Author: CWH

Country:

Reported research: 34

Advisories

Risk	Topic & Details
High	OpenForum 0.66 Beta Remote Reset Admin Password Exploit (CVE assigned) Remote \| 2009-08-27
Med.	ASPThai.NET Forum 8.5 Remote Database Disclosure Vulnerability (CVE assigned) Remote \| 2009-07-26
Med.	MindDezign Photo Gallery 2.2 (index.php id) SQL Injection Vulnerability (CVE assigned) Remote \| 2009-05-05
Med.	MindDezign Photo Gallery 2.2 Arbitrary Add Admin Exploit (CVE assigned) Remote \| 2009-05-05
Med.	ThaiQuickCart (sLanguage) Local File Inclusion Vulnerability (CVE assigned) Remote \| 2009-04-23
High	Keller Web Admin CMS 0.94 Pro Local File Inclusion Vulnerability (CVE assigned) Remote \| 2009-04-23
Med.	Anata CMS 1.0b5 (change.php) Arbitrary Add Admin Vulnerability (CVE assigned) Remote \| 2009-04-11
Low	Mini-CWB <= 2.1.1 Remote XSS Vulnerability (CVE assigned) Remote \| 2009-04-10
High	Andy\'s PHP Knowledgebase 0.92.9 Arbitrary File Upload Vulnerability (CVE assigned) Remote \| 2009-03-24
High	CMS MAXSITE Component Guestbook Remote Command Execution Exploit (CVE assigned) Remote \| 2009-03-13
Low	PHPFreeForum <= 1.0 RC2 Remote XSS Vulnerability (CVE assigned) Remote \| 2009-03-13
Low	phpSQLiteCMS Multiple Remote XSS Vulnerability (CVE assigned) Remote \| 2009-03-13
Low	BMForum Remote 5.6 Miltiple XSS Vulnerability (CVE assigned) Remote \| 2009-03-09
Med.	ASPPortal 3.2.5 (ASPPortal.mdb) Database Disclosure Vulnreability (CVE assigned) Remote \| 2009-03-04
High	Multiple Membership Script 2.5 (id) SQL Injection Vulnerability (CVE assigned) Remote \| 2009-03-04
Med.	bcoos 1.0.13 (viewcat.php cid) Remote SQL Injection Exploit (CVE assigned) Remote \| 2009-03-04
High	Butterfly Organizer 2.0.0 (SQL/XSS) Multiple Remote Vulnerabilities (CVE assigned) Remote \| 2009-03-02
Med.	MyBlog: PHP and MySQL Blog/CMS software (SQL/XSS) Vulnerabilities (CVE assigned) Remote \| 2009-02-21
Med.	KTP Computer Customer Database CMS Blind SQL Injection Vulnerability (CVE assigned) Remote \| 2009-01-27
High	Wbstreet v.1.0 (SQL/DD) Multiple Remote Vulnerabilities (CVE assigned) Remote \| 2009-01-26
High	KTP Computer Customer Database CMS Local File Inclusion Vulnerability (CVE assigned) Remote \| 2009-01-26
Med.	Check New 4.52 (findoffice.php search) Remote SQL Injection Exploit (CVE assigned) Remote \| 2008-12-17
Med.	TNT Forum 0.9.4 Local File Inclusion Vulnerabilities (CVE assigned) Remote \| 2008-12-01
Med.	Experts (answer.php) Remote SQL Injection Vulnerability (CVE assigned) Remote \| 2008-12-01
High	OTManager CMS 24a (LFI/XSS) Multiple Remote Vulnerabilities (CVE assigned) Remote \| 2008-11-26
Med.	Rianxosencabos CMS 0.9 Arbitrary Add-Admin Vulnerability (CVE assigned) Remote \| 2008-09-27
High	PolyPager <= 1.0rc2 (SQL/XSS) Multiple Remote Vulnerabilities (CVE assigned) Remote \| 2008-08-09
Med.	MyPHP CMS 0.3.1 (page.php pid) Remote SQL Injection Vulnerability (CVE assigned) Remote \| 2008-08-08
High	Avlc Forum (vlc_forum.php id) Remote SQL Injection Vulnerability (CVE assigned) Remote \| 2008-07-18
High	WebXell Editor 0.1.3 Arbitrary File Upload Vulnerability (CVE assigned) Remote \| 2008-07-16

Author: CWH

Country:

Reported research: 34

Advisories

High

OpenForum 0.66 Beta Remote Reset Admin Password Exploit (CVE assigned)

Remote | 2009-08-27

Med.

