Creditee: Benjamin Kunz Mejri

Known Contact Information:

  • (as of 2012-01-02)
  • (as of 2012-01-12)
  • (as of 2012-01-23)
  • (as of 2012-05-03)
  • (as of 2012-05-04)
  • (as of 2012-06-27)
  • (as of 2013-06-28)

Known Affiliations:

Disclosed Vulnerabilities (412):

Disc. DateOSVDB IDCVEIDTitle
2014-04-14 105787 PDF Album for iOS /files Encoded Traversal Local File Inclusion
2014-04-10 105673 AppFish Offline Coder for iOS New Snippet Field Stored XSS
2014-04-10 105674 iVault Private P&V for iOS WiFi Web Access Unspecified Path Traversal
2014-04-08 105552 Bluetooth Text Chat / BlueMe for iOS Crafted Bluetooth Message Remote Code Execution
2014-04-03 105340 Private Photo+Video for iOS /cgi/album/add/ Album Name Stored XSS
2014-04-02 105355 iShare Your Moving Library for iOS /files filename Parameter Local File Inclusion
2014-04-02 105356 iShare Your Moving Library for iOS /files filename Parameter Multiple File Extension Upload Remote Code Execution
2014-03-31 105180 Vanctech File Commander for iOS /files/ filename Parameter Local File Inclusion
2014-03-31 105176 WIFI Photos and Files Transfer Lite for iOS filename Parameter Local File Inclusion
2014-03-31 105177 WIFI Photos and Files Transfer Lite for iOS file Parameter Multiple File Extension Upload Remote Code Execution
2014-03-31 105178 WIFI Photos and Files Transfer Lite for iOS Device Name Field Arbitrary Command Execution
2014-03-31 105181 Vanctech File Commander for iOS /Download/ filename Parameter Multiple File Extension Upload Remote Code Execution
2014-03-28 105082 iStArtApp FileXChange for iOS /Work/ filename Parameter Multiple File Extension Upload Remote Code Execution
2014-03-28 105081 iStArtApp FileXChange for iOS /Work/ filename Parameter Local File Inclusion
2014-03-28 105083 iStArtApp FileXChange for iOS Device Name / Folder Name Fields Arbitrary Command Execution
2014-03-27 105097 FTP Drive + HTTP Server Application for iOS newDir Parameter Remote Code Execution
2014-03-26 105105 2014-2879 SonicWALL Email Security /settings_advanced.html filename Parameter Stored XSS
2014-03-26 105106 2014-2879 SonicWALL Email Security /settings_upload_dlicense.html filename Parameter Stored XSS
2014-03-24 105112 My Photo Wifi Share & Picture Server for iOS albumname Parameter Remote Command Execution
2014-03-21 105116 WiFi Music for iOS /files/ newfile Parameter Local File Inclusion
2014-03-21 105115 WiFi Music for iOS Multiple File Extension Upload Remote Code Execution
2014-03-19 104705 Wireless Drive for iOS Upload File Module filename Parameter Local File Inclusion
2014-03-19 104706 Wireless Drive for iOS File Dir List Module foldername Parameter Local Command Execution
2014-03-06 104089 2014-2589 SonicWALL Network Security Appliance (NSA) 2400 /stats/dashboard.jsp sn Parameter Reflected XSS
2014-02-28 104776 Bluetooth Photo Share Pro for iOS File Upload filename Parameter Local File Inclusion
2014-02-28 104777 Bluetooth Photo Share Pro for iOS Multiple File Extension Upload Remote Code Execution
2014-02-27 103824 Bluetooth Photo/Video/Music/Contact Share Pro for iOS /files newfile Parameter Local File Inclusion
2014-02-27 103825 Bluetooth Photo/Video/Music/Contact Share Pro for iOS /files newfile Parameter File Upload Remote Code Execution
2014-02-26 103852 Barracuda Networks Backup Extern Backup remote_host Parameter XSS
2014-02-25 104778 Private Camera Pro for iOS New Album album_title Parameter XSS
2014-02-25 104779 Private Camera Pro for iOS File Upload filename Parameter Local File Inclusion
2014-02-25 104780 Private Camera Pro for iOS device-info devicename Parameter Remote Command Execution
2014-02-22 103673 WiFiles Upload Facility filename Parameter Local File Inclusion
2014-02-21 103676 Barracuda Firewall Web Interface /cgi-bin/index.cgi cert_error Parameter Reflected XSS Weakness
2014-02-21 103677 Barracuda Web Filter Add Domain Page Multiple Parameter Stored XSS
2014-02-19 103552 Barracuda Firewall Web Interface Multiple Field Stored XSS
2014-02-18 103474 Barracuda Message Archiver Domain Management domain Parameter Stored XSS
2014-02-15 104781 File Hub for iOS Folder Manipulation Remote Command Execution
2014-02-15 104782 File Hub for iOS File Upload filename Parameter Local File Inclusion
2014-02-14 104783 mbDriveHD for iOS File Upload filename Parameter Local File Inclusion
2014-02-14 104784 mbDriveHD for iOS devicename Remote Command Execution
2014-02-13 103413 Office Assistant Pro for iOS Remote Path Traversal File Upload
2014-02-11 103190 jDisk for iOS /__FD__ path Parameter Remote Command Injection
