Author: JosS

Country:

Reported research: 41

Advisories

Risk	Topic & Details
Med.	Simple Document Management System 1.1.5 / 2.0 SQL Injection Remote \| 2012-06-17
High	Symphony 2.0.7 Multiple Vulnerabilities (CVE assigned) Remote \| 2010-09-22
High	Multi-lingual E-Commerce System 0.2 multiple remote file inclusion (CVE assigned) Remote \| 2010-08-31
Med.	Simple Machines Forum 1.1.8 avatar related remote php file Remote \| 2010-03-29
Med.	PHPEcho CMS 2.0-rc3 (forum) XSS Cookie Stealing / Blind Vulnerability (CVE assigned) Remote Local \| 2009-07-11
Med.	LightOpenCMS 0.1 (smarty.php cwd) Local File Inclusion Vulnerability (CVE assigned) Remote \| 2009-06-28
Med.	Maran PHP Shop (admin.php) Insecure Cookie Handling Vulnerability (CVE assigned) Remote \| 2009-03-02
Med.	Cybershade CMS 0.2b (index.php) Remote File Inclusion Exploit (CVE assigned) Remote \| 2009-02-25
Med.	LightBlog 9.8 (GET,POST,COOKIE) Multiple LFI Vulnerabilities (CVE assigned) Remote \| 2009-02-21
High	My PHP Indexer 1.0 (index.php) Local File Download Vulnerability (CVE assigned) Remote \| 2009-02-21
Med.	ScriptsEz Easy Image Downloader Local File Download Vulnerability (CVE assigned) Remote \| 2009-02-10
Low	ScriptsEz Mini Hosting Panel (members.php) LFI Vulnerability (CVE assigned) Remote \| 2009-02-09
Med.	LokiCMS <= 0.3.4 (index.php page) Arbitrary Check File Exploit (CVE assigned) Remote \| 2009-01-27
Med.	ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability (CVE assigned) Remote \| 2008-11-30
High	Chipmunk CMS (reguser.php) Add Admin (html) (CVE assigned) Remote \| 2008-11-09
High	Maran PHP Shop (prod.php cat) SQL Injection Vulnerability (CVE assigned) Remote \| 2008-11-05
High	Koobi CMS 4.2.4/4.2.5/4.3.0 Multiple Remote SQL Injection Vulnerabilities (CVE assigned) Remote \| 2008-10-30
High	aflog 1.01 Multiple Insecure Cookie Handling Vulnerabilies (CVE assigned) Remote \| 2008-10-30
Med.	LokiCMS 0.3.4 (admin.php) Create Local File Inclusion Exploit (CVE assigned) Remote \| 2008-10-22
High	myEvent 1.6 (viewevent.php) Remote SQL Injection Vulnerability (CVE assigned) Remote \| 2008-10-22
High	myStats (hits.php) Multiple Remote Vulnerabilities Exploit (CVE assigned) Remote \| 2008-10-22
High	IP Reg <= 0.4 Multiple Remote SQL Injection Vulnerabilities (CVE assigned) Remote \| 2008-10-20
High	pPIM 1.01 (notes.php id) Local File Inclusion Vulnerability (CVE assigned) Remote \| 2008-10-10
Med.	phpAbook <= 0.8.8b (COOKIE) Local File Inclusion Vulnerability (CVE assigned) Remote \| 2008-10-09
High	WebCMS Portal Edition (index.php id) Blind SQL Injection Exploit (CVE assigned) Remote \| 2008-09-27
High	Pre Real Estate Listings (search.php c) SQL Injection Vulnerability (CVE assigned) Remote \| 2008-09-27
High	Hotel reservation System (city.asp city) Blind SQL Injection Vulnerability (CVE assigned) Remote \| 2008-09-27
Med.	SazCart <= 1.5.1 (prodid) Remote SQL Injection Exploit (CVE assigned) Remote \| 2008-05-22
Med.	Classifieds Caffe (index.php cat_id) Remote SQL Injection (CVE assigned) Remote \| 2008-04-24
Med.	Mutiple Timesheets <= 5.0 - Multiple Remote Vulnerabilities (CVE assigned) Remote \| 2008-03-20

Author: JosS

Country:

Reported research: 41

Advisories

Med.

Simple Document Management System 1.1.5 / 2.0 SQL Injection

Remote | 2012-06-17

High

Symphony 2.0.7 Multiple Vulnerabilities (CVE assigned)

Remote | 2010-09-22

High

Multi-lingual E-Commerce System 0.2 multiple remote file inclusion (CVE assigned)

Remote | 2010-08-31

Med.

Simple Machines Forum 1.1.8 avatar related remote php file

Remote | 2010-03-29

Med.

PHPEcho CMS 2.0-rc3 (forum) XSS Cookie Stealing / Blind Vulnerability (CVE assigned)

Remote Local | 2009-07-11

Med.

LightOpenCMS 0.1 (smarty.php cwd) Local File Inclusion Vulnerability (CVE assigned)

Remote | 2009-06-28

Med.

Maran PHP Shop (admin.php) Insecure Cookie Handling Vulnerability (CVE assigned)

Remote | 2009-03-02

Med.

Cybershade CMS 0.2b (index.php) Remote File Inclusion Exploit (CVE assigned)

Remote | 2009-02-25

Med.

LightBlog 9.8 (GET,POST,COOKIE) Multiple LFI Vulnerabilities (CVE assigned)

Remote | 2009-02-21

High

My PHP Indexer 1.0 (index.php) Local File Download Vulnerability (CVE assigned)

Remote | 2009-02-21

Med.

ScriptsEz Easy Image Downloader Local File Download Vulnerability (CVE assigned)

Remote | 2009-02-10

Low

ScriptsEz Mini Hosting Panel (members.php) LFI Vulnerability (CVE assigned)

Remote | 2009-02-09

Med.

LokiCMS <= 0.3.4 (index.php page) Arbitrary Check File Exploit (CVE assigned)

Remote | 2009-01-27

Med.

ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability (CVE assigned)

Remote | 2008-11-30

High

Chipmunk CMS (reguser.php) Add Admin (html) (CVE assigned)

Remote | 2008-11-09

High

Maran PHP Shop (prod.php cat) SQL Injection Vulnerability (CVE assigned)

Remote | 2008-11-05

High

Koobi CMS 4.2.4/4.2.5/4.3.0 Multiple Remote SQL Injection Vulnerabilities (CVE assigned)

Remote | 2008-10-30

High

aflog 1.01 Multiple Insecure Cookie Handling Vulnerabilies (CVE assigned)

Remote | 2008-10-30

Med.

LokiCMS 0.3.4 (admin.php) Create Local File Inclusion Exploit (CVE assigned)

Remote | 2008-10-22

High

myEvent 1.6 (viewevent.php) Remote SQL Injection Vulnerability (CVE assigned)

Remote | 2008-10-22

High

myStats (hits.php) Multiple Remote Vulnerabilities Exploit (CVE assigned)

Remote | 2008-10-22

High

IP Reg <= 0.4 Multiple Remote SQL Injection Vulnerabilities (CVE assigned)

Remote | 2008-10-20

High

pPIM 1.01 (notes.php id) Local File Inclusion Vulnerability (CVE assigned)

Remote | 2008-10-10

Med.

phpAbook <= 0.8.8b (COOKIE) Local File Inclusion Vulnerability (CVE assigned)

Remote | 2008-10-09

High

WebCMS Portal Edition (index.php id) Blind SQL Injection Exploit (CVE assigned)

Remote | 2008-09-27

High

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)