Author: Claudio Viviani

Country:

Reported research: 31

Advisories

Risk	Topic & Details
High	IPFire Bash Environment Variable Injection (Shellshock) (CVE assigned) Remote \| 2016-06-10
Med.	WordPress Video Gallery 2.8 Unprotected Mail Page *youtube Remote \| 2015-05-23
Med.	Wordpress Ajax Store Locator <= 1.2 SQL Injection Vulnerability Remote \| 2015-04-17
Med.	WordPress Duplicator 0.5.14 Cross Site Request Forgery / SQL Injection Remote \| 2015-04-11
High	WordPress Work The Flow 2.5.2 Shell Upload Remote \| 2015-04-07
Low	WordPress Marketplace 2.4.0 Add Administrator Remote \| 2015-03-26
Med.	WordPress Video Gallery 2.7 SQL Injection Remote \| 2015-02-12
High	Wordpress Wp Symposium 14.11 Unauthenticated Shell Upload Exploit Remote \| 2014-12-15
High	WordPress Ajax Store Locator 1.2 Arbitrary File Download Remote \| 2014-12-09
Med.	WordPress wpDataTables 1.5.3 SQL Injection Remote \| 2014-11-25
High	WordPress wpDataTables 1.5.3 Shell Upload Remote \| 2014-11-25
Low	Joomla HD FLV 2.1.0.1 Arbitrary File Download Remote \| 2014-11-17
Med.	Joomla HD FLV 2.1.0.1 SQL Injection Remote \| 2014-11-14
Med.	WordPress CP Multi View Event Calendar 1.01 SQL Injection (CVE assigned) Remote \| 2014-10-24
Low	Samsung.com Open Redirect Remote \| 2014-10-14
Low	Blackberry.com Open Redirect Remote \| 2014-10-14
High	Joomla Mac Gallery <= 1.5 Arbitrary File Download Remote \| 2014-09-23
Low	Netgear Download Center Cross Site Scripting / Open Redirect Remote \| 2014-09-19
Med.	Joomla Spider Form Maker 4.3 SQL Injection Remote \| 2014-09-13
Med.	Joomla Spider Calendar <= 3.2.6 SQL Injection Exploit Remote \| 2014-09-08
Med.	WordPress Huge IT Image Gallery 1.0.0 SQL Injection Remote \| 2014-09-03
High	NRPE 2.15 Remote Command Execution (CVE assigned) Remote \| 2014-08-29
Med.	Joomla Spider 2.8.3 SQL Injection Remote \| 2014-08-27
Med.	WordPress GB Gallery Slideshow 1.5 SQL Injection *youtube Remote \| 2014-08-12
High	WordPress Gmedia Gallery 1.2.1 Shell Upload Remote \| 2014-08-03
High	WordPress Slider Revolution Responsive 4.1.4 File Download Remote \| 2014-07-29
Med.	WordPress Video Gallery 2.5 Cross Site Scripting / SQL Injection Remote \| 2014-07-25
Med.	WordPress Gallery Objects 0.4 SQL Injection (CVE assigned) Remote \| 2014-07-22
High	WordPress Tidio Gallery 1.1 Shell Upload / XSS Remote \| 2014-07-15
High	WordPress Download Manager 2.6.8 Shell Upload Remote \| 2014-07-12

Author: Claudio Viviani

Reported research: 31

Advisories

High

IPFire Bash Environment Variable Injection (Shellshock) (CVE assigned)

Remote | 2016-06-10

Med.

Remote | 2015-05-23

Med.

Remote | 2015-04-17

Med.

Remote | 2015-04-11

High

Remote | 2015-04-07

Low

Remote | 2015-03-26

Med.

Remote | 2015-02-12

High

Remote | 2014-12-15

High

Remote | 2014-12-09

Med.

Remote | 2014-11-25

High

Remote | 2014-11-25

Low

Remote | 2014-11-17

Med.

Remote | 2014-11-14

Med.

WordPress CP Multi View Event Calendar 1.01 SQL Injection (CVE assigned)

Remote | 2014-10-24

Low

Remote | 2014-10-14

Low

Remote | 2014-10-14

High

Remote | 2014-09-23

Low

Remote | 2014-09-19

Med.

Remote | 2014-09-13

Med.

Remote | 2014-09-08

Med.

Remote | 2014-09-03

High

NRPE 2.15 Remote Command Execution (CVE assigned)

Remote | 2014-08-29

Med.

Remote | 2014-08-27

Med.

Remote | 2014-08-12

High

Remote | 2014-08-03

High

Remote | 2014-07-29

Med.

Remote | 2014-07-25

Med.

WordPress Gallery Objects 0.4 SQL Injection (CVE assigned)

Remote | 2014-07-22

High

Remote | 2014-07-15

High

Remote | 2014-07-12

Do you know.. we can display your:

- Twitter Link - Website Link - Zone-H Link - Description of profile - email (let us know if you want show public)

Let's us know! submit@cxsec.org

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)