2014-02-11 103191 jDisk for iOS /__FD__ Remote Encoded Path Traversal File Access
2014-02-11 103192 jDisk for iOS Upload Feature Unspecified File Inclusion
2014-02-08 103200 WiFi Camera Roll for iOS /upload.ajax qqfile Parameter Path Traversal Local File Inclusion
2014-02-08 103201 WiFi Camera Roll for iOS Multiple File Extension Upload Arbitrary Code Execution
2014-02-07 102993 gpEasy /Admin_Finder name Parameter Local File Inclusion
2014-02-07 102994 gpEasy /Admin_Finder Multiple Parameter Reflected XSS
2014-01-28 102775 SimplyShare for iOS Send Text Facility text Parameter File Upload Remote Code Execution
2014-01-28 102777 SimplyShare for iOS Upload Files Facility filename Parameter Absolute Path Traversal Local File Inclusion
2014-01-28 102778 SimplyShare for iOS Device Name Arbitrary Command Execution
2014-01-28 102779 SimplyShare for iOS Folder Name Field Stored XSS
2013-12-19 101191 Song Exporter for iOS Multiple Field Arbitrary File Access
2013-12-16 101134 FileMaster SY-IT for iOS Multiple File Extension Upload Remote Code Execution
2013-12-16 101132 FileMaster SY-IT for iOS Upload Functionality Local File Inclusion
2013-12-16 101131 FileMaster SY-IT for iOS Folder Manipulation Local File Inclusion
2013-12-12 100995 Phone Drive for iOS devicename Field Arbitrary Command Execution
2013-12-12 100994 Phone Drive for iOS File Upload Arbitrary Code Execution
2013-12-12 100993 Phone Drive for iOS foldername Parameter Stored XSS
2013-12-11 100865 Photo Video Album Transfer for iOS File Upload Remote Code Execution
2013-12-10 100853 Air Gallery for iOS devicename Parameter Stored XSS
2013-12-10 100852 Air Gallery for iOS albumname Parameter Local Command Execution
2013-12-09 100735 WireShare for iOS targetItem Parameter Stored XSS
2013-12-06 100737 Print n Share for iOS filename Parameter Local File Inclusion
2013-12-06 100738 Print n Share for iOS filename Parameter Multiple File Extension Upload Remote Code Execution
2013-12-06 100736 Print n Share for iOS foldername Parameter Stored XSS
2013-12-05 100610 2013-7025 SonicWALL Multiple Products /sgms/ematStaticAlertTypes.jsp Multiple Parameter Stored XSS
2013-12-05 100609 Wireless Transfer App for iOS Album Name Handling Local Command Execution
2013-12-03 100601 Imagam iFiles devicename Parameter Remote Command Execution
2013-12-03 100600 Imagam iFiles filename Parameter Remote File Access
2013-12-03 100599 Imagam iFiles filename Parameter Multiple File Extension Upload Remote Code Execution
2013-12-02 100461 Photo Transfer Wifi for iOS Device Name Arbitrary Command Execution
2013-12-02 100460 Photo Transfer Wifi for iOS Album Name Stored XSS
2013-11-20 100099 AirBeam for iOS /delete name Parameter Reflected XSS
2013-11-20 100100 AirBeam for iOS Device Name Arbitrary Command Execution
2013-10-29 99075 2013-6793
2013-6794
Olat LMS Calendar Multiple Field Stored XSS
2013-10-29 99077 GTX CMS /Ajax/tagSearchTag Multiple Parameter SQL Injection
2013-10-29 99078 GTX CMS /linkverzeichnis/hinzufuegen Multiple Field XSS
2013-10-29 99079 GTX CMS /pers-nachrichten/ordnerverwaltung Ordner Name Field XSS
2013-10-29 99076 GTX CMS /Ajax/tagSearchTag q Parameter Reflected XSS
2013-10-28 99039 ILIAS eLearning ilias.php note Parameter Stored XSS
2013-10-26 99014 Onpub /onpub/manage/index.php Multiple Parameter SQL Injection
2013-10-26 99013 Onpub /onpub/manage/index.php page Parameter Reflected XSS
2013-10-17 98677 Zikula Application Framework /en/news/display/camp-zikula URI XSS
2013-10-17 98675 Zikula Application Framework index.php dynadata[realname] Parameter Reflected XSS
2013-10-17 98676 Zikula Application Framework index.php func Parameter XSS
2013-10-17 98674 Zikula Application Framework /en/benutzer/login Multiple Parameter XSS
2013-10-15 98638 UbiDisk File Manager for iOS /Local Multiple Extension File Upload Remote Code Execution
2013-10-15 98637 UbiDisk File Manager for iOS /Local filename Parameter Traversal Local File Inclusion
2013-10-03 98085 Hide Photo+Video Safe for iOS uploadify/swfobject.js Traversal Local File Inclusion
2013-10-03 98084 Hide Photo+Video Safe for iOS Folder Name Stored XSS
2013-10-03 98086 Secure Guard Password Handling Local Overflow
2013-09-28 98190 WebAssist PowerCMS admin_cms/contents_results.php S_Keyword Parameter Reflected XSS
2013-09-28 98191 WebAssist PowerCMS admin_cms/common/load_content.php contentTotal Parameter Reflected XSS
2013-09-24 97724 elproLOG MONITOR WebAccess strend.php id Parameter SQL Injection
2013-09-24 97723 elproLOG MONITOR WebAccess sensorview.php data Parameter XSS
2013-09-24 97722 elproLOG MONITOR WebAccess strend.php name Parameter XSS
