Multiple Parameter SQL Injection
2011-12-21	78295	2011-5039	Infoproject Biznis Heroj widget.dokumenti_lista.php filter Parameter SQL Injection
2011-12-21	78296	2011-5039	Infoproject Biznis Heroj nalozi_naslov.php fin_nalog_id Parameter SQL Injection
2011-12-21	78297	2011-5040	Infoproject Biznis Heroj nalozi_naslov.php config Parameter XSS
2011-12-21	78298	2011-5040	Infoproject Biznis Heroj widget.dokumenti_lista.php config Parameter XSS
2011-12-05	83193		SopCast WebPlayer sopocx.ocx ActiveX sop:// URL Handling Remote Overflow
2011-12-05	77724	2011-5044	SopCast SopPlayer Insecure Permissions Diagnose.exe Overwrite
2011-12-01	77462		Hero Framework Template File Events month Parameter XSS
2011-11-28	77403		Manx admin/login.php URI XSS
2011-11-28	77404		Manx admin/tiny_mce/plugins/ajaxfilemanager/ajax_get_file_listing.php Multiple Parameter XSS
2011-11-28	77405		Manx admin/tiny_mce/plugins/ajaxfilemanager_OLD/ajax_get_file_listing.php Multiple Parameter XSS
2011-11-28	77408		Manx admin/admin_blocks.php editorChoice Parameter XSS
2011-11-28	77409		Manx admin/admin_pages.php editorChoice Parameter XSS
2011-11-28	77410		Manx admin/admin_css.php theme Parameter XSS
2011-11-28	77411		Manx admin/admin_js.php theme Parameter XSS
2011-11-28	77412		Manx admin/admin_templates.php theme Parameter XSS
2011-11-28	77406		Manx /admin/admin_blocks.php fileName Parameter Traversal Arbitrary File Access
2011-11-28	77407		Manx /admin/admin_pages.php fileName Parameter Traversal Arbitrary File Access
2011-11-13	77095	2011-4709	Search Plugin for Hotaru CMS index.php Multiple Parameter XSS
2011-11-13	77680	2011-4709	Search Plugin for Hotaru CMS admin_index.php SITE_NAME Parameter XSS
2011-11-10	83319		Soda PDF Professional Malformed PDF / WWF File Handling DoS
2011-11-08	83321		11in1 CMS do.php content Parameter CRLF Handling Arbitrary HTTP Header Injection
2011-11-02	76801	2011-5116	SetSeed index.php loggedInUser Cookie SQL Injection
2011-10-10	83468		Cotonti index.php sq Parameter Malformed Input Path Disclosure
2011-10-10	83469		Cotonti index.php Multiple Parameter SQL Injection
2011-10-10	83470		Cotonti message.php redirect Parameter XSS
2011-10-04	83883		Burning Studio Elements .ashprj File Handling Overflow
2011-09-30	76001	2011-2443	Adobe Photoshop Elements Brush (ABR) File Handling Overflow
2011-09-30	76002	2011-2443	Adobe Photoshop Elements Gradient (GRD) File Handling Overflow
2011-09-19	75599		Toko Lite CMS EditNavBar.php Multiple Parameter XSS
2011-09-17	75601		Novell iManager scripts/random.php dir Parameter XSS
2011-09-17	75603		Novell iManager phpThumb.demo.random.php dir Parameter XSS
2011-09-16	75602		Novell iManager scripts/phpCrop/crop.php d Parameter Traversal Arbitrary File Deletion
2011-09-16	75604		Novell iManager Multiple Script lang Parameter Traversal Local File Inclusion
2011-08-23	74713		ManageEngine ServiceDesk Plus WorkOrder.do Multiple Parameter XSS
2011-08-23	74714		ManageEngine ServiceDesk Plus Problems.cc reqName Parameter XSS
2011-08-23	74715		ManageEngine ServiceDesk Plus AddNewProblem.cc reqName Parameter XSS
2011-08-23	74716		ManageEngine ServiceDesk Plus ChangeDetails.cc reqName Parameter XSS
2011-08-23	74717		ManageEngine ServiceDesk Plus AddSolution.do Multiple Parameter XSS
2011-08-23	74718		ManageEngine ServiceDesk Plus ContractDef.do Multiple Parameter XSS
2011-08-23	74719		ManageEngine ServiceDesk Plus VendorDef.do organizationName Parameter XSS
2011-08-23	74720		ManageEngine ServiceDesk Plus MarkUnavailability.jsp COMMENTS Parameter XSS
2011-08-06	74468		AContent /documentation/search.php Multiple Unspecified Parameter SQL Injection
2011-08-06	74413		AChecker updater/patch_edit.php myown_patch_id Parameter SQL Injection
