Creditee: Adam Baldwin

Known Contact Information:

  • (as of 2009-08-08)
  • (as of 2012-06-28)

Known Affiliations:

Disclosed Vulnerabilities (15):

2014-03-06 105997 node-printer lib/printer.js printDirect() Function Arbitrary Command Execution
2012-06-28 83994 ZTE 890L goform/dhcp_list_cmd nick_name Parameter XSS
2012-06-28 83984 ZTE 890L SMS Message XSS
2012-06-28 83985 ZTE 890L Multiple Function CSRF
2012-06-28 83986 ZTE 890L Cookie Login Value Manipulation Admin Authentication Bypass
2010-12-22 70159 2010-4534 Django django.contrib.admin Admin Interface query String Information Disclosure
2010-08-07 67081 Nagios XI Admin Password Manipulation CSRF
2010-06-18 65721 JForum username Parameter XSS
2010-06-18 65722 JForum Bookmark Function Multiple Parameter XSS
2010-06-09 65290 2010-2290 McAfee UTM Firewall /cgi-bin/cgix/help page Parameter XSS
2010-01-14 61804 2010-0712 Zenoss Core zport/dmd/Events/getJSONEventsInfo Multiple Parameter SQL Injection
2010-01-14 61805 2010-0713 Zenoss Core Admin Password Manipulation CSRF
2009-08-08 57104 Spiceworks /search query Parameter XSS
2009-08-08 57106 Spiceworks Admin Password Manipulation CSRF
2008-12-15 84081 Heartlab Encompass Web PACS SessionStart.asp Authentication Bypass

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2014 Open Sourced Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use