Vulnerability · Tim Coen - IT Security & Development

2019-02-05 NextScripts: Social Networks Auto-Poster 4.2.7 - Reflected XSS (WordPress Plugin)

2018-06-27 TP-Link TL-WR841N v13: CSRF (CVE-2018-12574)

2018-06-27 TP-Link TL-WR841N v13: Authenticated Blind Command Injection (CVE-2018-12577)

2018-06-27 TP-Link TL-WR841N v13: Broken Authentication (CVE-2018-12575)

2018-06-27 TP-Link TL-WR841N v13: Clickjacking (CVE-2018-12576), Missing HTTPS

2015-07-15 GetSimpleCMS 3.3.5: XSS, Code Execution, DOS, Password Leak, Weak Authentication, Misc

2015-07-10 ZenPhoto 1.4.8: Second Order SQL Injection, Reflected XSS, Path Traversal, Function Execution

2015-07-02 WordPress File Upload Plugin 2.7.6: Code Execution, CSRF, XSS, Information Disclosure

2015-06-27 PivotX 2.3.10: Session Fixation, Reflected XSS, Code Execution

2015-06-27 LimeSurvey 2.05+: Persistent XSS