2011-08-06	74414		AChecker user/user_create_edit.php id Parameter SQL Injection
2011-08-06	74415		AChecker themes/default/language/language_add_edit.tmpl.php id Parameter XSS
2011-08-06	74416		AChecker themes/default/user/user_group_create_edit.tmpl.php id Parameter XSS
2011-08-06	74417		AChecker documentation/frame_header.php p Parameter XSS
2011-08-06	74418		AChecker updater/patch_edit.php myown_patch_id Parameter XSS
2011-08-06	74419		AChecker user/user_create_edit.php id Parameter XSS
2011-08-06	74455		AContent /documentation/frame_header.php p Parameter XSS
2011-08-06	74456		AContent /documentation/frame_content.php p Parameter XSS
2011-08-06	74457		AContent /register.php password_error Parameter XSS
2011-08-06	74458		AContent /user/user_create_edit.php id Parameter XSS
2011-08-06	74459		AContent /updater/patch_edit.php myown_patch_id Parameter XSS
2011-08-06	74460		AContent /themes/default/login.tmpl.php Multiple Parameter XSS
2011-08-06	74461		AContent /themes/default/user/user_group_create_edit.tmpl.php id Parameter XSS
2011-08-06	74462		AContent /themes/default/language/language_add_edit.tmpl.php id Parameter XSS
2011-08-06	74463		AContent Multiple Script URI XSS
2011-08-06	74454		AContent /course_category/index.php category_name Parameter XSS
2011-08-06	74481		AContent /home/search.php Multiple Unspecified Parameter SQL Injection
2011-08-06	74469		AContent /search.php Multiple Unspecified Parameter SQL Injection
2011-08-06	74470		AContent /user/index_inline_editor_submit.php Multiple Unspecified Parameter SQL Injection
2011-08-06	74471		AContent /user/user_group_inline_editor_submit.php Multiple Unspecified Parameter SQL Injection
2011-08-06	74472		AContent /updater/myown_patches_inline_editor_submit.php Multiple Unspecified Parameter SQL Injection
2011-08-06	74473		AContent /updater/patch_creator.php Multiple Unspecified Parameter SQL Injection
2011-08-06	74474		AContent /updater/patch_edit.php Multiple Unspecified Parameter SQL Injection
2011-08-06	74475		AContent /tests/import_test.php Multiple Unspecified Parameter SQL Injection
2011-08-06	74476		AContent /tests/question_import.php Multiple Unspecified Parameter SQL Injection
2011-08-06	74477		AContent /oauth/authorization.php Multiple Unspecified Parameter SQL Injection
2011-08-06	74478		AContent /oauth/register_consumer.php Multiple Unspecified Parameter SQL Injection
2011-08-06	74479		AContent /language/index_inline_editor_submit.php Multiple Unspecified Parameter SQL Injection
2011-08-06	74480		AContent /home/ims/ims_import.php Multiple Unspecified Parameter SQL Injection
2011-07-13	73810		TCExam /admin/code/tce_colorpicker.php Multiple Parameter XSS
2011-07-13	73824		TCExam /admin/code/tce_edit_backup.php backup_file Parameter XSS
2011-07-13	73811		TCExam /admin/code/tce_edit_group.php Multiple Parameter XSS
2011-07-13	73812		TCExam /admin/code/tce_edit_module.php Multiple Parameter XSS
2011-07-13	73813		TCExam /admin/code/tce_edit_rating.php test_id Parameter XSS
2011-07-13	73814		TCExam /admin/code/tce_edit_subject.php Multiple Parameter XSS
2011-07-13	73815		TCExam /admin/code/tce_edit_test.php test_id Parameter XSS
2011-07-13	73816		TCExam /admin/code/tce_filemanager.php file Parameter XSS
2011-07-13	73817		TCExam /admin/code/tce_select_mediafile.php Multiple Parameter XSS
2011-07-13	73818		TCExam /admin/code/tce_select_users.php new_group_id Parameter XSS
2011-07-13	73819		TCExam /admin/code/tce_show_all_questions.php subject_module_id Parameter XSS
2011-07-13	73820		TCExam /admin/code/tce_show_result_user.php test_id Parameter XSS
2011-07-13	73821		TCExam /public/code/tce_user_change_email.php xl_user_email Parameter XSS
2011-07-13	73822		TCExam /public/code/tce_user_change_password.php xl_newpassword Parameter XSS
