Reports and Acknowledgements
Vulnerabilities / Exploits
- MyMag WordPress theme Unrestricted File Upload
- Multiple XSS Vulnerabilities in BoxBilling
- Remote Code Execution in mversion (CVE-2020-7688)
- Regular Expression Denial of Service (ReDoS) in urlregex
- Regular Expression Denial of Service (ReDoS) in url-regexp
- [metascraper-helpers] Denial of Service
- Regular Expression Denial of Service (ReDoS) in RestQL
Securing Open Source Code
- Fixed: Improper Access Control in Cezerin (CVE-2019-18608)
- Fixed: Remote Command Execution in strider-git
- Fixed: Improper Access Control in Cezerin2
- Fixed: Remote Code Execution in mversion
- Fixed: Remote Code Execution in Apache cordova-serve module