Affiliation/Organization: Secunia

Time to Patch Stats

For vulnerabilities disclosed through this affiliation where we have sufficient data to calculate the time to patch (2 vulns), the following statistics apply:

Min Time To Patch:18 days
Avg Time To Patch:18 days
Max Time To Patch:18 days

Other Affiliations

Creditees Affiliated with Secunia have also affiliated with:

via Secunia (4)
Secunia Research (3)
Zero Day Initiative (ZDI) (2)
h07 (1)
MWR Labs/InfoSecurity (1)
iDefense Labs (1) (1)
Debian Security Audit Project (1)


Creditees currently or formerly associated with Secunia (13):
(ordered by association date)

Known SinceNameVulns Through Affiliation
2003-03-28Ulf Harnhammar4
2010-10-12Krystian Kloskowski1
2010-11-04Mehul Revankar3
2010-12-06Parvez Anwar1
2010-12-07Stefano Angaran3
2010-12-21Sow Ching Shiong18
2011-10-19Morten Bartvig4
2012-05-16Jon Butler2
2012-05-22Charlie Eriksen5
2012-06-20Hossein Lotfi (S0lute)2
2013-01-08ADLab, VenusTech1
2013-12-06Sudhanshu Chauhan1

Disclosed Vulnerabilities (47):

Discl. DateOSVDB IDCVE IDCrediteesTitle
2013-12-06 100842 2013-3929 Sudhanshu Chauhan
CMS Made Simple /admin/editevent.php handler Parameter XSS
2013-11-12 99646 2013-3940 Hossein Lotfi (S0lute)
Microsoft Windows Graphics Device Interface (GDI) WordPad Crafted Write File Handling Integer Overflow
2013-01-08 102685 2013-1376 ADLab, VenusTech
Adobe Reader / Acrobat Unspecified Buffer Overflow (2013-1376)
2012-06-21 83083 Charlie Eriksen
Nmedia MailChimp Plugin for WordPress wp-content/plugins/nmedia-mailchimp-widget/api_mailchimp/postToMailChimp.php abs_path Parameter XSS
2012-06-21 83084 Charlie Eriksen
Mac Photo Gallery Plugin for WordPress wp-content/plugins/mac-dock-gallery/macdownload.php albid Parameter Traversal Arbitrary File Access
2012-06-20 83097 2012-4045 Hossein Lotfi (S0lute)
Winamp bmp.w5s AVI File Multiple Data Type Handling Overflow
2012-06-20 83103 Charlie Eriksen
TheCartPress Plugin for WordPress wp-content/plugins/thecartpress/admin/PrintOrder.php Order Detail Information Disclosure
2012-05-22 82141 Charlie Eriksen
Profile Builder Plugin for WordPress front-end/wppb.recover.password.php key Parameter Arbitrary User Password Manipulation
2012-05-22 82142 Charlie Eriksen
Profile Builder Plugin for WordPress Multiple Unspecified Remote Issues
2012-05-16 81979 2012-2901 Jon Butler
Joomla Content Editor (JCE) for Joomla! administrator/index.php search Parameter XSS
2012-05-16 81980 2012-2902 Jon Butler
Joomla Content Editor (JCE) for Joomla! components/com_jce/editor/extensions/browser/file.php File Upload PHP Code Execution
2012-01-03 78100 Mehul Revankar
FuseTalk Multiple Script URI XSS
2012-01-03 78101 Mehul Revankar
FuseTalk forum/whoson.cfm letter Parameter XSS
2011-10-19 76603 Morten Bartvig
KaiBB index.php Referer HTTP Header XSS
2011-10-19 76604 Morten Bartvig
KaiBB acp/index.php Referer HTTP Header XSS
2011-10-19 76605 Morten Bartvig
KaiBB index.php checkbox Parameter SQL Injection
2011-10-19 76606 Morten Bartvig
KaiBB inc/function.php attachment Parameter Webform File Upload SQL Injection
2011-02-24 71117 2011-1102 Sow Ching Shiong
F-Secure Policy Manager Web Reporting Module Unspecified XSS
2011-02-24 71118 2011-1103 Sow Ching Shiong
F-Secure Policy Manager Web Reporting Module Invalid Report Access Path Disclosure
2011-02-07 70836 2011-0277 Sow Ching Shiong
HP Power Manager Multiple Unspecified Admin Function CSRF
2010-12-21 70186 Sow Ching Shiong
PrestaShop index.php URL XSS
2010-12-21 70187 Sow Ching Shiong
PrestaShop contact-form.php URL XSS
2010-12-21 70188 Sow Ching Shiong
PrestaShop sitemap.php URL XSS
2010-12-21 70189 Sow Ching Shiong
PrestaShop order.php URL XSS
2010-12-21 70190 Sow Ching Shiong
PrestaShop search.php URL XSS
2010-12-21 70191 Sow Ching Shiong
PrestaShop category.php URL XSS
2010-12-21 70192 Sow Ching Shiong
PrestaShop manufacturer.php URL XSS
2010-12-21 70193 Sow Ching Shiong
PrestaShop product.php URL XSS
2010-12-21 70194 Sow Ching Shiong
PrestaShop new-products.php URL XSS
2010-12-21 70195 Sow Ching Shiong
PrestaShop best-sales.php URL XSS
2010-12-21 70196 Sow Ching Shiong
PrestaShop prices-drop.php URL XSS
2010-12-21 70197 Sow Ching Shiong
PrestaShop supplier.php URL XSS
2010-12-21 70198 Sow Ching Shiong
PrestaShop authentication.php URL XSS
2010-12-21 70199 Sow Ching Shiong
PrestaShop password.php URL XSS
2010-12-21 70200 Sow Ching Shiong
PrestaShop 404.php URL XSS
2010-12-16 70289 BraniX
LuraWave PlugIn for IrfanView LWF Header Parsing Multiple Overflows
2010-12-16 70225 BraniX
LuraDocument Format PlugIn for IrfanView Crafted LDF File Handling Memory Corruption
2010-12-13 69793 2010-4827 Stefano Angaran
Snitz Forums 2000 members.asp M_NAME Parameter XSS
2010-12-13 69794 2010-4826 Stefano Angaran
Snitz Forums 2000 members.asp M_NAME Parameter SQL Injection
2010-12-07 69644 Stefano Angaran
XOOPS xNews Module modules/xnews/article.php URI XSS
2010-12-06 69636 Parvez Anwar
WebEx Meeting Manager WebexUCFObject ActiveX Path Subversion Arbitrary DLL Injection Code Execution
2010-11-04 69138 2010-4715 Mehul Revankar
Novell GroupWise Multiple Agent Unspecified Traversal Arbitrary File Access
2010-10-12 68549 2010-2746 Krystian Kloskowski
Microsoft Windows Common Control Library (comctl32.dll) Third-party SVG Content Handling Overflow
2003-03-28 49226 Ulf Harnhammar
SourceForge (alexandria) patch/index.php Upload Spoofing Arbitrary File Access
2003-03-28 49227 Ulf Harnhammar
SourceForge (alexandria) sendmessage.php Arbitrary Mail Relay
2003-03-28 49228 Ulf Harnhammar
SourceForge (alexandria) sendmessage.php CRLF Injection
2003-03-28 49229 Ulf Harnhammar
SourceForge (alexandria) Skills Profile Multiple Field XSS

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2014 Open Sourced Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use