Creditee: Secunia Research

Known Contact Information:

  • (as of 2010-10-27)

Known Affiliations:

Disclosed Vulnerabilities (125):

Disc. DateOSVDB IDCVEIDTitle
2013-09-03 96905 2013-0736 Mingle Forum Plugin for WordPress Privilege Escalation CSRF
2013-06-07 94036 2013-3260 Zoom Player BMP File biClrUsed Value Handling Heap Buffer Overflow
2013-02-20 90434 2013-0735 Mingle Forum Plugin for WordPress /wp-content/plugins/mingle-forum/wpf.class.php Multiple Parameter SQL Injection
2013-02-20 90433 2013-0734 Mingle Forum Plugin for WordPress /wp-content/plugins/mingle-forum/wpf.class.php search_words Parameter XSS
2013-02-20 90432 2013-0734 Mingle Forum Plugin for WordPress /wp-content/plugins/mingle-forum/fs-admin/fs-admin.php togroupusers Parameter XSS
2012-12-12 88423 IrfanView PIC File Channel Information Structure Handling Overflow
2012-12-05 88274 2012-5451 TVMOBiLi Media Server HttpUtils.dll CHTTPServerTransaction::LoadFile() Method Request Parsing Overflow
2012-08-08 84486 Baby Gekko includes/errors/404.php URI XSS
2012-07-13 83724 2012-0283 DokuWiki lib/exe/ajax.php tpl_mediaFileList() Function ns Parameter XSS
2012-06-07 82683 SyndeoCMS starnet/index.php newsletter_email Parameter SQL Injection
2012-04-27 81640 2012-0279 Quest Toad for Data Analysts %CommonProgramFiles%\Quest Shared Insecure Permissions Arbitrary File Manipulation
2012-04-04 81012 2012-0273 MinaliC src/response.c Multiple Function Web Request Parsing Remote Overflow
2012-04-04 102848 2012-2108 Csound util/lpci_main.c main() Function File Conversion Handling Buffer Overflow
2012-04-04 81015 2012-2107 Csound util/lpci_main.c main() Function File Conversion Handling Integer Overflow
2012-04-04 81016 2012-2106 Csound util/pv_import.c pv_import() Function File Conversion Handling Remote Overflow
2012-02-24 79491 2012-0270 Csound util/heti_main.c getnum() Function hetro File Handling Remote Overflow
2012-02-23 79492 2012-0270 Csound util/pv_import.c getnum() Function PVOC File Handling Remote Overflow
2011-12-28 78041 2011-5051 WP Symposium Plugin for WordPress wp-content/plugins/wp-symposium/uploadify/upload_admin_avatar.php File Upload Remote PHP Code Execution
2011-12-28 78042 2011-5051 WP Symposium Plugin for WordPress wp-content/plugins/wp-symposium/uploadify/upload_profile_avatar.php File Upload Remote PHP Code Execution
2011-12-07 77634 2011-3841 WP Symposium Plugin for WordPress wp-content/plugins/wp-symposium/uploadify/get_profile_avatar.php uid Parameter XSS
2011-11-10 76999 2011-3829 Support Incident Tracker (SiT!) ftp_upload_file.php File Name Upload Weakness Attachments Directory Name Disclosure
2011-11-10 77000 2011-3830 Support Incident Tracker (SiT!) search.php search_string Parameter XSS
2011-11-10 77001 2011-3831 Support Incident Tracker (SiT!) incident_attachments.php Uploaded File Name SQL Injection
2011-11-10 77002 2011-3832 Support Incident Tracker (SiT!) config.php application_name Parameter eval() Call Remote PHP Code Execution
2011-11-10 77003 2011-3833 Support Incident Tracker (SiT!) ftp_upload_file.php File Upload PHP Code Execution
2011-10-04 76112 2011-0337 Autonomy Keyview jtdsr.dll Ichitaro Document QLST Chunk Handling Overflow
2011-10-04 76113 2011-0338 Autonomy Keyview jtdsr.dll Ichitaro Document Text Data Block Handling Overflow
2011-10-04 76114 2011-0339 Autonomy Keyview jtdsr.dll Ichitaro Document Text Data Reconstructing Handling Overflow
2011-09-22 75648 phpList admin/index.php Multiple Parameter XSS
2011-09-22 75649 phpList admin/pagetop.php strCharSetParameter XSS
2011-09-22 75650 phpList Subscriber List description Parameter XSS
2011-09-22 75651 phpList admin/index.php findby Parameter SQL Injection
2011-08-03 74310 2011-2591 Provideo alarm ActiveX (2way.dll) voice() Method strIp Argument Parsing Overflow
