Home
About
Advisories
Contacts
RSS
Home
About
Advisories
Contacts
RSS
Home
›
Advisories
This are the public security advisories that I already found:
2016
OLX Stored XSS
Microsoft Office 365 Reflected File Download
Flash XSS on typewrite_header.swf
Adobe Reflected XSS
2015
Google Finance Reflected File Download
Bing Reflected File Download
Wikiloc XXE vulnerability
MailChimp Reflected File Download
Multiple vulns on mTouch Quiz WordPress plugin
Workable Reflected File Download
DepositFiles ZeroClipboard.swf XSS
Bytes That Rock voting manipulation
Edmodo XSS and HTML Injection
SendGrid Reflected File Download
Events Made Easy WordPress Plugin CSRF + Persistent XSS
Komento Joomla! component Persistent XSS
Shopify opened to a RFD attack
Acunetix got RFDed!
OWASP ZAP XXE vulnerability
Linkedin Reflected Filename Download
DOM XSS in all Condé Nast sites network
Google Reflected Filename Download
ArubaNetworks Avatar Image XSPA
Desk.com Reflected Filename Download
Open Redirect and Reflected XSS on 123ContactForm
DOM XSS on Nexmo Blog NXWP
DOM XSS on Nexmo Blog
Full Path Disclosure on Nexmo
How I hacked a HP printer
Reflected Filename Download on Google
GitHub Username and Email Enumeration and RFD
Instagram Reflected Filename Download
Kaspersky Social Sharing WordPress Plugin RFD
Trello Username Enumeration Vulnerability
Facebook RFD: The final chapter
Facebook RFD and Open File Upload
Trello Reflected Filename Download
Open Redirect in Yahoo Store
2014 to 2012
phpList CSRF on subscription page
My ad on your OLX favourites – CSRF style
3 Open Redirect on Google
How it was possible to run a XSS worm on RunKeeper
How a salesman could hack Prestashop
Tumblr got DOM XSSed
Gizmodo, Lifehacker, Gawker – reflected DOM XSS
Mashable DOM XSS
ESET and Symantec victims of vulnerable JW Player
Vulnerable JW Player on two Yahoo sites
Dowjones.com DOM XSS
Prestashop persistent XSS and CSRF vulnerability
Issuu DOM XSS
Microsoft Pinpoint vulnerable to DOM XSS
Jobs.cz XSS vulnerability
IDG Now! vulnerable to reflected XSS
phpMyAdmin XSS
XSS on FCKeditor
Alexa reflected DOM XSS
McAfee DOM XSS
DOM XSS vulnerabilities on Booking.com
eBay XSS vulnerability
Disable Blogger.com toolbar
Kaspersky DOM XSS
AVG vulnerable to DOM XSS
Panda Security vulnerable to DOM XSS
Google Orkut HTML limitations bypass
PrestaShop <= 1.5.1 Persistent XSS
Hootsuite labels XSS
2012 to 2003
IXXO Cart Products “parent” SQL Injection Vulnerability
Zoki Catalog “search_text” SQL Injection Vulnerability
EasyRealtorPRO Multiple SQL Injection Vulnerabilities
phpAdultSite CMS SQL Injection And Cross-Site Scripting
SamTodo “tid” and “completed” Cross-Site Scripting Vulnerabilities
ACG News Multiple SQL Injection Vulnerabilities
Arcadem “loadpage” File Inclusion Vulnerability
LineShout Two Script Insertion Vulnerabilities
MidiCart ASP Item_Show.ASP Code_No Parameter SQL Injection Vulnerability
Mall23 eCommerce “idOption_Dropdown_2” SQL Injection Vulnerability
Comdev eCommerce Cross-Site Scripting Vulnerabilities
MPM Guestbook Pro “header” File Inclusion Vulnerability
SunShop Shopping Cart Cross-Site Scripting Vulnerability
VoteBox “VoteBoxPath” File Inclusion Vulnerability
MX Shop Index.PHP Multiple SQL Injection Vulnerabilities
e107 “Login Name/Author” Script Insertion Vulnerability
iG FREE Shopping Cart “type_id” Parameter Input Validation Error
Online Store Kit SQL Injection and Cross Site Scripting Vulnerability
phpWebSite SQL Injection Vulnerabilities
JShop Server Cross Site Scripting Vulnerability
Mambo “Itemid” Parameter Cross-Site Scripting Vulnerability
Private Message System Cross-Site Scripting Vulnerability
My Little Forum Cross-Site Scripting Vulnerabilities
Search
Recent Posts
I printed a 3D box for my bettercap arsenal and I liked it
Our DEF CON 28 day was a blast
DEF CON 28 here I go
A small gesture on this pandemic times
Checkmarx Security Research Team latest work
Recent Comments
David Sopas
on
BLE Driving 101
JIm K
on
BLE Driving 101
David Sopas
on
XSS on a input hidden field
shi
on
XSS on a input hidden field
David Sopas
on
Free online tools to help your #bugbounty
Archives
August 2020
July 2020
June 2020
March 2020
December 2019
August 2019
March 2019
February 2019
December 2018
November 2018
October 2018
August 2018
April 2018
January 2018
December 2017
November 2017
October 2017
September 2017
June 2017
April 2017
January 2017
November 2016
October 2016
August 2016
March 2016
January 2016
December 2015
November 2015
October 2015
September 2015
August 2015
Categories
Advisories
Bug Bounty
Challenge
Donations
Hardware
Inspiration
Interesting Readings
IoT
Life Style
Meetings
My Events
News
Papers
Swag
Tips and Tricks
Tools
Travel
Warning