Author: Stack

Country:

Reported research: 29

Advisories

Risk	Topic & Details
High	OtsAv DJ [.olf] Local Heap Overflow Poc (CVE assigned) Local \| 2009-10-28
Med.	Xerver HTTP Server 4.32 XSS / Directory Traversal Vulnerabilities (1331) (CVE assigned) Remote \| 2009-10-06
High	Butterfly Organizer 2.0.0 Arbitrary Delete (Category/Account) Exploit (CVE assigned) Remote \| 2009-09-08
Med.	Telephone Directory 2008 Arbitrary Delete Contact Exploit (CVE assigned) Remote \| 2009-09-08
High	WeBid 0.5.4 (item.php id) Remote SQL Injection Vulnerability (CVE assigned) Remote \| 2009-08-28
High	RPG.Board <= 0.0.8Beta2 Insecure Cookie Handling Vulnerability (CVE assigned) Remote \| 2009-08-24
High	Free PHP VX Guestbook 1.06 Insecure Cookie Handling Vulnerability (CVE assigned) Remote \| 2009-08-24
High	Libra PHP File Manager <= 1.18 Insecure Cookie Handling Vulnerability (CVE assigned) Remote \| 2009-08-23
High	Joomla Component com_pinboard (task) SQL Injection Exploit (CVE assigned) Remote \| 2009-07-28
High	AudioPLUS 2.00.215 (.pls) Local Buffer Overflow Exploit (SEH) (CVE assigned) Local \| 2009-07-11
High	ARD-9808 DVR Card Security Camera (GET Request) Remote DoS Exploit (CVE assigned) Remote \| 2009-07-08
High	Soritong MP3 Player 1.0 Local Buffer Overflow Exploit (SEH) (CVE assigned) Local \| 2009-05-18
Med.	CoolPlayer Portable 2.19.1 (Skin) Buffer Overflow Exploit (CVE assigned) Local \| 2009-05-02
High	MyShoutPro 1.2 Final Insecure Cookie Handling Vulnerability (CVE assigned) Remote \| 2009-04-23
High	Easy RM to MP3 Converter Universal Stack Overflow Exploit (CVE assigned) Local \| 2009-04-20
High	Diesel Job Site (job_id) Blind SQL Injection Vulnerability (CVE assigned) Remote \| 2009-03-15
Med.	6rbScript 3.3 (section.php name) Local File Inclusion Vulnerability (CVE assigned) Remote \| 2009-03-15
High	WSN Links Free 4.0.34P (comments.php) Blind SQL Injection Exploit (CVE assigned) Remote \| 2009-02-05
High	SG Real Estate Portal 2.0 Insecure Cookie Handling Vulnerability (CVE assigned) Remote \| 2009-02-02
High	PHP iCalendar <= 2.24 Insecure Cookie Handling Vulnerability (CVE assigned) Remote \| 2009-01-06
High	Atomic Photo Album 1.1.0pre4 Insecure Cookie Handling Vulnerability (CVE assigned) Remote \| 2008-10-26
High	BbZL.PhP 0.92 Insecure Cookie Handling Vulnerability (CVE assigned) Remote \| 2008-10-26
High	Vastal I-Tech Freelance Zone (coder_id) SQL Injection Vulnerability (CVE assigned) Remote \| 2008-10-09
High	Vastal I-Tech Jobs Zone (news_id) SQL Injection Vulnerability (CVE assigned) Remote \| 2008-10-09
High	Ppim <= 1.0 (upload/change password) Multiple Vulnerabilities (CVE assigned) Remote \| 2008-10-06
High	Availscript Classmate Script (viewprofile.php) SQL Injection Vulnerability (CVE assigned) Remote \| 2008-10-02
High	Rianxosencabos CMS 0.9 Insecure Cookie Handling Vulnerability (CVE assigned) Remote \| 2008-09-27
Med.	Easy Photo Gallery 2.1 Arbitrary Add Admin / remove user Vulnerability (CVE assigned) Remote \| 2008-09-23
High	PHP Hosting Directory 2.0 Insecure Cookie Handling Vulnerability (CVE assigned) Remote \| 2008-08-06

Author: Stack

Country:

Reported research: 29

Advisories

High

OtsAv DJ [.olf] Local Heap Overflow Poc (CVE assigned)

Local | 2009-10-28

Med.

Xerver HTTP Server 4.32 XSS / Directory Traversal Vulnerabilities (1331) (CVE assigned)

Remote | 2009-10-06

High

Butterfly Organizer 2.0.0 Arbitrary Delete (Category/Account) Exploit (CVE assigned)

Remote | 2009-09-08

Med.

Telephone Directory 2008 Arbitrary Delete Contact Exploit (CVE assigned)

Remote | 2009-09-08

High

WeBid 0.5.4 (item.php id) Remote SQL Injection Vulnerability (CVE assigned)

Remote | 2009-08-28

High

RPG.Board <= 0.0.8Beta2 Insecure Cookie Handling Vulnerability (CVE assigned)

Remote | 2009-08-24

High

Free PHP VX Guestbook 1.06 Insecure Cookie Handling Vulnerability (CVE assigned)

Remote | 2009-08-24

High

Libra PHP File Manager <= 1.18 Insecure Cookie Handling Vulnerability (CVE assigned)

Remote | 2009-08-23

High

Joomla Component com_pinboard (task) SQL Injection Exploit (CVE assigned)

Remote | 2009-07-28

High

AudioPLUS 2.00.215 (.pls) Local Buffer Overflow Exploit (SEH) (CVE assigned)

Local | 2009-07-11

High

ARD-9808 DVR Card Security Camera (GET Request) Remote DoS Exploit (CVE assigned)

Remote | 2009-07-08

High

Soritong MP3 Player 1.0 Local Buffer Overflow Exploit (SEH) (CVE assigned)

Local | 2009-05-18

Med.

CoolPlayer Portable 2.19.1 (Skin) Buffer Overflow Exploit (CVE assigned)

Local | 2009-05-02

High

MyShoutPro 1.2 Final Insecure Cookie Handling Vulnerability (CVE assigned)

Remote | 2009-04-23

High

Easy RM to MP3 Converter Universal Stack Overflow Exploit (CVE assigned)

Local | 2009-04-20

High

Diesel Job Site (job_id) Blind SQL Injection Vulnerability (CVE assigned)

Remote | 2009-03-15

Med.

6rbScript 3.3 (section.php name) Local File Inclusion Vulnerability (CVE assigned)

Remote | 2009-03-15

High

WSN Links Free 4.0.34P (comments.php) Blind SQL Injection Exploit (CVE assigned)

Remote | 2009-02-05

High

SG Real Estate Portal 2.0 Insecure Cookie Handling Vulnerability (CVE assigned)

Remote | 2009-02-02

High

PHP iCalendar <= 2.24 Insecure Cookie Handling Vulnerability (CVE assigned)

Remote | 2009-01-06

High

Atomic Photo Album 1.1.0pre4 Insecure Cookie Handling Vulnerability (CVE assigned)

Remote | 2008-10-26

High

BbZL.PhP 0.92 Insecure Cookie Handling Vulnerability (CVE assigned)

Remote | 2008-10-26

High

Vastal I-Tech Freelance Zone (coder_id) SQL Injection Vulnerability (CVE assigned)

Remote | 2008-10-09

High

Vastal I-Tech Jobs Zone (news_id) SQL Injection Vulnerability (CVE assigned)

Remote | 2008-10-09

High

Ppim <= 1.0 (upload/change password) Multiple Vulnerabilities (CVE assigned)

Remote | 2008-10-06

High

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)