Advisories

In this page there is the complete public archive of software security vulnerabilities found by me.

B2 Portfolio 1.0.0 Multiple SQL Injection
24-01-2011 Adv
allCineVid 1.0.0 Blind SQL Injection
18-01-2011 Adv
People 1.0.0 SQL Injection
14-01-2011 Adv
JE Messenger 1.0 Arbitrary File Upload Vulnerability
09-12-2010 Adv
JE Auto 1.0 SQL Injection Vulnerability
09-12-2010 Adv
eBlog 1.7 Multiple SQL Injection Vulnerabilities
10-11-2010 Adv
JQuarks4s Joomla Component 1.0.0 Blind SQL Injection Vulnerability
08-11-2010 Adv
Zen Cart 1.3.9h Local File Inclusion Vulnerability
03-11-2010 Adv
MyCart 2.0 Multiple Remote Vulnerabilities
27-10-2010 Adv
AlstraSoft E-Friends 4.96 Multiple Remote Vulnerabilities
27-10-2010 Adv
Squirrelcart PRO 3.0.0 Blind SQL Injection Vulnerability
21-10-2010 Adv
phpCheckZ 1.1.0 Blind SQL Injection Vulnerability
19-10-2010 Adv
JS Calendar Joomla Component 1.5.1 Multiple Remote Vulnerabilities
09-10-2010 Adv
JE Guestbook Joomla Component 1.0 Multiple Remote Vulnerabilities
30-09-2010 Adv
TimeTrack Joomla Component 1.2.4 Multiple SQL Injection Vulnerabilities
22-09-2010 Adv
Biblioteca 1.0 Beta Multiple SQL Injection Vulnerabilities
21-08-2010 Adv
Jgrid 1.0 Local File Inclusion Vulnerability
14-08-2010 Adv
Teams 1_1028_100809_1711 Multiple Blind SQL Injection Vulnerabilities
10-08-2010 Adv
Amblog Joomla Component 1.0 Multiple SQL Injection Vulnerabilities
10-08-2010 Adv
cgTestimonial Joomla Component 2.2 Multiple Remote Vulnerabilities
06-08-2010 Adv PoC
Spielothek Joomla Component 1.6.9 Multiple Blind SQL Injection Vulnerabilities
31-07-2010 Adv
PBBooking Joomla Component 1.0.4_3 Multiple Blind SQL Injection Vulnerabilities
29-07-2010 Adv
PhotoMap Gallery Joomla Component 1.6.0 Multiple Blind SQL Injection Vulnerabilities
28-07-2010 Adv
Appointinator Joomla Component 1.0.1 Multiple Remote Vulnerabilities
27-07-2010 Adv
TTVideo Joomla Component 1.0 SQL Injection Vulnerability
27-07-2010 Adv
WhiteBoard 0.1.30 Multiple Blind SQL Injection Vulnerabilities
24-07-2010 Adv
RedShop Joomla Component 1.0.23.1 Blind SQL Injection Vulnerability
14-07-2010 Adv
ArtForms Joomla Component 2.1b7.2-RC2 Multiple Remote Vulnerabilities
07-07-2010 Adv
Sandbox 2.0.3 Multiple Remote Vulnerabilities
07-07-2010 Adv
Canteen Joomla Component 1.0 Multiple Remote Vulnerabilities
04-07-2010 Adv
iScripts MultiCart 2.2 Multiple SQL Injection Vulnerabilities
03-07-2010 Adv
iScripts SocialWare 2.2.x Multiple Remote Vulnerabilities
03-07-2010 Adv
iScripts SocialWare 2.2.x Arbitrary File Upload Vulnerability
02-07-2010 Adv PoC
iScripts CyberMatch 1.0 Blind SQL Injection Vulnerability
02-07-2010 Adv
iScripts ReserveLogic 1.0 SQL Injection Vulnerability
01-07-2010 Adv
iScripts EasySnaps 2.0 Multiple SQL Injection Vulnerabilities
01-07-2010 Adv
My Databook 2.5.0 Multiple Remote Vulnerabilities
30-06-2010 Adv
TaskFreak Time Tracking 0.4 Multiple SQL Injection Vulnerabilities
29-06-2010 Adv
ThePhig 3.0.7 Multiple Remote Vulnerabilities
23-06-2010 Adv
Family Connections 2.2.3 Multiple Remote Vulnerabilities
10-05-2010 Adv
LaNewsFactory Multiple Remote Vulnerabilities
