Author: Larry W. Cashdollar

Country: us

Reported research: 100

Advisories

Risk	Topic & Details
Med.	WordPress Plugin tajer v1.05 Arbitrary file upload vulnerability Remote \| 2018-10-18
Med.	jQuery-File-Upload <= v9.22.0 unauthenticated arbitrary file upload vulnerability Remote \| 2018-10-10
Med.	Wordpress plugin csv2wpec-coupon v1.1 Remote file upload Vulnerability (CVE assigned) Remote \| 2018-10-09
Low	SUNWswasr RPM post install /tmp race condition Local \| 2018-10-05
Med.	Mambo CMS vulnerabilities (CVE assigned) Remote Local \| 2018-10-05
Med.	Oracle Solaris Bind/Postinstall script for Bind package local root (CVE assigned) Local \| 2018-10-05
Low	thttpd-2.25b htpasswd Vulnerabilities (CVE assigned) Local \| 2018-10-03
Med.	IBM Informix File Clobbering during Install (CVE assigned) Local \| 2018-10-03
Med.	PatchLink Update Unix Client File clobbering vulnerability (CVE assigned) Local \| 2018-10-03
Med.	Open tftpserver path traversal vulnerability Local \| 2018-10-02
Med.	OpenOffice 1.0.1 Race condition during installation (CVE assigned) Local \| 2018-10-02
Med.	Borland's InterBase 7.1 poor Password Data File Permissions and Password Hash (CVE assigned) Local \| 2018-10-01
Low	PrimeBase Database Poor File Permissions and Crypt() Hash Local \| 2018-09-29
Med.	Xitami Webserver clear text password storage Vulnerability (CVE assigned) Local \| 2018-09-27
Med.	Solaris 2.7/2.8 catman Temp File Vulnerability (CVE assigned) Local \| 2018-09-27
Med.	Lynx v2.8.5dev Format String Vulnerablity Remote \| 2018-09-27
Med.	Tarantella Enterprise 3 local root during installation (CVE assigned) Local \| 2018-09-27
Med.	Voyant Sonata doroot command vulnerability (CVE assigned) Local \| 2018-09-25
Med.	Vulnerability Report For Voyant Technologies Sonata Conferencing product Remote Local \| 2018-09-25
High	flower fire sawmill v5.0.21 file read & weak password encryption (CVE assigned) Remote \| 2018-09-25
High	Irix Midikeys local root Vulnerability (CVE assigned) Local \| 2018-09-20
Med.	AIX Snap command password vulnerability (CVE assigned) Local \| 2018-09-20
Med.	WordPress Plugin Arigato Autoresponder and Newsletter 2.5 Blind SQL Injection / Reflected Cross-Site Scripting (CVE assigned) Remote \| 2018-09-19
High	Drupal Avatar Uploader 7.x-1.0-beta8 Arbitary File Download (CVE assigned) Remote \| 2018-04-23
Med.	Huge-IT Catalog v1.0.7 for Joomla Unauthenticated SQL Injection (CVE assigned) Remote \| 2017-09-12
Med.	Huge-IT Portfolio Gallery Plugin v1.0.6 Unauthenticated SQL Injection (CVE assigned) Remote \| 2017-09-12
Low	Huge-IT Video Gallery v1.0.9 for Joomla Unauthenticated SQL Injection (CVE assigned) Remote \| 2017-09-12
Med.	Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.6 - SQL Injection (CVE assigned) Remote \| 2017-09-01
High	WordPress Membership Simplified 1.58 Arbitrary File Download (CVE assigned) Remote \| 2017-03-17
Low	WordPress wp-json Content Injection Remote \| 2017-02-09

Author: Larry W. Cashdollar

Country: us

Reported research: 100

Advisories

Med.

Remote | 2018-10-18

Med.

Remote | 2018-10-10

Med.

Wordpress plugin csv2wpec-coupon v1.1 Remote file upload Vulnerability (CVE assigned)

Remote | 2018-10-09

Low

Local | 2018-10-05

Med.

Mambo CMS vulnerabilities (CVE assigned)

Remote Local | 2018-10-05

Med.

Oracle Solaris Bind/Postinstall script for Bind package local root (CVE assigned)

Local | 2018-10-05

Low

thttpd-2.25b htpasswd Vulnerabilities (CVE assigned)

Local | 2018-10-03

Med.

IBM Informix File Clobbering during Install (CVE assigned)

Local | 2018-10-03

Med.

PatchLink Update Unix Client File clobbering vulnerability (CVE assigned)

Local | 2018-10-03

Med.

Local | 2018-10-02

Med.

OpenOffice 1.0.1 Race condition during installation (CVE assigned)

Local | 2018-10-02

Med.

Borland's InterBase 7.1 poor Password Data File Permissions and Password Hash (CVE assigned)

Local | 2018-10-01

Low

Local | 2018-09-29

Med.

Xitami Webserver clear text password storage Vulnerability (CVE assigned)

Local | 2018-09-27

Med.

Solaris 2.7/2.8 catman Temp File Vulnerability (CVE assigned)

Local | 2018-09-27

Med.

Remote | 2018-09-27

Med.

Tarantella Enterprise 3 local root during installation (CVE assigned)

Local | 2018-09-27

Med.

Voyant Sonata doroot command vulnerability (CVE assigned)

Local | 2018-09-25

Med.

Remote Local | 2018-09-25

High

flower fire sawmill v5.0.21 file read & weak password encryption (CVE assigned)

Remote | 2018-09-25

High

Irix Midikeys local root Vulnerability (CVE assigned)

Local | 2018-09-20

Med.

AIX Snap command password vulnerability (CVE assigned)

Local | 2018-09-20

Med.

WordPress Plugin Arigato Autoresponder and Newsletter 2.5 Blind SQL Injection / Reflected Cross-Site Scripting (CVE assigned)

Remote | 2018-09-19

High

Drupal Avatar Uploader 7.x-1.0-beta8 Arbitary File Download (CVE assigned)

Remote | 2018-04-23

Med.

Huge-IT Catalog v1.0.7 for Joomla Unauthenticated SQL Injection (CVE assigned)

Remote | 2017-09-12

Med.

Huge-IT Portfolio Gallery Plugin v1.0.6 Unauthenticated SQL Injection (CVE assigned)

Remote | 2017-09-12

Low

Huge-IT Video Gallery v1.0.9 for Joomla Unauthenticated SQL Injection (CVE assigned)

Remote | 2017-09-12

Med.

Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.6 - SQL Injection (CVE assigned)

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)