Advisories

This are the public security advisories that I already found:

2016

• OLX Stored XSS
• Microsoft Office 365 Reflected File Download
• Flash XSS on typewrite_header.swf
• Adobe Reflected XSS

2015

• Google Finance Reflected File Download
• Bing Reflected File Download
• Wikiloc XXE vulnerability
• MailChimp Reflected File Download
• Multiple vulns on mTouch Quiz WordPress plugin
• Workable Reflected File Download
• DepositFiles ZeroClipboard.swf XSS
• Bytes That Rock voting manipulation
• Edmodo XSS and HTML Injection
• SendGrid Reflected File Download
• Events Made Easy WordPress Plugin CSRF + Persistent XSS
• Komento Joomla! component Persistent XSS
• Shopify opened to a RFD attack
• Acunetix got RFDed!
• OWASP ZAP XXE vulnerability
• Linkedin Reflected Filename Download
• DOM XSS in all Condé Nast sites network
• Google Reflected Filename Download
• ArubaNetworks Avatar Image XSPA
• Desk.com Reflected Filename Download
• Open Redirect and Reflected XSS on 123ContactForm
• DOM XSS on Nexmo Blog NXWP
• DOM XSS on Nexmo Blog
• Full Path Disclosure on Nexmo
• How I hacked a HP printer
• Reflected Filename Download on Google
• GitHub Username and Email Enumeration and RFD
• Instagram Reflected Filename Download
• Kaspersky Social Sharing WordPress Plugin RFD
• Trello Username Enumeration Vulnerability
• Facebook RFD: The final chapter
• Facebook RFD and Open File Upload
• Trello Reflected Filename Download
• Open Redirect in Yahoo Store

2014 to 2012

• phpList CSRF on subscription page (CVE-2014-2916)
• My ad on your OLX favourites – CSRF style
• 3 Open Redirect on Google
• How it was possible to run a XSS worm on RunKeeper
• How a salesman could hack Prestashop (CVE-2013-6295)
• Tumblr got DOM XSSed
• Gizmodo, Lifehacker, Gawker – reflected DOM XSS
• Mashable DOM XSS
• ESET and Symantec victims of vulnerable JW Player
• Vulnerable JW Player on two Yahoo sites
• Dowjones.com DOM XSS
• Prestashop persistent XSS and CSRF vulnerability (CVE-2013-4791 – CVE-2013-4792)
• Issuu DOM XSS
• Microsoft Pinpoint vulnerable to DOM XSS
• Jobs.cz XSS vulnerability
• IDG Now! vulnerable to reflected XSS
• phpMyAdmin XSS
• XSS on FCKeditor
• Alexa reflected DOM XSS
• McAfee DOM XSS
• DOM XSS vulnerabilities on Booking.com
• eBay XSS vulnerability
• Disable Blogger.com toolbar
• Kaspersky DOM XSS
• AVG vulnerable to DOM XSS
• Panda Security vulnerable to DOM XSS
• Google Orkut HTML limitations bypass
• PrestaShop <= 1.5.1 Persistent XSS
• Hootsuite labels XSS

2012 to 2003

• IXXO Cart Products “parent” SQL Injection Vulnerability (CVE-2009-3215)
• Zoki Catalog “search_text” SQL Injection Vulnerability (CVE-2009-2097)
• EasyRealtorPRO Multiple SQL Injection Vulnerabilities (CVE-2008-4328)
• phpAdultSite CMS SQL Injection And Cross-Site Scripting (CVE-2008-6979)
• SamTodo “tid” and “completed” Cross-Site Scripting Vulnerabilities (CVE-2008-2563)
• ACG News Multiple SQL Injection Vulnerabilities (CVE-2007-4603)
• Arcadem “loadpage” File Inclusion Vulnerability (CVE-2007-4551)
• LineShout Two Script Insertion Vulnerabilities (CVE-2007-6486)
• MidiCart ASP Item_Show.ASP Code_No Parameter SQL Injection Vulnerability (CVE-2005-2601)
• Mall23 eCommerce “idOption_Dropdown_2” SQL Injection Vulnerability (CVE-2005-3043)
• Comdev eCommerce Cross-Site Scripting Vulnerabilities
• MPM Guestbook Pro “header” File Inclusion Vulnerability
• SunShop Shopping Cart Cross-Site Scripting Vulnerability
• VoteBox “VoteBoxPath” File Inclusion Vulnerability
• MX Shop Index.PHP Multiple SQL Injection Vulnerabilities (CVE-2005-3004)
• e107 “Login Name/Author” Script Insertion Vulnerability (CVE-2004-2261)
•  iG FREE Shopping Cart “type_id” Parameter Input Validation Error
• Online Store Kit SQL Injection and Cross Site Scripting Vulnerability (CVE-2004-0301)
• phpWebSite SQL Injection Vulnerabilities (CVE-2004-2322)
• JShop Server Cross Site Scripting Vulnerability (CVE-2004-2084)
• Mambo “Itemid” Parameter Cross-Site Scripting Vulnerability (CVE-2004-2072)
• Private Message System Cross-Site Scripting Vulnerability
• My Little Forum Cross-Site Scripting Vulnerabilities