Advisories / 0-days

 

Stotz, M. & van Genuchten, E. [SYSS-2017-015] Improper Handling of Insufficient Privileges
LimeSurvey 2.63.1+170305, 2.64.0+170307

van Genuchten, E. & Stotz, M. [SYSS-2017-014] Cross-Site Scripting
LimeSurvey 2.63.1+170305, 2.64.0+170307

van Genuchten, E. & Stotz, M. [SYSS-2017-013] Cross-Site Request Forgery
LimeSurvey 2.63.1+170305, 2.64.0+170307

Grimmeisen, S. & van Genuchten, E. [SYSS-2017-009] Improper Restriction of XML External Entity Reference ('XXE')
agorum core Pro 7.8.1.4-251

Grimmeisen, S. & van Genuchten, E. [SYSS-2017-008] Cross-Site Request Forgery
agorum core Pro 7.8.1.4-251

van Genuchten, E. & Grimmeisen, S. [SYSS-2017-007] Cross-Site Scripting
agorum core Pro 7.8.1.4-251

van Genuchten, E. & Grimmeisen, S. [SYSS-2017-006] Insecure Direct Object Reference
agorum core Pro 7.8.1.4-251

van Genuchten, E. & Grimmeisen, S. [SYSS-2017-005] Persistent Cross-Site Scripting
agorum core Pro 7.8.1.4-251

van Genuchten, E. [SYSS-2015-054] URL Redirection to Untrusted Site
Novell Filr 1.2

van Genuchten, E. [SYSS-2015-064] Insecure Direct Object Reference
Thru Managed File Transfer Portal 9.0.2

van Genuchten, E. [SYSS-2015-060] Improperly Implemented Security Check for Standard
Thru Managed File Transfer Portal 9.0.2

van Genuchten, E. [SYSS-2015-059] Insecure Direct Object Reference
Thru Managed File Transfer Portal 9.0.2

van Genuchten, E. [SYSS-2015-058] Insecure Direct Object Reference
Thru Managed File Transfer Portal 9.0.2

van Genuchten, E. [SYSS-2015-057] Cross-Site Scripting
Thru Managed File Transfer Portal 9.0.2

van Genuchten, E. & Österreicher, D. [SYSS-2015-056] SQL Injection
Thru Managed File Transfer Portal 9.0.2

van Genuchten, E. [SYSS-2015-055] Cross-Site Scripting
Novell Filr 1.2 (https://www.novell.com/support/kb/doc.php?id=7017078)

van Genuchten, E. [SYSS-2015-062] Information Exposure Through Directory Listing
ownCloud <= 8.0.9, <= 8.1.4, <= 8.2.1 (https://owncloud.org/security/advisory/?id=oc-sa-2016-002)

van Genuchten, E. [SYSS-2015-033] Missing Access Control
Page2Flip <= 2.5

van Genuchten, E. [SYSS-2015-032] Broken Authentication and Session Management
Page2Flip <= 2.5

van Genuchten, E. [SYSS-2015-030] Improper Handling of Insufficient Privileges
Page2Flip <= 2.5

van Genuchten, E. [SYSS-2015-029] Insecure Direct Object Reference
Page2Flip <= 2.5

van Genuchten, E. [SYSS-2015-028] Cross-Site Scripting
Page2Flip <= 2.5

van Genuchten, E. [SYSS-2015-027] Cross-Site Scripting
Page2Flip <= 2.5

van Genuchten, E. [SYSS-2015-026] Denial Of Service
Page2Flip <= 2.5