Author: Aria-Security Team

Country:

Reported research: 45

Advisories

Risk	Topic & Details
Low	Horde Webmail XSS (CVE assigned) Remote \| 2008-04-27
Med.	Real Estate Web SQL Injection (CVE assigned) Remote \| 2008-02-14
Med.	Pre Hotel and Resorts reservation portal login bypass (CVE assigned) Remote \| 2008-02-13
Med.	ASPired2Protect bypass (CVE assigned) Remote \| 2008-01-31
Low	cPanel Hosting Manager (dohtaccess.html) (CVE assigned) Remote \| 2008-01-22
Med.	Instant Softwares DatingSite SQL Injection (CVE assigned) Remote \| 2008-01-08
Med.	Irola My-Time v3.5 SQL Injection (CVE assigned) Remote \| 2007-12-04
Med.	VU Mailer (Mass Mail) \"Password\" SQL Injection (CVE assigned) Remote \| 2007-11-27
Med.	VU Case Manager \"Username/Password\" SQL Injection (CVE assigned) Remote \| 2007-11-27
Med.	JiRo\'s Upload Manager SQL Injection (CVE assigned) Remote \| 2007-11-23
Med.	CodeWidgets.Com Online Event Registration Multiple login SQL Injection (CVE assigned) Remote \| 2007-10-30
Low	SearchSimon Lite Cross-Site Scripting Vuln. (CVE assigned) Remote \| 2007-10-23
Med.	Gallery In A Box Username & Password Parameters SQL Injection (CVE assigned) Remote \| 2007-08-08
Med.	Next Gen Portfolio Manager SQL Injection (CVE assigned) Remote \| 2007-08-08
High	Pluck 4.3 themes.php Remote File Inclusion and disclosure (CVE assigned) Remote \| 2007-08-08
Med.	Pay Roll - Time Sheet and Punch Card Application With Web Interface SQL Injection (CVE assigned) Remote \| 2007-08-01
Med.	Real Estate listing website application template SQL Injection (CVE assigned) Remote \| 2007-08-01
Med.	WebEvents: Online Event Registration Template Username Fields SQL INJECTION (CVE assigned) Remote \| 2007-08-01
Med.	WebStore - Online Store Application Template SQL INJECTION (CVE assigned) Remote \| 2007-08-01
Med.	E-commerceScripts ALL Apps (Auction Script, Shopping Cart Script and Multi-Vendor E-Shop Script) admin.aspx SQL (CVE assigned) Remote \| 2007-08-01
Med.	Message Board / Threaded Discussion Forum SQL INJECTION (CVE assigned) Remote \| 2007-08-01
Med.	Dependet Forums (Username Field) Remote SQL Injection (CVE assigned) Remote \| 2007-08-01
Low	cPanel 10.9.1 XSS (CVE assigned) Remote \| 2007-07-28
Med.	Image Racer SearchResults.asp SQL INJECTION vuln. (CVE assigned) Remote \| 2007-07-26
Med.	Engine Manager SQL Injection (CVE assigned) Remote \| 2007-03-08
Low	XMB \"U2U Instant Messenger\" Cross-Site Scripting (CVE assigned) Remote \| 2007-01-28
Low	SMF \"index.php?action=pm\" Cross Site-Scripting (CVE assigned) Remote \| 2007-01-23
Med.	Xtreme ASP Photo Gallery Cross Site Scripting And SQL Injection (CVE assigned) Remote \| 2007-01-17
Med.	Image gallery with Access Database SQL Injection (CVE assigned) Remote \| 2007-01-17
Med.	Intranet Open Source Remote Password Disclosure \"intranet.mdb\" (CVE assigned) Remote \| 2007-01-09

Author: Aria-Security Team

Country:

Reported research: 45

Advisories

Low

Horde Webmail XSS (CVE assigned)

Remote | 2008-04-27

Med.

Real Estate Web SQL Injection (CVE assigned)

Remote | 2008-02-14

Med.

Pre Hotel and Resorts reservation portal login bypass (CVE assigned)

Remote | 2008-02-13

Med.

ASPired2Protect bypass (CVE assigned)

Remote | 2008-01-31

Low

cPanel Hosting Manager (dohtaccess.html) (CVE assigned)

Remote | 2008-01-22

Med.

Instant Softwares DatingSite SQL Injection (CVE assigned)

Remote | 2008-01-08

Med.

Irola My-Time v3.5 SQL Injection (CVE assigned)

Remote | 2007-12-04

Med.

VU Mailer (Mass Mail) \"Password\" SQL Injection (CVE assigned)

Remote | 2007-11-27

Med.

VU Case Manager \"Username/Password\" SQL Injection (CVE assigned)

Remote | 2007-11-27

Med.

JiRo\'s Upload Manager SQL Injection (CVE assigned)

Remote | 2007-11-23

Med.

CodeWidgets.Com Online Event Registration Multiple login SQL Injection (CVE assigned)

Remote | 2007-10-30

Low

SearchSimon Lite Cross-Site Scripting Vuln. (CVE assigned)

Remote | 2007-10-23

Med.

Gallery In A Box Username & Password Parameters SQL Injection (CVE assigned)

Remote | 2007-08-08

Med.

Next Gen Portfolio Manager SQL Injection (CVE assigned)

Remote | 2007-08-08

High

Pluck 4.3 themes.php Remote File Inclusion and disclosure (CVE assigned)

Remote | 2007-08-08

Med.

Pay Roll - Time Sheet and Punch Card Application With Web Interface SQL Injection (CVE assigned)

Remote | 2007-08-01

Med.

Real Estate listing website application template SQL Injection (CVE assigned)

Remote | 2007-08-01

Med.

WebEvents: Online Event Registration Template Username Fields SQL INJECTION (CVE assigned)

Remote | 2007-08-01

Med.

WebStore - Online Store Application Template SQL INJECTION (CVE assigned)

Remote | 2007-08-01

Med.

E-commerceScripts ALL Apps (Auction Script, Shopping Cart Script and Multi-Vendor E-Shop Script) admin.aspx SQL (CVE assigned)

Remote | 2007-08-01

Med.

Message Board / Threaded Discussion Forum SQL INJECTION (CVE assigned)

Remote | 2007-08-01

Med.

Dependet Forums (Username Field) Remote SQL Injection (CVE assigned)

Remote | 2007-08-01

Low

cPanel 10.9.1 XSS (CVE assigned)

Remote | 2007-07-28

Med.

Image Racer SearchResults.asp SQL INJECTION vuln. (CVE assigned)

Remote | 2007-07-26

Med.

Engine Manager SQL Injection (CVE assigned)

Remote | 2007-03-08

Low

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)