OSVDB: Open Sourced Vulnerability Database

Creditee: Nac Mac Feegle

Known Contact Information:

None at this time

Known Affiliations:

uiga (as of 2009-12-04)

Disclosed Vulnerabilities (88):

Disc. Date	OSVDB ID	Title
2009-12-04	60785	Uiga Church Portal admin/bible/biblegallery.php file_photo_name Parameter XSS
2009-12-04	60691	Uiga Church Portal admin/lifegroups/lifegallery.php file_photo_name Parameter XSS
2009-12-04	60692	Uiga Church Portal admin/minutes/minutesgallery.php file_photo_name Parameter XSS
2009-12-04	60693	Uiga Church Portal admin/multimedia/multimediagallery.php file_photo_name Parameter XSS
2009-12-04	60694	Uiga Church Portal admin/news/newsend.php checkbox Parameter XSS
2009-12-04	60695	Uiga Church Portal admin/news/testing.php checkbox Parameter XSS
2009-12-04	60696	Uiga Church Portal admin/news/userlist.php script[] Parameter XSS
2009-12-04	60697	Uiga Church Portal admin/upload/userlist.php script[] Parameter XSS
2009-12-04	60698	Uiga Church Portal head.php script[] Parameter XSS
2009-12-04	60699	Uiga Church Portal admin/photos/gallery.php file_name Parameter XSS
2009-12-04	60700	Uiga Church Portal gallery.php file_name Parameter XSS
2009-12-04	60701	Uiga Church Portal admin/special.php Multiple Parameter XSS
2009-12-04	60702	Uiga Church Portal admin/template.php pagetitle Parameter XSS
2009-12-04	60703	Uiga Church Portal include/template.php pagetitle Parameter XSS
2009-12-04	60704	Uiga Church Portal anniv.php img Parameter XSS
2009-12-04	60705	Uiga Church Portal famday.php img Parameter XSS
2009-12-04	60706	Uiga Church Portal archivedetails.php Multiple Parameter XSS
2009-12-04	60707	Uiga Church Portal ar_det.php Multiple Parameter XSS
2009-12-04	60708	Uiga Church Portal exhortation.php Multiple Parameter XSS
2009-12-04	60709	Uiga Church Portal head2.php Multiple Parameter XSS
2009-12-04	60710	Uiga Church Portal template.php pagetitle Parameter XSS
2009-12-04	60711	Uiga Church Portal login2.php case Parameter XSS
2009-12-04	60712	Uiga Church Portal multimediagallery.php file_photo_name Parameter XSS
2009-12-04	60713	Uiga Church Portal admin/user/modify.php error Parameter XSS
2009-12-04	60714	Uiga Church Portal admin/time_date.php id Parameter XSS
2009-12-04	60715	Uiga Church Portal admin/editevent.php Multiple Parameter XSS
2009-12-04	60716	Uiga Church Portal admin/calendar.php delete_id Parameter XSS
2009-12-04	60717	Uiga Church Portal admin/announcements/modifynews.php Multiple Parameter XSS
2009-12-04	60718	Uiga Church Portal admin/photos/editcat.php Multiple Parameter XSS
2009-12-04	60719	Uiga Church Portal admin/exhortation/exhoredit.php Multiple Parameter XSS
2009-12-04	60720	Uiga Church Portal admin/photos/edit.php box Parameter XSS
2009-12-04	60721	Uiga Church Portal admin/bible/editcat.php Multiple Parameter XSS
2009-12-04	60722	Uiga Church Portal admin/music/editcat.php Multiple Parameter XSS
2009-12-04	60723	Uiga Church Portal admin/multimedia/editcat.php Multiple Parameter XSS
2009-12-04	60724	Uiga Church Portal admin/lifegroups/editcat.php Multiple Parameter XSS
2009-12-04	60725	Uiga Church Portal testimonisview.php id Parameter XSS
2009-12-04	60726	Uiga Church Portal admin/lifegroups/lifegroups.php delete Parameter XSS
2009-12-04	60727	Uiga Church Portal admin/minutes/upload.php Multiple Parameter XSS
2009-12-04	60728	Uiga Church Portal admin/multimedia/upload.php Multiple Parameter XSS
2009-12-04	60729	Uiga Church Portal admin/music/music.php delete Parameter XSS
2009-12-04	60731	Uiga Church Portal admin/news/uploadfile.php Multiple Parameter XSS
2009-12-04	60734	Uiga Church Portal admin/photos/upload.php Multiple Parameter XSS
2009-12-04	60735	Uiga Church Portal admin/login.php Multiple Parameter XSS
2009-12-04	60736	Uiga Church Portal testimoniesview.php Multiple Parameter XSS
2009-12-04	60732	Uiga Church Portal gallery.php URI XSS
