Advisories
Advisories/Vulnerability Information
Advisories
-= Cross-site Scripting =-
SSCHADV2012-001 - BoltWire 3.4.16 Multiple XSS vulnerabilities
SSCHADV2012-002 - ATutor 2.0.3 Multiple XSS vulnerabilities
SSCHADV2012-003 - WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability
SSCHADV2012-004 - ContentLion Alpha 1.3 XSS vulnerability
SSCHADV2012-006 - WikyBlog 1.7.3RC2 XSS vulnerability
SSCHADV2012-008 - CMSimple_XH 1.5.2 Cross-site Scripting vulnerability
SSCHADV2012-010 - WordPress plugin 'WordPress Integrator 1.32' XSS vulnerability
SSCHADV2012-012 - Baby Gekko v1.2.0 Multiple XSS vulnerabilities
SSCHADV2012-014 - Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities
SSCHADV2012-015 - WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities
SSCHADV2012-016 - WordPress Plugin 'Quick Post Widget' 1.9.1 Multiple Cross-site scripting vulnerabilities
SSCHADV2012-018 - SaltOS 3.1 Cross-Site Scripting vulnerability
SSCHADV2012-020 - PHPExcel 1.7.7 Cross-Site Scripting vulnerability
SSCHADV2012-021 - Zen cart v1.5.0 & v1.51 Cross-Site Scripting vulnerability
SSCHADV2012-022 - Piwigo 2.4.3 Cross-Site Scripting vulnerability
SSCHADV2012-023 - Hero Framework 3.76 Multiple Cross-site Scripting vulnerabilities
SSCHADV2012-024 - www.elitepartner.de - Cross-site Scripting vulnerability
SSCHADV2012-027 - www.datingcafe.de - Cross-site Scripting vulnerability
SSCHADV2012-002 - ATutor 2.0.3 Multiple XSS vulnerabilities
SSCHADV2012-003 - WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability
SSCHADV2012-004 - ContentLion Alpha 1.3 XSS vulnerability
SSCHADV2012-006 - WikyBlog 1.7.3RC2 XSS vulnerability
SSCHADV2012-008 - CMSimple_XH 1.5.2 Cross-site Scripting vulnerability
SSCHADV2012-010 - WordPress plugin 'WordPress Integrator 1.32' XSS vulnerability
SSCHADV2012-012 - Baby Gekko v1.2.0 Multiple XSS vulnerabilities
SSCHADV2012-014 - Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities
SSCHADV2012-015 - WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities
SSCHADV2012-016 - WordPress Plugin 'Quick Post Widget' 1.9.1 Multiple Cross-site scripting vulnerabilities
SSCHADV2012-018 - SaltOS 3.1 Cross-Site Scripting vulnerability
SSCHADV2012-020 - PHPExcel 1.7.7 Cross-Site Scripting vulnerability
SSCHADV2012-021 - Zen cart v1.5.0 & v1.51 Cross-Site Scripting vulnerability
SSCHADV2012-022 - Piwigo 2.4.3 Cross-Site Scripting vulnerability
SSCHADV2012-023 - Hero Framework 3.76 Multiple Cross-site Scripting vulnerabilities
SSCHADV2012-024 - www.elitepartner.de - Cross-site Scripting vulnerability
SSCHADV2012-027 - www.datingcafe.de - Cross-site Scripting vulnerability
INFOSERVE-ADV2011-01 - Tiki Wiki CMS Groupware Multiple XSS vulnerabilities
INFOSERVE-ADV2011-03 - Multiple Cross-Site-Scripting vulnerabilities in Dolibarr 3.1.0
INFOSERVE-ADV2011-04 - Multiple Cross-Site-Scripting vulnerabilities in x3cms
INFOSERVE-ADV2011-07 - Tiki Wiki CMS Groupware Stored Cross-Site-Scripting
INFOSERVE-ADV2011-11 - VertrigoServ 2.25 Cross-Site-Scripting vulnerability
INFOSERVE-ADV2011-12 - SQLiteManager 1.2.4 Multiple Cross-Site-Scripting vulnerabilities
-= SQL Injection =-
INFOSERVE-ADV2011-06 - Seotoaster SQL-Injection Admin Login Bypass
INFOSERVE-ADV2011-08 - PHP Inventory 1.3.1 Remote (Auth Bypass) SQL Injection Vulnerability
-= Full Path Disclosure =-
-= Local File Inclusion =-
-= Buffer Overflow =-
-= Multiple vulnerabilities =-
INFOSERVE-ADV2011-02 - Multiple security vulnerabilities in AShop
SSCHADV2012-005 - Wikidforum 2.10 Multiple security vulnerabilities
SSCHADV2012-007 - PHP Address Book 6.2.12 Multiple security vulnerabilities
SSCHADV2012-007 - PHP Address Book 6.2.12 Multiple security vulnerabilities
SSCHADV2012-009 - Star Wars Old Republic - SWTOR Char DB 1.8b Multiple security vulnerabilities
SSCHADV2012-013 - PHP Address Book 7.0.0 Multiple security vulnerabilities
SSCHADV2012-017 - MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities
SSCHADV2012-019 - Admidio 2.3.5 Multiple security vulnerabilities
SSCHADV2012-099 - t-online.de eMail Center - Cross-Site Request Forgery & Cross-site Scripting vulnerability
SSCHADV2012-013 - PHP Address Book 7.0.0 Multiple security vulnerabilities
SSCHADV2012-017 - MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities
SSCHADV2012-019 - Admidio 2.3.5 Multiple security vulnerabilities
SSCHADV2012-099 - t-online.de eMail Center - Cross-Site Request Forgery & Cross-site Scripting vulnerability
KORAMIS-ADV2012-001 - Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability
KORAMIS-ADV2012-002 - Alienvault OSSIM Open Source SIEM 3.1 Multiple security vulnerabilities
KORAMIS-ADV2012-002 - Alienvault OSSIM Open Source SIEM 3.1 Multiple security vulnerabilities
-= Directory Traversal =-
INFOSERVE-ADV2011-09 - zFTPServer Suite 6.0.0.52 'rmdir' Directory Traversal
-= DoS =-
Vulnerabilities found by me
in 2011
in 2012
in 2013
Vulnerability References