2013-09-10 97116 2013-3179 Microsoft SharePoint Server Online Cloud Functionality Reflected XSS
2013-09-10 97164 eTransfer Lite for iOS File Name Handling Stored XSS
2013-09-10 97167 Talkie Bluetooth Video iFiles for iOS /d_store/ URI Reflected XSS
2013-09-10 97168 Talkie Bluetooth Video iFiles for iOS Malformed POST Request Remote DoS
2013-09-10 97165 Talkie Bluetooth Video iFiles for iOS /upload.html filename Parameter Traversal Arbitrary File Write
2013-09-10 97166 Talkie Bluetooth Video iFiles for iOS Multiple File Extension Upload Arbitrary Code Execution
2013-08-16 96382 Copy to WebDAV for iOS Device Name Arbitrary Command Execution
2013-08-16 96385 Photo Transfer for iOS album.html name Parameter XSS
2013-08-16 96383 Copy to WebDAV for iOS filename Traversal Arbitrary File Inclusion
2013-08-16 96384 Copy to WebDAV for iOS Multiple File Extension Upload Arbitrary Code Execution
2013-08-16 96386 Photo Transfer Upload for iOS filename Parameter Arbitrary File Inclusion
2013-08-16 96387 Photo Transfer Upload for iOS Multiple File Extension Upload Arbitrary Code Execution
2013-08-05 95991 FTP OnConnect for iOS index.html dir Parameter XSS
2013-08-05 95986 FTP OnConnect for iOS index.html filename Parameter Traversal Local File Inclusion
2013-08-05 95987 FTP OnConnect for iOS upload.html Multiple File Extension Upload Arbitrary Code Execution
2013-08-03 95985 withU Music Share for iOS Device Name Local Command Execution
2013-07-28 95801 Private Photos for iOS Add Directory Path Name XSS
2013-07-28 95800 WebDisk for iOS afgetdir.ma p Parameter Remote Command Execution
2013-07-24 95624 iPic Sharp Pro for iOS Album Folder Name XSS
2013-07-23 95575 Photo Server for iOS Multiple File Extension Upload Arbitrary Code Execution
2013-07-23 95576 Photo Server for iOS Directory Listing Device Name Arbitrary Command Execution
2013-07-23 95577 Photo Server for iOS /assets-library---asset Traversal Arbitrary File Access
2013-07-22 95543 Barracuda CudaTel Communication Server /gui/cdr/cdr Multiple Parameter SQL Injection
2013-07-22 95544 Barracuda CudaTel Communication Server /gui/cdr/cdr Multiple Parameter XSS
2013-07-20 95572 Barracuda Multiple Product /cgi-mod/index.cgi Certificate Name XSS
2013-07-19 95493 Download Lite for iOS File Name XSS
2013-07-18 95465 PacketTrap PSA Labor Rate Multiple Parameter XSS
2013-07-18 95461 PacketTrap MSP RMM Reports Manager Multiple Parameter XSS
2013-07-18 95462 PacketTrap PSA Contracts txtContractName Parameter XSS
2013-07-18 95464 PacketTrap PSA Import Customer Equipment Records gridItem Parameter XSS
2013-07-18 95466 PacketTrap PSA Materials Item Multiple Parameter XSS
2013-07-18 95467 PacketTrap PSA New Customer Multiple Parameter XSS
2013-07-18 95468 PacketTrap PSA Reports lblPageTitle Parameter XSS
2013-07-18 95463 PacketTrap PSA Equipment Item lblPurchaseInfo Parameter XSS
2013-07-17 95458 Barracuda CudaTel Communication Server /gui/eventlog/eventlog URI XSS
2013-07-17 95451 WiFly Pro for iOS Multiple File Extension Upload Arbitrary Code Execution
2013-07-17 95457 Barracuda CudaTel Communication Server /gui/route/route Multiple Parameter XSS
2013-07-17 95456 Barracuda CudaTel Communication Server /ajax-html/queues_wall_stub.html Multiple Parameter XSS
2013-07-17 95450 ePhoto Transfer for iOS File Download Module download Parameter XSS
2013-07-17 95449 ePhoto Transfer for iOS FolderName Arbitrary Command Execution
2013-07-17 95448 ePhoto Transfer for iOS /Photos/Misc Backgrounds upload Parameter Remote DoS
2013-07-16 95478 Nikon CoolPix Multiple L Series Devices Reformatting Weakness Start Picture Disclosure
2013-07-16 95773 FTP Sprite for iOS Folder Name XSS
2013-07-16 95772 Olive File Manager WiFi for iOS Multiple File Extension Upload Arbitrary Code Execution
2013-07-16 95433 Flux Player for iOS Multiple File Extension Upload Arbitrary Code Execution
2013-07-16 95771 Olive File Manager WiFi for iOS Folder Name XSS
2013-07-15 95260 Barracuda CudaTel Communication Server Test Connection Listing Module bbx_backup_site_host Parameter XSS
2013-07-10 95157 Air Drive Plus for iOS /AirDriveAction_file_show Local File Inclusion
2013-07-10 95156 Air Drive Plus for iOS /AirDriveAction_file_show Multiple File Extension Upload Arbitrary Code Execution
2013-07-10 95161 Air Drive Plus for iOS /AirDriveAction_file_show File Name XSS
2013-06-28 94689 eFile Wifi Transfer Manager for iOS /x Multiple File Extension Upload Arbitrary Code Execution
2013-06-28 94688 eFile Wifi Transfer Manager for iOS newFolder Parameter XSS
