Author: Mehmet Ince

Country:

Reported research: 27

Advisories

Risk	Topic & Details
Med.	OX App Suite SSRF / SQL Injection / Cross Site Scripting (CVE assigned) Remote \| 2023-08-03
Med.	OX App Suite SSRF / Resource Consumption / Command Injection (CVE assigned) Remote \| 2023-06-22
High	GravCMS 1.10.7 Arbitrary YAML Write / Update Remote \| 2021-07-11
High	GravCMS 1.10.7 Unauthenticated Arbitrary YAML Write/Update (Metasploit) Remote \| 2021-05-08
High	GravCMS 1.10.7 Remote Command Execution Remote \| 2021-04-21
High	Trend Micro Web Security (Virtual Appliance) Remote Code Execution Remote \| 2020-06-22
High	Vesta Control Panel Authenticated Remote Code Execution Remote \| 2020-04-07
High	MicroFocus Secure Messaging Gateway Remote Code Execution Remote \| 2018-07-31
Low	Liferay Portal < 7.0.4 Server-Side Request Forgery Remote \| 2018-06-26
High	ManageEngine Applications Manager 13.5 Remote Code Execution Remote \| 2018-03-13
High	Kaltura Remote PHP Code Execution (CVE assigned) Remote \| 2018-01-24
High	Xplico Remote Code Execution (CVE assigned) Remote \| 2018-01-04
High	Xplico Remote Code Execution (CVE assigned) Remote \| 2018-01-04
High	Symantec Messaging Gateway Remote Code Execution Remote \| 2017-06-25
High	Crypttech CryptoLog Remote Code Execution Remote \| 2017-05-06
High	SolarWind LEM Default SSH Password Remote Code Execution Remote \| 2017-04-05
High	Logsign Remote Command Injection Remote \| 2017-03-24
High	Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution Remote \| 2017-02-28
High	Kaltura 11.1.0-2 - Remote Code Execution (Metasploit) Remote \| 2016-09-22
High	Drupal CODER Module 2.5 - Remote Command Execution Remote \| 2016-07-25
High	Drupal RESTWS Module 7.x - Remote PHP Code Execution Remote \| 2016-07-21
Med.	BigTree CMS 4.2.11 SQL Injection Remote \| 2016-06-28
High	BookingWizz LFI / XSS / CSRF / SQL Injection Remote \| 2016-06-16
High	AfterLogic WebMail Pro ASP.NET Administrator Account Takover via XXE Injection Remote \| 2016-05-25
High	Bonefire 0.7.1 Reinstall Admin Account Remote \| 2014-04-25
High	No-CMS 0.6.6 Rev 1 Account Hijack / Remote Command Execution Remote \| 2014-04-23
Low	Wordpress Zingiri Web Shop Plugin <= 2.4.0 Multiple XSS Vulnerabilities (CVE assigned) Remote \| 2013-01-25

Author: Mehmet Ince

Reported research: 27

Advisories

Med.

OX App Suite SSRF / SQL Injection / Cross Site Scripting (CVE assigned)

Remote | 2023-08-03

Med.

OX App Suite SSRF / Resource Consumption / Command Injection (CVE assigned)

Remote | 2023-06-22

High

Remote | 2021-07-11

High

Remote | 2021-05-08

High

Remote | 2021-04-21

High

Remote | 2020-06-22

High

Remote | 2020-04-07

High

Remote | 2018-07-31

Low

Remote | 2018-06-26

High

Remote | 2018-03-13

High

Kaltura Remote PHP Code Execution (CVE assigned)

Remote | 2018-01-24

High

Xplico Remote Code Execution (CVE assigned)

Remote | 2018-01-04

High

Xplico Remote Code Execution (CVE assigned)

Remote | 2018-01-04

High

Remote | 2017-06-25

High

Remote | 2017-05-06

High

Remote | 2017-04-05

High

Remote | 2017-03-24

High

Remote | 2017-02-28

High

Remote | 2016-09-22

High

Remote | 2016-07-25

High

Remote | 2016-07-21

Med.

Remote | 2016-06-28

High

Remote | 2016-06-16

High

Remote | 2016-05-25

High

Remote | 2014-04-25

High

Remote | 2014-04-23

Low

Wordpress Zingiri Web Shop Plugin <= 2.4.0 Multiple XSS Vulnerabilities (CVE assigned)

Remote | 2013-01-25

Do you know.. we can display your:

- Twitter Link - Website Link - Zone-H Link - Description of profile - email (let us know if you want show public)

Let's us know! submit@cxsec.org

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)