Author: YGN Ethical Hacker Group

Country:

Reported research: 33

Advisories

Risk	Topic & Details
Med.	TomatoCart 1.x Cross Site Request Forgery bypass Remote \| 2013-01-07
Med.	TomatoCart 1.x include outdated and vulnerable Piwik extension < 0.5.5 Remote \| 2013-01-05
Med.	TomatoCart 1.x Unrestricted File Creation Remote \| 2013-01-04
Low	CubeCart 5.x Cross Site Request Forgery (CSRF) Remote \| 2013-01-01
Low	CubeCart 5.x Cross Site Scripting Remote \| 2013-01-01
Low	Open-Realty CMS 3.x Persistent Cross Site Scripting (XSS) Remote \| 2012-12-26
Low	Open-Realty CMS 3.Cross Site Request Forgery Remote \| 2012-12-26
Low	CubeCart 5.0.7 Open URL Redirection Remote \| 2012-12-25
Low	CubeCart 4.4.6 Open URL Redirection Remote \| 2012-12-25
Low	CubeCart 4.4.6 Cross Site Scripting Remote \| 2012-12-25
Low	CubeCart 4.4.6 Cross Site Request Forgery Remote \| 2012-12-25
Med.	CubeCart 4.4.6 Local File Inclusion Remote \| 2012-12-25
Med.	CubeCart 4.4.6 SQL Injection Remote \| 2012-12-25
High	CubeCart 4.x / 5.x Privilege Escalation Remote \| 2012-12-25
Low	F5 FirePass SSL VPN 4xxx Series & Arbitrary URL Redirection Remote \| 2012-10-20
Low	Elgg 1.7.9 Cross Site Scripting Remote \| 2011-08-01
Low	Parallels Plesk 8.2 URL Redirection Remote \| 2011-03-27
Low	PHP-Nuke 8.x Cross Site Scripting Remote \| 2011-03-24
Low	PHP-Nuke 8.x Cross Site Request Forgery Remote \| 2011-03-24
Med.	PHP-Nuke 8.x Blind SQL Injection Remote \| 2011-03-24
Low	Vanilla Forums 2.0.16 <= Cross Site Scripting Vulnerability (CVE assigned) Remote \| 2011-01-29
Low	Multiple Web Applications \| Full Path Disclosure (CVE assigned) Remote \| 2011-01-29
Low	Drupal 5.x, 6.x <= Stored Cross Site Scripting Vulnerability (CVE assigned) Remote \| 2011-01-14
Low	Joomla! 1.0.x ~ 1.0.15 Cross Site Scripting (XSS) Vulnerability (CVE assigned) Remote \| 2011-01-12
Med.	Joomla 1.5.21 Potential SQL Injection Flaws (CVE assigned) Remote \| 2010-11-02
Med.	Joomla! CMS 1.5.20 remote SQL injection Remote \| 2010-11-02
High	PGP Desktop version 9.10.x-10.0.0 Insecure DLL Hijacking Vulnerability (CVE assigned) Remote \| 2010-09-17
Med.	IBM Lotus Symphony Office Suite insecure DLL hijacking vulnerability. Local \| 2010-09-14
Med.	UltraEdit Text Editor 16.10.0.1036 insecure DLL hijacking vulnerability. Local \| 2010-09-14
Med.	CelFrame Office Suite insecure DLL hijacking vulnerability. Local \| 2010-09-14

Author: YGN Ethical Hacker Group

Reported research: 33

Advisories

Med.

Remote | 2013-01-07

Med.

Remote | 2013-01-05

Med.

Remote | 2013-01-04

Low

Remote | 2013-01-01

Low

Remote | 2013-01-01

Low

Remote | 2012-12-26

Low

Remote | 2012-12-26

Low

Remote | 2012-12-25

Low

Remote | 2012-12-25

Low

Remote | 2012-12-25

Low

Remote | 2012-12-25

Med.

Remote | 2012-12-25

Med.

Remote | 2012-12-25

High

Remote | 2012-12-25

Low

Remote | 2012-10-20

Low

Remote | 2011-08-01

Low

Remote | 2011-03-27

Low

Remote | 2011-03-24

Low

Remote | 2011-03-24

Med.

Remote | 2011-03-24

Low

Vanilla Forums 2.0.16 <= Cross Site Scripting Vulnerability (CVE assigned)

Remote | 2011-01-29

Low

Multiple Web Applications | Full Path Disclosure (CVE assigned)

Remote | 2011-01-29

Low

Drupal 5.x, 6.x <= Stored Cross Site Scripting Vulnerability (CVE assigned)

Remote | 2011-01-14

Low

Joomla! 1.0.x ~ 1.0.15 Cross Site Scripting (XSS) Vulnerability (CVE assigned)

Remote | 2011-01-12

Med.

Joomla 1.5.21 Potential SQL Injection Flaws (CVE assigned)

Remote | 2010-11-02

Med.

Remote | 2010-11-02

High

PGP Desktop version 9.10.x-10.0.0 Insecure DLL Hijacking Vulnerability (CVE assigned)

Remote | 2010-09-17

Med.

Local | 2010-09-14

Med.

Local | 2010-09-14

Med.

Local | 2010-09-14

Do you know.. we can display your:

- Twitter Link - Website Link - Zone-H Link - Description of profile - email (let us know if you want show public)

Let's us know! submit@cxsec.org

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)