2013-06-28 94687 Mobile USB Drive for iOS Multiple File Extension Upload Arbitrary Code Execution
2013-06-25 94673 Barracuda CudaTel Communication Server /gui/gateway/siplist Multiple Parameter XSS
2013-06-25 94672 Barracuda CudaTel Communication Server /gui/gateway/list Multiple Parameter XSS
2013-06-15 94950 Barracuda Backup Replication Module Update Parameter XSS
2013-06-15 94949 Barracuda Backup Server Verbinden - Prüf Informationen Module Multiple Parameter XSS
2013-06-09 94071 Bluetooth Chat Message Board Listing XSS
2013-06-09 94072 Bluetooth Chat Malformed Chat Name Processing Remote DoS
2013-05-21 93551 Trend Micro DirectPass InstallWorkspace.exe libcef.dll NULL Pointer Dereference Local DoS
2013-05-21 93552 Sony Playstation 3 (PS3) Save Game Preview Crafted SFO File Handling Local Command Execution
2013-05-21 93550 Trend Micro DirectPass InstallWorkspace.exe Master Password Setup Arbitrary Command Execution
2013-05-21 93549 Trend Micro DirectPass InstallWorkspace.exe Master Password Field XSS
2013-05-12 93270 Wifi Photo Transfer /startcompressing Image Archive Arbitrary File Disclosure
2013-05-12 93271 Wifi Photo Transfer File Name XSS
2013-05-12 93281 File Lite HTTP Cookie Header XSS
2013-05-12 93272 AirDisk Pro - Wireless Flash Drive File Upload filename Parameter Absolute Path Arbitrary File Access
2013-05-12 93273 AirDisk Pro - Wireless Flash Drive Device Name Manipulation Arbitrary Command Execution
2013-05-12 93274 AirDisk Pro - Wireless Flash Drive File Upload name Parameter XSS
2013-05-12 93267 Wifi Photo Transfer Album Name Manipulation Arbitrary Command Execution
2013-05-12 93268 Wifi Photo Transfer Multiple File Extension Upload Arbitrary Code Execution
2013-05-12 93266 WiFi Album Folder Name Manipulation Arbitrary Command Execution
2013-05-12 93264 WiFi Photo & Video Access Index Toolbar Device Name Manipulation Arbitrary Command Execution
2013-05-12 93265 WiFi Photo & Video Access Malformed Image Request Remote DoS
2013-05-12 93263 Simple Transfer Multiple Field Manipulation Arbitrary Command Execution
2013-05-12 93261 File Lite Multiple File Extension Upload Arbitrary Code Execution
2013-05-12 93262 File Lite File Name XSS
2013-05-09 93237 Barracuda CudaTel Communication Server Invalid Integer Value Loading Error Messaage Multiple Parameter XSS
2013-05-09 93236 Barracuda CudaTel Communication Server List Module showname Parameter XSS
2013-03-02 90823 USB Disk and File Transfer for iPhone / iPad File Upload Multiple Parameter Local File Inclusion
2013-02-24 90901 AirDrive for iOS File Upload filename Parameter Traversal Arbitrary File Access
2013-02-24 90900 AirDrive for iOS filename Parameter Multiple File Extension Upload Arbitrary Code Execution
2013-02-22 90650 Kayako Fusion /admin/Base/Staff/Insert Unspecified XSS
2013-02-22 90651 Kayako Fusion /admin/Base/StaffGroup/Insert Unspecified XSS
2013-02-22 90652 Kayako Fusion /admin/Base/Staff/Edit Unspecified XSS
2013-02-22 90653 Kayako Fusion /admin/Base/CustomFieldGroup/Manage CustomFieldGroup Parameter XSS
2013-02-22 90654 Kayako Fusion /admin/LiveChat/Group/Manage Visitor Group Title Field XSS
2013-02-22 90655 Kayako Fusion /admin/Tickets/Escalation/Insert Unspecified Tag Parameters XSS
2013-02-22 90656 Kayako Fusion /admin/Base/CustomFieldGroup/Manage Unspecified Tag Parameters XSS
2013-02-20 90897 Remote File Manager for iOS File Upload filename Parameter Traversal Arbitrary File Access
2013-02-20 90896 Remote File Manager for iOS File Upload filename Parameter XSS
2013-02-19 91408 MyFi Wireless Disk for iPhone / iPad File Deletion CSRF
2013-02-19 91407 MyFi Wireless Disk for iPhone / iPad Upload File Functionality filename Parameter Local File Inclusion
2013-02-19 91406 MyFi Wireless Disk for iPhone / iPad Index Module Device Name Handling Local Command Execution
2013-02-18 90629 IPMap for iPhone / iPad Multiple File Upload Arbitrary Code Execution
2013-02-16 90332 USB Sharp for iPhone filename Parameter Encoded Traversal Arbitrary File Access
2013-02-16 90331 USB Sharp for iPhone Index Foldername Field XSS
2013-02-14 90328 Air Transfer for iPhone Upload Traversal Arbitrary File Access
2013-02-13 90188 SonicWALL Scrutinizer fa_web.cgi Multiple Parameter SQL Injection
2013-02-11 90214 SonicWALL Scrutinizer Alarm New Board & Policy Manager BBSearchText Parameter XSS
2013-02-11 90213 SonicWALL Scrutinizer Dashboard - Flow Expert Mytab Parameter XSS
2013-02-11 90218 SonicWALL Scrutinizer MyView (CGI) newName Parameter XSS
2013-02-11 90217 SonicWALL Scrutinizer Admin New Users & New Group Multiple Parameter XSS
