Author: John Martinelli

Country:

Reported research: 23

Advisories

Risk	Topic & Details
Low	Google Chrome Password Disclosure Local \| 2019-09-18
Low	RetireJS CORS Issue / Script Execution (CVE assigned) Remote \| 2019-06-12
Med.	dotCMS 5.1.1 Vulnerable Dependencies (CVE assigned) Remote \| 2019-05-11
Med.	Vonage VoIP Telephone Adapter Default Misconfiguration (CVE assigned) Remote Local \| 2007-06-06
Med.	SalesCart Shopping Cart SQL Injection Vulnerability (CVE assigned) Remote \| 2007-06-05
Low	PsychoStats v3.0.6b Multiple Cross-Site Scripting Vulnerabilities (CVE assigned) Remote \| 2007-06-03
Low	ClonusWiki .5 Cross-Site Scripting Vulnerability (CVE assigned) Remote \| 2007-06-03
Low	RM EasyMail Plus - Cross-Site Scripting Vulnerability (CVE assigned) Remote \| 2007-06-01
Med.	CubeCart v3.0.16 SQL Injection Vulnerability (CVE assigned) Remote \| 2007-05-29
Low	VP-ASP Shopping Cart 6.50 - Cross-Site Scripting Vulnerability (CVE assigned) Remote \| 2007-05-24
Low	HLstats v1.35 Cross-Site Scripting Vulnerability #2 (CVE assigned) Remote \| 2007-05-24
Low	Redoable 1.2 Cross-Site Scripting Vulnerability (patch included) (CVE assigned) Remote \| 2007-05-22
Low	Bradford CampusManager v3.1(6) Sensitive Data Disclosure (CVE assigned) Remote \| 2007-05-17
Med.	Drake CMS (v0.4.0) - CRLF Injection Vulnerability (CVE assigned) Remote \| 2007-05-17
Med.	ACP3 (v4.0b3) - Multiple Vulnerabilities (CVE assigned) Remote \| 2007-05-12
Low	UPDATED: CubeCart (v3.0.15) - CRLF Injection Vulnerability (CVE assigned) Remote \| 2007-05-12
Med.	SunShop (v4) Multiple Vulnerabilities (CVE assigned) Remote \| 2007-05-12
Low	Podium CMS - Cookie Manipulation Exploit (CVE assigned) Remote \| 2007-05-12
Med.	Ripe Website Manager (<= 0.8.4) - SQL Injection Vulnerability and Cross-Site Scripting Exploit (CVE assigned) Remote \| 2007-04-26
High	CodeBreak (codebreak.php process_method) - Remote File Inclusion Vulnerability (CVE assigned) Remote \| 2007-04-13
Low	DeskPRO v2.0.1 - Cross-Site Scripting Vulnerability (CVE assigned) Remote \| 2007-04-13
Low	QuizShock 1.6.1 - Cross-Site Scripting Vulnerability (CVE assigned) Remote \| 2007-04-12
Med.	UBB.threads (<= 6.1.1) SQL Injection Vulnerability (CVE assigned) Remote \| 2007-04-12

Author: John Martinelli

Country:

Reported research: 23

Advisories

Low

Google Chrome Password Disclosure

Local | 2019-09-18

Low

RetireJS CORS Issue / Script Execution (CVE assigned)

Remote | 2019-06-12

Med.

dotCMS 5.1.1 Vulnerable Dependencies (CVE assigned)

Remote | 2019-05-11

Med.

Vonage VoIP Telephone Adapter Default Misconfiguration (CVE assigned)

Remote Local | 2007-06-06

Med.

SalesCart Shopping Cart SQL Injection Vulnerability (CVE assigned)

Remote | 2007-06-05

Low

PsychoStats v3.0.6b Multiple Cross-Site Scripting Vulnerabilities (CVE assigned)

Remote | 2007-06-03

Low

ClonusWiki .5 Cross-Site Scripting Vulnerability (CVE assigned)

Remote | 2007-06-03

Low

RM EasyMail Plus - Cross-Site Scripting Vulnerability (CVE assigned)

Remote | 2007-06-01

Med.

CubeCart v3.0.16 SQL Injection Vulnerability (CVE assigned)

Remote | 2007-05-29

Low

VP-ASP Shopping Cart 6.50 - Cross-Site Scripting Vulnerability (CVE assigned)

Remote | 2007-05-24

Low

HLstats v1.35 Cross-Site Scripting Vulnerability #2 (CVE assigned)

Remote | 2007-05-24

Low

Redoable 1.2 Cross-Site Scripting Vulnerability (patch included) (CVE assigned)

Remote | 2007-05-22

Low

Bradford CampusManager v3.1(6) Sensitive Data Disclosure (CVE assigned)

Remote | 2007-05-17

Med.

Drake CMS (v0.4.0) - CRLF Injection Vulnerability (CVE assigned)

Remote | 2007-05-17

Med.

ACP3 (v4.0b3) - Multiple Vulnerabilities (CVE assigned)

Remote | 2007-05-12

Low

UPDATED: CubeCart (v3.0.15) - CRLF Injection Vulnerability (CVE assigned)

Remote | 2007-05-12

Med.

SunShop (v4) Multiple Vulnerabilities (CVE assigned)

Remote | 2007-05-12

Low

Podium CMS - Cookie Manipulation Exploit (CVE assigned)

Remote | 2007-05-12

Med.

Ripe Website Manager (<= 0.8.4) - SQL Injection Vulnerability and Cross-Site Scripting Exploit (CVE assigned)

Remote | 2007-04-26

High

CodeBreak (codebreak.php process_method) - Remote File Inclusion Vulnerability (CVE assigned)

Remote | 2007-04-13

Low

DeskPRO v2.0.1 - Cross-Site Scripting Vulnerability (CVE assigned)

Remote | 2007-04-13

Low

QuizShock 1.6.1 - Cross-Site Scripting Vulnerability (CVE assigned)

Remote | 2007-04-12

Med.

UBB.threads (<= 6.1.1) SQL Injection Vulnerability (CVE assigned)

Remote | 2007-04-12

Do you know.. we can display your:

- Twitter Link - Website Link - Zone-H Link - Description of profile - email (let us know if you want show public)

Let's us know! submit@cxsec.org

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)