Author: Pedro Ribeiro

Country:

Reported research: 30

Advisories

Risk	Topic & Details
High	IBM QRadar SIEM Unauthenticated Remote Code Execution Remote \| 2018-07-11
Med.	IBM QRadar SIEM Code Execution / Authentication Bypass (CVE assigned) Remote \| 2018-05-31
High	AsusWRT LAN Unauthenticated Remote Code Execution (Metasploit) Remote \| 2018-02-26
Med.	AsusWRT LAN Unauthenticated Remote Code Execution Remote \| 2018-02-24
Med.	NETGEAR WNR2000v5 (Un)authenticated hidden_lang_avi Stack Overflow (CVE assigned) Remote \| 2017-03-24
High	TrueOnline / ZyXEL P660HN-T v1 Router Unauthenticated Command Injection Remote \| 2017-02-01
High	TrueOnline / ZyXEL P660HN-T v2 Router Authenticated Command Injection Remote \| 2017-02-01
High	TrueOnline / Billion 5200W-T Router Unauthenticated Command Injection Remote \| 2017-02-01
High	Dlink DIR Routers Unauthenticated HNAP Login Stack Buffer Overflow Remote \| 2016-11-22
High	WebNMS Framework Server 5.2 Arbitrary File Upload Remote \| 2016-08-12
High	Novell ServiceDesk Authenticated File Upload (CVE assigned) Remote \| 2016-04-18
High	NETGEAR ProSafe Network Management System 300 Arbitrary File Upload (CVE assigned) Remote \| 2016-03-01
High	Netgear Pro NMS 300 Code Execution / File Download (CVE assigned) Remote \| 2016-02-07
High	ManageEngine ServiceDesk Plus Arbitrary File Upload Remote \| 2015-10-08
High	Kaseya VSA uploader.aspx Arbitrary File Upload (CVE assigned) Remote \| 2015-10-06
Low	Kaseya Virtual System Administrator File Download / Open Redirect Remote \| 2015-07-15
Med.	ICU Heap / Integer Overflows (CVE assigned) Local \| 2015-05-06
High	Novell ZENworks Configuration Management Arbitrary File Upload (CVE assigned) Remote \| 2015-05-04
High	Novell ZenWorks Configuration Management 11.3.1 Code Execution / Traversal (CVE assigned) Remote \| 2015-04-08
High	ManageEngine Shell Upload / Directory Traversal (CVE assigned) Remote \| 2015-01-06
High	ManageEngine OpManager / Social IT Plus / IT360 File Upload / SQL Injection (CVE assigned) Remote \| 2014-11-11
Med.	Password Manager Pro SQL Injection (CVE assigned) Remote \| 2014-11-11
Med.	ManageEngine EventLog Analyzer SQL / Credential Disclosure (CVE assigned) Remote \| 2014-11-07
High	ManageEngine OpManager / Social IT Arbitrary File Upload (CVE assigned) Remote \| 2014-10-01
High	ManageEngine Desktop Central StatusUpdate Arbitrary File Upload Exploit (CVE assigned) Remote \| 2014-09-07
Low	GetSimple CMS 3.3.1 Cross Site Scripting (CVE assigned) Remote \| 2014-05-14
High	Contao CMS <= 3.2.5 PHP object insertion (CVE assigned) Remote \| 2014-02-03
Med.	impressCMS 1.3.5 arbitrary file deletion and XSS (CVE assigned) Remote \| 2014-02-01
High	MW6 Technologies ActiveX buffer overflows and remote code execution (CVE assigned) Remote \| 2014-01-22
High	Lorex security DVD ActiveX control buffer overflow (CVE assigned) Remote \| 2014-01-10

Author: Pedro Ribeiro

Reported research: 30

Advisories

High

Remote | 2018-07-11

Med.

IBM QRadar SIEM Code Execution / Authentication Bypass (CVE assigned)

Remote | 2018-05-31

High

Remote | 2018-02-26

Med.

Remote | 2018-02-24

Med.

NETGEAR WNR2000v5 (Un)authenticated hidden_lang_avi Stack Overflow (CVE assigned)

Remote | 2017-03-24

High

Remote | 2017-02-01

High

Remote | 2017-02-01

High

Remote | 2017-02-01

High

Remote | 2016-11-22

High

Remote | 2016-08-12

High

Novell ServiceDesk Authenticated File Upload (CVE assigned)

Remote | 2016-04-18

High

NETGEAR ProSafe Network Management System 300 Arbitrary File Upload (CVE assigned)

Remote | 2016-03-01

High

Netgear Pro NMS 300 Code Execution / File Download (CVE assigned)

Remote | 2016-02-07

High

Remote | 2015-10-08

High

Kaseya VSA uploader.aspx Arbitrary File Upload (CVE assigned)

Remote | 2015-10-06

Low

Remote | 2015-07-15

Med.

ICU Heap / Integer Overflows (CVE assigned)

Local | 2015-05-06

High

Novell ZENworks Configuration Management Arbitrary File Upload (CVE assigned)

Remote | 2015-05-04

High

Novell ZenWorks Configuration Management 11.3.1 Code Execution / Traversal (CVE assigned)

Remote | 2015-04-08

High

ManageEngine Shell Upload / Directory Traversal (CVE assigned)

Remote | 2015-01-06

High

ManageEngine OpManager / Social IT Plus / IT360 File Upload / SQL Injection (CVE assigned)

Remote | 2014-11-11

Med.

Password Manager Pro SQL Injection (CVE assigned)

Remote | 2014-11-11

Med.

ManageEngine EventLog Analyzer SQL / Credential Disclosure (CVE assigned)

Remote | 2014-11-07

High

ManageEngine OpManager / Social IT Arbitrary File Upload (CVE assigned)

Remote | 2014-10-01

High

ManageEngine Desktop Central StatusUpdate Arbitrary File Upload Exploit (CVE assigned)

Remote | 2014-09-07

Low

GetSimple CMS 3.3.1 Cross Site Scripting (CVE assigned)

Remote | 2014-05-14

High

Contao CMS <= 3.2.5 PHP object insertion (CVE assigned)

Remote | 2014-02-03

Med.

impressCMS 1.3.5 arbitrary file deletion and XSS (CVE assigned)

Remote | 2014-02-01

High

MW6 Technologies ActiveX buffer overflows and remote code execution (CVE assigned)

Remote | 2014-01-22

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)