2013-02-11 90216 SonicWALL Scrutinizer Admin Mapping / Maps (CGI) Dashboard Status Multiple Parameter XSS
2013-02-11 90215 SonicWALL Scrutinizer Advanced Filters Multiple Parameter XSS
2013-02-09 90211 Transferable for iPhone/iPad Exception Handling Multiple Parameter XSS
2013-02-09 90212 Transferable for iPhone/iPad downloadCollection Multiple Parameter XSS
2013-02-09 90210 Transferable for iPhone/iPad /downloadPhoto/assets-library:/ Local File Inclusion
2013-02-09 90209 Transferable for iPhone/iPad devcname Handling Command Execution
2013-02-08 90208 Air Disk Application for iPhone/iPad Crafted Request Parsing Arbitrary File Access
2013-02-08 90207 Air Disk Application for iPhone/iPad Device Name Field Remote Command Execution
2013-02-06 89922 WirelessFiles for iPad/iPhone Multiple File Extension Upload Arbitrary Script Code Execution
2013-01-23 89745 2013-1471 Fortinet FortiMail IBE Appliance Application /admin/FEAdmin.html Multiple Parameter XSS
2013-01-23 89746 2013-1471 Fortinet FortiMail IBE Appliance Application /admin/FEAdmin.html SSL Certificate Multiple Field XSS
2013-01-22 91251 TagScanner "Rename Folder By TAG" Handling Stack Overflow
2012-12-28 88830 SonicWALL Email Security System Command Exception Handling Field XSS
2012-12-18 88520 SonicWALL SonicOS appFirewallObjects.html inputxml Parameter XSS
2012-12-01 88087 Fortinet FortiWeb /waf/pcre_expression/validate Multiple Parameter XSS
2012-11-29 88082 Fortinet FortiDB Java Number Format Exception Handling Module conversationContext Parameter XSS
2012-11-20 87816 LAN.FS Client Hostname Processing Remote Command Execution
2012-11-19 87640 SonicWALL Continuous Data Protection (CDP) 5040 System > Settings [Server] Module label delAppl - Servername Parameter XSS
2012-11-19 87639 SonicWALL Continuous Data Protection (CDP) 5040 Network > Settings [Name] Module label delAppl - Name Parameter XSS
2012-11-19 87638 SonicWALL Continuous Data Protection (CDP) 5040 BMR > Accounts [Username] Module label delAppl - Username Parameter XSS
2012-11-19 87805 Akeni LAN (LE) Messenger Contact List Add Group Multiple Parameter XSS
2012-11-13 87288 Zoner Photo Studio STRG+UMS+M Module ZIP File archivname Field Handling Local Overflow
2012-10-11 86159 Omnistar Document Manager index.php area Parameter Traversal Local File Inclusion
2012-10-11 86161 Omnistar Document Manager index.php Multiple Parameter SQL Injection
2012-10-11 86160 Omnistar Document Manager index.php Multiple Parameter XSS
2012-10-11 86831 VOlk-Botnet Messenger.php pag Parameter SQL Injection
2012-10-11 86830 VOlk-Botnet Filezilla.php pag Parameter SQL Injection
2012-10-11 86836 VOlk-Botnet Estadisticas.php pais Parameter SQL Injection
2012-10-11 86835 VOlk-Botnet MSN Stealer Bot Name Field XSS
2012-10-11 86834 VOlk-Botnet Visit Webpage Open URL Bots: Field XSS
2012-10-11 86833 VOlk-Botnet Download File Download URL Field XSS
2012-10-11 86832 VOlk-Botnet Settings Multiple Field XSS
2012-10-11 93802 LAN Messenger Username as seen by Contacts Field XSS
2012-10-09 87007 Endpoint Protector List Available Snapshots Multiple Field XSS
2012-10-09 87006 Endpoint Protector Edit Department Multiple Field XSS
2012-10-09 87005 Endpoint Protector Active Directory Import active_directory[domaincontroller] Parameter XSS
2012-10-09 87003 Endpoint Protector Users, Groups, Computers & Devices Multiple Field XSS
2012-09-14 86200 ASTPP VoIP Billing Trunks - Add Trunks - Trunks Listing (Management) Multiple Parameter XSS
2012-09-14 86201 ASTPP VoIP Billing Taxes - Tax Information - Tax - Edit Mask Listing Multiple Parameter XSS
2012-09-14 86202 ASTPP VoIP Billing Account Management - Account Listing - Actions Multiple Parameter XSS
2012-09-14 86203 ASTPP VoIP Billing DIDs - Add New Your Own DIDs - Edit Mask Listing Multiple Parameter XSS
2012-09-14 86204 NeoBill CMS neobill/manager/manager_content.php Multiple Parameter XSS
2012-09-07 85657 Fortinet FortiOS (FortiGate) displaymessage title Parameter XSS
2012-09-07 85656 Fortinet FortiOS (FortiGate) objusagedlg mkey Parameter XSS
2012-09-06 86082 Fortinet FortiOS (FortiGate) UTM WAF Appliance /firewall/policy/policy6 Multiple Field XSS
2012-09-05 85244 eFront User Profile Multiple Field Stored XSS
2012-09-05 85243 eFront Messages Functionality Folder Name XSS
2012-08-23 97690 NextGEN Gallery Plugin for WordPress gallerypath Parameter Stored XSS
2012-08-22 97689 Google Analytics Plugin for Wordpress Multiple Admin Setting Fields Stored XSS
2012-08-14 86081 SonicWALL Anti-Spam & Email Security Compliance - Add New Approval Folder Page Unspecified XSS