2011-07-13	73823		TCExam /public/code/tce_user_registration.php Multiple Parameter XSS
2011-07-13	74081		TCExam Multiple Script URI XSS
2011-06-23	73479		NetServe Web Server admin/host_0/ssioptions.html Multiple Parameter XSS
2011-06-23	73480		NetServe Web Server admin/mimetypes.html Multiple Parameter XSS
2011-06-23	73481		NetServe Web Server Multiple Unspecified Remote File Inclusion
2011-06-23	73482		NetServe Web Server Multiple Unspecified Local File Inclusion
2011-06-23	73483		NetServe Web Server Multiple Unspecified Remote DoS
2011-06-21	73201		Sitemagic CMS index.php SMExt Parameter XSS
2011-06-02	72675		Ushahidi application/controllers/admin/dashboard.php range Parameter SQL Injection
2011-05-31	72731		Kentico CMS examples/webparts/membership/users-viewer.aspx userContextMenu_parameter Parameter XSS
2011-05-22	72844		Tugux CMS contact.php Multiple Parameter XSS
2011-05-22	72845		Tugux CMS comments.php nid Parameter SQL Injection
2011-05-22	72846		Tugux CMS contact.php Multiple Parameter SQL Injection
2011-05-22	72847		Tugux CMS latest.php Multiple Parameter SQL Injection
2011-05-12	72326	2011-0614	Adobe Audition SES Session File Processing Overflow
2011-04-20	72137		docuFORM Mercury f_state.php Multiple Parameter XSS
2011-04-20	72138		docuFORM Mercury f_list.php Multiple Parameter XSS
2011-04-20	72139		docuFORM Mercury f_job.php Multiple Parameter XSS
2011-04-20	72140		docuFORM Mercury f_header.php Multiple Parameter XSS
2011-04-14	71829	2011-5155	Help & Manual ijl15.dll Path Subversion Arbitrary DLL Injection Code Execution
2011-04-06	71704		Anfibia Reactor reactor/login.do email Parameter XSS
2011-04-05	71562		TutorialMS tutorials.php show Parameter SQL Injection
2011-04-03	71455		DoceboLMS index.php Multiple Parameter XSS
2011-03-16	71194		Pointter PHP Content Management System admin/functions/createcategory.php category Parameter XSS
2011-03-16	71195		Pointter PHP Content Management System pointtercms/admin/functions/createcategory.php category Parameter Traversal Local File Inclusion
2011-03-16	71196		Pointter PHP Content Management System pointtercms/admin/functions/createpage.php pageurl Parameter Traversal Local File Inclusion
2011-03-16	71197		Pointter PHP Content Management System pointtercms/admin/functions/createproduct.php producturl Parameter Traversal Local File Inclusion
2011-03-16	71198		Pointter PHP Content Management System pointtercms/admin/functions/editsettings.php Multiple Parameter SQL Injection
2011-03-11	71113		Constructr CMS backend/login.php Multiple Parameter XSS
2011-03-11	71114		Constructr CMS xmlOutput/constructrXmlOutput.content.xml.php page_id Parameter SQL Injection
2011-02-17	71088		Gazie modules/root/login_admin.php Login Parameter XSS
2011-02-17	71089		Gazie modules/root/login_admin.php Login Parameter SQL Injection
2011-02-11	70960		MySQL Eventum forgot_password.php URI XSS
2011-02-11	70961		MySQL Eventum list.php Multiple Parameter XSS
2011-02-11	70877	2011-1062	TaskFreak index.php Multiple Parameter XSS
2011-02-11	70878	2011-1062	TaskFreak print_list.php Multiple Parameter XSS
2011-02-11	70932	2011-1062	TaskFreak rss.php HTTP Referer Header XSS
2011-01-22	70631		CultBooking cultbooking.php Multiple Parameter XSS
2011-01-22	70632		CultBooking cultbooking.php lang Parameter Traversal Local File Inclusion
2010-12-24	70086		Embedthis Appweb Ejscript Web Framework XSS
2010-12-15	70155	2010-4348	MantisBT admin/upgrade_unattended.php db_type Parameter XSS
2010-12-15	70157	2010-4350	MantisBT admin/upgrade_unattended.php db_type Parameter Traversal Local File Inclusion
2010-12-15	70156	2010-4349	MantisBT admin/upgrade_unattended.php db_type Parameter Path Disclosure
2010-12-06	69643		MODx manager/index.php Multiple Parameter XSS
