Creditee: X-Cisadane

Known Contact Information:

  • (as of 2013-02-04)

Known Affiliations:

  • None at this time

Disclosed Vulnerabilities (29):

2013-10-15 98610 WebTester /install.php Remote Privilege Escalation
2013-10-15 98609 WebTester Default Admin Credentials
2013-10-15 98608 WebTester /startTest.php TestID Parameter SQL Injection
2013-10-15 98611 WebTester /phpinfo.php Direct Request Information Disclosure
2013-10-15 98598 TinyMCE insert_file.php Arbitrary File Upload
2013-03-07 91005 MLS Property Finder /update/ URI Remote Privilege Escalation
2013-02-04 89840 Free Monthly Websites /admin/index.php Input Type Field Manipulation Authentication Bypass
2013-02-04 89839 Free Monthly Websites /admin/add_main_pages.php File Upload Arbitrary Code Execution
2012-11-04 87527 AwAuctionScript listing.php category Parameter XSS
2012-11-04 87526 AwAuctionScript sell-your-site.php Multiple Field XSS
2012-11-04 87525 AwAuctionScript edit-account.php File Upload PHP Code Execution
2012-11-04 87524 AwAuctionScript listing.php PageNo Parameter SQL Injection
2012-11-04 87523 AwAuctionScript Admin Login Page XSS
2012-09-26 85820 Smartfren Connex EC1261 Insecure File Permission Arbitrary File Overwrite Local Privilege Escalation
2012-08-25 85262 Silver Lake Shopper News displaynews.php id Parameter XSS
2012-08-25 85263 Silver Lake Shopper News displaynews.php id Parameter SQL Injection
2012-08-13 84763 Winamp File Browser HTML File Handling Memory Corruption DoS
2012-07-27 84325 SocialEngine /classifieds/create tags Parameter XSS
2012-07-27 84326 SocialEngine /videos/create tags Parameter XSS
2012-07-27 84322 SocialEngine signup Profile Address Field XSS
2012-05-31 82379 Ganesha Digital Library (GDL) office.php langid Parameter XSS
2012-05-30 82378 Ganesha Digital Library (GDL) publisher.php id Parameter XSS
2012-05-30 82376 Ganesha Digital Library (GDL) go.php id Parameter SQL Injection
2012-05-30 82375 Ganesha Digital Library (GDL) publisher.php id Parameter SQL Injection
2012-05-30 82374 Ganesha Digital Library (GDL) office.php Multiple Parameter SQL Injection
2012-05-30 82372 Ganesha Digital Library (GDL) search.php s Parameter XSS
2012-05-30 82377 Ganesha Digital Library (GDL) login.php Account Field SQL Injection Authentication Bypass
2012-05-30 82373 Ganesha Digital Library (GDL) Activate Account Page Multiple Field XSS
2012-05-19 82055 Vertrigoserv File Upload Local Privilege Escalation

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2014 Open Sourced Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use