2012-08-14 85721 SonicWALL Anti-Spam & Email Security alert_history.html Multiple Parameter XSS
2012-08-14 85720 SonicWALL Anti-Spam & Email Security policy_approval_box.html pathname Parameter XSS
2012-08-14 86080 SonicWALL Anti-Spam & Email Security Ausgehend (Outgoing) - Listing & Exceptions Page Multiple Field XSS
2012-08-11 84701 Flynax General Classified listings/search-results.html Multiple Parameter XSS
2012-08-02 85541 Barracuda Web Filter Authentication Functionality Multiple Field XSS
2012-07-17 84022 AVAVoIP fx_rates_upload.php File Upload Arbitrary PHP Code Execution
2012-07-17 84017 AVAVoIP routeset_set.php Multiple Parameter XSS
2012-07-17 84018 AVAVoIP agent_set.php agent_business_phone Parameter XSS
2012-07-17 84019 AVAVoIP batchadd.php batch_name Parameter XSS
2012-07-17 84020 AVAVoIP carrier_list.php carrier_id Parameter XSS
2012-07-17 84021 AVAVoIP taxadd.php tariff Parameter XSS
2012-07-17 84023 AVAVoIP tariff_add.php Multiple Parameter XSS
2012-07-17 84024 AVAVoIP agent_accounts_report.php agent_id Parameter XSS
2012-07-17 84025 AVAVoIP accountadd.php Multiple Parameter XSS
2012-07-16 84909 VamCart /module_coupons/admin/admin_index/ Coupon Code XSS
2012-07-16 85259 2012-4739 Barracuda SSL VPN launchAgent.do return-To Parameter XSS
2012-07-16 84908 VamCart /users/admin/ Account Title XSS
2012-07-16 84907 VamCart /orders/admin/ Add Orders XSS
2012-07-16 85266 2012-4739 Barracuda SSL VPN fileSystem.do Multiple Parameter XSS
2012-07-16 84041 2012-4739 Barracuda SSL VPN showUserResourceCategories.do Multiple Parameter XSS
2012-07-12 83827 ReserveLogic admin/editenquiries.php id Parameter SQL Injection
2012-07-12 83828 ReserveLogic admin/addclientlocations.php id Parameter SQL Injection
2012-07-12 83829 ReserveLogic admin/addcustomers.php id Parameter SQL Injection
2012-07-12 83830 ReserveLogic admin/addpackages.php id Parameter SQL Injection
2012-07-12 83831 ReserveLogic admin/addaccomtypeavailability.php id Parameter SQL Injection
2012-07-12 83833 ReserveLogic admin/addspecialoffer.php id Parameter SQL Injection
2012-07-12 83834 ReserveLogic admin/addlocationphotos.php Local Arbitrary File Upload
2012-07-12 83725 Phonalisa index.php Multiple Parameter XSS
2012-07-12 83840 ReserveLogic admin/addcustomers.php Multiple Field XSS
2012-07-12 83841 ReserveLogic locationdetails.php did Parameter XSS
2012-07-12 83836 ReserveLogic admin/users_report.php orderby Parameter SQL Injection
2012-07-12 83832 ReserveLogic admin/booking_report.php Multiple Parameter SQL Injection
2012-07-12 83837 ReserveLogic admin/addpackages.php Multiple Parameter XSS
2012-07-12 83835 ReserveLogic admin/add_news.php Multiple Field XSS
2012-07-12 83838 ReserveLogic admin/add_banner.php Multiple Field XSS
2012-07-12 83839 ReserveLogic admin/addaccomtypeavailability.php Multiple Field XSS
2012-07-12 83842 ReserveLogic admin/bookings.php page Parameter XSS
2012-07-12 83844 ReserveLogic admin/editfeedback.php id Parameter XSS
2012-07-11 85161 iAuto Mobile Frontend /iAuto/m/comment/add/ commentSid Parameter XSS
2012-07-11 85160 iAuto Mobile Frontend /iAuto/m/users/search/ City[equal] Parameter XSS
2012-07-11 85159 iAuto Mobile Frontend /iAuto/m/browse-by-make-model/ URI XSS
2012-07-05 83772 Freeside SelfService CGI / API selfserv/selfservice.cgi Multiple Parameter XSS
2012-07-05 83773 Freeside SelfService CGI / API selfserv/selfservice.cgi Multiple Parameter SQL Injection
2012-07-05 83777 Freeside SelfService CGI / API Account Creation Multiple Field XSS
2012-06-27 86251 KeePass HTML Backup Export Category Item Profile Name Field Local XSS
2012-06-14 83020 eSyndiCat Admin Addition CSRF
2012-06-14 83175 Interspire Shopping Cart admin/index.php Multiple Parameter XSS
2012-06-14 83024 eSyndiCat articles/admin/controller.php Multiple Field XSS
2012-06-14 83019 eSyndiCat articles/new-listings.html Description Field XSS
2012-06-14 83022 Dolphin m/photos/browse/album/ dbTitle Parameter XSS
2012-06-14 83021 Dolphin User Registration bx_map_curr_loc Parameter XSS
2012-06-14 83023 eSyndiCat admin/controller.php Multiple Parameter SQL Injection
2012-06-04 83621 Squirrelcart PHP Shopping Cart /squirrelcart/index.php data[Locations][1][Hours_Day_1] Parameter XSS
2012-06-04 83620 Squirrelcart PHP Shopping Cart /squirrelcart/index.php add_new_item Parameter Malformed Input Path Disclosure
2012-06-04 83622 Squirrelcart PHP Shopping Cart Document Editing Functionality Error Message XSS
2012-05-14 83052 Swoopo Gold contact.php Multiple Parameter XSS
2012-05-14 83002 Swoopo Gold itechd.php productid Parameter SQL Injection
2012-05-14 83001 Swoopo Gold reviewitechds.php productid Parameter XSS
