A non-exhaustive list of public vulnerabilities and CVEs that I have found. Bug bounties and vulnerabilities released through vulnerability affiliation programs are also listed here.
- Aethra – Multiple Vulnerabilities
- AngularJS – (Angular-CLI) Authentication Bypass
- Avactis – Multiple Vulnerabilities
- British Airways – Admin Console without authentication left exposed (undisclosed)
- Cloud at Cost Filex File Uploader – Multiple Vulnerabilities (undisclosed)
- Cloudrino – Multiple Vulnerabilities (undisclosed)
- CodeIgniter – Multiple Vulnerabilities (undisclosed)
- DJI Phantom 3 – Multiple Vulnerabilities
- DuckDuckGo – WebRTC (CVE-2018-6849) – Metasploit module by: Dhiraj Mishra
- eBay – HTTP Response Splitting, CSRF, Host Header Injection
- Emirates ice Inflight Entertainment System – SQL Injection (undisclosed)
- Facebook Spider – Link Preview Generation (undisclosed)
- Fastweb (Aethra Modem/Router) – Multiple Vulnerabilities
- Fastweb FASTGate – Multiple Vulnerabilities (undisclosed)
- Flickr – Host Header Injection
- Ghost CMS (CVE-2015-1407) – Multiple Vulnerabilities
- Google – Open Redirect (undisclosed – won’t fix)
- HP HPE OpenCall Media Platform (OCMP) (CVE-2017-5799, CVE-2017-5798) – RCE & XSS
- LinkedIn – CSV Excel Formula Injection
- McAfee ePolicy Orchestrator (ePO) Agent Remote Log – DoS/RCE (undisclosed)
- McDonald – Multiple Vulnerabilities
- Metasploit (CVE-2019-5624) – RCE via RubyZip Arbitrary File Write (Zip Slip)
- Minds.com – Multiple Vulnerabilities
- Mura CMS – Multiple Vulnerabilities
- Opera Browser – WebRTC (CVE-2018-6608)
- Oracle JD Edwards EnterpriseOne Tools (CVE-2018-2658, CVE-2018-2659) – Multiple XSS (cpujan2018-3236628)
- Oscommerce – Multiple Vulnerabilities (undisclosed)
- PayPal Android Mobile APP & API – Multiple Vulnerabilities (undisclosed)
- Phorum CMS – Multiple Vulnerabilities
- RubyZip (CVE-2019-XXXX) – Arbitrary File Write
- Synology Cloud Station Drive 4.3.2-4450 and prior – Local Privilege Escalation via Unquoted Service Path
- Tabletopia – XSS to RCE (undisclosed yet)
- Telegram – Exportable Media Files in Secret Chat
- TIM Telecom Italia – Multiple Vulnerabilities
- VirIT Explorer – Local Privilege Escalation (EoP)
- Western Union – Host Header Injection
- Yahoo Messenger – Multiple Vulnerabilities
- ZyXEL Firewall and NAS (CVE-2020-9054) – Pre-auth Remote Command Execution via OS Command Injection
