Publications de Julien Cayssol


Synology : Simple user can download all syno fs Soon
Synology : DOS on syno via a crafted url Soon
Synology : Anonymous users can get files on syno Soon
Owncloud : Code execution Securityfocus
Owncloud : Authentication bypass Securityfocus
Owncloud : Cross-Site Scripting Vulnerabilities Securityfocus
openupload : Cross-Site Scripting and Arbitrary Code Execution Vulnerabilities Securityfocus


Hastymail Webmail: XSS in E-mail Not publish
Artica : File open, SQL Injection, XSS Secunia
Ajaxplorer : Code exe, Open local file, Cross Site scripting SecurityFocus
Syncrify (Reset admin password / open local directory in anonymous / Open local file) SecurityFocus


Roundcube : Email body javascript insertion SecurityFocus
TrendMicro : Elevate privileges SecurityFocus
Atmail :Email body script insertion vulnerability Secunia
Zarafa : DOS, get session Not published
Centreon : Anonymous remote code exec SecurityFocus


XSS + SQL Injection + System injection on Olfeo < 4.0 (filtering solution) Not published
Centreon : ‘color_picker.php’ Multiple Cross-Site Scripting Vulnerabilities SecurityFocus
Centreon : ‘get_image.php’ Local File Include Vulnerability SecurityFocus
Centreon : Include Vulnerability SecurityFocus
SAN RAIDSONIC : Javascript Injection in FTP logs SecurityFocus
SAN RAIDSONIC : ByPass Authentification SecurityFocus
SPIP : Blind SQL Injection SecurityFocus


Présentation de revhosts au SSTIC PDF
MoinMoin : Index.PHP Cross-Site Scripting Vulnerability SecurityFocus
SNMPC : Username/Password Remote Denial of Service Vulnerability SecurityFocus


Cerberus Helpdesk : Spellwin.PHP Cross-Site Scripting Vulnerability SecurityFocus

Retour en haut