2012-05-14 83003 Swoopo Gold ex_date.php id Parameter SQL Injection
2012-05-14 83053 Swoopo Gold tellafriend.php Unspecified Parameter XSS
2012-05-14 83000 Swoopo Gold all_live.php Multiple Parameter XSS
2012-05-04 90254 Format Factory File Handling Multiple Overflows
2012-05-03 81685 2012-4260 myCare2x modules/importer/mycare2x_importer.php Multiple Parameter SQL Injection
2012-05-03 84720 2012-4260 myCare2x modules/drg/mycare2x_proc_search.php Multiple Parameter SQL Injection
2012-05-03 81686 2012-4260 myCare2x modules/patient/mycare_pid.php Multiple Parameter SQL Injection
2012-05-03 81684 2012-4260
2012-4261
myCare2x modules/patient/mycare2x_pat_info.php Multiple Parameter SQL Injection
2012-05-03 81687 2012-4262 myCare2x modules/patient/mycare_pid.php Multiple Parameter XSS
2012-05-03 81688 2012-4262 myCare2x modules/nursing/mycare_ward_print.php Multiple Parameter XSS
2012-05-03 81689 2012-4262 myCare2x modules/patient/mycare2x_pat_info.php Multiple Parameter XSS
2012-05-03 81690 2012-4262 myCare2x modules/drg/mycare2x_proc_search.php ln Parameter XSS
2012-05-02 81703 Genium galerie.php5 itemID Parameter XSS
2012-04-30 81658 2012-3840 MyClientBase index.php/users/profile Multiple Parameter XSS
2012-04-30 81659 2012-3839 MyClientBase index.php/invoice_search invoice_number Parameter SQL Injection
2012-04-23 81324 2012-5919 Havalite CMS hava_user.php userId Parameter XSS
2012-04-23 81325 2012-5919 Havalite CMS hava_link.php linkId Parameter XSS
2012-04-23 81323 Havalite CMS User List Profile Name Field XSS
2012-04-23 86728 TreasonSMS / WiFiSMS Kontakte Module XSS
2012-04-23 86726 TreasonSMS / WiFiSMS List Messages Module XSS
2012-04-23 87743 2012-5919 Havalite CMS Edit Article Module username Parameter XSS
2012-04-23 87742 2012-5919 Havalite CMS hava_post.php Multiple Parameter XSS
2012-04-23 86727 TreasonSMS / WiFiSMS Send Messages Module XSS
2012-04-23 87741 2012-5919 Havalite CMS havalite/findReplace.php Multiple Field XSS
2012-04-23 87740 2012-5919 Havalite CMS havalite/hava_login.php username Parameter XSS
2012-04-15 81177 Cyberoam UTM WWWHELP file Parameter Local File Inclusion
2012-04-11 82106 DHTMLX Suite Input Servername & Username Page Unspecified XSS
2012-04-08 80982 AnvSoft Any Video Converter profiles_v2.xml xml-field String Length Parsing Local Overflow
2012-04-08 80983 AnvSoft Any Video Converter OutputFolder Registry Key Value Parsing Local Overflow
2012-04-04 82194 Astaro Security Gateway Site to Site VPN Page Certificate Field XSS
2012-04-03 82104 Astaro Command Center Networks Definition Configuration Page XSS
2012-04-03 82195 Astaro Security Gateway Extra RBL Zones Page XSS
2012-04-03 82201 Astaro Security Gateway Add New Network Listing Page XSS
2012-04-03 82187 Astaro Security Gateway User Listing Page Multiple Field XSS
2012-04-03 82191 Astaro Command Center Summary Page XSS
2012-04-03 82192 Astaro Command Center VPN Details Configuration Page XSS
2012-04-03 82193 Astaro Command Center Organizational Units Management Page XSS
2012-04-03 82190 Astaro Command Center Deploy Function Page XSS
2012-03-29 82101 Barracudas Cloud Control Center view_help.cgi title Parameter XSS
2012-03-29 82103 Skype Multiple Chat Field Malformed Data Handling Remote DoS
2012-03-29 82152 Barracudas Cloud Control Center User Management Access Name/Mail Listing XSS
2012-03-08 80836 Barracuda CudaTel Communication Server Automated Attendants Multiple Function XSS
2012-03-07 80285 Barracuda Web Application Firewall (WAF) 660 sessions_by_user filter Parameter XSS
2012-03-02 79736 Endian UTM Software Appliance / Firewall Community cgi-bin/proxyconfig.cgi Multiple Parameter XSS
2012-03-02 79767 2012-4992 FlashFXP ListIndex TListBox Handling Remote Overflow
2012-03-01 79771 Endian UTM Software Appliance / Firewall Community Password Manipulation CSRF
2012-03-01 79724 2012-1114 LDAP Account Manager Pro lam/templates/lists/list.php filteruid Parameter XSS
2012-03-01 79725 2012-1114
2012-1115
LDAP Account Manager Pro lam/templates/3rdParty/pla/htdocs/cmd.php Multiple Parameter XSS
2012-02-17 84896 Skype on Windows Malformed File Transfer Remote Memory Corruption DoS
2012-02-11 84560 eFront communityplusplus/www/administrator.php edit_course Parameter SQL Injection
2012-02-10 79011 2012-1225 Dolibarr ERP/CRM adherents/fiche.php rowid Parameter SQL Injection
2012-02-07 79138 2012-1226 Dolibarr ERP/CRM document.php file Parameter Traversal Local File Inclusion
2012-02-07 79139 2012-1226 Dolibarr ERP/CRM action/fiche.php backtopage Parameter Traversal Local File Inclusion