2011-08-03 74311 2011-2591 Provideo GMAXPlayer ActiveX (AXPlayer.ocx) Multiple Parameter Network Response Parsing Overflow
2011-08-03 74312 2011-2591 Provideo GMAXPlayer ActiveX (AXPlayer.ocx) Multiple Parameter Overflow
2011-08-03 74313 2011-2591 Provideo PAxPlayer ActiveX (PAxPlayer.ocx) Id Parameter GetString() Method Overflow
2011-08-03 74314 2011-2591 Provideo PAxPlayer ActiveX (PAxPlayer.ocx) strAdr Parameter ConnectIPCam() Method Overflow
2011-08-03 74216 2011-2589 UUSee UUPlayer ActiveX (UUPlayer.ocx) SendLogAction() Method Overflow
2011-08-03 74217 2011-2590 UUSee UUPlayer ActiveX (UUPlayer.ocx) MPlayerPath Parameter Play() Method Arbitrary Program Execution
2011-07-19 74202 Enano CMS ajax.php name Parameter Username Disclosure
2011-07-19 74186 Enano CMS index.php Multiple Subsystem URI XSS
2011-07-19 74187 Enano CMS index.php pagename Parameter XSS
2011-07-19 74188 Enano CMS Private Message Manipulation CSRF
2011-07-19 74189 Enano CMS Messaging Subsystem index.php subject Parameter XSS
2011-06-14 73058 2011-2097 Adobe Reader / Acrobat ACE.dll ICC Chunk Handling Overflow
2011-03-30 71298 RunCMS modules/forum/topicmanager.php URI XSS
2011-03-30 71310 RunCMS News Article Addition CSRF
2011-03-30 71299 RunCMS modules/forum/post.php topic_id Parameter SQL Injection
2011-03-30 71300 RunCMS modules/forum/search.php forum Parameter SQL Injection
2011-03-30 71301 RunCMS modules/forum/post.php forum Parameter SQL Injection
2011-03-30 71302 RunCMS modules/forum/index.php FORumLastVisit Cookie SQL Injection
2011-03-30 71304 RunCMS modules/pm/index.php Multiple Parameter SQL Injection
2011-03-30 71303 RunCMS modules/pm/pmsend.php Multiple Parameter SQL Injection
2011-03-30 71305 RunCMS modules/banners/index.php Multiple Parameter SQL Injection
2011-03-30 71306 RunCMS modules/links/viewcat.php orderby Parameter SQL Injection
2011-03-30 71307 RunCMS modules/galleri/carte.php key Parameter SQL Injection
2011-03-30 71308 RunCMS modules/galleri/index.php orderby Parameter SQL Injection
2011-03-30 71309 RunCMS modules/galleri/uploaduser.php File Upload Arbitrary PHP Code Execution
2011-03-23 75066 2012-5866 Achievo include.php Multiple Parameter XSS
2011-03-23 75065 Achievo dispatch.php searchstring Parameter XSS
2011-03-23 75071 Achievo dispatch.php Multiple Parameter SQL Injection
2011-03-23 75067 Achievo Scheduler Module owner Parameter Arbitrary Schedule Addition
2011-03-23 75068 Achievo include.php node Parameter Traversal Local File Inclusion
2011-03-23 75069 Achievo graph.php plotter Parameter Traversal Local File Inclusion
2011-03-23 75070 Achievo graph.php Multiple Parameter SQL Injection
2011-03-14 75095 LotusCMS index.php Multiple Parameter eval() Call Arbitrary PHP Code Execution
2011-03-14 75090 LotusCMS index.php active Parameter XSS
2011-03-14 75091 LotusCMS core/lib/cacher.php saveFile() Function Traversal User Enumeration
2011-03-14 75092 LotusCMS Predictable Backup File Name Remote Information Disclosure
2011-03-14 75093 LotusCMS index.php Multiple Parameter Traversal Arbitrary File Access
2011-03-14 75094 LotusCMS FileManger Module Uploaded File Verification Weakness Arbitrary PHP Code Execution
2011-02-25 71410 2011-0332 Foxit Reader ICC Chunk Processing Unspecified Overflow
2011-02-25 71409 2011-0332 Foxit Phantom ICC Chunk Processing Unspecified Overflow
2010-11-09 69912 Seo Panel Multiple Admin Function CSRF
2010-11-09 69892 Seo Panel includes/sp-common.php Multiple Parameter Direct Request Administrative Actions Access
2010-11-09 69915 Seo Panel backlinks.php website_id Parameter SQL Injection
2010-11-09 69914 Seo Panel cron.php website_id Parameter SQL Injection
2010-11-09 69913 Seo Panel generate-reports.php Multiple Parameter SQL Injection
2010-11-09 69911 Seo Panel graphical-reports.php Multiple Parameter SQL Injection
2010-11-09 69910 Seo Panel keywords.php Multiple Parameter SQL Injection
