Creditee: security curmudgeon

Known Contact Information:

  • (as of 1997-11-13)
  • (as of 2002-02-24)

Known Affiliations:

Disclosed Vulnerabilities (41):

Disc. DateOSVDB IDCVEIDTitle
2009-11-20 60364 Blahz-DNS listing/login.php Primary Name field XSS
2009-11-20 60367 Bes-mcmf Search Field XSS
2008-12-01 50321 2008-3057 Oempro HTTPS Session Cookie Secure Flag Weakness
2008-12-01 50322 2008-3058 Oempro index.php FormValue_Email Parameter SQL Injection Authentication Bypass
2008-12-01 50324 2008-3059 Oempro /member/settings_account.php Cleartext Password Disclosure
2008-12-01 50323 2008-3058 Oempro /client/campaign_track.php FormValue_SearchKeywords Parameter SQL Injection
2006-03-29 24236 2006-1436 @1 Event Publisher eventpublisher_usersubmit.htm Multiple Parameter XSS
2006-03-29 24237 2006-1437 @1 Event Publisher eventpublisher.txt Direct Request Private Comment Disclosure
2006-03-29 24238 2006-1795 @1 Table Publisher tablepublisher.cgi Title of Table Field XSS
2006-03-28 24255 2006-1435 ARIA (Accounting Receiving and Inventory Administration) genmessage.php Message Field XSS
2006-03-28 24302 2006-1433 Annuaire (Directory) /include/lang-en.php Direct Request Path Disclosure
2006-03-28 24303 2006-1434 Annuaire (Directory) inscription.php Comment Field XSS
2006-03-27 24149 2006-1479 gtd-php newProject.php Multiple Field XSS
2006-03-27 24150 2006-1479 gtd-php newList.php Multiple Field XSS
2006-03-27 24151 2006-1479 gtd-php newWaitingOn.php Multiple Field XSS
2006-03-27 24152 2006-1479 gtd-php newChecklist.php Title Field XSS
2006-03-27 24153 2006-1479 gtd-php newContext.php Title Field XSS
2006-03-27 24154 2006-1479 gtd-php newCategory.php Category Name Field XSS
2006-03-27 24155 2006-1479 gtd-php newGoal.php Title Field XSS
2006-03-27 24156 2006-1479 gtd-php listReport.php listTitle Parameter XSS
2006-03-27 24157 2006-1479 gtd-php projectReport.php projectName Parameter XSS
2006-03-27 24158 2006-1479 gtd-php checklistReport.php checklistTitle Parameter XSS
2006-03-27 24235 2006-1436 @1 Event Publisher eventpublisher_admin.htm Multiple Parameter XSS
2006-03-27 24310 2006-1438 Andy's PHP Knowledgebase (aphpkb) index.php keyword_list Parameter XSS
2006-03-27 24311 2006-1438 Andy's PHP Knowledgebase (aphpkb) submit_article.php Multiple Parameter XSS
2006-03-19 23958 2006-1976 Prayer Request Board (PRB) addRequest.php Request Field XSS
2006-03-02 32388 Valdersoft Shopping Cart common.php Direct Request Path Disclosure
2005-11-16 20878 Barracuda Spam Firewall User Interface Multiple Field XSS
2005-11-16 20879 Barracuda Spam Firewall Hashed Password Disclosure
2005-10-13 20033 2005-4703 Apache Tomcat MS-DOS Device Request Error Message Path Disclosure
2005-08-04 18533 Whois.Cart admin/domain_add.php Domain Name XSS
2005-08-04 18534 Whois.Cart admin/hosts_add.php Multiple Field XSS
2005-08-04 18535 Whois.Cart admin/hosting.php Add Line Field XSS
2005-08-04 18536 Whois.Cart admin/info.php Information Disclosure
2005-04-24 15754 2005-1309 bBlog Blog Entry Title XSS
2005-04-24 15755 2005-1309 bBlog Blog/Comment Body XSS
2005-04-24 15756 2005-1310 bBlog index.php postid Parameter SQL Injection
2004-11-26 12143 SecretSanta SecretSanta.php Path Disclosure
2004-08-05 8323 TBP Mozilla Extension Cross-tab URL HREF Remote Information Disclosure
2002-02-24 4081 2002-0324 Greymatter Remote Admin Account Compromise
1997-11-13 17112 L-Soft LISTSERV Mail Command Output Information Disclosure

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2012 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use