Publications de Julien CAYSSOL


Synology : Simple user can download all syno fsSoon
Synology : DOS on syno via a crafted urlSoon
Synology : Anonymous users can get files on synoSoon
Owncloud : Code executionSecurityfocus
Owncloud : Authentication bypassSecurityfocus
Owncloud : Cross-Site Scripting VulnerabilitiesSecurityfocus
openupload : Cross-Site Scripting and Arbitrary Code Execution VulnerabilitiesSecurityfocus


Hastymail Webmail: XSS in E-mailNot publish
Artica : File open, SQL Injection, XSSSecunia
Ajaxplorer : Code exe, Open local file, Cross Site scriptingSecurityFocus
Syncrify (Reset admin password / open local directory in anonymous / Open local file)SecurityFocus


Roundcube : Email body javascript insertionSecurityFocus
TrendMicro : Elevate privilegesSecurityFocus
Atmail :Email body script insertion vulnerabilitySecunia
Zarafa : DOS, get sessionNot published
Centreon : Anonymous remote code execSecurityFocus


XSS + SQL Injection + System injection on Olfeo < 4.0 (filtering solution)Not published
Centreon : ‘color_picker.php’ Multiple Cross-Site Scripting VulnerabilitiesSecurityFocus
Centreon : ‘get_image.php’ Local File Include VulnerabilitySecurityFocus
Centreon : Include VulnerabilitySecurityFocus
SAN RAIDSONIC : Javascript Injection in FTP logsSecurityFocus
SAN RAIDSONIC : ByPass AuthentificationSecurityFocus
SPIP : Blind SQL InjectionSecurityFocus


Présentation de revhosts au SSTICPDF
MoinMoin : Index.PHP Cross-Site Scripting VulnerabilitySecurityFocus
SNMPC : Username/Password Remote Denial of Service VulnerabilitySecurityFocus


Cerberus Helpdesk : Spellwin.PHP Cross-Site Scripting VulnerabilitySecurityFocus

Retour en haut