Author: Ali Seddigh

Country: ir

Reported research: 40

Advisories

Risk	Topic & Details
Low	WhatsUpGold 21.0.3 - Stored Cross-Site Scripting (XSS) Remote \| 2021-10-02
Med.	Vehicle Service Management System 1.0 - Remote Code Execution (RCE) Remote Local \| 2021-10-02
Med.	Phpwcms 1.9.30 - File Upload to XSS Remote \| 2021-10-02
Med.	Rconfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (RCE Authenticated) Remote \| 2021-08-18
Med.	GetSimple CMS My SMTP Contact Plugin 1.1.2 - CSRF to Stored XSS to RCE Remote \| 2021-08-07
Med.	OpenEMR 5.0.2.1 - Remote Code Execution (RCE) Remote \| 2021-07-17
Med.	Savsoft Quiz 5 - Persistent Cross-Site Scripting (XSS) Remote Local \| 2021-07-05
Med.	Client Management System 1.1 - 'Search' SQL Injection Remote \| 2021-06-27
Low	Client Management System 1.1 - 'username' Stored Cross-Site Scripting (XSS) Remote \| 2021-06-17
Low	Accela Civic Platform 21.1 - 'servProvCode' Cross-Site-Scripting (XSS) Remote \| 2021-06-14
High	ZeroShell 3.9.0 \| Remote Command Execution Remote \| 2021-05-30
Low	BlackCat CMS 1.3.6 Stored Cross Site Scripting (XSS) Remote Local \| 2021-05-26
Low	Adtran Personal Phone Manager 10.8.1 - DNS Exfiltration Remote \| 2021-05-26
Low	Adtran Personal Phone Manager 10.8.1 - DNS Exfiltration Remote \| 2021-05-26
Low	Markdownify 1.2.0 \| XSS to RCE Remote \| 2021-05-25
Low	Chevereto 3.17.1 - Stored Cross Site Scripting (XSS) Remote \| 2021-05-23
Med.	Dental Clinic Appointment Reservation System 1.0 \| SQL Injection (Authenticated) Remote \| 2021-05-19
Low	Freeter 1.2.1 \| XSS to RCE Remote \| 2021-05-18
Low	Human Resource Information System 0.1 \| Persistent Cross-Site Scripting (Authenticated) Remote Local \| 2021-05-17
Low	RemoteClinic 2.0 \| 'Multiple' Cross-Site Scripting (XSS) Remote \| 2021-05-05
Low	CMS Made Simple 2.2.15 - 'title' Cross-Site Scripting (XSS) Remote \| 2021-05-03
Med.	Simple Student Information System 1.0 \| SQL Injection Remote \| 2021-05-02
Low	WordPress Plugin RSS for Yandex Turbo 1.29 - Stored Cross-Site Scripting (XSS) Remote Local \| 2021-04-28
Low	WordPress Plugin RSS for Yandex Turbo 1.29 - Stored Cross-Site Scripting (XSS) Remote \| 2021-04-27
Med.	Fast PHP Chat 1.3 \| SQL injection Remote \| 2021-04-25
Med.	OpenEMR 4.1.0 - SQL Injection Remote Local \| 2021-04-23
Med.	Multilaser Router RE018 AC1200 - Cross-Site Request Forgery (Enable Remote Access) Remote \| 2021-04-21
Med.	Online Ordering System 1.0 - Arbitrary File Upload to Remote Code Execution Remote \| 2021-04-20
Low	Web Based Quiz System 1.0 \| Stored Cross-Site Scripting (XSS) Remote \| 2021-04-18
Med.	Blitar Tourism 1.0 - Authentication Bypass SQLi Remote \| 2021-04-18

Author: Ali Seddigh

Country: ir

Reported research: 40

Advisories

Low

Remote | 2021-10-02

Med.

Remote Local | 2021-10-02

Med.

Remote | 2021-10-02

Med.

Remote | 2021-08-18

Med.

Remote | 2021-08-07

Med.

Remote | 2021-07-17

Med.

Remote Local | 2021-07-05

Med.

Remote | 2021-06-27

Low

Remote | 2021-06-17

Low

Remote | 2021-06-14

High

Remote | 2021-05-30

Low

Remote Local | 2021-05-26

Low

Remote | 2021-05-26

Low

Remote | 2021-05-26

Low

Remote | 2021-05-25

Low

Remote | 2021-05-23

Med.

Remote | 2021-05-19

Low

Remote | 2021-05-18

Low

Remote Local | 2021-05-17

Low

Remote | 2021-05-05

Low

Remote | 2021-05-03

Med.

Remote | 2021-05-02

Low

Remote Local | 2021-04-28

Low

Remote | 2021-04-27

Med.

Remote | 2021-04-25

Med.

Remote Local | 2021-04-23

Med.

Remote | 2021-04-21

Med.

Remote | 2021-04-20

Low

Remote | 2021-04-18

Med.

Remote | 2021-04-18

Do you know.. we can display your:

- Twitter Link - Website Link - Zone-H Link - Description of profile - email (let us know if you want show public)

Let's us know! submit@cxsec.org

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)