OSVDB: Open Sourced Vulnerability Database

Creditee: Daniel Barragan (D4NB4R)

Known Contact Information:

None at this time

Known Affiliations:

None at this time

Disclosed Vulnerabilities (14):

Disc. Date	OSVDB ID	Title
2012-12-11	88349	Jooproperty Component for Joomla! product_id Parameter XSS
2012-12-11	88348	Jooproperty Component for Joomla! product_id Parameter SQL Injection
2012-10-31	86851	Spider Catalog Plugin for WordPress Comment Body XSS
2012-10-31	86846	Spider Catalog Component for Joomla! index.php product_id Parameter SQL Injection
2012-10-19	86789	Tags Component for Joomla! index.php tag Parameter SQL Injection
2012-10-18	86485	Commedia Component for Joomla! index.php id Parameter SQL Injection
2012-10-17	86499	Freestyle Support Portal Component for Joomla! index.php prodid Parameter SQL Injection
2012-10-03	85897	Spider Calendar Plugin for WordPress front_end/spidercalendarbig.php date Parameter XSS
2012-10-03	85898	Spider Calendar Plugin for WordPress front_end/spidercalendarbig_seemore.php calendar_id Parameter SQL Injection
2012-08-30	85077	Spider Calendar Lite Component for Joomla! index.php date Parameter SQL Injection
2012-08-07	84490	En Masse Component for Joomla! index.php sortby Parameter SQL Injection
2012-08-02	84445	Joomgalaxy Component for Joomla! Add Post Image Attachment Arbitrary File Upload
2012-08-02	84446	Joomgalaxy Component for Joomla! index.php catid Parameter SQL Injection
2012-08-01	84439	Movm Component for Joomla! index.php id Parameter SQL Injection

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.