Creditee: Shai rod (@NightRang3r)

Known Contact Information:

  • None at this time

Known Affiliations:

  • None at this time

Disclosed Vulnerabilities (36):

Disc. DateOSVDB IDCVEIDTitle
2012-10-24 87790 2012-5606 ownCloud apps/files_versions/js/versions.js filename XSS
2012-10-24 87789 2012-5606 ownCloud apps/files/js/filelist.js filename XSS
2012-10-24 87788 2012-5606 ownCloud 3rdparty/fullcalendar/js/fullcalendar.js Event Title XSS
2012-08-27 85944 Wiki Web Help Node Option Addition New Page Name Field XSS
2012-08-27 85938 Wiki Web Help Page Body XSS
2012-08-27 85943 Wiki Web Help Edit Tags Tags Field XSS
2012-08-27 85947 XWiki User Profile Multiple Field XSS
2012-08-24 84932 BusinessWiki index.php Multiple Profile Field XSS
2012-08-23 84951 LetoDMS out/out.FolderNotify.php showtree Parameter XSS
2012-08-23 84950 LetoDMS out/out.FolderAccess.php showtree Parameter XSS
2012-08-23 84949 LetoDMS out/out.EditFolder.php showtree Parameter XSS
2012-08-23 84948 LetoDMS Account Details Update Name Field XSS
2012-08-23 84947 LetoDMS Calendar Event Creation Multiple Field XSS
2012-08-23 84946 LetoDMS User Password Manipulation CSRF
2012-08-23 84945 LetoDMS out/out.Login.php referuri Parameter XSS
2012-08-23 84944 LetoDMS out/out.ViewDocument.php showtree Parameter XSS
2012-08-22 84858 OpenDocMan Admin Password Manipulation CSRF
2012-08-21 85594 XODA Filters (one per line): Field XSS
2012-08-21 85593 XODA File Description XSS
2012-08-21 85117 XODA File Upload Page Arbitrary File Upload
2012-08-20 84834 Hupa Email Subject / Body XSS
2012-08-20 84833 Hivemail HTML Email Message XSS
2012-08-20 85589 Uebimiau Webmail readmsg.php Email Subject XSS
2012-08-20 85590 Uebimiau Webmail Address Book Name Field XSS
2012-08-18 84840 GWebmail Email Subject Field XSS
2012-08-18 84844 GWebmail gwebmail/setup Multiple Field XSS
2012-08-18 84845 GWebmail Account Page Name Field XSS
2012-08-18 84842 GWebmail gwebmail/?mail# URI XSS
2012-08-18 84846 GWebmail gwebmail/?mail#Inbox.Search/ URI XSS
2012-08-18 84843 GWebmail webmail/ module Parameter Traversal Arbitrary File Access
2012-08-18 85506 IlohaMail Webmail E-mail Body XSS
2012-08-18 85507 IlohaMail Webmail Bookmark Functionality Multiple Field XSS
2012-08-17 85469 T-dah WebMail addressbook.php Multiple Field XSS
2012-08-17 85468 T-dah WebMail Calendar Event Message Field XSS
2012-08-17 84806 Hastymail2 Tread View Email Message Subject Field XSS
2012-08-15 84741 2012-3508 Roundcube Webmail program/lib/washtml.php Email Body href HTML Attribute XSS

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2014 Open Sourced Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use