Author: Kacper Szurek

Country: pl

Reported research: 44

Advisories

Risk	Topic & Details
High	HomeMatic Zentrale CCU2 Unauthenticated Remote Code Execution Remote \| 2018-07-18
High	Manage Engine Exchange Reporter Plus Unauthenticated Remote Code Execution Remote \| 2018-07-13
Med.	GitList 0.6.0 Argument Injection Remote \| 2018-07-08
High	ManageEngine Exchange Reporter Plus 5310 Remote Code Execution Remote \| 2018-07-04
High	GitBucket 4.23.1 Remote Code Execution Remote \| 2018-05-21
High	GitList 0.6 Remote Code Execution Remote \| 2018-04-27
High	GitStack Unsanitized Argument Remote Code Execution Remote \| 2018-03-30
High	Netgear ReadyNAS Surveillance 1.4.3-16 Remote Command Execution Remote \| 2017-10-05
High	Synology Photo Station 6.7.3-3432 / 6.3-2967 Remote Code Execution Remote \| 2017-08-09
High	ManageEngine Desktop Central 10 Build 100087 Remote Code Execution (CVE assigned) Remote \| 2017-07-25
Med.	QNAP PhotoStation 5.2.4 / MusicStation 4.8.4 - Authentication Bypass Remote \| 2017-05-10
Med.	Dell Customer Connect 1.3.28.0 Privilege Escalation Local \| 2017-04-25
Med.	CyberGhost 6.0.4.2205 Privilege Escalation Local \| 2017-03-07
Med.	ShadeYouVPN.com Client For Windows 2.0.1.11 Privilege Escalation Local \| 2017-02-15
Med.	IVPN Client for Windows 2.6.6120.33863 Privilege Escalation Local \| 2017-02-07
Med.	Viscosity For Windows 1.6.7 Privilege Escalation Local \| 2017-02-01
High	WD My Cloud Mirror 2.11.153 RCE and Authentication Bypass Remote \| 2017-01-24
Med.	SentryHD 02.01.12e Privilege Escalation Remote \| 2017-01-19
Med.	WordPress WP Support Plus Responsive Ticket System 7.1.3 Privilege Escalation Remote \| 2017-01-11
Low	AbanteCart 1.2.7 Cross Site Scripting \| 2016-12-07
Med.	e107 CMS 2.1.2 Privilege Escalation Remote \| 2016-11-11
Med.	Cart66 Lite WordPress Ecommerce 1.5.1.17 Blind SQL Injection (CVE assigned) Remote \| 2016-09-24
Med.	Dolphin 7.3.0 Error Based SQL Injection Remote \| 2016-09-21
High	Tiki Wiki CMS 15.0 Arbitrary File Download Remote \| 2016-07-12
Low	phpMyFAQ 2.9.0 Cross Site Scripting Remote \| 2016-06-10
Med.	Tiny Tiny RSS Blind SQL Injection Remote \| 2016-02-16
Med.	Simple Ads Manager 2.9.4.116 SQL Injection Remote \| 2015-12-30
Med.	WordPress Admin Management Xtended 2.4.0 Privilege Escalation Remote \| 2015-12-15
Med.	WP Fastest Cache 0.8.4.8 Blind SQL Injection Remote \| 2015-11-12
Med.	FreiChat 9.6 SQL Injection Remote \| 2015-07-15

Author: Kacper Szurek

Country: pl

Reported research: 44

Advisories

High

Remote | 2018-07-18

High

Remote | 2018-07-13

Med.

Remote | 2018-07-08

High

Remote | 2018-07-04

High

Remote | 2018-05-21

High

Remote | 2018-04-27

High

Remote | 2018-03-30

High

Remote | 2017-10-05

High

Remote | 2017-08-09

High

ManageEngine Desktop Central 10 Build 100087 Remote Code Execution (CVE assigned)

Remote | 2017-07-25

Med.

Remote | 2017-05-10

Med.

Local | 2017-04-25

Med.

Local | 2017-03-07

Med.

Local | 2017-02-15

Med.

Local | 2017-02-07

Med.

Local | 2017-02-01

High

Remote | 2017-01-24

Med.

Remote | 2017-01-19

Med.

Remote | 2017-01-11

Low

| 2016-12-07

Med.

Remote | 2016-11-11

Med.

Cart66 Lite WordPress Ecommerce 1.5.1.17 Blind SQL Injection (CVE assigned)

Remote | 2016-09-24

Med.

Remote | 2016-09-21

High

Remote | 2016-07-12

Low

Remote | 2016-06-10

Med.

Remote | 2016-02-16

Med.

Remote | 2015-12-30

Med.

Remote | 2015-12-15

Med.

Remote | 2015-11-12

Med.

Remote | 2015-07-15

Do you know.. we can display your:

- Twitter Link - Website Link - Zone-H Link - Description of profile - email (let us know if you want show public)

Let's us know! submit@cxsec.org

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)