ASPThai.NET Forum 8.5 Remote Database Disclosure Vulnerability (CVE assigned)

Remote | 2009-07-26

Med.

MindDezign Photo Gallery 2.2 (index.php id) SQL Injection Vulnerability (CVE assigned)

Remote | 2009-05-05

Med.

MindDezign Photo Gallery 2.2 Arbitrary Add Admin Exploit (CVE assigned)

Remote | 2009-05-05

Med.

ThaiQuickCart (sLanguage) Local File Inclusion Vulnerability (CVE assigned)

Remote | 2009-04-23

High

Keller Web Admin CMS 0.94 Pro Local File Inclusion Vulnerability (CVE assigned)

Remote | 2009-04-23

Med.

Anata CMS 1.0b5 (change.php) Arbitrary Add Admin Vulnerability (CVE assigned)

Remote | 2009-04-11

Low

Mini-CWB <= 2.1.1 Remote XSS Vulnerability (CVE assigned)

Remote | 2009-04-10

High

Andy\'s PHP Knowledgebase 0.92.9 Arbitrary File Upload Vulnerability (CVE assigned)

Remote | 2009-03-24

High

CMS MAXSITE Component Guestbook Remote Command Execution Exploit (CVE assigned)

Remote | 2009-03-13

Low

PHPFreeForum <= 1.0 RC2 Remote XSS Vulnerability (CVE assigned)

Remote | 2009-03-13

Low

phpSQLiteCMS Multiple Remote XSS Vulnerability (CVE assigned)

Remote | 2009-03-13

Low

BMForum Remote 5.6 Miltiple XSS Vulnerability (CVE assigned)

Remote | 2009-03-09

Med.

ASPPortal 3.2.5 (ASPPortal.mdb) Database Disclosure Vulnreability (CVE assigned)

Remote | 2009-03-04

High

Multiple Membership Script 2.5 (id) SQL Injection Vulnerability (CVE assigned)

Remote | 2009-03-04

Med.

bcoos 1.0.13 (viewcat.php cid) Remote SQL Injection Exploit (CVE assigned)

Remote | 2009-03-04

High

Butterfly Organizer 2.0.0 (SQL/XSS) Multiple Remote Vulnerabilities (CVE assigned)

Remote | 2009-03-02

Med.

MyBlog: PHP and MySQL Blog/CMS software (SQL/XSS) Vulnerabilities (CVE assigned)

Remote | 2009-02-21

Med.

KTP Computer Customer Database CMS Blind SQL Injection Vulnerability (CVE assigned)

Remote | 2009-01-27

High

Wbstreet v.1.0 (SQL/DD) Multiple Remote Vulnerabilities (CVE assigned)

Remote | 2009-01-26

High

KTP Computer Customer Database CMS Local File Inclusion Vulnerability (CVE assigned)

Remote | 2009-01-26

Med.

Check New 4.52 (findoffice.php search) Remote SQL Injection Exploit (CVE assigned)

Remote | 2008-12-17

Med.

TNT Forum 0.9.4 Local File Inclusion Vulnerabilities (CVE assigned)

Remote | 2008-12-01

Med.

Experts (answer.php) Remote SQL Injection Vulnerability (CVE assigned)

Remote | 2008-12-01

High

OTManager CMS 24a (LFI/XSS) Multiple Remote Vulnerabilities (CVE assigned)

Remote | 2008-11-26

Med.

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)