2010-11-20	69486		Reaktor 5 Player Path Subversion Arbitrary DLL Injection Code Execution
2010-11-20	69487		Kontakt Player Path Subversion Arbitrary DLL Injection Code Execution
2010-11-20	69464		Traktor Pro Playlist File Parsing Overflow
2010-11-20	69485		MASSIVE KSP File Parsing Memory Corruption
2010-10-15	69173	2010-4155	eXV2 CMS manual/caferss/example.php rssfeedURL Parameter XSS
2010-10-15	69174	2010-4155	eXV2 CMS modules/news/archive.php sumb Parameter XSS
2010-10-15	69175	2010-4155	eXV2 CMS modules/news/topics.php sumb Parameter XSS
2010-10-15	69176	2010-4155	eXV2 CMS modules/contact/index.php sumb Parameter XSS
2010-09-29	68298		Zen Cart option_name_manager.php option_order_by Parameter SQL Injection
2010-09-29	68299		Zen Cart Admin Panel Multiple XSS
2010-09-29	68300		Zen Cart index.php typefilter Parameter Traversal Local File Inclusion
2010-09-17	68128	2010-3489	Digital Workroom netautor/napro4/home/login2.php goback Parameter XSS
2010-09-08	67850		Textpattern index.php q Parameter XSS
2010-09-06	67838	2010-4901	MySource Matrix char_map.php Multiple Parameter XSS
2010-08-28	67692		LEADTOOLS LEAD RasterTwain LtocxTwainu.dll ActiveX AppName Property Overflow
2010-08-25	67551	2010-3138	Microsoft Windows Indeo Codec (ac25_32.ax) Path Subversion Arbitrary DLL Injection Code Execution
2010-08-25	67566	2010-3154	Adobe Extension Manager CS5 Path Subversion Arbitrary DLL Injection Code Execution
2010-08-25	67550	2010-3155	Adobe ExtendedScript Toolkit CS5 Path Subversion Arbitrary DLL Injection Code Execution
2010-08-25	67538	2010-5240	CorelDRAW Path Subversion Arbitrary DLL Injection Code Execution
2010-08-25	67582	2010-5240	Corel PHOTO-PAINT Path Subversion Arbitrary DLL Injection Code Execution
2010-08-02	66858		RaidenTUNES music_out.php p Parameter XSS
2010-06-29	65915	2010-2204	Adobe Reader / Acrobat Unspecified DoS (2010-2204)
2010-06-04	65140	2010-2321	Adobe InDesign Crafted INDD File Handling Overflow
2010-05-26	65082	2010-1296	Adobe Photoshop CS4 Multiple Crafted File Handling Overflows
2010-05-11	64646	2010-1280	Adobe Shockwave Player Crafted DIR File Dereference Memory Corruption
2010-03-05	62728	2011-1087	VLC Media Player Bookmark Creation Crafted File Handling Memory Corruption
2010-03-05	64864	2010-2009	BS.Player Media Library MP3 File Handling Overflow
2010-03-04	62736		Media Jukebox MP3 File Handling Overflow
2010-02-22	62481	2010-0700	WampServer index.php lang Parameter XSS
2010-01-31	67539	2010-3134	Google Earth Path Subversion Arbitrary DLL Injection Code Execution
2009-07-15	55861	2009-3811	Music Tag Editor MP3 File ID3 Tag Handling Overflow
2009-07-10	55744	2009-3859	eEye Retina Network Security Scanner RWS File Handling Overflow
2009-06-16	55317	2009-2173	Carom3D LAN Game Feature Crafted HTTP Request Handling DoS
2009-06-01	54810	2009-4201	Mp3 Tag Assistant Professional MP3 ID3 Tag Handling Overflow
2009-05-29	54812	2009-1944	AIMP MP3 ID3 Tag Handling Overflow
2009-05-08	54557	2009-1660	ViPlay3 VPL File Handling Overflow
2009-03-17	64582		Talkative IRC Response String Handling Overflow
2009-02-04	51825	2009-0450	BlazeVideo HDTV Player PLF File Handling Overflow
2009-01-22	51510	2009-0349	FTPShell Server License Key Handling Overflow
2008-11-24	50199	2008-7079	ShowTime M3U File Handling Overflow
2008-10-24	49352	2008-4748	KVIrc Crafted irc:// URI Handling Format String
2008-10-14	49184	2008-4588	Etype Eserv FTP Server ABOR Command Handling Overflow
2008-10-03	50829	2008-5667	VirusBlokAda VBA32 Personal Antivirus Scanning Engine Malformed RAR File Handling DoS
2008-04-28	44612	2008-2032	Femitter Server FTP Server Crafted RETR Command Remote DoS
2006-11-29	30770	2006-6199	BlazeDVD PLF Playlist Filename Parsing Overflow Arbitrary Code Execution

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.