19-04-2010 Adv
Ca3DE/Cafu 9.06 Multiple Remote Vulnerabilities
22-03-2010 PoC
Jinais IRC Server 0.1.8 NULL Pointer Vulnerability
21-03-2010 Adv PoC
MX Simulator Server 2010-02-06 Remote Buffer Overflow Vulnerability
19-03-2010 PoC
uhttp Server 0.1.0-alpha Path Traversal Vulnerability
10-03-2010 Adv
VetPlus 2.0.3 Multiple Remote Vulnerabilities
17-12-2009 Adv
Family Connections 2.1.3 Multiple Remote Vulnerabilities
16-12-2009 Adv PoC
WSCreator 1.1 Blind SQL Injection Vulnerability
15-12-2009 Adv
Miniweb 2.0 Full Path Disclosure Vulnerability
12-12-2009 Adv
B2C Booking Centre Systems SQL Injection Vulnerability
11-12-2009 Adv
phpCollegeExchange 0.1.5c Multiple SQL Injection Vulnerabilities
11-12-2009 Adv PoC
Digital Scribe 1.4.1 Multiple SQL Injection Vulnerabilities
11-12-2009 Adv
T-HTB Manager 0.5 Multiple Blind SQL Injection Vulnerabilities
10-09-2009 Adv
Nullam Blog 0.1.2 Multiple Remote Vulnerabilities
10-09-2009 Adv
Blink Blog System Authentication Bypass Vulnerability
03-08-2009 Adv
LightOpenCMS 0.1 pre-alpha SQL Injection Vulnerability
05-06-2009 Adv
Pragyan CMS 2.6.4 Multiple SQL Injection Vulnerabilities
22-04-2009 Adv
Creasito e-commerce content manager 1.3.16 Authentication Bypass Vulnerability
20-04-2009 Adv
Multi-lingual E-Commerce System 0.2 Multiple Remote Vulnerabilities
19-04-2009 Adv
Tiny Blogr 1.0.0 rc4 Authentication Bypass Vulnerability
17-04-2009 Adv
Malleo 1.2.3 Local File Inclusion Vulnerability
17-04-2009 Adv
PHP-agenda 2.2.5 Remote File Overwriting Vulnerability
10-04-2009 Adv
Loggix Project 9.4.5 Blind SQL Injection Vulnerability
10-04-2009 Adv
Dynamic Flash Forum 1.0 Beta Multiple Remote Vulnerabilities
09-04-2009 Adv
AdaptBB 1.0 Beta Multiple Remote Vulnerabilities
09-04-2009 Adv
Bookjoomlas Joomla Component 0.1 SQL Injection Vulnerability
06-04-2009 Adv
Family Connections 1.8.2 Arbitrary File Upload Vulnerability
03-04-2009 Adv PoC
Family Connections 1.8.2 Blind SQL Injection Vulnerability
01-04-2009 Adv PoC
webEdition 6.0.0.4 Multiple Remote Vulnerabilities
31-03-2009 Adv
Community CMS 0.5 Multiple Remote Vulnerabilities
30-03-2009 Adv
Family Connections 1.8.2 Multiple Remote Vulnerabilities
25-03-2009 Adv
phpCommunity 2 2.1.8 Multiple Remote Vulnerabilities
07-03-2009 Adv
Wili-CMS 0.4.0 Multiple Remote Vulnerabilities
06-03-2009 Adv
nForum 1.5 Multiple SQL Injection Vulnerabilities
06-03-2009 Adv
CelerBB 0.0.2 Multiple Remote Vulnerabilities
05-03-2009 Adv
BlindBlog 1.3.1 Multiple Remote Vulnerabilities
03-03-2009 Adv
RitsBlog 0.4.2 Multiple Remote Vulnerabilities
02-03-2009 Adv
EZ-Blog 1 Beta Multiple SQL Injection Vulnerabilities
01-03-2009 Adv
BlogMan 0.45 Multiple Remote Vulnerabilities
01-03-2009 Adv
gigCalendar Joomla Component 1.0 SQL Injection Vulnerability
21-02-2009 Adv
gigCalendar Joomla Component 1.0 SQL Injection Vulnerability
21-02-2009 Adv
Max.Blog 1.0.6 SQL Injection Vulnerability
27-01-2009 Adv
Max.Blog 1.0.6 Offline Authentication Bypass Vulnerability
27-01-2009 Adv
Max.Blog 1.0.6 SQL Injection Vulnerability
20-01-2009 Adv
Discloser 0.0.4-rc2 SQL Injection Vulnerability
21-04-2004 Adv