2009-12-04	60733	Uiga Church Portal multimediagallery.php URI XSS
2009-12-04	60737	Uiga Church Portal library/functions.php Multiple Parameter XSS
2009-12-04	60738	Uiga Church Portal download.php id Parameter SQL Injection
2009-12-04	60739	Uiga Church Portal downloadlife.php id Parameter SQL Injection
2009-12-04	60740	Uiga Church Portal downloadminutes.php id Parameter SQL Injection
2009-12-04	60741	Uiga Church Portal downloadmultimedia.php id Parameter SQL Injection
2009-12-04	60742	Uiga Church Portal downloadmusic.php id Parameter SQL Injection
2009-12-04	60743	Uiga Church Portal multimediagallery.php id Parameter SQL Injection
2009-12-04	60744	Uiga Church Portal photoview.php id Parameter SQL Injection
2009-12-04	60747	Uiga Church Portal testimoniesview.php id Parameter SQL Injection
2009-12-04	60746	Uiga Church Portal gallery.php id Parameter SQL Injection
2009-12-04	60748	Uiga Church Portal archivedetails.php view Parameter SQL Injection
2009-12-04	60752	Uiga Church Portal events.php Multiple Parameter SQL Injection
2009-12-04	60749	Uiga Church Portal gallery.php offset Parameter SQL Injection
2009-12-04	60750	Uiga Church Portal multimediagallery.php offset Parameter SQL Injection
2009-12-04	60751	Uiga Church Portal a_detail.php offset Parameter SQL Injection
2009-12-04	60753	Uiga Church Portal multimediaview.php media Parameter SQL Injection
2009-12-04	60754	Uiga Church Portal music.php delete Parameter SQL Injection
2009-12-04	60755	Uiga Church Portal ar_det.php exhort Parameter SQL Injection
2009-12-04	60756	Uiga Church Portal admin/template.php content Parameter Remote File Inclusion
2009-12-04	60757	Uiga Church Portal include/template.php content Parameter Remote File Inclusion
2009-12-04	60765	Uiga Church Portal download.php Multiple Parameter Traversal Arbitrary File Access
2009-12-04	60764	Uiga Church Portal downloadlife.php life_image Parameter Traversal Arbitrary File Access
2009-12-04	60763	Uiga Church Portal downloadminutes.php min_image Parameter Traversal Arbitrary File Access
2009-12-04	60762	Uiga Church Portal downloadmultimedia.php Multiple Parameter Traversal Arbitrary File Access
2009-12-04	60761	Uiga Church Portal downloadmusic.php Multiple Parameter Traversal Arbitrary File Access
2009-12-04	60776	Uiga Church Portal admin/bible/biblegallery.php Unspecified Parameter SQL Injection
2009-12-04	60775	Uiga Church Portal admin/lifegroups/lifegallery.php Unspecified Parameter SQL Injection
2009-12-04	60774	Uiga Church Portal admin/minutes/minutesgallery.php Unspecified Parameter SQL Injection
2009-12-04	60773	Uiga Church Portal admin/multimedia/multimediagallery.php Unspecified Parameter SQL Injection
2009-12-04	60772	Uiga Church Portal admin/news/mail.php Unspecified Parameter SQL Injection
2009-12-04	60766	Uiga Church Portal admin/news/processUpload.php Arbitrary File Upload
2009-12-04	60771	Uiga Church Portal admin/photos/gallery.php Unspecified Parameter SQL Injection
2009-12-04	60770	Uiga Church Portal admin/upload/download.php Unspecified Parameter SQL Injection
2009-12-04	60767	Uiga Church Portal admin/upload/processUpload.php Arbitrary File Upload
2009-12-04	60769	Uiga Church Portal admin/user/download.php Unspecified Parameter SQL Injection
2009-12-04	60768	Uiga Church Portal admin/user/processUpload.php Arbitrary File Upload
2009-12-04	60778	Uiga Church Portal admin/news/error.php Arbitrary Shell Command Execution
2009-12-04	60760	Uiga Church Portal checkClientUser() Function Session Validation Authentication Bypass
2009-12-04	60745	Uiga Church Portal Unspecified CSRF
2009-12-04	60730	Uiga Church Portal special_event.php Multiple Parameter XSS
2009-12-04	60759	Uiga Church Portal multimediaview.php Direct Request Authentication Bypass
2009-12-04	60758	Uiga Church Portal ar_det.php Direct Request Authentication Bypass

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.