Security Publications
List of discovered vulnerabilities / findings:
PHP LFI with Nginx Assistance
New method to exploit PHP local file inclusion (LFI) vulnerabilities with Nginx assistance.
Published: 26 Dec 2021Link
Mattermost
Use of weak random number generator to generate security-sensitive values
Published: 08 Jan 2019Link
ASUSWRT
Multiple Vulnerabilities: Cross-Site Scripting (XSS), Session Stealing, Remote Code Execution
CVE-2017-6547, CVE-2017-6548, CVE-2017-6549Published: 08 Mar 2017
Link
GPGTools
GPGTools installerHelper - setuid Local Privilege Escalation
CVE-2014-4677Published: 13 Feb 2017
Link