2012-02-07 79326 2012-1047 Cyberoam Central Console (CCC) js/html/wwhelp.htm Online_help Action File Parameter Traversal Local File Inclusion
2012-02-07 79327 2012-1048 eFront Community++ communityplusplus/www/administrator.php Multiple Parameter XSS
2012-01-28 78722 2012-1062 ManageEngine Applications Manager showresource.do Multiple Parameter XSS
2012-01-27 79325 2012-1063 ManageEngine Applications Manager showHistoryData.do period Parameter SQL Injection
2012-01-27 78721 2012-1062 ManageEngine Applications Manager jsp/PopUp_Graph.jsp attName Parameter XSS
2012-01-27 79322 2012-1062 ManageEngine Applications Manager showHistoryData.do period Parameter XSS
2012-01-27 79323 2012-1062 ManageEngine Applications Manager AlarmView.do header Parameter XSS
2012-01-27 79324 2012-1063 ManageEngine Applications Manager fault/AlarmView.do viewId Parameter SQL Injection
2012-01-23 78478 SpamTitan Session QID+RID Module Unspecified SQL Injection
2012-01-20 78551 Syneto UTM Script Insertion CSRF
2012-01-19 78884 2012-5316 Barracuda Spam & Virus Firewall Trace Route Device Troubleshooting Field XSS
2012-01-19 78885 2012-5316 Barracuda Spam & Virus Firewall LDAP Configuration LDAP Username Field XSS
2012-01-14 78688 WebTitan Setup Time Module Unspecified XSS
2012-01-14 78689 WebTitan Categories Add/Edit Module Unspecified XSS
2012-01-14 78690 WebTitan Add URL Module Unspecified XSS
2012-01-14 78467 WebTitan NTP Server (Display) Module Unspecified XSS
2012-01-14 78687 WebTitan Extensions / Execute Files Module Unspecified XSS
2012-01-12 78692 Barracuda SSL VPN 480 SSL Tunnels & My Favorites Module Unspecified XSS
2012-01-12 78468 Barracuda SSL VPN 480 Create Personal Network Place Module Unspecified XSS
2012-01-12 78691 Barracuda SSL VPN 480 Network Places 6 Create Network Places Module Unspecified XSS
2012-01-08 78236 SonicWALL Anti-Spam & EMail Security Appliance Application mgmtuser_delegate.html selectedUser Parameter XSS
2012-01-08 78237 SonicWALL Anti-Spam & EMail Security Appliance Application reports_mta_queue_status.html hostname Parameter XSS
2012-01-08 78238 SonicWALL Anti-Spam & EMail Security Appliance Application msg_viewer_user_mail.html direction Parameter XSS
2012-01-07 78146 AtMail Webmail Client index.php/mail/calendar/caldavglue Title Parameter XSS
2012-01-07 78240 AtMail Server index.php/admin/users/create Multiple Parameter XSS
2012-01-07 78241 AtMail Server index.php/admin/users/update Multiple Parameter XSS
2012-01-07 78239 AtMail Server Log Search Multiple Parameter XSS
2012-01-02 78776 2012-0941 Fortinet FortiOS (FortiGate) endpointcompliance/app_detect/predefined_sig_list fields_sorted_opt Parameter XSS
2012-01-02 78777 2012-0941 Fortinet FortiOS (FortiGate) user/auth/list fields_sorted_opt Parameter XSS
2011-09-27 76035 ServersCheck Monitoring checks2def.html Multiple Parameter XSS
2011-09-27 76036 ServersCheck Monitoring viewalerts.html fromdate Parameter XSS
2011-09-27 76037 ServersCheck Monitoring downtime.html Multiple Parameter XSS
2011-09-27 76038 ServersCheck Monitoring timeline/timeline.html xml Parameter XSS
2011-09-27 76039 ServersCheck Monitoring devicegraphs.html device Parameter XSS
2011-09-27 76040 ServersCheck Monitoring viewgraphs.html label Parameter XSS
2011-09-27 76041 ServersCheck Monitoring timeline_generate.html xml Parameter XSS
2011-09-27 76042 ServersCheck Monitoring devicescan1.html linenumber Parameter XSS
2011-09-27 76043 ServersCheck Monitoring reporting2.html ItemList Parameter XSS
2011-09-27 76044 ServersCheck Monitoring bandwidthreporting2.html reportname Parameter XSS
2011-09-27 76045 ServersCheck Monitoring devicedetails.html device Parameter XSS
2011-09-27 76046 ServersCheck Monitoring smstest1.html gsm Parameter XSS
2011-09-27 76047 ServersCheck Monitoring teamsedit.html teamname Parameter XSS
2011-09-27 76048 ServersCheck Monitoring usersedit.html username Parameter XSS
2011-09-27 76049 ServersCheck Monitoring windowsaccountsedit.html Multiple Parameter XSS
2011-09-27 76050 ServersCheck Monitoring msnsettings.html account Parameter XSS
2011-09-27 76051 ServersCheck Monitoring enterprisesettings2.html Multiple Parameter XSS
2011-09-27 76052 ServersCheck Monitoring checks3other.html namevisible Parameter XSS
2011-09-27 76053 ServersCheck Monitoring smssettings.html body Parameter XSS
2011-09-27 76054 ServersCheck Monitoring addwizard3.html required_filename Parameter XSS
2011-09-27 76055 ServersCheck Monitoring bulkedit.html filterby Parameter XSS

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2014 Open Sourced Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use