Author: Dolev Farhi

Country:

Reported research: 34

Advisories

Risk	Topic & Details
Med.	Hasura GraphQL 2.2.0 Information Disclosure Remote \| 2022-03-07
Med.	Apache Superset 1.1.0 Time-Based Account Enumeration Remote \| 2021-07-10
Low	Apache Superset 1.1.0 Account Enumeration Remote \| 2021-06-30
Med.	WordPress Plugin WPGraphQL 1.3.5 Denial of Service Remote \| 2021-04-28
Med.	Hasura GraphQL 1.3.3 Local File Read Local \| 2021-04-27
Med.	WordPress WPGraphQL 1.3.5 Denial Of Service Remote \| 2021-04-27
High	Hasura GraphQL 1.3.3 Arbitrary File Read Remote \| 2021-04-22
Med.	Hasura GraphQL 1.3.3 Denial Of Service Remote \| 2021-04-21
High	Hasura GraphQL 1.3.3 Server-Side Request Forgery Remote \| 2021-04-21
Low	dnsrecon 0.10.0 CSV Injection Remote \| 2021-01-08
Low	dirsearch 0.4.1 CSV Injection Remote \| 2021-01-07
Low	Knockpy 4.1.1 CSV Injection Remote \| 2021-01-04
High	M/Monit 3.7.4 Password Disclosure Remote \| 2020-11-22
Med.	M/Monit 3.7.4 Privilege Escalation Local \| 2020-11-22
Med.	RabbitMQ Web Management Cross Site Request Forgery Remote \| 2018-06-18
Low	userSpice 4.3.24 X-Forwarded-For Cross Site Scripting Remote \| 2018-06-12
Low	userSpice 4.3 Cross-Site Scripting Remote \| 2018-02-15
Low	ntop-ng 2.5.160805 Username Enumeration Remote \| 2016-12-20
Low	Observium 0.16.7533 Cross Site Request Forgery Remote \| 2016-04-30
Med.	Observium 0.16.7533 Code Execution / Cross Site Request Forgery Remote \| 2016-04-30
High	ntop-ng 2.0.15102 Privilege Escalation (CVE assigned) Remote \| 2015-12-02
High	ZOC SSH Client 7.03.0 Buffer Overflow Local \| 2015-05-21
Low	M/Monit 3.2.2 Cross Site Request Forgery (CVE assigned) Remote \| 2014-09-20
Low	LogAnalyzer 3.6.5 Cross Site Scripting (CVE assigned) Remote \| 2014-09-03
High	Netgear DGN2200 Password Disclosure Remote \| 2014-07-27
Low	SpiceWorks IT Ticketing System Cross Site Scripting (CVE assigned) Remote \| 2014-06-10
Low	userCake <=2.0.2 Cross-Site Request Forgery vulnerability (CVE assigned) Remote \| 2014-05-26
High	Cobbler 2.6.0 Arbitrary File Read (CVE assigned) Remote \| 2014-05-15
Low	Fog Imaging System 0.32 Cross Site Scripting (CVE assigned) Remote \| 2014-05-15
Low	SpiceWorks Ticketing system Multiple Stored XSS vulnerabilities Remote \| 2014-05-13

Author: Dolev Farhi

Reported research: 34

Advisories

Med.

Remote | 2022-03-07

Med.

Remote | 2021-07-10

Low

Remote | 2021-06-30

Med.

Remote | 2021-04-28

Med.

Local | 2021-04-27

Med.

Remote | 2021-04-27

High

Remote | 2021-04-22

Med.

Remote | 2021-04-21

High

Remote | 2021-04-21

Low

Remote | 2021-01-08

Low

Remote | 2021-01-07

Low

Remote | 2021-01-04

High

Remote | 2020-11-22

Med.

Local | 2020-11-22

Med.

Remote | 2018-06-18

Low

Remote | 2018-06-12

Low

Remote | 2018-02-15

Low

Remote | 2016-12-20

Low

Remote | 2016-04-30

Med.

Remote | 2016-04-30

High

ntop-ng 2.0.15102 Privilege Escalation (CVE assigned)

Remote | 2015-12-02

High

Local | 2015-05-21

Low

M/Monit 3.2.2 Cross Site Request Forgery (CVE assigned)

Remote | 2014-09-20

Low

LogAnalyzer 3.6.5 Cross Site Scripting (CVE assigned)

Remote | 2014-09-03

High

Remote | 2014-07-27

Low

SpiceWorks IT Ticketing System Cross Site Scripting (CVE assigned)

Remote | 2014-06-10

Low

userCake <=2.0.2 Cross-Site Request Forgery vulnerability (CVE assigned)

Remote | 2014-05-26

High

Cobbler 2.6.0 Arbitrary File Read (CVE assigned)

Remote | 2014-05-15

Low

Fog Imaging System 0.32 Cross Site Scripting (CVE assigned)

Remote | 2014-05-15

Low

Remote | 2014-05-13

Do you know.. we can display your:

- Twitter Link - Website Link - Zone-H Link - Description of profile - email (let us know if you want show public)

Let's us know! submit@cxsec.org

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)