Affiliation/Organization: Secunia


Time to Patch Stats

For vulnerabilities disclosed through this affiliation where we have sufficient data to calculate the time to patch (2 vulns), the following statistics apply:

Min Time To Patch:18 days
Avg Time To Patch:18 days
Max Time To Patch:18 days

Other Affiliations

Creditees Affiliated with Secunia have also affiliated with:

via Secunia (4)
Secunia Research (2)
Zero Day Initiative (ZDI) (1)
iDefense Labs (1)
MWR Labs/InfoSecurity (1)
h07 (1)
Debian Security Audit Project (1)

Website: http://secunia.com/

Creditees currently or formerly associated with Secunia (11):
(ordered by association date)

Known SinceNameVulns Through Affiliation
2003-03-28Ulf Harnhammar4
2010-10-12Krystian Kloskowski1
2010-11-04Mehul Revankar3
2010-12-06Parvez Anwar1
2010-12-07Stefano Angaran3
2010-12-16BraniX2
2010-12-21Sow Ching Shiong18
2011-10-19Morten Bartvig4
2012-05-16Jon Butler2
2012-05-22Charlie Eriksen5
2012-06-20Hossein Lotfi (S0lute)1

Disclosed Vulnerabilities (44):

Discl. DateOSVDB IDCVE IDCrediteesTitle
2012-06-21 83083 Charlie Eriksen
 Nmedia MailChimp Plugin for WordPress wp-content/plugins/nmedia-mailchimp-widget/api_mailchimp/postToMailChimp.php abs_path Parameter XSS
2012-06-21 83084 Charlie Eriksen
 Mac Photo Gallery Plugin for WordPress wp-content/plugins/mac-dock-gallery/macdownload.php albid Parameter Traversal Arbitrary File Access
2012-06-20 83097 2012-4045 Hossein Lotfi (S0lute)
 Winamp bmp.w5s AVI File Multiple Data Type Handling Overflow
2012-06-20 83103 Charlie Eriksen
 TheCartPress Plugin for WordPress wp-content/plugins/thecartpress/admin/PrintOrder.php Order Detail Information Disclosure
2012-05-22 82141 Charlie Eriksen
 Profile Builder Plugin for WordPress front-end/wppb.recover.password.php key Parameter Arbitrary User Password Manipulation
2012-05-22 82142 Charlie Eriksen
 Profile Builder Plugin for WordPress Multiple Unspecified Remote Issues
2012-05-16 81979 2012-2901 Jon Butler
 Joomla Content Editor (JCE) for Joomla! administrator/index.php search Parameter XSS
2012-05-16 81980 2012-2902 Jon Butler
 Joomla Content Editor (JCE) for Joomla! components/com_jce/editor/extensions/browser/file.php File Upload PHP Code Execution
2012-01-03 78100 Mehul Revankar
 FuseTalk Multiple Script URI XSS
2012-01-03 78101 Mehul Revankar
 FuseTalk forum/whoson.cfm letter Parameter XSS
2011-10-19 76603 Morten Bartvig
 KaiBB index.php Referer HTTP Header XSS
2011-10-19 76604 Morten Bartvig
 KaiBB acp/index.php Referer HTTP Header XSS
2011-10-19 76605 Morten Bartvig
 KaiBB index.php checkbox Parameter SQL Injection
2011-10-19 76606 Morten Bartvig
 KaiBB inc/function.php attachment Parameter Webform File Upload SQL Injection
2011-02-24 71117 2011-1102 Sow Ching Shiong
 F-Secure Policy Manager Web Reporting Module Unspecified XSS
2011-02-24 71118 2011-1103 Sow Ching Shiong
 F-Secure Policy Manager Web Reporting Module Invalid Report Access Path Disclosure
2011-02-07 70836 2011-0277 Sow Ching Shiong
 HP Power Manager Multiple Unspecified Admin Function CSRF
2010-12-21 70186 Sow Ching Shiong
 PrestaShop index.php URL XSS
2010-12-21 70187 Sow Ching Shiong
 PrestaShop contact-form.php URL XSS
2010-12-21 70188 Sow Ching Shiong
 PrestaShop sitemap.php URL XSS
2010-12-21 70189 Sow Ching Shiong
 PrestaShop order.php URL XSS
2010-12-21 70190 Sow Ching Shiong
 PrestaShop search.php URL XSS
2010-12-21 70191 Sow Ching Shiong
 PrestaShop category.php URL XSS
2010-12-21 70192 Sow Ching Shiong
 PrestaShop manufacturer.php URL XSS
2010-12-21 70193 Sow Ching Shiong
 PrestaShop product.php URL XSS
2010-12-21 70194 Sow Ching Shiong
 PrestaShop new-products.php URL XSS
2010-12-21 70195 Sow Ching Shiong
 PrestaShop best-sales.php URL XSS
2010-12-21 70196 Sow Ching Shiong
 PrestaShop prices-drop.php URL XSS
2010-12-21 70197 Sow Ching Shiong
 PrestaShop supplier.php URL XSS
2010-12-21 70198 Sow Ching Shiong
 PrestaShop authentication.php URL XSS
2010-12-21 70199 Sow Ching Shiong
 PrestaShop password.php URL XSS
2010-12-21 70200 Sow Ching Shiong
 PrestaShop 404.php URL XSS
2010-12-16 70289 BraniX
 LuraWave PlugIn for IrfanView LWF Header Parsing Multiple Overflows
2010-12-16 70225 BraniX
 LuraDocument Format PlugIn for IrfanView Crafted LDF File Handling Memory Corruption
2010-12-13 69793 2010-4827 Stefano Angaran
 Snitz Forums 2000 members.asp M_NAME Parameter XSS
2010-12-13 69794 2010-4826 Stefano Angaran
 Snitz Forums 2000 members.asp M_NAME Parameter SQL Injection
2010-12-07 69644 Stefano Angaran
 XOOPS xNews Module modules/xnews/article.php URI XSS
2010-12-06 69636 Parvez Anwar
 WebEx Meeting Manager WebexUCFObject ActiveX Path Subversion Arbitrary DLL Injection Code Execution
2010-11-04 69138 2010-4715 Mehul Revankar
 Novell GroupWise Multiple Agent Unspecified Traversal Arbitrary File Access
2010-10-12 68549 2010-2746 Krystian Kloskowski
 Microsoft Windows Common Control Library (comctl32.dll) Third-party SVG Content Handling Overflow
2003-03-28 49226 Ulf Harnhammar
 SourceForge (alexandria) patch/index.php Upload Spoofing Arbitrary File Access
2003-03-28 49227 Ulf Harnhammar
 SourceForge (alexandria) sendmessage.php Arbitrary Mail Relay
2003-03-28 49228 Ulf Harnhammar
 SourceForge (alexandria) sendmessage.php CRLF Injection
2003-03-28 49229 Ulf Harnhammar
 SourceForge (alexandria) Skills Profile Multiple Field XSS

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2013 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use