2010-11-09 69909 Seo Panel rank.php website_id Parameter SQL Injection
2010-11-09 69908 Seo Panel saturationchecker.php website_id Parameter SQL Injection
2010-11-09 69907 Seo Panel directories.php Multiple Parameter SQL Injection
2010-11-09 69906 Seo Panel seo-plugins-manager.php Multiple Parameter SQL Injection
2010-11-09 69905 Seo Panel website.php Multiple Parameter SQL Injection
2010-11-09 69904 Seo Panel reports.php Multiple Parameter SQL Injection
2010-11-09 69903 Seo Panel seo-tools-manager.php seotool_id Parameter SQL Injection
2010-11-09 69902 Seo Panel users.php Multiple Parameter SQL Injection
2010-11-09 69899 Seo Panel keywords.php keywordID Parameter XSS
2010-11-09 69898 Seo Panel saturationchecker.php website_urls Parameter XSS
2010-11-09 69897 Seo Panel backlinks.php website_urls Parameter XSS
2010-11-09 69896 Seo Panel websites.php pageno Parameter XSS
2010-11-09 69895 Seo Panel login.php userName Parameter XSS
2010-11-09 69894 Seo Panel register.php Multiple Parameter XSS
2010-11-08 69891 Seo Panel download.php file Parameter Traversal Arbitrary File Access
2010-10-27 68942 4images admin/plugins/migrate_keywords.php URI XSS
2010-10-27 68941 4images admin/plugins/clear_cache.php URI XSS
2010-10-20 68741 PhreeBooks index.php gen_get_all_params() Function XSS
2010-10-20 68742 PhreeBooks index.php Multiple Parameter XSS
2010-10-20 68743 PhreeBooks includes/addons/PhreeHelp/leftframe.php search_field Parameter XSS
2010-10-20 68744 PhreeBooks modules/services/pages/popup_shipping/js_include.php form Parameter XSS
2010-10-20 68745 PhreeBooks includes/addons/PhreeHelp/leftframe.php search_field Parameter SQL Injection
2010-10-20 68746 PhreeBooks includes/addons/PhreeHelp/index.php idx Parameter SQL Injection
2010-10-20 68747 PhreeBooks index.php Multiple Parameter SQL Injection
2010-10-20 68748 PhreeBooks index.php Multiple Parameter Traversal Arbitrary File Access
2010-10-20 68749 PhreeBooks soap/application_top.php db Parameter Traversal Arbitrary File Access
2010-08-18 67233 InterPhoto Gallery InterPhoto.thumbnail.php file Parameter Traversal Arbitrary File Access
2010-07-17 69901 Seo Panel users.php Multiple Parameter XSS
2010-06-08 65223 2010-1255 Microsoft Windows Kernel-Mode Driver TrueType Font Parsing Local Privilege Escalation
2010-06-03 65099 2010-1515
2010-2281
TomatoCMS index.php/admin/ad/client/list Multiple Parameter XSS
2010-06-03 65096 2010-1514 TomatoCMS New Article Arbitrary File Upload
2010-05-12 64551 2010-1994 TomatoCMS index.php/news/search q Parameter SQL Injection
2010-04-19 63910 2010-0996 e107 Crafted .php.filetypesphp Image File Upload Arbitrary PHP Code Execution
2010-04-19 63911 2010-0997 e107 e107_plugins/content/content_manager.php content_heading Parameter XSS
2010-03-10 62833 2010-0123 Employee Timeclock Software Database Backup Predictable Filename Weakness
2010-03-10 62831 2010-0122 Employee Timeclock Software auth.php Multiple Parameter SQL Injection
2010-03-10 62830 2010-0124 Employee Timeclock Software mysqldump Command-line Database Password Disclosure
2010-03-10 62832 2010-0122 Employee Timeclock Software login_action.php Multiple Parameter SQL Injection
2006-11-22 30590 2006-5965 PassGo SSO Plus Permission Weakness Local Privilege Escalation
2005-08-04 18525 2005-2453 NetworkActiv Web Server Parameter XSS
2005-03-23 14936 2005-0878 MercuryBoard Private Message title Parameter XSS
2004-12-06 12236 2004-2266 Ansel image Parameter SQL Injection
2004-12-06 12237 2004-2267 Ansel album name Variable Arbitrary Script Injection
2004-10-14 10726 2004-1700 Pinnacle ShowCenter SettingsBase.php Skin Parameter XSS
2004-03-10 4184 2004-0111 GdkPixbuf BMP Image Handling DoS

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2014 Open Sourced Vulnerability Database (OSVDB), All Rights Reserved.
License - Privacy Statement - Terms of Use